summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/service.py
diff options
context:
space:
mode:
authorMartin Babinsky <mbabinsk@redhat.com>2015-06-23 13:42:01 +0200
committerJan Cholasta <jcholast@redhat.com>2015-07-02 14:43:44 +0000
commit76eea85701af80dc972c47e14aecc7a688b9c846 (patch)
tree00b7cbb9a64c6bf3dea2a905ae22fc88c97a3553 /ipalib/plugins/service.py
parent53b11b611766d79015e17298f2354b7688437e20 (diff)
downloadfreeipa-76eea85701af80dc972c47e14aecc7a688b9c846.tar.gz
freeipa-76eea85701af80dc972c47e14aecc7a688b9c846.tar.xz
freeipa-76eea85701af80dc972c47e14aecc7a688b9c846.zip
new commands to manage user/host/service certificates
A new group of commands is introduced that simplifies adding and removing binary certificates to entries. A general form of the command is ipa [user/host/service]-[add/remove]-cert [pkey] --certificate=[BASE64 BLOB] Part of http://www.freeipa.org/page/V4/User_Certificates and https://fedorahosted.org/freeipa/ticket/4238 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipalib/plugins/service.py')
-rw-r--r--ipalib/plugins/service.py21
1 files changed, 21 insertions, 0 deletions
diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py
index 18d7b3e54..a5e10921b 100644
--- a/ipalib/plugins/service.py
+++ b/ipalib/plugins/service.py
@@ -861,3 +861,24 @@ class service_disable(LDAPQuery):
value=pkey_to_value(keys[0], options),
)
+
+@register()
+class service_add_cert(LDAPAddAttribute):
+ __doc__ = _('Add new certificates to a service')
+ msg_summary = _('Added certificates to service principal "%(value)s"')
+ attribute = 'usercertificate'
+
+
+@register()
+class service_remove_cert(LDAPRemoveAttribute):
+ __doc__ = _('Remove certificates from a service')
+ msg_summary = _('Removed certificates from service principal "%(value)s"')
+ attribute = 'usercertificate'
+
+ def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
+ assert isinstance(dn, DN)
+
+ if 'usercertificate' in options:
+ revoke_certs(options['usercertificate'], self.log)
+
+ return dn
generated by cgit (git 2.34.1) at 2024-06-09 02:55:17 +0000