diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2015-07-24 09:31:26 -0400 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2015-07-31 16:11:17 +0200 |
commit | 896783bae817ef16ca1cb31a0c434fe863287cc3 (patch) | |
tree | 8f46f616b5228a1dd444c27dc036b2f983778aa9 /ipalib/plugins/user.py | |
parent | a4ade199aa594307cdd6bc43d1729cc42e92fd1e (diff) | |
download | freeipa-896783bae817ef16ca1cb31a0c434fe863287cc3.tar.gz freeipa-896783bae817ef16ca1cb31a0c434fe863287cc3.tar.xz freeipa-896783bae817ef16ca1cb31a0c434fe863287cc3.zip |
user-show: add --out option to save certificates to file
Add the --out option to user-show, bringing it into line with
host-show and service-show with the ability to save the user's
certificate(s) to a file.
https://fedorahosted.org/freeipa/ticket/5171
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipalib/plugins/user.py')
-rw-r--r-- | ipalib/plugins/user.py | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 206b380ef..0209b29b1 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -23,7 +23,7 @@ import string import posixpath import os -from ipalib import api, errors +from ipalib import api, errors, util from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime from ipalib.plugins.baseuser import baseuser, baseuser_add, baseuser_del, \ baseuser_mod, baseuser_find, baseuser_show, \ @@ -38,6 +38,7 @@ from ipalib.plugins import baseldap from ipalib.request import context from ipalib import _, ngettext from ipalib import output +from ipalib import x509 from ipaplatform.paths import paths from ipapython.ipautil import ipa_generate_password from ipapython.ipavalidate import Email @@ -765,6 +766,11 @@ class user_show(baseuser_show): __doc__ = _('Display information about a user.') has_output_params = baseuser_show.has_output_params + user_output_params + takes_options = baseuser_show.takes_options + ( + Str('out?', + doc=_('file to store certificate in'), + ), + ) def post_callback(self, ldap, dn, entry_attrs, *keys, **options): convert_nsaccountlock(entry_attrs) @@ -772,6 +778,25 @@ class user_show(baseuser_show): self.obj.get_preserved_attribute(entry_attrs, options) return dn + def forward(self, *keys, **options): + if 'out' in options: + util.check_writable_file(options['out']) + result = super(user_show, self).forward(*keys, **options) + if 'usercertificate' in result['result']: + x509.write_certificate_list( + result['result']['usercertificate'], + options['out'] + ) + result['summary'] = ( + _('Certificate(s) stored in file \'%(file)s\'') + % dict(file=options['out']) + ) + return result + else: + raise errors.NoCertificateError(entry=keys[-1]) + else: + return super(user_show, self).forward(*keys, **options) + @register() class user_undel(LDAPQuery): __doc__ = _('Undelete a delete user account.') |