From 896783bae817ef16ca1cb31a0c434fe863287cc3 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Fri, 24 Jul 2015 09:31:26 -0400 Subject: user-show: add --out option to save certificates to file Add the --out option to user-show, bringing it into line with host-show and service-show with the ability to save the user's certificate(s) to a file. https://fedorahosted.org/freeipa/ticket/5171 Reviewed-By: Martin Basti --- API.txt | 3 ++- VERSION | 4 ++-- ipalib/plugins/user.py | 27 ++++++++++++++++++++++++++- 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/API.txt b/API.txt index 2b7e00d2e..04f2f894f 100644 --- a/API.txt +++ b/API.txt @@ -5360,10 +5360,11 @@ output: Entry('result', , Gettext('A dictionary representing an LDA output: Output('summary', (, ), None) output: PrimaryKey('value', None, None) command: user_show -args: 1,5,3 +args: 1,6,3 arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('no_members', autofill=True, default=False, exclude='webui') +option: Str('out?') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Flag('rights', autofill=True, default=False) option: Str('version?', exclude='webui') diff --git a/VERSION b/VERSION index 2b78af50b..a3d586df4 100644 --- a/VERSION +++ b/VERSION @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=147 -# Last change: mbasti - Consolidate DNS RR in API and schema +IPA_API_VERSION_MINOR=148 +# Last change: ftweedal - add --out option to user-show diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 206b380ef..0209b29b1 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -23,7 +23,7 @@ import string import posixpath import os -from ipalib import api, errors +from ipalib import api, errors, util from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime from ipalib.plugins.baseuser import baseuser, baseuser_add, baseuser_del, \ baseuser_mod, baseuser_find, baseuser_show, \ @@ -38,6 +38,7 @@ from ipalib.plugins import baseldap from ipalib.request import context from ipalib import _, ngettext from ipalib import output +from ipalib import x509 from ipaplatform.paths import paths from ipapython.ipautil import ipa_generate_password from ipapython.ipavalidate import Email @@ -765,6 +766,11 @@ class user_show(baseuser_show): __doc__ = _('Display information about a user.') has_output_params = baseuser_show.has_output_params + user_output_params + takes_options = baseuser_show.takes_options + ( + Str('out?', + doc=_('file to store certificate in'), + ), + ) def post_callback(self, ldap, dn, entry_attrs, *keys, **options): convert_nsaccountlock(entry_attrs) @@ -772,6 +778,25 @@ class user_show(baseuser_show): self.obj.get_preserved_attribute(entry_attrs, options) return dn + def forward(self, *keys, **options): + if 'out' in options: + util.check_writable_file(options['out']) + result = super(user_show, self).forward(*keys, **options) + if 'usercertificate' in result['result']: + x509.write_certificate_list( + result['result']['usercertificate'], + options['out'] + ) + result['summary'] = ( + _('Certificate(s) stored in file \'%(file)s\'') + % dict(file=options['out']) + ) + return result + else: + raise errors.NoCertificateError(entry=keys[-1]) + else: + return super(user_show, self).forward(*keys, **options) + @register() class user_undel(LDAPQuery): __doc__ = _('Undelete a delete user account.') -- cgit