diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2014-07-23 02:40:07 -0400 |
---|---|---|
committer | Fraser Tweedale <frase@frase.id.au> | 2015-04-07 22:38:11 -0400 |
commit | c4ee90c89a0b3c61b18f865e6650b27e156a9dcb (patch) | |
tree | 609594bc43d68e67c1d70636ebfc753eaeb26062 /base/ca | |
parent | e4869e62f432b510dc99eb7e00d16a23caa6ea64 (diff) | |
download | pki-c4ee90c89a0b3c61b18f865e6650b27e156a9dcb.tar.gz pki-c4ee90c89a0b3c61b18f865e6650b27e156a9dcb.tar.xz pki-c4ee90c89a0b3c61b18f865e6650b27e156a9dcb.zip |
Update pki-profile CLI commands to work with "raw" format
Update CLI commands for working with the (now LDAP-based)
profiles in the same format as was used by the files, by way of the
--raw option.
Also add the "edit" command to interactively edit a profile.
Diffstat (limited to 'base/ca')
-rw-r--r-- | base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java | 180 |
1 files changed, 158 insertions, 22 deletions
diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java b/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java index d3f08b270..78f89b012 100644 --- a/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java +++ b/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java @@ -18,6 +18,8 @@ package org.dogtagpki.server.ca.rest; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.net.URI; import java.security.Principal; @@ -27,6 +29,7 @@ import java.util.LinkedHashMap; import java.util.List; import java.util.Locale; import java.util.Map; +import java.util.Properties; import java.util.Vector; import javax.servlet.http.HttpServletRequest; @@ -163,9 +166,7 @@ public class ProfileService extends PKIService implements ProfileResource { return createOKResponse(infos); } - @Override - public Response retrieveProfile(String profileId) throws ProfileNotFoundException { - ProfileData data = null; + private IProfile getProfile(String profileId) throws ProfileNotFoundException { boolean visibleOnly = true; if (profileId == null) { @@ -185,24 +186,11 @@ public class ProfileService extends PKIService implements ProfileResource { visibleOnly = false; } - Enumeration<String> profileIds = ps.getProfileIds(); - - IProfile profile = null; - if (profileIds != null) { - while (profileIds.hasMoreElements()) { - String id = profileIds.nextElement(); - - if (id.equals(profileId)) { - - try { - profile = ps.getProfile(profileId); - } catch (EProfileException e) { - e.printStackTrace(); - throw new ProfileNotFoundException(profileId); - } - break; - } - } + IProfile profile; + try { + profile = ps.getProfile(profileId); + } catch (EProfileException e) { + throw new ProfileNotFoundException(profileId, "Profile not found", e); } if (profile == null) { @@ -213,6 +201,14 @@ public class ProfileService extends PKIService implements ProfileResource { throw new ProfileNotFoundException(profileId); } + return profile; + } + + @Override + public Response retrieveProfile(String profileId) throws ProfileNotFoundException { + IProfile profile = getProfile(profileId); + + ProfileData data = null; try { data = createProfileData(profileId); } catch (EBaseException e) { @@ -228,6 +224,19 @@ public class ProfileService extends PKIService implements ProfileResource { return createOKResponse(data); } + @Override + public Response retrieveProfileRaw(String profileId) + throws ProfileNotFoundException { + IProfile profile = getProfile(profileId); + ByteArrayOutputStream data = new ByteArrayOutputStream(); + // add profileId and classId "virtual" properties + profile.getConfigStore().put("profileId", profileId); + profile.getConfigStore().put("classId", ps.getProfileClassId(profileId)); + profile.getConfigStore().save(data, null); + return createOKResponse(data.toByteArray()); + } + + public ProfileData createProfileData(String profileId) throws EBaseException { IProfile profile; @@ -499,6 +508,81 @@ public class ProfileService extends PKIService implements ProfileResource { return createCreatedResponse(profileData, profileData.getLink().getHref()); } catch (EBaseException e) { + CMS.debug("createProfile: error creating profile"); + CMS.debug(e); + + auditProfileChange( + ScopeDef.SC_PROFILE_RULES, + OpDef.OP_ADD, + profileId, + ILogger.FAILURE, + auditParams); + + throw new PKIException("Error in creating profile", e); + } + } + + @Override + public Response createProfileRaw(byte[] data) { + if (data == null) { + CMS.debug("createProfileRaw: profile data is null"); + throw new BadRequestException("Unable to create profile: Invalid profile data."); + } + + if (ps == null) { + CMS.debug("createProfile: ps is null"); + throw new PKIException("Error creating profile. Profile Service not available"); + } + + Map<String, String> auditParams = new LinkedHashMap<String, String>(); + String profileId = null; + String classId = null; + Properties properties = new Properties(); + try { + // load data and read profileId and classId + properties.load(new ByteArrayInputStream(data)); + profileId = properties.getProperty("profileId"); + classId = properties.getProperty("classId"); + } catch (IOException e) { + throw new BadRequestException("Could not parse raw profile data."); + } + if (profileId == null) { + throw new BadRequestException("Profile data did not contain profileId attribute."); + } + if (classId == null) { + throw new BadRequestException("Profile data did not contain classId attribute."); + } + properties.remove("profileId"); + properties.remove("classId"); + + try { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + properties.store(out, null); + data = out.toByteArray(); // original data sans profileId, classId + + IProfile profile = ps.getProfile(profileId); + if (profile != null) { + throw new BadRequestException("Profile already exists"); + } + + auditParams.put("class_id", classId); + + IPluginInfo info = registry.getPluginInfo("profile", classId); + + profile = ps.createProfile(profileId, classId, info.getClassName()); + profile.getConfigStore().commit(false); + profile.getConfigStore().load(new ByteArrayInputStream(data)); + ps.disableProfile(profileId); + + auditProfileChange( + ScopeDef.SC_PROFILE_RULES, + OpDef.OP_ADD, + profileId, + ILogger.SUCCESS, + auditParams); + + return createCreatedResponse(data, uriInfo.getAbsolutePath()); + } catch (EBaseException | IOException e) { CMS.debug("createProfile: error in creating profile: " + e); e.printStackTrace(); @@ -509,7 +593,7 @@ public class ProfileService extends PKIService implements ProfileResource { ILogger.FAILURE, auditParams); - throw new PKIException("Error in creating profile"); + throw new PKIException("Error in creating profile", e); } } @@ -550,6 +634,58 @@ public class ProfileService extends PKIService implements ProfileResource { } } + @Override + public Response modifyProfileRaw(String profileId, byte[] data) { + if (profileId == null) { + CMS.debug("modifyProfile: invalid request. profileId is null"); + throw new BadRequestException("Unable to modify profile: Invalid Profile Id"); + } + + if (data == null) { + CMS.debug("modifyProfile: invalid request. data is null"); + throw new BadRequestException("Unable to modify profile: Invalid profile data"); + } + + if (ps == null) { + CMS.debug("modifyProfile: ps is null"); + throw new PKIException("Error modifying profile. Profile Service not available"); + } + + if (ps.isProfileEnable(profileId)) { + throw new BadRequestException("Cannot change profile data. Profile must be disabled"); + } + + Properties properties = new Properties(); + try { + properties.load(new ByteArrayInputStream(data)); + } catch (IOException e) { + throw new BadRequestException("Could not parse raw profile data.", e); + } + properties.remove("profileId"); + properties.remove("classId"); + + try { + IProfile profile = ps.getProfile(profileId); + if (profile == null) { + throw new ProfileNotFoundException(profileId); + } + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + properties.store(out, null); + data = out.toByteArray(); // original data sans profileId, classId + + profile.getConfigStore().load(new ByteArrayInputStream(data)); + ps.disableProfile(profileId); + profile.getConfigStore().commit(false); + + return createOKResponse(data); + } catch (EBaseException | IOException e) { + CMS.debug("modifyProfile: error modifying profile " + profileId); + CMS.debug(e); + throw new PKIException("Error modifying profile.", e); + } + } + private void changeProfileData(ProfileData data, IProfile profile) { String profileId = data.getId(); if (profile == null) { |