Added instance and subsystem validation for pki-server ca-* commands.

The pki-server ca-* commands have been modified to validate the instance and the CA subsystem before proceeding with the operation. The usage() methods and invocations have been renamed into print_help() for consistency. https://fedorahosted.org/pki/ticket/2364
author: Endi S. Dewata <edewata@redhat.com> 2016-07-01 03:26:23 +0200
committer: Fraser Tweedale <ftweedal@redhat.com> 2016-07-01 13:32:03 +1000
commit: f8310a4ff306d28cf25ec71693a2e89c5323564d (patch)
tree: a8b2580100fe9386fd42ab37fee615d881a40e07 /base/server/python
parent: 67bbdc5edd1404f89e638037599b4231f50490f8 (diff)
download: pki-f8310a4ff306d28cf25ec71693a2e89c5323564d.tar.gz
pki-f8310a4ff306d28cf25ec71693a2e89c5323564d.tar.xz
pki-f8310a4ff306d28cf25ec71693a2e89c5323564d.zip
1 files changed, 37 insertions, 7 deletions
diff --git a/base/server/python/pki/server/cli/ca.py b/base/server/python/pki/server/cli/ca.py
index dbf8239f4..1d1c00f0f 100644
--- a/base/server/python/pki/server/cli/ca.py
+++ b/base/server/python/pki/server/cli/ca.py
@@ -129,9 +129,16 @@ class CACertChainExportCLI(pki.cli.CLI):
             sys.exit(1)
 
         instance = pki.server.PKIInstance(instance_name)
+        if not instance.is_valid():
+            print('ERROR: Invalid instance %s.' % instance_name)
+            sys.exit(1)
+
         instance.load()
 
         subsystem = instance.get_subsystem('ca')
+        if not subsystem:
+            print('ERROR: No CA subsystem in instance %s.' % instance_name)
+            sys.exit(1)
 
         tmpdir = tempfile.mkdtemp()
 
@@ -171,7 +178,7 @@ class CACertRequestFindCLI(pki.cli.CLI):
         super(CACertRequestFindCLI, self).__init__(
             'find', 'Find CA certificate requests')
 
-    def usage(self):
+    def print_help(self):
         print('Usage: pki-server ca-cert-request-find [OPTIONS]')
         print()
         print('  -i, --instance <instance ID>    Instance ID (default: pki-tomcat).')
@@ -190,7 +197,7 @@ class CACertRequestFindCLI(pki.cli.CLI):
 
         except getopt.GetoptError as e:
             print('ERROR: ' + str(e))
-            self.usage()
+            self.print_help()
             sys.exit(1)
 
         instance_name = 'pki-tomcat'
@@ -216,13 +223,21 @@ class CACertRequestFindCLI(pki.cli.CLI):
 
             else:
                 print('ERROR: unknown option ' + o)
-                self.usage()
+                self.print_help()
                 sys.exit(1)
 
         instance = pki.server.PKIInstance(instance_name)
+        if not instance.is_valid():
+            print('ERROR: Invalid instance %s.' % instance_name)
+            sys.exit(1)
+
         instance.load()
 
         subsystem = instance.get_subsystem('ca')
+        if not subsystem:
+            print('ERROR: No CA subsystem in instance %s.' % instance_name)
+            sys.exit(1)
+
         results = subsystem.find_cert_requests(cert=cert)
 
         self.print_message('%s entries matched' % len(results))
@@ -243,7 +258,7 @@ class CACertRequestShowCLI(pki.cli.CLI):
         super(CACertRequestShowCLI, self).__init__(
             'show', 'Show CA certificate request')
 
-    def usage(self):
+    def print_help(self):
         print('Usage: pki-server ca-cert-request-show <request ID> [OPTIONS]')
         print()
         print('  -i, --instance <instance ID>    Instance ID (default: pki-tomcat).')
@@ -260,12 +275,12 @@ class CACertRequestShowCLI(pki.cli.CLI):
 
         except getopt.GetoptError as e:
             print('ERROR: ' + str(e))
-            self.usage()
+            self.print_help()
             sys.exit(1)
 
         if len(args) != 1:
             print('ERROR: missing request ID')
-            self.usage()
+            self.print_help()
             sys.exit(1)
 
         request_id = args[0]
@@ -288,13 +303,21 @@ class CACertRequestShowCLI(pki.cli.CLI):
 
             else:
                 print('ERROR: unknown option ' + o)
-                self.usage()
+                self.print_help()
                 sys.exit(1)
 
         instance = pki.server.PKIInstance(instance_name)
+        if not instance.is_valid():
+            print('ERROR: Invalid instance %s.' % instance_name)
+            sys.exit(1)
+
         instance.load()
 
         subsystem = instance.get_subsystem('ca')
+        if not subsystem:
+            print('ERROR: No CA subsystem in instance %s.' % instance_name)
+            sys.exit(1)
+
         request = subsystem.get_cert_requests(request_id)
 
         if output_file:
@@ -384,9 +407,16 @@ class CAClonePrepareCLI(pki.cli.CLI):
             sys.exit(1)
 
         instance = pki.server.PKIInstance(instance_name)
+        if not instance.is_valid():
+            print('ERROR: Invalid instance %s.' % instance_name)
+            sys.exit(1)
+
         instance.load()
 
         subsystem = instance.get_subsystem('ca')
+        if not subsystem:
+            print('ERROR: No CA subsystem in instance %s.' % instance_name)
+            sys.exit(1)
 
         tmpdir = tempfile.mkdtemp()
author	Endi S. Dewata <edewata@redhat.com>	2016-07-01 03:26:23 +0200
committer	Fraser Tweedale <ftweedal@redhat.com>	2016-07-01 13:32:03 +1000
commit	f8310a4ff306d28cf25ec71693a2e89c5323564d (patch)
tree	a8b2580100fe9386fd42ab37fee615d881a40e07 /base/server/python
parent	67bbdc5edd1404f89e638037599b4231f50490f8 (diff)
download	pki-f8310a4ff306d28cf25ec71693a2e89c5323564d.tar.gz pki-f8310a4ff306d28cf25ec71693a2e89c5323564d.tar.xz pki-f8310a4ff306d28cf25ec71693a2e89c5323564d.zip