From a232116d30a3fc607eb5ea52a13711a9cc40ae35 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Wed, 30 Sep 2015 16:16:29 -0400 Subject: Add delete_ca functionality to the Python API --- base/common/python/pki/authority.py | 61 ++++++++++++++++++++++++++++++++++++- tests/python/test_authority.py | 2 +- 2 files changed, 61 insertions(+), 2 deletions(-) diff --git a/base/common/python/pki/authority.py b/base/common/python/pki/authority.py index dccbc363a..5604e9e3a 100644 --- a/base/common/python/pki/authority.py +++ b/base/common/python/pki/authority.py @@ -275,6 +275,20 @@ class AuthorityClient(object): self.connection.post(url, headers) + @pki.handle_exceptions() + def delete_ca(self, aid): + """Delete the specified CA + :param aid: ID of the CA to be deleted + :return: None + """ + if aid is None: + raise ValueError("CA ID must be specified") + + url = '{}/{}'.format(self.ca_url, str(aid)) + headers = {'Content-type': 'application/json', + 'Accept': 'application/json'} + + self.connection.delete(url, headers) encoder.NOTYPES['AuthorityData'] = AuthorityData @@ -429,8 +443,17 @@ def main(): cert_client = cert.CertClient(connection) issue_cert_using_authority(cert_client, sub_subca.aid) + # delete the sub-subca + print("Delete sub CA") + print("-------------") + try: + ca_client.delete_ca(sub_subca.aid) + except pki.ConflictingOperationException as e: + print(e) + # disable the sub-subca print("Disable sub sub CA") + print("------------------") ca_client.disable_ca(sub_subca.aid) # Get sub-subca @@ -438,8 +461,44 @@ def main(): print(str(sub_subca)) # issue a cert using sub-subca - issue_cert_using_authority(cert_client, sub_subca.aid) + print("Issuing a cert using disabled subca") + print("-----------------------------------") + try: + issue_cert_using_authority(cert_client, sub_subca.aid) + except pki.ConflictingOperationException as e: + print(e) + + # delete the sub-subca + print("Delete sub CA") + print("-------------") + ca_client.delete_ca(sub_subca.aid) + + # get the sub-subca + print("Get deleted subca") + print("-----------------") + try: + ca_client.get_ca(sub_subca.aid) + except pki.ResourceNotFoundException as e: + print(e) + + # issue a cert using the sub-subca + print("Issue a cert using deleted subca") + print("--------------------------------") + try: + issue_cert_using_authority(cert_client, sub_subca.aid) + except pki.ResourceNotFoundException as e: + print(e) + # create a new subca with same subjectdn + print("Create a new sub-subca re-using subject dn") + print("------------------------------------------") + data = AuthorityData(**sub_subca_data) + sub_subca = ca_client.create_ca(data) + print(ca_client.get_ca(sub_subca.aid)) + + print("Issuing a cert using sub-subca") + print("-----------------------------------") + issue_cert_using_authority(cert_client, sub_subca.aid) if __name__ == "__main__": main() diff --git a/tests/python/test_authority.py b/tests/python/test_authority.py index b45eddf89..f48b9deb9 100644 --- a/tests/python/test_authority.py +++ b/tests/python/test_authority.py @@ -105,7 +105,6 @@ class AuthorityTests(unittest.TestCase): authority_data ) - def test_should_get_ca(self): get_return = mock.MagicMock() get_return.json.return_value = self.ca1_data @@ -129,3 +128,4 @@ class AuthorityTests(unittest.TestCase): else: self.assertEquals(ca.dn, self.dn) + -- cgit