From 58746226d4b36bc40de91d4d1dd283e9faaff639 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 12 Feb 2010 16:34:21 -0500 Subject: Use the Output tuple to determine the order of output The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass. --- ipalib/plugins/cert.py | 68 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 65 insertions(+), 3 deletions(-) (limited to 'ipalib/plugins/cert.py') diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index 55b3b70b..3931d214 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -35,12 +35,12 @@ from ipalib.plugins.virtual import * from ipalib.plugins.service import split_principal import base64 from ipalib.request import context -from ipapython import dnsclient from pyasn1.error import PyAsn1Error import logging import traceback from ipalib.request import ugettext as _ from ipalib.request import context +from ipalib.output import Output def get_serial(certificate): """ @@ -184,6 +184,25 @@ class cert_request(VirtualCommand): default=False, autofill=True ), + Str('certificate?', + label='Certificate', + flags=['no_create', 'no_update', 'no_search'], + ), + Str('subject?', + label='Subject', + flags=['no_create', 'no_update', 'no_search'], + ), + Str('serial_number?', + label='Serial number', + flags=['no_create', 'no_update', 'no_search'], + ), + ) + + has_output = ( + Output('result', + type=dict, + doc='Dictionary mapping variable name to value', + ), ) def execute(self, csr, **kw): @@ -268,7 +287,11 @@ class cert_request(VirtualCommand): serial = get_serial(base64.b64encode(service['usercertificate'][0])) # revoke the certificate and remove it from the service # entry before proceeding - api.Command['cert_revoke'](unicode(serial), revocation_reason=4) + try: + api.Command['cert_revoke'](unicode(serial), revocation_reason=4) + except errors.NotImplementedError: + # some CA's might not implement revoke + pass api.Command['service_mod'](principal, usercertificate=None) # Request the certificate @@ -299,7 +322,18 @@ class cert_status(VirtualCommand): Check status of a certificate signing request. """ - takes_args = ('request_id') + takes_args = ( + Str('request_id', + label='Request id', + flags=['no_create', 'no_update', 'no_search'], + ), + ) + takes_options = ( + Str('cert_request_status?', + label='Request status', + flags=['no_create', 'no_update', 'no_search'], + ), + ) operation = "certificate status" @@ -318,7 +352,19 @@ class cert_get(VirtualCommand): """ takes_args = (Str('serial_number', + label='Serial number', doc='serial number in decimal or if prefixed with 0x in hexadecimal')) + takes_options = ( + Str('certificate?', + label='Certificate', + flags=['no_create', 'no_update', 'no_search'], + ), + Str('subject?', + label='Subject', + flags=['no_create', 'no_update', 'no_search'], + ), + ) + operation="retrieve certificate" def execute(self, serial_number): @@ -337,6 +383,12 @@ class cert_revoke(VirtualCommand): takes_args = (Str('serial_number', doc='serial number in decimal or if prefixed with 0x in hexadecimal')) + takes_options = ( + Flag('revoked?', + label='Revoked', + flags=['no_create', 'no_update', 'no_search'], + ), + ) operation = "revoke certificate" # FIXME: The default is 0. Is this really an Int param? @@ -366,6 +418,16 @@ class cert_remove_hold(VirtualCommand): takes_args = (Str('serial_number', doc='serial number in decimal or if prefixed with 0x in hexadecimal')) + takes_options = ( + Flag('unrevoked?', + label='Unrevoked', + flags=['no_create', 'no_update', 'no_search'], + ), + Str('error_string?', + label='Error', + flags=['no_create', 'no_update', 'no_search'], + ), + ) operation = "certificate remove hold" def execute(self, serial_number, **kw): -- cgit