diff options
author | Jan Cholasta <jcholast@redhat.com> | 2017-03-09 07:19:26 +0100 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2017-03-13 08:03:53 +0000 |
commit | 0298ecf441ba38858d7909b8c3b4cc2b4c4e53c4 (patch) | |
tree | 7f804cf8c733b2bd3a6f576192e47852d59b15a4 /ipaclient | |
parent | 09c6b7578046fed0824fc0f0d9040be69c0f0eb6 (diff) | |
download | freeipa-0298ecf441ba38858d7909b8c3b4cc2b4c4e53c4.tar.gz freeipa-0298ecf441ba38858d7909b8c3b4cc2b4c4e53c4.tar.xz freeipa-0298ecf441ba38858d7909b8c3b4cc2b4c4e53c4.zip |
certmap: load certificate from file in certmap-match CLI
Load the certificate from a file specified in the first argument. Raw
certificate value can be specified using --certificate.
https://pagure.io/freeipa/issue/6646
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Diffstat (limited to 'ipaclient')
-rw-r--r-- | ipaclient/plugins/certmap.py | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/ipaclient/plugins/certmap.py b/ipaclient/plugins/certmap.py new file mode 100644 index 000000000..50a594f39 --- /dev/null +++ b/ipaclient/plugins/certmap.py @@ -0,0 +1,49 @@ +# +# Copyright (C) 2017 FreeIPA Contributors see COPYING for license +# + +from ipaclient.frontend import MethodOverride +from ipalib import errors, x509 +from ipalib.parameters import File +from ipalib.plugable import Registry +from ipalib.text import _ + +register = Registry() + + +@register(override=True, no_fail=True) +class certmap_match(MethodOverride): + takes_args = ( + File( + 'file?', + label=_("Input file"), + doc=_("File to load the certificate from"), + include='cli', + ), + ) + + def get_args(self): + for arg in super(certmap_match, self).get_args(): + if arg.name != 'certificate' or self.api.env.context != 'cli': + yield arg + + def get_options(self): + for arg in super(certmap_match, self).get_args(): + if arg.name == 'certificate' and self.api.env.context == 'cli': + yield arg.clone(required=False) + for option in super(certmap_match, self).get_options(): + yield option + + def forward(self, *args, **options): + if self.api.env.context == 'cli': + if args and 'certificate' in options: + raise errors.MutuallyExclusiveError( + reason=_("cannot specify both raw certificate and file")) + if args: + args = [x509.strip_header(args[0])] + elif 'certificate' in options: + args = [options.pop('certificate')] + else: + args = [] + + return super(certmap_match, self).forward(*args, **options) |