summaryrefslogtreecommitdiffstats
path: root/ipaserver/plugins/cert.py
diff options
context:
space:
mode:
authorFraser Tweedale <ftweedal@redhat.com>2016-12-19 14:31:14 +1000
committerJan Cholasta <jcholast@redhat.com>2017-01-11 15:26:20 +0100
commit09a65df6842411d42966111e50924df3de0b7031 (patch)
treef96b847e1a3aa7d5239d50f3438ec7d3f6f73a6a /ipaserver/plugins/cert.py
parentf54df62abae4a15064bf297634558eb9be83ce33 (diff)
downloadfreeipa-09a65df6842411d42966111e50924df3de0b7031.tar.gz
freeipa-09a65df6842411d42966111e50924df3de0b7031.tar.xz
freeipa-09a65df6842411d42966111e50924df3de0b7031.zip
Reuse self.api when executing ca_enabled_check
The ca_enabled_check function is a wrapper around api.Command.ca_is_enabled. When using remote_api (e.g. during installer), ca_enabled_check invokes the *global* api instead of the remote_api. Update ca_enabled_check to explicitly receive an api object from the caller and invoke Command.ca_is_enabled through it. Part of: https://fedorahosted.org/freeipa/ticket/2614 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/plugins/cert.py')
-rw-r--r--ipaserver/plugins/cert.py16
1 files changed, 8 insertions, 8 deletions
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
index 4c1248f93..cc47084b5 100644
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -196,8 +196,8 @@ def normalize_serial_number(num):
return unicode(num)
-def ca_enabled_check():
- if not api.Command.ca_is_enabled()['result']:
+def ca_enabled_check(_api):
+ if not _api.Command.ca_is_enabled()['result']:
raise errors.NotFound(reason=_('CA is not configured'))
def caacl_check(principal_type, principal, ca, profile_id):
@@ -538,7 +538,7 @@ class cert_request(Create, BaseCertMethod, VirtualCommand):
yield arg
def execute(self, csr, all=False, raw=False, **kw):
- ca_enabled_check()
+ ca_enabled_check(self.api)
ldap = self.api.Backend.ldap2
realm = unicode(self.api.env.realm)
@@ -898,7 +898,7 @@ class cert_status(Retrieve, BaseCertMethod, VirtualCommand):
operation = "certificate status"
def execute(self, request_id, **kw):
- ca_enabled_check()
+ ca_enabled_check(self.api)
self.check_access()
# Dogtag requests are uniquely identified by their number;
@@ -1006,7 +1006,7 @@ class cert_show(Retrieve, CertMethod, VirtualCommand):
def execute(self, serial_number, all=False, raw=False, no_members=False,
**options):
- ca_enabled_check()
+ ca_enabled_check(self.api)
# Dogtag lightweight CAs have shared serial number domain, so
# we don't tell Dogtag the issuer (but we check the cert after).
@@ -1069,7 +1069,7 @@ class cert_revoke(PKQuery, CertMethod, VirtualCommand):
yield option
def execute(self, serial_number, **kw):
- ca_enabled_check()
+ ca_enabled_check(self.api)
# Make sure that the cert specified by issuer+serial exists.
# Will raise NotFound if it does not.
@@ -1105,7 +1105,7 @@ class cert_remove_hold(PKQuery, CertMethod, VirtualCommand):
operation = "certificate remove hold"
def execute(self, serial_number, **kw):
- ca_enabled_check()
+ ca_enabled_check(self.api)
# Make sure that the cert specified by issuer+serial exists.
# Will raise NotFound if it does not.
@@ -1312,7 +1312,7 @@ class cert_find(Search, CertMethod):
complete = bool(ra_options)
try:
- ca_enabled_check()
+ ca_enabled_check(self.api)
except errors.NotFound:
if ra_options:
raise
generated by cgit (git 2.34.1) at 2024-06-22 19:17:53 +0000