diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2016-12-19 14:31:14 +1000 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2017-01-11 15:26:20 +0100 |
commit | 09a65df6842411d42966111e50924df3de0b7031 (patch) | |
tree | f96b847e1a3aa7d5239d50f3438ec7d3f6f73a6a /ipaserver/plugins/cert.py | |
parent | f54df62abae4a15064bf297634558eb9be83ce33 (diff) | |
download | freeipa-09a65df6842411d42966111e50924df3de0b7031.tar.gz freeipa-09a65df6842411d42966111e50924df3de0b7031.tar.xz freeipa-09a65df6842411d42966111e50924df3de0b7031.zip |
Reuse self.api when executing ca_enabled_check
The ca_enabled_check function is a wrapper around
api.Command.ca_is_enabled. When using remote_api (e.g. during
installer), ca_enabled_check invokes the *global* api instead of the
remote_api.
Update ca_enabled_check to explicitly receive an api object from the
caller and invoke Command.ca_is_enabled through it.
Part of: https://fedorahosted.org/freeipa/ticket/2614
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'ipaserver/plugins/cert.py')
-rw-r--r-- | ipaserver/plugins/cert.py | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py index 4c1248f93..cc47084b5 100644 --- a/ipaserver/plugins/cert.py +++ b/ipaserver/plugins/cert.py @@ -196,8 +196,8 @@ def normalize_serial_number(num): return unicode(num) -def ca_enabled_check(): - if not api.Command.ca_is_enabled()['result']: +def ca_enabled_check(_api): + if not _api.Command.ca_is_enabled()['result']: raise errors.NotFound(reason=_('CA is not configured')) def caacl_check(principal_type, principal, ca, profile_id): @@ -538,7 +538,7 @@ class cert_request(Create, BaseCertMethod, VirtualCommand): yield arg def execute(self, csr, all=False, raw=False, **kw): - ca_enabled_check() + ca_enabled_check(self.api) ldap = self.api.Backend.ldap2 realm = unicode(self.api.env.realm) @@ -898,7 +898,7 @@ class cert_status(Retrieve, BaseCertMethod, VirtualCommand): operation = "certificate status" def execute(self, request_id, **kw): - ca_enabled_check() + ca_enabled_check(self.api) self.check_access() # Dogtag requests are uniquely identified by their number; @@ -1006,7 +1006,7 @@ class cert_show(Retrieve, CertMethod, VirtualCommand): def execute(self, serial_number, all=False, raw=False, no_members=False, **options): - ca_enabled_check() + ca_enabled_check(self.api) # Dogtag lightweight CAs have shared serial number domain, so # we don't tell Dogtag the issuer (but we check the cert after). @@ -1069,7 +1069,7 @@ class cert_revoke(PKQuery, CertMethod, VirtualCommand): yield option def execute(self, serial_number, **kw): - ca_enabled_check() + ca_enabled_check(self.api) # Make sure that the cert specified by issuer+serial exists. # Will raise NotFound if it does not. @@ -1105,7 +1105,7 @@ class cert_remove_hold(PKQuery, CertMethod, VirtualCommand): operation = "certificate remove hold" def execute(self, serial_number, **kw): - ca_enabled_check() + ca_enabled_check(self.api) # Make sure that the cert specified by issuer+serial exists. # Will raise NotFound if it does not. @@ -1312,7 +1312,7 @@ class cert_find(Search, CertMethod): complete = bool(ra_options) try: - ca_enabled_check() + ca_enabled_check(self.api) except errors.NotFound: if ra_options: raise |