|
|
590d18 |
From 52ddaafcac7ace012535ac7044b301ad3a7d7b9a Mon Sep 17 00:00:00 2001
|
|
|
590d18 |
From: Fraser Tweedale <ftweedal@redhat.com>
|
|
|
590d18 |
Date: Fri, 24 Jul 2015 09:31:26 -0400
|
|
|
590d18 |
Subject: [PATCH] user-show: add --out option to save certificates to file
|
|
|
590d18 |
|
|
|
590d18 |
Add the --out option to user-show, bringing it into line with
|
|
|
590d18 |
host-show and service-show with the ability to save the user's
|
|
|
590d18 |
certificate(s) to a file.
|
|
|
590d18 |
|
|
|
590d18 |
https://fedorahosted.org/freeipa/ticket/5171
|
|
|
590d18 |
|
|
|
590d18 |
Reviewed-By: Martin Basti <mbasti@redhat.com>
|
|
|
590d18 |
---
|
|
|
590d18 |
API.txt | 3 ++-
|
|
|
590d18 |
VERSION | 4 ++--
|
|
|
590d18 |
ipalib/plugins/user.py | 27 ++++++++++++++++++++++++++-
|
|
|
590d18 |
3 files changed, 30 insertions(+), 4 deletions(-)
|
|
|
590d18 |
|
|
|
590d18 |
diff --git a/API.txt b/API.txt
|
|
|
590d18 |
index 6ab30ddab41715fdbccb4f37aa1852621bca62b4..2e19d6b2f1e16cc1c89d71ed7d443145426a28e3 100644
|
|
|
590d18 |
--- a/API.txt
|
|
|
590d18 |
+++ b/API.txt
|
|
|
590d18 |
@@ -5360,10 +5360,11 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
|
|
|
590d18 |
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
|
|
|
590d18 |
output: PrimaryKey('value', None, None)
|
|
|
590d18 |
command: user_show
|
|
|
590d18 |
-args: 1,5,3
|
|
|
590d18 |
+args: 1,6,3
|
|
|
590d18 |
arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=True)
|
|
|
590d18 |
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
|
|
|
590d18 |
option: Flag('no_members', autofill=True, default=False, exclude='webui')
|
|
|
590d18 |
+option: Str('out?')
|
|
|
590d18 |
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
|
|
|
590d18 |
option: Flag('rights', autofill=True, default=False)
|
|
|
590d18 |
option: Str('version?', exclude='webui')
|
|
|
590d18 |
diff --git a/VERSION b/VERSION
|
|
|
590d18 |
index 678d1f8a7e588d480b16441e12e4d527d9c1cd98..ca43f3e0c06880d355c068514134187c5edda175 100644
|
|
|
590d18 |
--- a/VERSION
|
|
|
590d18 |
+++ b/VERSION
|
|
|
590d18 |
@@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
|
|
|
590d18 |
# #
|
|
|
590d18 |
########################################################
|
|
|
590d18 |
IPA_API_VERSION_MAJOR=2
|
|
|
590d18 |
-IPA_API_VERSION_MINOR=147
|
|
|
590d18 |
-# Last change: mbasti - Consolidate DNS RR in API and schema
|
|
|
590d18 |
+IPA_API_VERSION_MINOR=148
|
|
|
590d18 |
+# Last change: ftweedal - add --out option to user-show
|
|
|
590d18 |
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
|
|
|
590d18 |
index 206b380efb6472fb040dde33ac80e3f66c00c138..0209b29b130f2377c04f497f95c8ad39e98f2587 100644
|
|
|
590d18 |
--- a/ipalib/plugins/user.py
|
|
|
590d18 |
+++ b/ipalib/plugins/user.py
|
|
|
590d18 |
@@ -23,7 +23,7 @@ import string
|
|
|
590d18 |
import posixpath
|
|
|
590d18 |
import os
|
|
|
590d18 |
|
|
|
590d18 |
-from ipalib import api, errors
|
|
|
590d18 |
+from ipalib import api, errors, util
|
|
|
590d18 |
from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime
|
|
|
590d18 |
from ipalib.plugins.baseuser import baseuser, baseuser_add, baseuser_del, \
|
|
|
590d18 |
baseuser_mod, baseuser_find, baseuser_show, \
|
|
|
590d18 |
@@ -38,6 +38,7 @@ from ipalib.plugins import baseldap
|
|
|
590d18 |
from ipalib.request import context
|
|
|
590d18 |
from ipalib import _, ngettext
|
|
|
590d18 |
from ipalib import output
|
|
|
590d18 |
+from ipalib import x509
|
|
|
590d18 |
from ipaplatform.paths import paths
|
|
|
590d18 |
from ipapython.ipautil import ipa_generate_password
|
|
|
590d18 |
from ipapython.ipavalidate import Email
|
|
|
590d18 |
@@ -765,6 +766,11 @@ class user_show(baseuser_show):
|
|
|
590d18 |
__doc__ = _('Display information about a user.')
|
|
|
590d18 |
|
|
|
590d18 |
has_output_params = baseuser_show.has_output_params + user_output_params
|
|
|
590d18 |
+ takes_options = baseuser_show.takes_options + (
|
|
|
590d18 |
+ Str('out?',
|
|
|
590d18 |
+ doc=_('file to store certificate in'),
|
|
|
590d18 |
+ ),
|
|
|
590d18 |
+ )
|
|
|
590d18 |
|
|
|
590d18 |
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
|
|
590d18 |
convert_nsaccountlock(entry_attrs)
|
|
|
590d18 |
@@ -772,6 +778,25 @@ class user_show(baseuser_show):
|
|
|
590d18 |
self.obj.get_preserved_attribute(entry_attrs, options)
|
|
|
590d18 |
return dn
|
|
|
590d18 |
|
|
|
590d18 |
+ def forward(self, *keys, **options):
|
|
|
590d18 |
+ if 'out' in options:
|
|
|
590d18 |
+ util.check_writable_file(options['out'])
|
|
|
590d18 |
+ result = super(user_show, self).forward(*keys, **options)
|
|
|
590d18 |
+ if 'usercertificate' in result['result']:
|
|
|
590d18 |
+ x509.write_certificate_list(
|
|
|
590d18 |
+ result['result']['usercertificate'],
|
|
|
590d18 |
+ options['out']
|
|
|
590d18 |
+ )
|
|
|
590d18 |
+ result['summary'] = (
|
|
|
590d18 |
+ _('Certificate(s) stored in file \'%(file)s\'')
|
|
|
590d18 |
+ % dict(file=options['out'])
|
|
|
590d18 |
+ )
|
|
|
590d18 |
+ return result
|
|
|
590d18 |
+ else:
|
|
|
590d18 |
+ raise errors.NoCertificateError(entry=keys[-1])
|
|
|
590d18 |
+ else:
|
|
|
590d18 |
+ return super(user_show, self).forward(*keys, **options)
|
|
|
590d18 |
+
|
|
|
590d18 |
@register()
|
|
|
590d18 |
class user_undel(LDAPQuery):
|
|
|
590d18 |
__doc__ = _('Undelete a delete user account.')
|
|
|
590d18 |
--
|
|
|
590d18 |
2.4.3
|
|
|
590d18 |
|