590d18
From 52ddaafcac7ace012535ac7044b301ad3a7d7b9a Mon Sep 17 00:00:00 2001
590d18
From: Fraser Tweedale <ftweedal@redhat.com>
590d18
Date: Fri, 24 Jul 2015 09:31:26 -0400
590d18
Subject: [PATCH] user-show: add --out option to save certificates to file
590d18
590d18
Add the --out option to user-show, bringing it into line with
590d18
host-show and service-show with the ability to save the user's
590d18
certificate(s) to a file.
590d18
590d18
https://fedorahosted.org/freeipa/ticket/5171
590d18
590d18
Reviewed-By: Martin Basti <mbasti@redhat.com>
590d18
---
590d18
 API.txt                |  3 ++-
590d18
 VERSION                |  4 ++--
590d18
 ipalib/plugins/user.py | 27 ++++++++++++++++++++++++++-
590d18
 3 files changed, 30 insertions(+), 4 deletions(-)
590d18
590d18
diff --git a/API.txt b/API.txt
590d18
index 6ab30ddab41715fdbccb4f37aa1852621bca62b4..2e19d6b2f1e16cc1c89d71ed7d443145426a28e3 100644
590d18
--- a/API.txt
590d18
+++ b/API.txt
590d18
@@ -5360,10 +5360,11 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
590d18
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
590d18
 output: PrimaryKey('value', None, None)
590d18
 command: user_show
590d18
-args: 1,5,3
590d18
+args: 1,6,3
590d18
 arg: Str('uid', attribute=True, cli_name='login', maxlength=255, multivalue=False, pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$', primary_key=True, query=True, required=True)
590d18
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
590d18
 option: Flag('no_members', autofill=True, default=False, exclude='webui')
590d18
+option: Str('out?')
590d18
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
590d18
 option: Flag('rights', autofill=True, default=False)
590d18
 option: Str('version?', exclude='webui')
590d18
diff --git a/VERSION b/VERSION
590d18
index 678d1f8a7e588d480b16441e12e4d527d9c1cd98..ca43f3e0c06880d355c068514134187c5edda175 100644
590d18
--- a/VERSION
590d18
+++ b/VERSION
590d18
@@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
590d18
 #                                                      #
590d18
 ########################################################
590d18
 IPA_API_VERSION_MAJOR=2
590d18
-IPA_API_VERSION_MINOR=147
590d18
-# Last change: mbasti - Consolidate DNS RR in API and schema
590d18
+IPA_API_VERSION_MINOR=148
590d18
+# Last change: ftweedal - add --out option to user-show
590d18
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
590d18
index 206b380efb6472fb040dde33ac80e3f66c00c138..0209b29b130f2377c04f497f95c8ad39e98f2587 100644
590d18
--- a/ipalib/plugins/user.py
590d18
+++ b/ipalib/plugins/user.py
590d18
@@ -23,7 +23,7 @@ import string
590d18
 import posixpath
590d18
 import os
590d18
 
590d18
-from ipalib import api, errors
590d18
+from ipalib import api, errors, util
590d18
 from ipalib import Flag, Int, Password, Str, Bool, StrEnum, DateTime
590d18
 from ipalib.plugins.baseuser import baseuser, baseuser_add, baseuser_del, \
590d18
     baseuser_mod, baseuser_find, baseuser_show, \
590d18
@@ -38,6 +38,7 @@ from ipalib.plugins import baseldap
590d18
 from ipalib.request import context
590d18
 from ipalib import _, ngettext
590d18
 from ipalib import output
590d18
+from ipalib import x509
590d18
 from ipaplatform.paths import paths
590d18
 from ipapython.ipautil import ipa_generate_password
590d18
 from ipapython.ipavalidate import Email
590d18
@@ -765,6 +766,11 @@ class user_show(baseuser_show):
590d18
     __doc__ = _('Display information about a user.')
590d18
 
590d18
     has_output_params = baseuser_show.has_output_params + user_output_params
590d18
+    takes_options = baseuser_show.takes_options + (
590d18
+        Str('out?',
590d18
+            doc=_('file to store certificate in'),
590d18
+        ),
590d18
+    )
590d18
 
590d18
     def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
590d18
         convert_nsaccountlock(entry_attrs)
590d18
@@ -772,6 +778,25 @@ class user_show(baseuser_show):
590d18
         self.obj.get_preserved_attribute(entry_attrs, options)
590d18
         return dn
590d18
 
590d18
+    def forward(self, *keys, **options):
590d18
+        if 'out' in options:
590d18
+            util.check_writable_file(options['out'])
590d18
+            result = super(user_show, self).forward(*keys, **options)
590d18
+            if 'usercertificate' in result['result']:
590d18
+                x509.write_certificate_list(
590d18
+                    result['result']['usercertificate'],
590d18
+                    options['out']
590d18
+                )
590d18
+                result['summary'] = (
590d18
+                    _('Certificate(s) stored in file \'%(file)s\'')
590d18
+                    % dict(file=options['out'])
590d18
+                )
590d18
+                return result
590d18
+            else:
590d18
+                raise errors.NoCertificateError(entry=keys[-1])
590d18
+        else:
590d18
+            return super(user_show, self).forward(*keys, **options)
590d18
+
590d18
 @register()
590d18
 class user_undel(LDAPQuery):
590d18
     __doc__ = _('Undelete a delete user account.')
590d18
-- 
590d18
2.4.3
590d18