Blob Blame History Raw
From c1258d68268bc93536ba66921d65a2550bdf475e Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slaznick@redhat.com>
Date: Tue, 9 May 2017 17:45:20 +0200
Subject: [PATCH] ca/cert-show: check certificate_out in options

If --certificate-out was specified on the command line, it will appear
among the options. If it was empty, it will be None.

This check was done properly in the ca plugin. Lets' just unify how this
is handled and improve user experience by announcing which option causes
the failure.

https://pagure.io/freeipa/issue/6885

Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
---
 ipaclient/plugins/ca.py   |  8 ++++++--
 ipaclient/plugins/cert.py | 12 +++++++++---
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/ipaclient/plugins/ca.py b/ipaclient/plugins/ca.py
index fcdf484635c7611d905f28629a380a0152c7bde1..fe9c55f4c07b4682de1ad882b6c5651dafece716 100644
--- a/ipaclient/plugins/ca.py
+++ b/ipaclient/plugins/ca.py
@@ -4,7 +4,7 @@
 
 import base64
 from ipaclient.frontend import MethodOverride
-from ipalib import util, x509, Str
+from ipalib import errors, util, x509, Str
 from ipalib.plugable import Registry
 from ipalib.text import _
 
@@ -26,7 +26,11 @@ class WithCertOutArgs(MethodOverride):
         filename = None
         if 'certificate_out' in options:
             filename = options.pop('certificate_out')
-            util.check_writable_file(filename)
+            try:
+                util.check_writable_file(filename)
+            except errors.FileError as e:
+                raise errors.ValidationError(name='certificate-out',
+                                             error=str(e))
 
         result = super(WithCertOutArgs, self).forward(*keys, **options)
         if filename:
diff --git a/ipaclient/plugins/cert.py b/ipaclient/plugins/cert.py
index 9ec6970b18d0cdc3863259faee3a697f63799c3f..93cd3cef1a14925bc0795b32e97e44d69897be5c 100644
--- a/ipaclient/plugins/cert.py
+++ b/ipaclient/plugins/cert.py
@@ -50,9 +50,15 @@ class CertRetrieveOverride(MethodOverride):
     )
 
     def forward(self, *args, **options):
-        certificate_out = options.pop('certificate_out', None)
-        if certificate_out is not None:
-            util.check_writable_file(certificate_out)
+        if 'certificate_out' in options:
+            certificate_out = options.pop('certificate_out')
+            try:
+                util.check_writable_file(certificate_out)
+            except errors.FileError as e:
+                raise errors.ValidationError(name='certificate-out',
+                                             error=str(e))
+        else:
+            certificate_out = None
 
         result = super(CertRetrieveOverride, self).forward(*args, **options)
 
-- 
2.9.4