certprofile: add option to export profile config

Add the `--out=FILENAME' option to `certprofile-show'. When given, it exports the profile configuration from Dogtag and writes it to the named file. Fixes: https://fedorahosted.org/freeipa/ticket/5091 Reviewed-By: Martin Basti <mbasti@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-07-02 03:31:31 -04:00 · 2015-07-02 03:31:31 -04:00 · bed6f402e2
commit bed6f402e2
parent 62e8002bc4
4 changed files with 48 additions and 6 deletions
--- a/API.txt
+++ b/API.txt
@ -747,9 +747,10 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
 output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
 output: PrimaryKey('value', None, None)
 command: certprofile_show
-args: 1,4,3
+args: 1,5,3
 arg: Str('cn', attribute=True, cli_name='id', multivalue=False, primary_key=True, query=True, required=True)
 option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
+option: Str('out?')
 option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
 option: Flag('rights', autofill=True, default=False)
 option: Str('version?', exclude='webui')
--- a/4
+++ b/4
@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
 #                                                      #
 ########################################################
 IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=139
-# Last change: edewata - added ipaVaultPublicKey attribute
+IPA_API_VERSION_MINOR=140
+# Last change: ftweedal: add certprofile-show --out option
--- a/ipalib/plugins/certprofile.py
+++ b/ipalib/plugins/certprofile.py
@ -5,7 +5,7 @@
 import re

 from ipalib import api, Bool, File, Str
-from ipalib import output
+from ipalib import output, util
 from ipalib.plugable import Registry
 from ipalib.plugins.virtual import VirtualCommand
 from ipalib.plugins.baseldap import (
@ -175,9 +175,42 @@ class certprofile_find(LDAPSearch):
 class certprofile_show(LDAPRetrieve):
    __doc__ = _("Display the properties of a Certificate Profile.")

-    def execute(self, *args, **kwargs):
+    has_output_params = LDAPRetrieve.has_output_params + (
+        Str('config',
+            label=_('Profile configuration'),
+        ),
+    )
+
+    takes_options = LDAPRetrieve.takes_options + (
+        Str('out?',
+            doc=_('Write profile configuration to file'),
+        ),
+    )
+
+    def execute(self, *keys, **options):
        ca_enabled_check()
-        return super(certprofile_show, self).execute(*args, **kwargs)
+        result = super(certprofile_show, self).execute(*keys, **options)
+
+        if 'out' in options:
+            with self.api.Backend.ra_certprofile as profile_api:
+                result['result']['config'] = profile_api.read_profile(keys[0])
+
+        return result
+
+    def forward(self, *keys, **options):
+        if 'out' in options:
+            util.check_writable_file(options['out'])
+
+        result = super(certprofile_show, self).forward(*keys, **options)
+        if 'out' in options and 'config' in result['result']:
+            with open(options['out'], 'w') as f:
+                f.write(result['result'].pop('config'))
+            result['summary'] = (
+                _("Profile configuration stored in file '%(file)s'")
+                % dict(file=options['out'])
+            )
+
+        return result


@register()
--- a/ipaserver/plugins/dogtag.py
+++ b/ipaserver/plugins/dogtag.py
@ -2081,6 +2081,14 @@ class ra_certprofile(RestClient):
            body=profile_data
        )

+    def read_profile(self, profile_id):
+        """
+        Read the profile configuration from Dogtag
+        """
+        status, status_text, resp_headers, resp_body = self._ssldo(
+            'GET', profile_id + '/raw')
+        return resp_body
+
    def enable_profile(self, profile_id):
        """
        Enable the profile in Dogtag