From bed6f402e2d5587c35ff7e84ba3b80026c6db73d Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 2 Jul 2015 03:31:31 -0400 Subject: [PATCH] certprofile: add option to export profile config Add the `--out=FILENAME' option to `certprofile-show'. When given, it exports the profile configuration from Dogtag and writes it to the named file. Fixes: https://fedorahosted.org/freeipa/ticket/5091 Reviewed-By: Martin Basti --- API.txt | 3 ++- VERSION | 4 ++-- ipalib/plugins/certprofile.py | 39 ++++++++++++++++++++++++++++++++--- ipaserver/plugins/dogtag.py | 8 +++++++ 4 files changed, 48 insertions(+), 6 deletions(-) diff --git a/API.txt b/API.txt index 99fa52873..4b3fbaac0 100644 --- a/API.txt +++ b/API.txt @@ -747,9 +747,10 @@ output: Entry('result', , Gettext('A dictionary representing an LDA output: Output('summary', (, ), None) output: PrimaryKey('value', None, None) command: certprofile_show -args: 1,4,3 +args: 1,5,3 arg: Str('cn', attribute=True, cli_name='id', multivalue=False, primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') +option: Str('out?') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') option: Flag('rights', autofill=True, default=False) option: Str('version?', exclude='webui') diff --git a/VERSION b/VERSION index 2d9ad2697..9030eb9c6 100644 --- a/VERSION +++ b/VERSION @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=139 -# Last change: edewata - added ipaVaultPublicKey attribute +IPA_API_VERSION_MINOR=140 +# Last change: ftweedal: add certprofile-show --out option diff --git a/ipalib/plugins/certprofile.py b/ipalib/plugins/certprofile.py index 9e1e47e94..abb62434e 100644 --- a/ipalib/plugins/certprofile.py +++ b/ipalib/plugins/certprofile.py @@ -5,7 +5,7 @@ import re from ipalib import api, Bool, File, Str -from ipalib import output +from ipalib import output, util from ipalib.plugable import Registry from ipalib.plugins.virtual import VirtualCommand from ipalib.plugins.baseldap import ( @@ -175,9 +175,42 @@ class certprofile_find(LDAPSearch): class certprofile_show(LDAPRetrieve): __doc__ = _("Display the properties of a Certificate Profile.") - def execute(self, *args, **kwargs): + has_output_params = LDAPRetrieve.has_output_params + ( + Str('config', + label=_('Profile configuration'), + ), + ) + + takes_options = LDAPRetrieve.takes_options + ( + Str('out?', + doc=_('Write profile configuration to file'), + ), + ) + + def execute(self, *keys, **options): ca_enabled_check() - return super(certprofile_show, self).execute(*args, **kwargs) + result = super(certprofile_show, self).execute(*keys, **options) + + if 'out' in options: + with self.api.Backend.ra_certprofile as profile_api: + result['result']['config'] = profile_api.read_profile(keys[0]) + + return result + + def forward(self, *keys, **options): + if 'out' in options: + util.check_writable_file(options['out']) + + result = super(certprofile_show, self).forward(*keys, **options) + if 'out' in options and 'config' in result['result']: + with open(options['out'], 'w') as f: + f.write(result['result'].pop('config')) + result['summary'] = ( + _("Profile configuration stored in file '%(file)s'") + % dict(file=options['out']) + ) + + return result @register() diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index 3dc8f5c93..eb2a6ae84 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -2081,6 +2081,14 @@ class ra_certprofile(RestClient): body=profile_data ) + def read_profile(self, profile_id): + """ + Read the profile configuration from Dogtag + """ + status, status_text, resp_headers, resp_body = self._ssldo( + 'GET', profile_id + '/raw') + return resp_body + def enable_profile(self, profile_id): """ Enable the profile in Dogtag