[Freeipa-devel] [PATCH 017] certprofile-import: do not require profileId in profile data

[Fraser Tweedale]

> diff --git a/ipalib/plugins/certprofile.py b/ipalib/plugins/certprofile.py
> index 5550ed942521dbab2e783fba1570520268f9b378..fe8934690fe09499f0bacb6610d9815a2b4367a4 100644
> --- a/ipalib/plugins/certprofile.py
> +++ b/ipalib/plugins/certprofile.py
> @@ -233,8 +233,8 @@ class certprofile_import(LDAPCreate):
>  
>          match = self.PROFILE_ID_PATTERN.search(options['file'])
>          if match is None:
> -            raise errors.ValidationError(name='file',
> -                error=_("Profile ID is not present in profile data"))
> +            # no profileId found, use CLI value as profileId.
> +            options['file'] = u'profileId=%s\n%s' % (keys[0], options['file'])

NACK

This assignment has no external effect; `post_callback' is called
with original `options['file']' and dogtag profile import can fail
due to missing profileId.

The solution is to do the same thing in post_callback; updated patch
attached.

Thanks,
Fraser
-------------- next part --------------
From 98b422098ace7d8a405facf17b7399b07ed9362c Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes at redhat.com>
Date: Thu, 23 Jul 2015 17:48:56 +0200
Subject: [PATCH] certprofile-import: do not require profileId in profile data

certprofile-import no longer requires profileId in profile data. Instead
the profile ID from the command line is taken and added to the profile
data internally.

If profileId is set in the profile, then it still has to match the CLI
option.

https://fedorahosted.org/freeipa/ticket/5090
---
 ipalib/plugins/certprofile.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/ipalib/plugins/certprofile.py b/ipalib/plugins/certprofile.py
index 5550ed942521dbab2e783fba1570520268f9b378..8c24192fc9204a412c5357571eb5a274074bad39 100644
--- a/ipalib/plugins/certprofile.py
+++ b/ipalib/plugins/certprofile.py
@@ -233,8 +233,8 @@ class certprofile_import(LDAPCreate):
 
         match = self.PROFILE_ID_PATTERN.search(options['file'])
         if match is None:
-            raise errors.ValidationError(name='file',
-                error=_("Profile ID is not present in profile data"))
+            # no profileId found, use CLI value as profileId.
+            options['file'] = u'profileId=%s\n%s' % (keys[0], options['file'])
         elif keys[0] != match.group(1):
             raise errors.ValidationError(name='file',
                 error=_("Profile ID '%(cli_value)s' does not match profile data '%(file_value)s'")
@@ -248,6 +248,11 @@ class certprofile_import(LDAPCreate):
 
         If the operation fails, remove the LDAP entry.
         """
+        match = self.PROFILE_ID_PATTERN.search(options['file'])
+        if match is None:
+            # no profileId found, use CLI value as profileId.
+            options['file'] = u'profileId=%s\n%s' % (keys[0], options['file'])
+
         try:
             with self.api.Backend.ra_certprofile as profile_api:
                 profile_api.create_profile(options['file'])
-- 
2.4.3