testCertificateAuthorityTool: Enable the duplicate certificate check

79071ceb · Boxiang Sun · Rafael Monnerat · 44e0d582 · 79071ceb · 79071ceb
Commit 79071ceb authored Dec 10, 2019 by Boxiang Sun Committed by Rafael Monnerat Dec 20, 2019
Showing with 4 additions and 4 deletions

product/ERP5/Tool/CertificateAuthorityTool.py product/ERP5/Tool/CertificateAuthorityTool.py +4 -2

product/ERP5/tests/testCertificateAuthorityTool.py product/ERP5/tests/testCertificateAuthorityTool.py +0 -2

No files found.
--- a/product/ERP5/Tool/CertificateAuthorityTool.py
+++ b/product/ERP5/Tool/CertificateAuthorityTool.py
@@ -186,15 +186,17 @@ class CertificateAuthorityTool(BaseTool):
    #      {key, certificate, id, common_name}
    if not common_name:
      raise ValueError("Invalid common name: %r" % common_name)
+    self._checkCertificateAuthority()
+    self._lockCertificateAuthority()

    index = open(self.index).read().splitlines()
    valid_line_list = [q for q in index if q.startswith('V') and
      ('CN=%s/' % common_name in q)]
    if len(valid_line_list) >= 1:
+      self._unlockCertificateAuthority()
      raise ValueError('The common name %r already has a certificate'
                       'please revoke it before request a new one..' % common_name)
-    self._checkCertificateAuthority()
-    self._lockCertificateAuthority()
+
    try:
      new_id = open(self.serial, 'r').read().strip().lower()
      key = os.path.join(self.certificate_authority_path, 'private',

--- a/product/ERP5/tests/testCertificateAuthorityTool.py
+++ b/product/ERP5/tests/testCertificateAuthorityTool.py
@@ -75,8 +75,6 @@ class TestCertificateAuthority(ERP5TypeTestCase):
    self.assertTrue('CN=%s' % user_id in certificate['certificate'])
    person.revokeCertificate()

-  @unittest.skip(
-    """Will be fixed when we rewrite certificate autority to use caucase.""")
  def test_person_request_certificate_twice(self):
    user_id, login = self._createPerson()
    self.loginByUserName(login)