testCertificateAuthorityTool: Enable the duplicate certificate check

cddb89e6 · Boxiang Sun · bdd73044 · cddb89e6 · cddb89e6
Commit cddb89e6 authored Dec 10, 2019 by Boxiang Sun
Showing with 4 additions and 4 deletions

product/ERP5/Tool/CertificateAuthorityTool.py product/ERP5/Tool/CertificateAuthorityTool.py +4 -2

product/ERP5/tests/testCertificateAuthorityTool.py product/ERP5/tests/testCertificateAuthorityTool.py +0 -2

No files found.
--- a/product/ERP5/Tool/CertificateAuthorityTool.py
+++ b/product/ERP5/Tool/CertificateAuthorityTool.py
@@ -186,15 +186,17 @@ class CertificateAuthorityTool(BaseTool):
    #      {key, certificate, id, common_name}
    if not common_name:
      raise ValueError("Invalid common name: %r" % common_name)
+    self._checkCertificateAuthority()
+    self._lockCertificateAuthority()
    index = open(self.index).read().splitlines()
    valid_line_list = [q for q in index if q.startswith('V') and
      ('CN=%s/' % common_name in q)]
    if len(valid_line_list) >= 1:
+      self._unlockCertificateAuthority()
      raise ValueError('The common name %r already has a certificate'
                       'please revoke it before request a new one..' % common_name)
-    self._checkCertificateAuthority()
-    self._lockCertificateAuthority()
    try:
      new_id = open(self.serial, 'r').read().strip().lower()
      key = os.path.join(self.certificate_authority_path, 'private',

--- a/product/ERP5/tests/testCertificateAuthorityTool.py
+++ b/product/ERP5/tests/testCertificateAuthorityTool.py
@@ -75,8 +75,6 @@ class TestCertificateAuthority(ERP5TypeTestCase):
    self.assertTrue('CN=%s' % user_id in certificate['certificate'])
    person.revokeCertificate()
-  @unittest.skip(
-    """Will be fixed when we rewrite certificate autority to use caucase.""")
  def test_person_request_certificate_twice(self):
    user_id, login = self._createPerson()
    self.loginByUserName(login)