# $Id$ # # Copyright (c) 2001-2014 NetApp, Inc., All Rights Reserved # Any use, modification, or distribution is prohibited # without prior written consent from NetApp, Inc. # ## @summary SecurityCertificate ComponentState Module (auto-generated by CGT) ## @author dl-nacl-dev@netapp.com ## @status shared ## @pod here =head1 NAME NACL::CS::SecurityCertificate =head1 DESCRIPTION C is a derived class of L. It represents the state of an ONTAP SecurityCertificate. A related class is L, which represents access to an ONTAP SecurityCertificate. =head1 ATTRIBUTES The individual pieces of data that are part of the state of the SecurityCertificate element are the attributes of the SecurityCertificate ComponentState. Additionally, the command_interface used to obtain the ComponentState object is also an attribute of the object. This makes it easier to obtain the component object corresponding to the CS object, using L. =over =item command_interface The command_interface with which the CS object was obtained. (Available in all CS objects regardless of requested_fields and the mode/interface) =item C<< protocol >> Protocol Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< self_signed >> Self-Signed Certificate possible value(s) are, true,false Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< expire_days >> Number of Days until Expiration ranges from 1 to 3652 Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< hash_crl >> Hash-value of CRL Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< email_addr >> Contact Administrator's Email Address Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: email-address =item C<< size >> Size of Requested Certificate in Bits Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< state >> State or Province Name Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< locality >> Locality Name Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< password >> Password that Encrypts Private-Key Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< expiration >> Certificate Expiration Date Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: expiration-date =item C<< hash_function >> Hashing Function Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< public_cert >> Public Key Certificate Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: public-certificate =item C<< id >> ID to name Directory Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< organization >> Organization Name Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< country >> Country Name Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< crl >> Certificate Revocation List for CA Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< serial >> Serial Number of Certificate Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: serial-number =item C<< vserver >> Name of Vserver Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< ca >> Certificate Authority Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: certificate-authority =item C<< hash >> Hash-Value of Certificate Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< unit >> Organization Unit Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: organization-unit =item C<< common_name >> FQDN or Custom Common Name Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< type >> Type of Certificate Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: =item C<< start >> Certificate Start Date Filled in for CMode CLI/ZAPI iter, non-iter. Mapping for CMode ZAPI iter: Mapping for CMode ZAPI non-iter: start-date =item C<< private_key >> Private Key Filled in for CMode CLI/ZAPI iter, non-iter. =item C<< subtype >> Certificate Subtype. Filled in for CMode-CLI. =item C<< is_system_internal_certificate >> Is System Internal Certificate Filled in for CMode-CLI. =back =cut package NACL::CS::SecurityCertificate; use strict; use warnings; use Params::Validate qw(validate); use NATE::Log qw(log_global); use NACL::Exceptions::NoElementsFound qw(:try); use NACL::Exceptions::InvalidChoice; use NACL::CS::ComponentState::ZapiSkip qw(make_zapi_skip); use NACL::CS::ComponentState::ZapiArray qw(make_zapi_array); use base 'NACL::CS::ComponentState::ONTAP'; use Class::MethodMaker [ scalar => 'protocol', scalar => 'self_signed', scalar => 'expire_days', scalar => 'hash_crl', scalar => 'email_addr', scalar => 'size', scalar => 'state', scalar => 'locality', scalar => 'password', scalar => 'expiration', scalar => 'hash_function', scalar => 'public_cert', scalar => 'id', scalar => 'organization', scalar => 'country', scalar => 'crl', scalar => 'serial', scalar => 'vserver', scalar => 'ca', scalar => 'hash', scalar => 'unit', scalar => 'common_name', scalar => 'type', scalar => 'start', scalar => 'private_key', scalar => 'service', scalar => 'subtype', scalar => 'is_system_internal_certificate', ]; my $Log = log_global(); my $may_enter = $Log->may_enter(); my $may_exit = $Log->may_exit(); sub _check_non_iter { $Log->enter() if $may_enter; my ($pkg, @opts) = @_; $pkg->_base_check_non_iter( @opts, _primary_keys => [qw(serial vserver ca common-name type)], _vs_context => 1 ); $pkg->_common_zapi_check(@opts); $Log->exit() if $may_exit; } # is-system-internal-certificate added in FS.1, but not # applicable to the ZAPI. # https://wikid.netapp.com/w/SCON/Security/FS.1/Certificate_Management/FS sub _common_zapi_check { $Log->enter() if $may_enter; my ($pkg, %opts) = @_; my @invalid_fields = $pkg->_invalid_fields_check( filter => $opts{filter}, requested_fields => $opts{requested_fields}, _fields => [qw( is-system-internal-certificate)] ); if (@invalid_fields) { my $msg = 'The following fields provided ' . 'in the call to NACL::CS::SecurityCertificate->fetch() ' . 'are not returned by the ZAPI, so the ZAPI back-end is being ' . "skipped:\n" . join (', ', @invalid_fields); $Log->comment($msg); $Log->exit() if $may_exit; NACL::Exceptions::InvalidChoice->throw($msg); } $Log->exit() if $may_exit; } =head1 METHODS =head2 fetch my $SecurityCertificate_state = NACL::CS::SecurityCertificate->fetch(command_interface => $ci, ...); my @SecurityCertificate_states = NACL::CS::SecurityCertificate->fetch(command_interface => $ci, ...); (Class method) Discovers which elements are present and returns their state in ComponentState objects. Called in scalar context it returns only one state object, in list context it returns all state objects. See L for a more detailed description along with a complete explanation of the options it accepts. Uses CMode CLI/ZAPI. Invokes security-certificate-get-iter API for CMode ZAPI iter. Invokes security-certificate-get API for CMode ZAPI non-iter. =over =item Exceptions =over =item C When there are no elements matching the query specified or elements of that type doesn't exist, then this exception will be thrown. =back =back =cut sub fetch { $Log->enter() if $may_enter; my ($pkg, @args) = @_; my @state_objs = $pkg->SUPER::fetch( @args, show_cmd => 'security certificate show', choices => [ { method => '_fetch_cmode_cli', interface => 'CLI', set => 'CMode', zapi_type => 'none', }, { method => '_fetch_cmode_zapi', interface => 'ZAPI', set => 'CMode', zapi_type => 'iter', check => '_common_zapi_check', }, { method => '_fetch_cmode_zapi_non_iter', interface => 'ZAPI', set => 'CMode', zapi_type => 'non-iter', check => '_check_non_iter' }, ], exception_text => 'No matching SecurityCertificate(s) found', frontend => 'NACL::CS::SecurityCertificate::fetch', ); $Log->exit() if $may_exit; return wantarray ? @state_objs : $state_objs[0]; } sub _update_state_objs_cmode_zapi { $Log->enter() if $may_enter; my ($pkg, @args) = @_; $pkg->SUPER::_update_state_objs_cmode_zapi(@args, zapi_field_translations => {timestamp_to_string => [qw(expiration start)],},); $Log->exit() if $may_exit; } sub _fetch_cmode_cli { $Log->enter() if $may_enter; my ($pkg, @args) = @_; my @state_objs = $pkg->SUPER::_fetch_cmode_cli(@args, api => 'security_certificate_show',); $Log->exit() if $may_exit; return @state_objs; } sub _fetch_cmode_zapi { $Log->enter() if $may_enter; my ($pkg, @args) = @_; my @state_objs = $pkg->SUPER::_fetch_cmode_zapi( @args, copy => [ qw(protocol expire-days locality state size hash-function organization country vserver common-name type subtype ) ], map => { 'email-addr' => 'email-address', 'expiration' => 'expiration-date', 'public-cert' => 'public-certificate', 'serial' => 'serial-number', 'ca' => 'certificate-authority', 'unit' => 'organization-unit', 'start' => 'start-date', }, api => "security-certificate-get-iter", ); $Log->exit() if $may_exit; return @state_objs; } sub _fetch_cmode_zapi_non_iter { $Log->enter() if $may_enter; my ($pkg, @args) = @_; my @state_objs = $pkg->SUPER::_fetch_cmode_zapi_non_iter( @args, copy => [ qw(protocol expire-days locality state size hash-function organization country vserver common-name type ) ], map => { 'email-addr' => 'email-address', 'expiration' => 'expiration-date', 'public-cert' => 'public-certificate', 'serial' => 'serial-number', 'ca' => 'certificate-authority', 'unit' => 'organization-unit', 'start' => 'start-date', }, api => "security-certificate-get", vserver_operated_on => \my $vserver, primary_keys => [qw( common-name serial type ca )], ); $Log->exit() if $may_exit; return @state_objs; } 1;