Disallow calling methods from url.

This is too dangerous, as it allows to generate certificates for any user.

Disallow calling methods from url.
This is too dangerous, as it allows to generate certificates for any user.
ee8ae47e · Łukasz Nowak · 3535c040 · ee8ae47e
Commit ee8ae47e authored Jun 15, 2011 by Łukasz Nowak
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

master/product/Vifib/Tool/CertificateAuthorityTool.py master/product/Vifib/Tool/CertificateAuthorityTool.py +4 -2

No files found.
--- a/master/product/Vifib/Tool/CertificateAuthorityTool.py
+++ b/master/product/Vifib/Tool/CertificateAuthorityTool.py
@@ -180,7 +180,8 @@ class CertificateAuthorityTool(BaseTool):

  security.declareProtected(Permissions.AccessContentsInformation, 'getNewCertificate')
  def getNewCertificate(self, common_name):
-    """Returns certificate for passed common name, as dictionary of {key, certificate, id, common_name}"""
+    # No docstring in order to make this method non publishable
+    # Returns certificate for passed common name, as dictionary of {key, certificate, id, common_name}
    self._checkCertificateAuthority()
    self._lockCertificateAuthority()
    try:
@@ -215,7 +216,8 @@ class CertificateAuthorityTool(BaseTool):

  security.declareProtected(Permissions.AccessContentsInformation, 'revokeCertificate')
  def revokeCertificate(self, serial):
-    """Revokes certificate with serial, returns dictionary {crl}"""
+    # No docstring in order to make this method non publishable
+    # Revokes certificate with serial, returns dictionary {crl}
    self._checkCertificateAuthority()
    self._lockCertificateAuthority()
    try: