diff --git a/lemur/auth/permissions.py b/lemur/auth/permissions.py index c07119d4..13d8f6e1 100644 --- a/lemur/auth/permissions.py +++ b/lemur/auth/permissions.py @@ -21,13 +21,13 @@ CertificateCreatorNeed = partial(CertificateCreator, 'key') class ViewKeyPermission(Permission): def __init__(self, certificate_id, owner): - c_need = CertificateCreatorNeed(str(certificate_id)) + c_need = CertificateCreatorNeed(certificate_id) super(ViewKeyPermission, self).__init__(c_need, RoleNeed(owner), RoleNeed('admin')) class UpdateCertificatePermission(Permission): def __init__(self, certificate_id, owner): - c_need = CertificateCreatorNeed(str(certificate_id)) + c_need = CertificateCreatorNeed(certificate_id) super(UpdateCertificatePermission, self).__init__(c_need, RoleNeed(owner), RoleNeed('admin')) diff --git a/lemur/certificates/service.py b/lemur/certificates/service.py index 8dbc7597..8a1e20fa 100644 --- a/lemur/certificates/service.py +++ b/lemur/certificates/service.py @@ -320,17 +320,18 @@ def create_csr(csr_config): x509.BasicConstraints(ca=False, path_length=None), critical=True, ) - for k, v in csr_config.get('extensions', {}).items(): - if k == 'subAltNames': - # map types to their x509 objects - general_names = [] - for name in v['names']: - if name['nameType'] == 'DNSName': - general_names.append(x509.DNSName(name['value'])) + if csr_config.get('extensions'): + for k, v in csr_config.get('extensions', {}).items(): + if k == 'subAltNames': + # map types to their x509 objects + general_names = [] + for name in v['names']: + if name['nameType'] == 'DNSName': + general_names.append(x509.DNSName(name['value'])) - builder = builder.add_extension( - x509.SubjectAlternativeName(general_names), critical=True - ) + builder = builder.add_extension( + x509.SubjectAlternativeName(general_names), critical=True + ) # TODO support more CSR options, none of the authority plugins currently support these options # builder.add_extension(