diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py index 4abaf6b8..48f6baa3 100644 --- a/lemur/certificates/schemas.py +++ b/lemur/certificates/schemas.py @@ -77,11 +77,25 @@ class CertificateInputSchema(CertificateCreationSchema): class CertificateEditInputSchema(CertificateSchema): notify = fields.Boolean() + owner = fields.String() destinations = fields.Nested(AssociatedDestinationSchema, missing=[], many=True) notifications = fields.Nested(AssociatedNotificationSchema, missing=[], many=True) replacements = fields.Nested(AssociatedCertificateSchema, missing=[], many=True) roles = fields.Nested(AssociatedRoleSchema, missing=[], many=True) + @post_load + def enforce_notifications(self, data): + """ + Ensures that when an owner changes, default notifications are added for the new owner. + Old owner notifications are retained unless explicitly removed. + :param data: + :return: + """ + if data['owner']: + notification_name = "DEFAULT_{0}".format(data['owner'].split('@')[0].upper()) + data['notifications'] += notification_service.create_default_expiration_notifications(notification_name, [data['owner']]) + return data + class CertificateNestedOutputSchema(LemurOutputSchema): __envelope__ = False diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py index 94974176..9b4b9944 100644 --- a/lemur/tests/test_certificates.py +++ b/lemur/tests/test_certificates.py @@ -9,6 +9,14 @@ from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKE INTERNAL_VALID_LONG_STR, INTERNAL_VALID_SAN_STR, PRIVATE_KEY_STR +def test_certificate_edit_schema(session): + from lemur.certificates.schemas import CertificateEditInputSchema + + input_data = {'owner': 'bob@example.com'} + data, errors = CertificateEditInputSchema().load(input_data) + assert len(data['notifications']) == 3 + + def test_authority_identifier_schema(): from lemur.schemas import AuthorityIdentifierSchema input_data = {'useAuthorityCert': True}