1package OpenXPKI::Server::API2::Plugin::Cert::get_cert_attributes;
2use OpenXPKI::Server::API2::EasyPlugin;
3
4=head1 NAME
5
6OpenXPKI::Server::API2::Plugin::Cert::get_cert_attributes
7
8=cut
9
10# Project modules
11use OpenXPKI::Debug;
12use OpenXPKI::Server::Context qw( CTX );
13use OpenXPKI::Server::API2::Types;
14
15with 'OpenXPKI::Server::API2::TenantRole';
16
17=head1 COMMANDS
18
19=head2 get_cert_attributes
20
21Get a list of (selected) certificate attributes.
22
23Returns a I<HashRef> with the attribute names and the lists of values (muliple
24attributes of the same name are allowed):
25
26    {
27        meta_email => [ 'nn@example.org', 'nicer@example.org' ],
28        meta_requestor => [ 'Nice Nephew' ],
29    }
30
31B<Parameters>
32
33=over
34
35=item * C<identifier> I<Str> - OpenXPKI identifier
36
37=item * C<attribute> I<ArrayRefOrStr>
38
39SQL search string(s) to filter the list of returned attributes. Will
40be applied with SQL LIKE operator, so "%" wildcards are allowed.
41Optional.
42
43=item * C<tenant> I<Str>
44
45=back
46
47=cut
48command "get_cert_attributes" => {
49    identifier => { isa => 'Base64', required => 1, },
50    attribute  => { isa => 'ArrayRefOrStr', coerce => 1 },
51    tenant  => { isa => 'Str', },
52} => sub {
53    my ($self, $params) = @_;
54
55    ##! 16: $params->attribute
56    my $query = { identifier => $params->identifier };
57
58    if ($params->has_attribute) {
59        my @conditions = map { { -like => $_ } } @{$params->attribute};
60        $query->{attribute_contentkey} = \@conditions;
61    }
62
63    ##! 64: $query
64
65    my $sth_attrib = CTX('dbi')->select(
66        from => 'certificate_attributes',
67        columns => [ 'attribute_contentkey', 'attribute_value' ],
68        where => $query,
69    );
70
71    my $attrib;
72    while (my $item = $sth_attrib->fetchrow_hashref) {
73        ##! 64: $item
74        my $key = $item->{attribute_contentkey};
75        my $val = $item->{attribute_value};
76        $attrib->{$key} //= [];
77        push @{$attrib->{$key}}, $val;
78    }
79    ##! 32: $attrib
80
81    return unless ($attrib);
82
83    ##! 64: 'incoming tenant ' . ($params->tenant // '<undef>')
84    if (my $tenant = $self->get_validated_tenant( $params->tenant )) {
85        ##! 32: 'tenant ' . $tenant
86        # check if tenant is in the result already
87        my $owner_tenant;
88        if ($attrib->{system_cert_tenant}) {
89            $owner_tenant = $attrib->{system_cert_tenant}->[0];
90        } else {
91            $owner_tenant = CTX('api2')->get_certificate_tenant( identifier => $params->identifier );
92        }
93        $attrib = CTX('authentication')->tenant_handler()->certificate_attribute_filter( $tenant, $owner_tenant, $attrib );
94    }
95
96    return $attrib;
97};
98
99__PACKAGE__->meta->make_immutable;
100