)dZddlmZddlmZddlmZddlmZddlmZddl mZddl m Z ddl m Z dd l mZdd l mZdd lmZdd lmZej(ej*j,Gd dej.Zy)z"Update a new certificate template.)absolute_import)division)unicode_literals)base) request_utils) exceptions)flags) operations) resource_args) labels_util)logc6eZdZdZdddZdZedZdZy)CreatezUpdate a certificate template.a To update a template named "dns-restricted" with new default x509 extensions: $ {command} dns-restricted --location=us-west1 --predefined-values-file=x509_parameters.yaml To update a template named "dns-restricted" to allow requestors to specify subject: $ {command} dns-restricted --location=us-west1 --copy-subject To update a template named "dns-restricted" with allowed extension 'base-key-usage' to allow requestors to specify additional x509 extension 'extended-key-usage': $ {command} dns-restricted --location=us-west1 --copy-known-extensions=base-key-usage,extended-key-usage To update a template named "mtls-restricted" with allowed OID '1.1' to allow requestors to specify alternative OIDS '2.2,3.3': $ {command} mtls-restricted --location=us-west1 --copy-extensions-by-oid=2.2,3.3 ) DESCRIPTIONEXAMPLESctjd}|j}g}|jds"|jds|jdrt j ||_|jdr|jd|jdr|jd|jdr|jd|jdr+t j||_ |jd |jd r"|j|_ |jd |jd xs|jd }|jd xs|jd}|s|r@t j||_ |r|jd|r|jdtjj|}|j!|j"j$|} | j&r"| j(|_|jd|st+j,d||fS)aRCreates a Certificate template object and update mask from Certificate template update flags. Requires that args has 'description', 'copy-sans', 'copy-subject', 'predefined-values-file', 'copy-known-extensions', 'copy-extensions-by-oid', and update labels flags registered. Args: args: The parser that contains the flag values. current_labels: The current set of labels for the Certificate Template. Returns: A tuple with the Certificate template object to update with and the list of strings representing the update mask, respectively. v1 copy_sans copy_subjectidentity_cel_expressionz8identity_constraints.allow_subject_alt_names_passthroughz.identity_constraints.allow_subject_passthroughz#identity_constraints.cel_expressionpredefined_values_filepredefined_values descriptioncopy_known_extensionsdrop_known_extensionscopy_extensions_by_oiddrop_oid_extensionsz'passthrough_extensions.known_extensionsz,passthrough_extensions.additional_extensionslabelsz8No updates found for the requested certificate template.)privateca_baseGetMessagesModuleCertificateTemplate IsSpecifiedr ParseIdentityConstraintsidentityConstraintsappendParsePredefinedValuespredefinedValuesrParseExtensionConstraintspassthroughExtensionsr DiffFromUpdateArgsApplyCaPool LabelsValue needs_updaterprivateca_exceptionsNoUpdateException) selfargscurrent_labelsmessagestemplate_to_update update_maskknown_exts_flagsoid_exts_flags labels_diff labels_updates )lib/surface/privateca/templates/update.py"_UpdateCertificateTemplateFromArgsz)Create._UpdateCertificateTemplateFromArgs;sE //5H!557K %   N +   5 6/4/M/M 0,   + & F    . )KL  3 4@A 01,1,G,G,M),-  &'+'7'7$'''3  1 2%% 1  / 0>  ) )$ /. DE IJ""11$7K%%##^M!!"/"6"6"  2 2 D  { **c(tj|dtjddj |t j |t j|dt j|tj|y)Nz to updatez --descriptionz0A text description for the Certificate Template.)helpF)require_passthrough_flags) r +AddCertificateTemplatePositionalResourceArgrArgument AddToParserr AddPredefinedValuesFileFlagAddIdentityConstraintsFlags%AddExtensionConstraintsFlagsForUpdater AddUpdateLabelsFlags)parsers r<Argsz Create.Argssm==  MMPk& %%f- %%fN //7$$V,r>c Ttjd}tjd}|jjj }|j }|jj|j|}|j||j\}}tj||jj|jj d|jj#|j%||dj'|t)j*} t-j.| dd} t-j0| |j2} t4j6j9d j;| j<y) Nr)nameT)existing_copy_subjexisting_copy_sans for_update,)rLcertificateTemplate updateMask requestIdzUpdating Certificate Template.) api_versionz"Updated Certificate Template [{}].)rGetClientInstancer CONCEPTScertificate_templateParse RelativeName'projects_locations_certificateTemplatesGet8PrivatecaProjectsLocationsCertificateTemplatesGetRequestr=rr ValidateIdentityConstraintsr$allowSubjectPassthroughallowSubjectAltNamesPassthroughPatch:PrivatecaProjectsLocationsCertificateTemplatesPatchRequestjoinrGenerateRequestIdr AwaitGetMessageFromResponser!r statusPrintformatrL) r2r3clientr5cert_template_ref template_namecurrent_cert_templatecert_template_to_updater7 operationcert_template_response cert_templates r<Runz Create.Runs{  - -d 3F//5H ::@@B%224M"JJNNII J  // '.. )[ %% 0DD\\0DDdd >>DDKK 7xx ,#557 L I(--355 < <MJJ,33M4F4FGr>N) __name__ __module__ __qualname____doc__ detailed_helpr= staticmethodrJrqr>r<rr s6': -.N+` - -.r>rN)ru __future__rrr googlecloudsdk.api_lib.privatecarrrgooglecloudsdk.calliope$googlecloudsdk.command_lib.privatecarr0r r r $googlecloudsdk.command_lib.util.argsr googlecloudsdk.corer ReleaseTracks ReleaseTrackGA CreateCommandrrxr>r<rsk)&'C:(S6;><#D%%(()eT  e*er>