Add new exists and autocreate wallet server interfaces. The first

states whether a given object exists and the second attempts to create
the object using the default owner rules.  Remove default owner
handling from the create interface, which is now for administrators
only.  Remove server-side auto-creation of objects on get or store and
instead have the client check for object existence and call autocreate
if necessary.  This removes confusion between default ACLs and
administrative object creation for users who are also on the ADMIN
ACL.

1 files changed, 6 insertions, 2 deletions

diff --git a/client/wallet.c b/client/wallet.c
index 8ce7ae0..2e4f755 100644
--- a/client/wallet.c
+++ b/client/wallet.c
@@ -216,8 +216,12 @@ main(int argc, char *argv[])
     if (!remctl_open(r, options.server, options.port, options.principal))
         die("%s", remctl_error(r));
 
-    /* Most commands, we handle ourselves, but get commands are special and
-       keytab get commands with -f are doubly special. */
+    /* Most commands, we handle ourselves, but get and store commands are
+       special and keytab get commands with -f are doubly special. */
+    if (strcmp(argv[0], "get") == 0 || strcmp(argv[0], "store") == 0) {
+        if (!object_exists(r, options.type, argv[1], argv[2]))
+            object_autocreate(r, options.type, argv[1], argv[2]);
+    }
     if (strcmp(argv[0], "get") == 0) {
         if (argc > 3)
             die("too many arguments");