Check for the existence of a replication agreement before deleting it.

When using ipa-replica-manage or ipa-csreplica-manage to delete an
agreement with a host we would try to make a connection to that host
prior to tryign to delete it. This meant that the trying to delete
a host we don't have an agreement with would return a connection
error instead of a "no agreement with host foo" error.

Also display a completed message when an agreement is removed.

https://fedorahosted.org/freeipa/ticket/2048
https://fedorahosted.org/freeipa/ticket/2125

2 files changed, 34 insertions, 22 deletions

diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage
index ac39b70fa..97c504552 100755
--- a/install/tools/ipa-csreplica-manage
+++ b/install/tools/ipa-csreplica-manage
@@ -267,12 +267,26 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
     repl1.delete_agreement(replica2)
     repl1.delete_referral(replica2)
 
+    print "Deleted replication agreement from '%s' to '%s'" % (replica1, replica2)
+
 def del_master(realm, hostname, options):
 
     force_del = False
 
     delrepl = None
-    # 1. Connect to the dogtag DS to be removed.
+
+    # 1. Connect to the local dogtag DS server
+    try:
+        thisrepl = CSReplicationManager(realm, options.host,
+                                        options.dirman_passwd)
+    except Exception, e:
+        sys.exit("Failed to connect to server %s: %s" % (options.host, convert_error(e)))
+
+    # 2. Ensure we have an agreement with the master
+    if thisrepl.get_replication_agreement(hostname) is None:
+        sys.exit("'%s' has no replication agreement for '%s'" % (options.host, hostname))
+
+    # 3. Connect to the dogtag DS to be removed.
     try:
         delrepl = CSReplicationManager(realm, hostname, options.dirman_passwd)
     except Exception, e:
@@ -283,21 +297,14 @@ def del_master(realm, hostname, options):
             print "Unable to connect to replica %s, forcing removal" % hostname
             force_del = True
 
-    # 2. Connect to the local dogtag DS server
-    try:
-        thisrepl = CSReplicationManager(realm, options.host,
-                                        options.dirman_passwd)
-    except Exception, e:
-        sys.exit("Failed to connect to server %s: %s" % (options.host, convert_error(e)))
-
-    # 2. Get list of agreements.
+    # 4. Get list of agreements.
     if delrepl is None:
         # server not up, just remove it from this server
         replica_names = [options.host]
     else:
         replica_names = delrepl.find_ipa_replication_agreements()
 
-    # 3. Remove each agreement
+    # 5. Remove each agreement
     for r in replica_names:
         try:
             del_link(realm, r, hostname, options.dirman_passwd, force=True)
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 8506fcba7..32cee6ed2 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -272,12 +272,25 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False):
         except Exception, e:
             print "Error deleting winsync replica shared info: %s" % str(e)
 
+    print "Deleted replication agreement from '%s' to '%s'" % (replica1, replica2)
 
 def del_master(realm, hostname, options):
 
     force_del = False
 
-    # 1. Connect to the master to be removed.
+    # 1. Connect to the local server
+    try:
+        thisrepl = replication.ReplicationManager(realm, options.host,
+                                                  options.dirman_passwd)
+    except Exception, e:
+        print "Failed to connect to server %s: %s" % (options.host, str(e))
+        sys.exit(1)
+
+    # 2. Ensure we have an agreement with the master
+    if thisrepl.get_replication_agreement(hostname) is None:
+        sys.exit("'%s' has no replication agreement for '%s'" % (options.host, hostname))
+
+    # 3. Connect to the master to be removed.
     try:
         delrepl = replication.ReplicationManager(realm, hostname, options.dirman_passwd)
     except Exception, e:
@@ -288,14 +301,6 @@ def del_master(realm, hostname, options):
             print "Unable to connect to replica %s, forcing removal" % hostname
             force_del = True
 
-    # 2. Connect to the local server
-    try:
-        thisrepl = replication.ReplicationManager(realm, options.host,
-                                                  options.dirman_passwd)
-    except Exception, e:
-        print "Failed to connect to server %s: %s" % (options.host, str(e))
-        sys.exit(1)
-
     if force_del:
         dn = 'cn=masters,cn=ipa,cn=etc,%s' % thisrepl.suffix
         res = thisrepl.conn.search_s(dn, ldap.SCOPE_ONELEVEL)
@@ -306,21 +311,21 @@ def del_master(realm, hostname, options):
         # 2. Get list of agreements.
         replica_names = delrepl.find_ipa_replication_agreements()
 
-    # 3. Remove each agreement
+    # 4. Remove each agreement
     for r in replica_names:
         try:
             del_link(realm, r, hostname, options.dirman_passwd, force=True)
         except Exception, e:
             print "There were issues removing a connection: %s" % str(e)
 
-    # 4. Finally clean up the removed replica common entries.
+    # 5. Finally clean up the removed replica common entries.
     try:
         thisrepl.replica_cleanup(hostname, realm, force=True)
     except Exception, e:
         print "Failed to cleanup %s entries: %s" % (hostname, str(e))
         print "You may need to manually remove them from the tree"
 
-    # 5. And clean up the removed replica DNS entries if any.
+    # 6. And clean up the removed replica DNS entries if any.
     try:
         if bindinstance.dns_container_exists(options.host, thisrepl.suffix,
                                              dm_password=options.dirman_passwd):