diff options
author | Rob Crittenden <rcritten@redhat.com> | 2008-02-22 15:40:21 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2008-02-22 15:40:21 -0500 |
commit | 02d3c5aff3f449f23ff7f3814b54383a3de263bc (patch) | |
tree | 222745312ee97816ab57999298f8b51dca22fa00 /ipa-server | |
parent | 44797e39175bafeed8dc43845fa5ea44911908dd (diff) | |
download | freeipa-02d3c5aff3f449f23ff7f3814b54383a3de263bc.tar.gz freeipa-02d3c5aff3f449f23ff7f3814b54383a3de263bc.tar.xz freeipa-02d3c5aff3f449f23ff7f3814b54383a3de263bc.zip |
Don't allow a group to be a member of itself.
434542
Diffstat (limited to 'ipa-server')
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index 7634b5951..37523308f 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -1258,6 +1258,8 @@ class IPAServer: """ if not member_dn or not group_dn: raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) + if member_dn.lower() == group_dn.lower(): + raise ipaerror.gen_exception(ipaerror.INPUT_SAME_GROUP) old_group = self.get_entry_by_dn(group_dn, None, opts) if old_group is None: @@ -1591,13 +1593,15 @@ class IPAServer: return res def add_group_to_group(self, group, tgroup, opts=None): - """Add a user to an existing group. + """Add a group to an existing group. group is a DN of the group to add tgroup is the DN of the target group to be added to """ if not group or not tgroup: raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER) + if group.lower() == tgroup.lower(): + raise ipaerror.gen_exception(ipaerror.INPUT_SAME_GROUP) old_group = self.get_entry_by_dn(tgroup, None, opts) if old_group is None: raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND) |