diff options
author | Pavel Zuna <pzuna@redhat.com> | 2010-10-14 13:05:43 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-10-18 14:44:42 -0400 |
commit | dff2ff830073c638582c3708cec422c47994f36a (patch) | |
tree | 80e88b3b87f64a9ab6ce8d4d0dd4444f3f272312 /ipalib/errors.py | |
parent | 267e803cdfdb410cd00ba1e8435379b7112c057f (diff) | |
download | freeipa-dff2ff830073c638582c3708cec422c47994f36a.tar.gz freeipa-dff2ff830073c638582c3708cec422c47994f36a.tar.xz freeipa-dff2ff830073c638582c3708cec422c47994f36a.zip |
Disallow RDN change and single-value bypass using setattr/addattr.
When setting or adding an attribute wiht setatt/addattr check to
see if there is a Param for the attribute and enforce the multi-value.
If there is no Param check the LDAP schema for SINGLE-VALUE.
Catch RDN mods and try to return a more reasonable error message.
Ticket #230
Ticket #246
Diffstat (limited to 'ipalib/errors.py')
-rw-r--r-- | ipalib/errors.py | 37 |
1 files changed, 34 insertions, 3 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index b960ffc75..413e6e6f8 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1165,14 +1165,14 @@ class DatabaseError(ExecutionError): For example: - >>> raise DatabaseError(desc="Can't contact LDAP server", info='') + >>> raise DatabaseError(desc="Can't contact LDAP server", info='Info goes here') Traceback (most recent call last): ... - DatabaseError: Can't contact LDAP server: + DatabaseError: Can't contact LDAP server: Info goes here """ errno = 4203 - format = _('%(desc)s:%(info)s') + format = _('%(desc)s: %(info)s') class LimitsExceeded(ExecutionError): @@ -1205,6 +1205,37 @@ class ObjectclassViolation(ExecutionError): errno = 4205 format = _('%(info)s') +class NotAllowedOnRDN(ExecutionError): + """ + **4206** Raised when an RDN value is modified. + + For example: + + >>> raise NotAllowedOnRDN() + Traceback (most recent call last): + ... + NotAllowedOnRDN: modifying primary key is not allowed + """ + + errno = 4206 + format = _('modifying primary key is not allowed') + + +class OnlyOneValueAllowed(ExecutionError): + """ + **4207** Raised when trying to set more than one value to single-value attributes + + For example: + + >> raise OnlyOneValueAllowed(attr='ipasearchtimelimit') + Traceback (most recent call last): + ... + OnlyOneValueAllowed: ipasearchtimelimit: Only one value allowed. + """ + + errno = 4207 + format = _('%(attr)s: Only one value allowed.') + class CertificateError(ExecutionError): """ |