diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-09-15 09:20:14 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-10-08 10:11:41 -0400 |
| commit | bed6e81935a43e0661faf2391c2494b230222c17 (patch) | |
| tree | 400e05f426b6fbfe97327ef6e1fbcf6990b06cea /ipalib/errors.py | |
| parent | b09467e44809a0858657e71c0c92852e1d483c5f (diff) | |
| download | freeipa-bed6e81935a43e0661faf2391c2494b230222c17.tar.gz freeipa-bed6e81935a43e0661faf2391c2494b230222c17.tar.xz freeipa-bed6e81935a43e0661faf2391c2494b230222c17.zip | |
If an HBAC category is 'all' don't allow individual objects to be added.
Basically, make 'all' mutually exclusive. This makes debugging lots easier.
If say usercat='all' there is no point adding specific users to the rule
because it will always apply to everyone.
ticket 164
Diffstat (limited to 'ipalib/errors.py')
| -rw-r--r-- | ipalib/errors.py | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index efd0d640f..0d1304e0d 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1221,6 +1221,23 @@ class CertificateOperationError(ExecutionError): format = _('Certificate operation cannot be completed: %(error)s') +class MutuallyExclusiveError(ExecutionError): + """ + **4302** Raised when an operation would result in setting two attributes which are mutually exlusive. + + For example: + + >>> raise MutuallyExclusiveError(reason=u'hosts may not be added when hostcategory=all') + Traceback (most recent call last): + ... + MutuallyExclusiveError: hosts may not be added when hostcategory=all + + """ + + errno = 4302 + format = _('%(reason)s') + + ############################################################################## # 5000 - 5999: Generic errors |