diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2011-10-11 14:28:17 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-10-12 10:12:49 +0200 |
| commit | c0879cd00b17b61de54b52cb24a61ce85374cae4 (patch) | |
| tree | 61c12f0f9ac8a845422cbbf0cda7aceba804c679 /ipalib/plugins/pwpolicy.py | |
| parent | 89b869d2c2ab6a86b3be12f1aff33437e9974571 (diff) | |
| download | freeipa-c0879cd00b17b61de54b52cb24a61ce85374cae4.tar.gz freeipa-c0879cd00b17b61de54b52cb24a61ce85374cae4.tar.xz freeipa-c0879cd00b17b61de54b52cb24a61ce85374cae4.zip | |
Disallow deletion of global password policy.
ticket 1936
Diffstat (limited to 'ipalib/plugins/pwpolicy.py')
| -rw-r--r-- | ipalib/plugins/pwpolicy.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py index 79ea44dda..f261de562 100644 --- a/ipalib/plugins/pwpolicy.py +++ b/ipalib/plugins/pwpolicy.py @@ -366,6 +366,14 @@ class pwpolicy_del(LDAPDelete): attribute=True, required=True, multivalue=True ) + def pre_callback(self, ldap, dn, *keys, **options): + if dn.lower() == global_policy_dn.lower(): + raise errors.ValidationError( + name='group', + error=_('cannot delete global password policy') + ) + return dn + def post_callback(self, ldap, dn, *keys, **options): try: self.api.Command.cosentry_del(keys[-1]) |