diff options
-rw-r--r-- | ipalib/errors.py | 16 | ||||
-rw-r--r-- | ipalib/plugins/baseldap.py | 8 | ||||
-rw-r--r-- | ipaserver/plugins/ldap2.py | 2 |
3 files changed, 25 insertions, 1 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index 6a4e2c5d6..31fc14ea4 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1501,6 +1501,22 @@ class BadSearchFilter(ExecutionError): format = _('Bad search filter %(info)s') +class NotAllowedOnNonLeaf(ExecutionError): + """ + **4210** Raised when operation is not allowed on a non-leaf entry + + For example: + + >>> raise NotAllowedOnNonLeaf() + Traceback (most recent call last): + ... + NotAllowedOnNonLeaf: Not allowed on non-leaf entry + """ + + errno = 4210 + format = _('Not allowed on non-leaf entry') + + class CertificateError(ExecutionError): """ **4300** Base class for Certificate execution errors (*4300 - 4399*). diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index 14a46f2d0..a55a23244 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -1424,7 +1424,13 @@ class LDAPDelete(LDAPMultiQuery): except errors.NotFound: self.obj.handle_not_found(*nkeys) - delete_subtree(dn) + try: + self._exc_wrapper(nkeys, options, ldap.delete_entry)(dn, normalize=self.obj.normalize_dn) + except errors.NotFound: + self.obj.handle_not_found(*nkeys) + except errors.NotAllowedOnNonLeaf: + # this entry is not a leaf entry, delete all child nodes + delete_subtree(dn) for callback in self.get_callbacks('post'): result = callback(self, ldap, dn, *nkeys, **options) diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index a0b91fd5d..1a754a55f 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -719,6 +719,8 @@ class ldap2(CrudBackend): raise errors.NotAllowedOnRDN(attr=info) except _ldap.FILTER_ERROR: raise errors.BadSearchFilter(info=info) + except _ldap.NOT_ALLOWED_ON_NONLEAF: + raise errors.NotAllowedOnNonLeaf() except _ldap.SUCCESS: pass except _ldap.LDAPError, e: |