summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipalib/errors.py4
-rw-r--r--ipalib/errors2.py1
-rw-r--r--ipaserver/ipaldap.py6
3 files changed, 6 insertions, 5 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py
index 722de7658..c27d85dea 100644
--- a/ipalib/errors.py
+++ b/ipalib/errors.py
@@ -396,10 +396,6 @@ class DefaultGroup(ConfigurationError):
"""You cannot remove the default users group"""
faultCode = 1025
-class InsufficientAccess(GenericError):
- """You do not have permission to perform this task"""
- faultCode = 1027
-
class InvalidUserPrincipal(GenericError):
"""Invalid user principal"""
faultCode = 1028
diff --git a/ipalib/errors2.py b/ipalib/errors2.py
index 260a51e8e..33db5ccf1 100644
--- a/ipalib/errors2.py
+++ b/ipalib/errors2.py
@@ -475,6 +475,7 @@ class ACIError(AuthorizationError):
"""
errno = 2100
+ format = _('Insufficient access: %(info)r')
diff --git a/ipaserver/ipaldap.py b/ipaserver/ipaldap.py
index af17988be..01370b868 100644
--- a/ipaserver/ipaldap.py
+++ b/ipaserver/ipaldap.py
@@ -387,6 +387,8 @@ class IPAdmin(SimpleLDAPObject):
raise errors2.DuplicateEntry
else:
raise errors.DatabaseError, e
+ except ldap.INSUFFICIENT_ACCESS, e:
+ raise errors2.ACIError(info=e.args[0].get('info',''))
except ldap.LDAPError, e:
raise errors.DatabaseError, e
return True
@@ -428,6 +430,8 @@ class IPAdmin(SimpleLDAPObject):
# update, making the oldentry stale.
except ldap.NO_SUCH_ATTRIBUTE:
raise errors.MidairCollision
+ except ldap.INSUFFICIENT_ACCESS, e:
+ raise errors2.ACIError(info=e.args[0].get('info',''))
except ldap.LDAPError, e:
raise errors.DatabaseError, e
return True
@@ -500,7 +504,7 @@ class IPAdmin(SimpleLDAPObject):
self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl)
self.delete_s(*args)
except ldap.INSUFFICIENT_ACCESS, e:
- raise errors.InsufficientAccess, e
+ raise errors2.ACIError(info=e.args[0].get('info',''))
except ldap.LDAPError, e:
raise errors.DatabaseError, e
return True
generated by cgit (git 2.34.1) at 2024-05-22 07:58:10 +0000