diff options
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/errors.py | 15 | ||||
-rw-r--r-- | ipalib/plugins/user.py | 12 |
2 files changed, 27 insertions, 0 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index 49d6343a4..8e119837e 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1110,6 +1110,21 @@ class ManagedPolicyError(ExecutionError): errno = 4021 format = _('A managed group cannot have a password policy.') +class ManagedGroupExistsError(ExecutionError): + """ + **4024** Raised when adding a user and its managed group exists + + For example: + + >>> raise ManagedGroupExistsError(group=u'engineering') + Traceback (most recent call last): + ... + ManagedGroupExistsError: Unable to create private group. A group 'engineering' already exists.' + """ + + errno = 4024 + format = _('Unable to create private group. Group \'%(group)s\' already exists.') + class BuiltinError(ExecutionError): """ **4100** Base class for builtin execution errors (*4100 - 4199*). diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index c3246f5cd..283c0c416 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -211,6 +211,18 @@ class user_add(LDAPCreate): msg_summary = _('Added user "%(value)s"') def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): + try: + # The Managed Entries plugin will allow a user to be created + # even if a group has a duplicate name. This would leave a user + # without a private group. Check for both the group and the user. + self.api.Command['group_show'](keys[-1]) + try: + self.api.Command['user_show'](keys[-1]) + raise errors.DuplicateEntry() + except errors.NotFound: + raise errors.ManagedGroupExistsError(group=keys[-1]) + except errors.NotFound: + pass config = ldap.get_ipa_config()[1] if 'ipamaxusernamelength' in config: if len(keys[-1]) > int(config.get('ipamaxusernamelength')[0]): |