diff options
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/errors.py | 15 | ||||
-rw-r--r-- | ipalib/plugins/virtual.py | 6 |
2 files changed, 18 insertions, 3 deletions
diff --git a/ipalib/errors.py b/ipalib/errors.py index ad5f584f1..cec80fb47 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -1119,6 +1119,21 @@ class LimitsExceeded(ExecutionError): errno = 4204 format = _('limits exceeded for this query') +class ObjectclassViolation(ExecutionError): + """ + **4205** Raised when an entry is missing a required attribute or objectclass + + For example: + + >>> raise ObjectclassViolation(info='attribute "krbPrincipalName" not allowed') + Traceback (most recent call last): + ... + ObjectclassViolation: attribute "krbPrincipalName" not allowed + """ + + errno = 4205 + format = _('%(info)s') + ############################################################################## # 5000 - 5999: Generic errors diff --git a/ipalib/plugins/virtual.py b/ipalib/plugins/virtual.py index a1dfbdf68..d21a58f12 100644 --- a/ipalib/plugins/virtual.py +++ b/ipalib/plugins/virtual.py @@ -49,7 +49,7 @@ class VirtualCommand(Command): if self.operation is None: raise errors.ACIError(info='operation not defined') - ldap = self.api.Backend.ldap + ldap = self.api.Backend.ldap2 self.log.info("IPA: virtual verify %s" % self.operation) operationdn = "cn=%s,%s,%s" % (self.operation, self.api.env.container_virtual, self.api.env.basedn) @@ -65,9 +65,9 @@ class VirtualCommand(Command): except errors.ACIError, e: self.log.debug("%s" % str(e)) raise errors.ACIError(info='not allowed to perform this command') - except errors.DatabaseError: + except errors.ObjectclassViolation: return except Exception, e: # Something unexpected happened. Log it and deny access to be safe. - self.log.info("Virtual verify failed: %s" % str(e)) + self.log.info("Virtual verify failed: %s %s" % (type(e), str(e))) raise errors.ACIError(info='not allowed to perform this command') |