From e672a396374c05c5a06eb4e816ec6cc0939ad008 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tbabej@redhat.com>
Date: Tue, 17 Jun 2014 17:53:51 +0200
Subject: trusts: Validate missing trust secret properly

Detect the situation if the user passes empty trust secret and
error out properly.

https://fedorahosted.org/freeipa/ticket/4266

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
---
 ipalib/plugins/trust.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'ipalib/plugins/trust.py')

diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index 99acfb8f8..fe1a76719 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -721,11 +721,10 @@ sides.
                 ret['summary'] = self.msg_summary_existing % ret
             return ret
 
-
         # 2. We don't have access to the remote domain and trustdom password
         # is provided. Do the work on our side and inform what to do on remote
         # side.
-        if 'trust_secret' in options:
+        if options.get('trust_secret'):
             result = self.trustinstance.join_ad_ipa_half(
                 keys[-1],
                 self.realm_server,
@@ -740,8 +739,11 @@ sides.
             if dn:
                 ret['summary'] = self.msg_summary_existing % ret
             return ret
-        raise errors.ValidationError(name=_('AD Trust setup'),
-                                     error=_('Not enough arguments specified to perform trust setup'))
+        else:
+            raise errors.ValidationError(
+                name=_('AD Trust setup'),
+                error=_('Not enough arguments specified to perform trust '
+                        'setup'))
 
 @register()
 class trust_del(LDAPDelete):
-- 
cgit