From 31e4801f30f3ede1c713c35d8d2672b1a9bc4d2c Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Thu, 4 Aug 2011 09:59:01 +0200
Subject: Improve dnszone-add error message

Check that NS address passed in dnszone-add is a domain name and
not an IP address. Make this clear also the parameter help.

https://fedorahosted.org/freeipa/ticket/1567
---
 ipalib/plugins/dns.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'ipalib/plugins')

diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index d50a9f6e8..105678b23 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -109,6 +109,7 @@ from ipalib import Flag, Int, List, Str, StrEnum
 from ipalib.plugins.baseldap import *
 from ipalib import _, ngettext
 from ipapython import dnsclient
+from ipapython.ipautil import valid_ip
 from ldap import explode_dn
 
 # supported resource record types
@@ -318,7 +319,7 @@ class dnszone(LDAPObject):
         Str('idnssoamname',
             cli_name='name_server',
             label=_('Authoritative nameserver'),
-            doc=_('Authoritative nameserver.'),
+            doc=_('Authoritative nameserver domain name'),
         ),
         Str('idnssoarname',
             cli_name='admin_email',
@@ -431,6 +432,11 @@ class dnszone_add(LDAPCreate):
         # Check nameserver has a forward record
         nameserver = entry_attrs['idnssoamname']
 
+        # NS record must contain domain name
+        if valid_ip(nameserver):
+            raise errors.ValidationError(name='name-server',
+                    error=unicode(_("Nameserver address is not a fully qualified domain name")))
+
         if not 'ip_address' in options and not options['force']:
             is_ns_rec_resolvable(nameserver)
 
-- 
cgit