From e41fcf19fe82c41fe024b261d94814e092e6abaf Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 11 Dec 2008 10:31:27 -0500 Subject: Raise an error on bad principals instead of printing one when changing passwords Fix logic in determining what to do with an incoming principal --- ipalib/errors.py | 4 ++++ ipalib/plugins/f_passwd.py | 14 +++++++------- 2 files changed, 11 insertions(+), 7 deletions(-) (limited to 'ipalib') diff --git a/ipalib/errors.py b/ipalib/errors.py index 989721be..724654ff 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -413,6 +413,10 @@ class InsufficientAccess(GenericError): """You do not have permission to perform this task""" faultCode = 1027 +class InvalidUserPrincipal(GenericError): + """Invalid user principal""" + faultCode = 1028 + class FunctionDeprecated(GenericError): """Raised by a deprecated function""" faultCode = 2000 diff --git a/ipalib/plugins/f_passwd.py b/ipalib/plugins/f_passwd.py index edc13b63..c82cd455 100644 --- a/ipalib/plugins/f_passwd.py +++ b/ipalib/plugins/f_passwd.py @@ -52,14 +52,14 @@ class passwd(frontend.Command): :param param uid: The login name of the user being updated. :param kw: Not used. """ - if principal.find('@') < 0: + import pdb + pdb.set_trace() + if principal.find('@') > 0: u = principal.split('@') - if len(u) > 2 or len(u) == 0: - print "Invalid user name (%s)" % principal - if len(u) == 1: - principal = principal+"@"+self.api.env.realm - else: - principal = principal + if len(u) > 2: + raise errors.InvalidUserPrincipal, principal + else: + principal = principal+"@"+self.api.env.realm dn = self.Backend.ldap.find_entry_dn( "krbprincipalname", principal, -- cgit