summaryrefslogtreecommitdiffstats
path: root/ipa-admintools/ipa-adddelegation
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-admintools/ipa-adddelegation')
-rw-r--r--ipa-admintools/ipa-adddelegation19
1 files changed, 19 insertions, 0 deletions
diff --git a/ipa-admintools/ipa-adddelegation b/ipa-admintools/ipa-adddelegation
index 8dde908f..3ac053e5 100644
--- a/ipa-admintools/ipa-adddelegation
+++ b/ipa-admintools/ipa-adddelegation
@@ -90,6 +90,25 @@ def main():
new_aci.dest_group = target_grp[1].dn
new_aci.attrs = attr_list
+ aci_entry = client.get_aci_entry(['*', 'aci'])
+
+ # Look for an existing ACI of the same name
+ aci_str_list = aci_entry.getValues('aci')
+ if aci_str_list is None:
+ aci_str_list = []
+ if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+ aci_str_list = [aci_str_list]
+
+ for aci_str in aci_str_list:
+ try:
+ old_aci = ipa.aci.ACI(aci_str)
+ if old_aci.name == new_aci.name:
+ print "A delegation of that name already exists"
+ return 2
+ except SyntaxError:
+ # ignore aci_str's that ACI can't parse
+ pass
+
aci_entry = client.get_aci_entry(['dn'])
aci_entry.setValue('aci', new_aci.export_to_string())
generated by cgit (git 2.34.1) at 2025-09-04 23:08:42 +0000