From a2eab057d4adfaa8da7fee07410e1a33efb7f95d Mon Sep 17 00:00:00 2001
From: Thorsten Scherf <tscherf@redhat.com>
Date: Tue, 26 Aug 2014 19:21:29 +0200
Subject: pwpolicy-add: Added better error handling

    Make error message more meaningful when a password policy is added for a non
    existing group.

    https://fedorahosted.org/freeipa/ticket/4334

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
---
 ipalib/plugins/pwpolicy.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'ipalib')

diff --git a/ipalib/plugins/pwpolicy.py b/ipalib/plugins/pwpolicy.py
index 1976675c5..165d54889 100644
--- a/ipalib/plugins/pwpolicy.py
+++ b/ipalib/plugins/pwpolicy.py
@@ -159,9 +159,14 @@ class cosentry_add(LDAPCreate):
 
     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
         assert isinstance(dn, DN)
+        
         # check for existence of the group
         group_dn = self.api.Object.group.get_dn(keys[-1])
-        result = ldap.get_entry(group_dn, ['objectclass'])
+        try:
+            result = ldap.get_entry(group_dn, ['objectclass'])
+        except errors.NotFound:
+            self.api.Object.group.handle_not_found(keys[-1]) 
+
         oc = map(lambda x:x.lower(),result['objectclass'])
         if 'mepmanagedentry' in oc:
             raise errors.ManagedPolicyError()
-- 
cgit