diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-10-11 11:16:52 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-10-13 13:00:51 -0400 |
| commit | 3d55b66e48466bf190f85d78d15c040d27bc136d (patch) | |
| tree | 9a7ec05e20960d141d1368c18a0388401b55dc4b | |
| parent | 16931cfe2d984abc2d80687d5d1d7b4579f6dd33 (diff) | |
| download | freeipa-3d55b66e48466bf190f85d78d15c040d27bc136d.tar.gz freeipa-3d55b66e48466bf190f85d78d15c040d27bc136d.tar.xz freeipa-3d55b66e48466bf190f85d78d15c040d27bc136d.zip | |
Enforce the maximum username length from cn=ipaconfig
ticket 226
| -rw-r--r-- | ipalib/plugins/user.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index a6e6b5d2c..4bbb86c93 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -178,6 +178,9 @@ class user_add(LDAPCreate): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): config = ldap.get_ipa_config()[1] + if 'ipamaxusernamelength' in config: + if len(keys[-1]) > int(config.get('ipamaxusernamelength')[0]): + raise errors.ValidationError(name='uid', error=_('can be at most %(len)d characters' % dict(len = int(config.get('ipamaxusernamelength')[0])))) entry_attrs.setdefault('loginshell', config.get('ipadefaultloginshell')) # hack so we can request separate first and last name in CLI full_name = '%s %s' % (entry_attrs['givenname'], entry_attrs['sn']) |