diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2017-03-14 13:57:43 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2017-03-14 18:37:10 +0100 |
commit | 4e5e3eebb223b7f2760e21f22e42775982104b0d (patch) | |
tree | a0d25032336ffd86bd1b6f3299791c4c324ce197 | |
parent | 544d66b7109300e570fb6849f0f9bab8020f3b66 (diff) | |
download | freeipa-4e5e3eebb223b7f2760e21f22e42775982104b0d.tar.gz freeipa-4e5e3eebb223b7f2760e21f22e42775982104b0d.tar.xz freeipa-4e5e3eebb223b7f2760e21f22e42775982104b0d.zip |
Re-use trust domain retrieval code in certmap validators
https://pagure.io/freeipa/issue/6372
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
-rw-r--r-- | ipaserver/plugins/certmap.py | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/ipaserver/plugins/certmap.py b/ipaserver/plugins/certmap.py index e28b397c0..917463fc6 100644 --- a/ipaserver/plugins/certmap.py +++ b/ipaserver/plugins/certmap.py @@ -100,16 +100,11 @@ def check_associateddomain_is_trusted(api_inst, options): """ domains = options.get('associateddomain') if domains: - trust_suffix_namespace = set() + trusted_domains = api_inst.Object.config.gather_trusted_domains() + trust_suffix_namespace = {dom_name.lower() for dom_name in + trusted_domains} trust_suffix_namespace.add(api_inst.env.domain.lower()) - trust_objects = api_inst.Command.trust_find(sizelimit=0)['result'] - for obj in trust_objects: - trustdomains = api_inst.Command.trustdomain_find( - obj['cn'][0], sizelimit=0)['result'] - for domain in trustdomains: - trust_suffix_namespace.add(domain['cn'][0].lower()) - for dom in domains: if not str(dom).lower() in trust_suffix_namespace: raise errors.ValidationError( |