diff options
| author | Tomas Babej <tbabej@redhat.com> | 2015-10-23 10:39:47 +0200 |
|---|---|---|
| committer | Tomas Babej <tbabej@redhat.com> | 2015-10-26 14:10:53 +0100 |
| commit | 4d0d5913dd2e86dabbe9592522298c42af648284 (patch) | |
| tree | ab75ebb50da24c88c7a1c92ad8933e520b97e0f9 /ipalib | |
| parent | 288a9b9dba05e5f87e253a3968b6431d816f94f6 (diff) | |
| download | freeipa-4d0d5913dd2e86dabbe9592522298c42af648284.tar.gz freeipa-4d0d5913dd2e86dabbe9592522298c42af648284.tar.xz freeipa-4d0d5913dd2e86dabbe9592522298c42af648284.zip | |
trusts: Make trust_show.get_dn raise properly formatted NotFound
The trust_show command does not raise a properly formatted NotFound
error if the trust is not found, only a generic EmptyResult error
is raised.
This patch makes the trust_show tell us what actually could not be
found.
https://fedorahosted.org/freeipa/ticket/5389
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/trust.py | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 472f3534e..0715713a7 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -539,22 +539,38 @@ class trust(LDAPObject): error=_("invalid SID: %(value)s") % dict(value=value)) def get_dn(self, *keys, **kwargs): + trust_type = kwargs.get('trust_type') + sdn = [('cn', x) for x in keys] sdn.reverse() - trust_type = kwargs.get('trust_type') + if trust_type is None: ldap = self.backend - filter = ldap.make_filter({'objectclass': ['ipaNTTrustedDomain'], 'cn': [keys[-1]] }, - rules=ldap.MATCH_ALL) - filter = ldap.combine_filters((filter, "ipaNTSecurityIdentifier=*"), rules=ldap.MATCH_ALL) - result = ldap.get_entries(DN(self.container_dn, self.env.basedn), - ldap.SCOPE_SUBTREE, filter, ['']) + trustfilter = ldap.make_filter({ + 'objectclass': ['ipaNTTrustedDomain'], + 'cn': [keys[-1]]}, + rules=ldap.MATCH_ALL + ) + + trustfilter = ldap.combine_filters( + (trustfilter, "ipaNTSecurityIdentifier=*"), + rules=ldap.MATCH_ALL + ) + + try: + result = ldap.get_entries( + DN(self.container_dn, self.env.basedn), + ldap.SCOPE_SUBTREE, trustfilter, [''] + ) + except errors.NotFound: + self.handle_not_found(keys[-1]) + if len(result) > 1: raise errors.OnlyOneValueAllowed(attr='trust domain') + return result[0].dn - dn=make_trust_dn(self.env, trust_type, DN(*sdn)) - return dn + return make_trust_dn(self.env, trust_type, DN(*sdn)) @register() class trust_add(LDAPCreate): |