diff options
Diffstat (limited to 'ipalib/plugins/caacl.py')
| -rw-r--r-- | ipalib/plugins/caacl.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ipalib/plugins/caacl.py b/ipalib/plugins/caacl.py index 247d6df14..64dbec16e 100644 --- a/ipalib/plugins/caacl.py +++ b/ipalib/plugins/caacl.py @@ -307,6 +307,14 @@ class caacl_del(LDAPDelete): msg_summary = _('Deleted CA ACL "%(value)s"') + def pre_callback(self, ldap, dn, *keys, **options): + if keys[0] == 'hosts_services_caIPAserviceCert': + raise errors.ProtectedEntryError( + label=_("CA ACL"), + key=keys[0], + reason=_("default CA ACL can be only disabled")) + return dn + @register() class caacl_mod(LDAPUpdate): |