From 4d94367006287ed0a04c092a7b86096518cf5b8c Mon Sep 17 00:00:00 2001 From: Martin Babinsky Date: Thu, 29 Oct 2015 14:53:25 +0100 Subject: ipa-replica-prepare: domain level check improvements ipa-replica-prepare command is disabled in non-zero domain-level. Instead of raising and exception with the whole message instructing the user to promote replicas from enrolled clients in level 1+ topologies, the exception itself contains only a brief informative message and the rest is logged at error level. https://fedorahosted.org/freeipa/ticket/5175 Reviewed-By: Petr Vobornik --- ipaserver/install/ipa_replica_prepare.py | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index 8998bc094..327deed77 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -175,7 +175,7 @@ class ReplicaPrepare(admintool.AdminTool): api.bootstrap(in_server=True) api.finalize() - self.check_domainlevel(api) + self.check_for_supported_domain_level() if api.env.host == self.replica_fqdn: raise admintool.ScriptError("You can't create a replica on itself") @@ -690,12 +690,25 @@ class ReplicaPrepare(admintool.AdminTool): '-o', ca_file ]) - def check_domainlevel(self, api): + def check_for_supported_domain_level(self): + """ + check if we are in 0-level topology. If not, raise an error pointing + the user to the replica promotion pathway + """ + domain_level = dsinstance.get_domain_level(api) if domain_level > DOMAIN_LEVEL_0: - raise RuntimeError( + self.log.error( UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE.format( command_name=self.command_name, domain_level=DOMAIN_LEVEL_0, - curr_domain_level=domain_level) + curr_domain_level=domain_level + ) + ) + raise errors.InvalidDomainLevelError( + reason="'{command}' is allowed only in domain level " + "{prep_domain_level}".format( + command=self.command_name, + prep_domain_level=DOMAIN_LEVEL_0 + ) ) -- cgit