From 158bf45cae0cb6ddcb84523b46e366b18634d11e Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Thu, 7 Mar 2013 15:34:25 +0100
Subject: Do not hide idrange-add errors when adding trust

We catched all errors that could be raised by idrange-add command and
just raised an uncomprehensible ValidationError. This could hide
a real underlying problem and make the debugging harder.

We should rather just let the command raise the real error (which
will be already a PublicError).

https://fedorahosted.org/freeipa/ticket/3288
---
 ipalib/plugins/trust.py | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'ipalib')

diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index 2d772130e..7733d9b15 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -346,15 +346,12 @@ sides.
         else:
             base_id = 200000 + (pysss_murmur.murmurhash3(dom_sid, len(dom_sid), 0xdeadbeef) % 10000) * 200000
 
-        try:
-            new_range = api.Command['idrange_add'](range_name,
-                                                 ipabaseid=base_id,
-                                                 ipaidrangesize=options['range_size'],
-                                                 ipabaserid=0,
-                                                 ipanttrusteddomainsid=dom_sid)
-        except Exception, e:
-            raise errors.ValidationError(name=_('ID range exists'),
-                   error = _('ID range already exists, must be added manually'))
+        # Add new ID range
+        api.Command['idrange_add'](range_name,
+                                   ipabaseid=base_id,
+                                   ipaidrangesize=options['range_size'],
+                                   ipabaserid=0,
+                                   ipanttrusteddomainsid=dom_sid)
 
     def execute_ad(self, *keys, **options):
         # Join domain using full credentials and with random trustdom
-- 
cgit