Fix incompatible permission name *zone-del

Fixes ticket: https://fedorahosted.org/freeipa/ticket/4383 Reviewed-By: Petr Spacek <pspacek@redhat.com>
author: Martin Basti <mbasti@redhat.com> 2014-07-03 09:00:08 +0200
committer: Petr Viktorin <pviktori@redhat.com> 2014-07-03 14:04:57 +0200
commit: 21c829ffa52aa3a7af67eb267007aa92622f7eba (patch)
tree: 0fa261d4e1fc92638277a506d3b5dda84404ec33
parent: eea101544125895b3d4f66b61cf8e3870bffed66 (diff)
download: freeipa-21c829ffa52aa3a7af67eb267007aa92622f7eba.tar.gz
freeipa-21c829ffa52aa3a7af67eb267007aa92622f7eba.tar.xz
freeipa-21c829ffa52aa3a7af67eb267007aa92622f7eba.zip
1 files changed, 19 insertions, 14 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index e8e4e33a1..c3a09e9d9 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -1801,6 +1801,21 @@ class DNSZoneBase(LDAPObject):
 
         return None
 
+    def _remove_permission(self, zone):
+        permission_name = self.permission_name(zone)
+        try:
+            api.Command['permission_del'](permission_name, force=True)
+        except errors.NotFound, e:
+            # compatibility, older IPA versions which allows to create zone
+            # without absolute zone name
+            permission_name_rel = self.permission_name(
+                zone.relativize(DNSName.root)
+            )
+            try:
+                api.Command['permission_del'](permission_name_rel, force=True)
+            except errors.NotFound:
+                raise e  # re-raise original exception
+
 
 class DNSZoneBase_add(LDAPCreate):
 
@@ -1838,8 +1853,7 @@ class DNSZoneBase_del(LDAPDelete):
 
     def post_callback(self, ldap, dn, *keys, **options):
         try:
-            api.Command['permission_del'](self.obj.permission_name(keys[-1]),
-                    force=True)
+            self.obj._remove_permission(keys[-1])
         except errors.NotFound:
             pass
 
@@ -2017,18 +2031,9 @@ class DNSZoneBase_remove_permission(LDAPQuery):
 
         permission_name = self.obj.permission_name(keys[-1])
         try:
-            api.Command['permission_del'](permission_name, force=True)
-        except errors.NotFound, e:
-            # compatibility, older IPA versions which allows to create zone
-            # without absolute zone name
-            permission_name_rel = self.obj.permission_name(
-                keys[-1].relativize(DNSName.root)
-            )
-            try:
-                api.Command['permission_del'](permission_name_rel, force=True)
-            except errors.NotFound:
-                raise e  # re-raise original exception
-
+            self.obj._remove_permission(keys[-1])
+        except errors.NotFound:
+            pass
 
         return dict(
             result=True,
author	Martin Basti <mbasti@redhat.com>	2014-07-03 09:00:08 +0200
committer	Petr Viktorin <pviktori@redhat.com>	2014-07-03 14:04:57 +0200
commit	21c829ffa52aa3a7af67eb267007aa92622f7eba (patch)
tree	0fa261d4e1fc92638277a506d3b5dda84404ec33
parent	eea101544125895b3d4f66b61cf8e3870bffed66 (diff)
download	freeipa-21c829ffa52aa3a7af67eb267007aa92622f7eba.tar.gz freeipa-21c829ffa52aa3a7af67eb267007aa92622f7eba.tar.xz freeipa-21c829ffa52aa3a7af67eb267007aa92622f7eba.zip