Don't allow a group to be a member of itself.

434542
This commit is contained in:
Rob Crittenden 2008-02-22 15:40:21 -05:00
parent 44797e3917
commit 02d3c5aff3
2 changed files with 10 additions and 1 deletions

View File

@ -138,6 +138,11 @@ INPUT_INVALID_PARAMETER = gen_error_code(
0x0001,
"Invalid parameter(s)")
INPUT_SAME_GROUP = gen_error_code(
INPUT_CATEGORY,
0x0002,
"You can't add a group to itself")
#
# Connection errors
#

View File

@ -1258,6 +1258,8 @@ class IPAServer:
"""
if not member_dn or not group_dn:
raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER)
if member_dn.lower() == group_dn.lower():
raise ipaerror.gen_exception(ipaerror.INPUT_SAME_GROUP)
old_group = self.get_entry_by_dn(group_dn, None, opts)
if old_group is None:
@ -1591,13 +1593,15 @@ class IPAServer:
return res
def add_group_to_group(self, group, tgroup, opts=None):
"""Add a user to an existing group.
"""Add a group to an existing group.
group is a DN of the group to add
tgroup is the DN of the target group to be added to
"""
if not group or not tgroup:
raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER)
if group.lower() == tgroup.lower():
raise ipaerror.gen_exception(ipaerror.INPUT_SAME_GROUP)
old_group = self.get_entry_by_dn(tgroup, None, opts)
if old_group is None:
raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND)