Don't allow both a zone name and --name-from-ip to be provided

--name-from-ip will generate a zone name so there is no point in the user providing one. If one is provided and doesn't match the generated name then a validation exception is raised. https://pagure.io/freeipa/issue/8446 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Rafael Guterres Jeffman <rjeffman@redhat.com>
2025-02-25 18:55:28 -06:00 · 2020-09-10 14:00:49 -04:00 · 2020-09-10 14:00:49 -04:00 · 2265cb86cf
commit 2265cb86cf
parent 0a2b6ca6ee
1 changed files with 8 additions and 0 deletions
--- a/ipaserver/plugins/dns.py
+++ b/ipaserver/plugins/dns.py
@ -2142,6 +2142,14 @@ class DNSZoneBase_add(LDAPCreate):
    def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
        assert isinstance(dn, DN)

+        if options.get('name_from_ip'):
+            zone = _reverse_zone_name(options.get('name_from_ip'))
+            if keys[-1] != DNSName(zone):
+                raise errors.ValidationError(
+                    name='name-from-ip',
+                    error=_("cannot be used when a zone is specified")
+                )
+
        try:
            entry = ldap.get_entry(dn)
        except errors.NotFound: