trusts: Make trust_show.get_dn raise properly formatted NotFound

The trust_show command does not raise a properly formatted NotFound error if the trust is not found, only a generic EmptyResult error is raised. This patch makes the trust_show tell us what actually could not be found. https://fedorahosted.org/freeipa/ticket/5389 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-10-23 10:39:47 +02:00 · 2015-10-23 10:39:47 +02:00 · 4d0d5913dd
commit 4d0d5913dd
parent 288a9b9dba
1 changed files with 24 additions and 8 deletions
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@ -539,22 +539,38 @@ class trust(LDAPObject):
                            error=_("invalid SID: %(value)s") % dict(value=value))

    def get_dn(self, *keys, **kwargs):
+        trust_type = kwargs.get('trust_type')
+
        sdn = [('cn', x) for x in keys]
        sdn.reverse()
-        trust_type = kwargs.get('trust_type')
+
        if trust_type is None:
            ldap = self.backend
-            filter = ldap.make_filter({'objectclass': ['ipaNTTrustedDomain'], 'cn': [keys[-1]] },
-                                      rules=ldap.MATCH_ALL)
-            filter = ldap.combine_filters((filter, "ipaNTSecurityIdentifier=*"), rules=ldap.MATCH_ALL)
-            result = ldap.get_entries(DN(self.container_dn, self.env.basedn),
-                                      ldap.SCOPE_SUBTREE, filter, [''])
+            trustfilter = ldap.make_filter({
+                'objectclass': ['ipaNTTrustedDomain'],
+                'cn': [keys[-1]]},
+                rules=ldap.MATCH_ALL
+            )
+
+            trustfilter = ldap.combine_filters(
+                (trustfilter, "ipaNTSecurityIdentifier=*"),
+                rules=ldap.MATCH_ALL
+            )
+
+            try:
+                result = ldap.get_entries(
+                    DN(self.container_dn, self.env.basedn),
+                    ldap.SCOPE_SUBTREE, trustfilter, ['']
+                )
+            except errors.NotFound:
+                self.handle_not_found(keys[-1])
+
            if len(result) > 1:
                raise errors.OnlyOneValueAllowed(attr='trust domain')
+
            return result[0].dn

-        dn=make_trust_dn(self.env, trust_type, DN(*sdn))
-        return dn
+        return make_trust_dn(self.env, trust_type, DN(*sdn))

@register()
 class trust_add(LDAPCreate):