ipa-replica-prepare: domain level check improvements

ipa-replica-prepare command is disabled in non-zero domain-level. Instead of
raising and exception with the whole message instructing the user to promote
replicas from enrolled clients in level 1+ topologies, the exception itself
contains only a brief informative message and the rest is logged at error
level.

https://fedorahosted.org/freeipa/ticket/5175

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
This commit is contained in:
Martin Babinsky 2015-10-29 14:53:25 +01:00 committed by Petr Vobornik
parent 85253b9c40
commit 4d94367006

View File

@ -175,7 +175,7 @@ class ReplicaPrepare(admintool.AdminTool):
api.bootstrap(in_server=True)
api.finalize()
self.check_domainlevel(api)
self.check_for_supported_domain_level()
if api.env.host == self.replica_fqdn:
raise admintool.ScriptError("You can't create a replica on itself")
@ -690,12 +690,25 @@ class ReplicaPrepare(admintool.AdminTool):
'-o', ca_file
])
def check_domainlevel(self, api):
def check_for_supported_domain_level(self):
"""
check if we are in 0-level topology. If not, raise an error pointing
the user to the replica promotion pathway
"""
domain_level = dsinstance.get_domain_level(api)
if domain_level > DOMAIN_LEVEL_0:
raise RuntimeError(
self.log.error(
UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE.format(
command_name=self.command_name,
domain_level=DOMAIN_LEVEL_0,
curr_domain_level=domain_level)
curr_domain_level=domain_level
)
)
raise errors.InvalidDomainLevelError(
reason="'{command}' is allowed only in domain level "
"{prep_domain_level}".format(
command=self.command_name,
prep_domain_level=DOMAIN_LEVEL_0
)
)