IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Re-use trust domain retrieval code in certmap validators

Browse Source 
https://pagure.io/freeipa/issue/6372

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Martin Babinsky 2017-03-14 13:57:43 +01:00 committed by Martin Basti
parent 544d66b710
commit 4e5e3eebb2
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ipaserver/plugins/certmap.py
View File

@ -100,16 +100,11 @@ def check_associateddomain_is_trusted(api_inst, options):
""" """
domains = options.get('associateddomain') domains = options.get('associateddomain')
if domains: if domains:
trust_suffix_namespace = set() trusted_domains = api_inst.Object.config.gather_trusted_domains()
trust_suffix_namespace = {dom_name.lower() for dom_name in
trusted_domains}
trust_suffix_namespace.add(api_inst.env.domain.lower()) trust_suffix_namespace.add(api_inst.env.domain.lower())
trust_objects = api_inst.Command.trust_find(sizelimit=0)['result']
for obj in trust_objects:
trustdomains = api_inst.Command.trustdomain_find(
obj['cn'][0], sizelimit=0)['result']
for domain in trustdomains:
trust_suffix_namespace.add(domain['cn'][0].lower())
for dom in domains: for dom in domains:
if not str(dom).lower() in trust_suffix_namespace: if not str(dom).lower() in trust_suffix_namespace:
raise errors.ValidationError( raise errors.ValidationError(