mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-25 15:46:30 -06:00
Disallow deletion of global password policy.
ticket 1936
This commit is contained in:
parent
89b869d2c2
commit
c0879cd00b
@ -366,6 +366,14 @@ class pwpolicy_del(LDAPDelete):
|
|||||||
attribute=True, required=True, multivalue=True
|
attribute=True, required=True, multivalue=True
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def pre_callback(self, ldap, dn, *keys, **options):
|
||||||
|
if dn.lower() == global_policy_dn.lower():
|
||||||
|
raise errors.ValidationError(
|
||||||
|
name='group',
|
||||||
|
error=_('cannot delete global password policy')
|
||||||
|
)
|
||||||
|
return dn
|
||||||
|
|
||||||
def post_callback(self, ldap, dn, *keys, **options):
|
def post_callback(self, ldap, dn, *keys, **options):
|
||||||
try:
|
try:
|
||||||
self.api.Command.cosentry_del(keys[-1])
|
self.api.Command.cosentry_del(keys[-1])
|
||||||
|
@ -36,6 +36,7 @@ class test_pwpolicy(XMLRPC_test):
|
|||||||
user = u'testuser12'
|
user = u'testuser12'
|
||||||
kw = {'cospriority': 1, 'krbminpwdlife': 30, 'krbmaxpwdlife': 40, 'krbpwdhistorylength': 5, 'krbpwdminlength': 6 }
|
kw = {'cospriority': 1, 'krbminpwdlife': 30, 'krbmaxpwdlife': 40, 'krbpwdhistorylength': 5, 'krbpwdminlength': 6 }
|
||||||
kw2 = {'cospriority': 2, 'krbminpwdlife': 40, 'krbmaxpwdlife': 60, 'krbpwdhistorylength': 8, 'krbpwdminlength': 9 }
|
kw2 = {'cospriority': 2, 'krbminpwdlife': 40, 'krbmaxpwdlife': 60, 'krbpwdhistorylength': 8, 'krbpwdminlength': 9 }
|
||||||
|
global_policy = u'global_policy'
|
||||||
|
|
||||||
def test_1_pwpolicy_add(self):
|
def test_1_pwpolicy_add(self):
|
||||||
"""
|
"""
|
||||||
@ -173,6 +174,18 @@ class test_pwpolicy(XMLRPC_test):
|
|||||||
else:
|
else:
|
||||||
assert False
|
assert False
|
||||||
|
|
||||||
|
# Verify that global policy cannot be deleted
|
||||||
|
try:
|
||||||
|
api.Command['pwpolicy_del'](self.global_policy)
|
||||||
|
except errors.ValidationError:
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
assert False
|
||||||
|
try:
|
||||||
|
api.Command['pwpolicy_show'](self.global_policy)
|
||||||
|
except errors.NotFound:
|
||||||
|
assert False
|
||||||
|
|
||||||
# Remove the groups we created
|
# Remove the groups we created
|
||||||
api.Command['group_del'](self.group)
|
api.Command['group_del'](self.group)
|
||||||
api.Command['group_del'](self.group2)
|
api.Command['group_del'](self.group2)
|
||||||
|
Loading…
Reference in New Issue
Block a user