Handle service_del with bad service name

The command 'ipa service-del badservice' used to fail with an internal server error, because check_required_principal() could not handle a principal that is not a service principal. All del commands have less strict error checking of primary keys so they can reference any stored key, even illegal ones. check_required_principal() skips required principal check if the principal is not a service principal. A non-service principal can never be a required principal. Fixes: https://pagure.io/freeipa/issue/7793 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-12-04 17:04:47 +01:00
parent a81ea9af19
commit c09927d16a
2 changed files with 22 additions and 1 deletions
--- a/ipatests/test_xmlrpc/test_service_plugin.py
+++ b/ipatests/test_xmlrpc/test_service_plugin.py
@@ -42,6 +42,7 @@ fqdn2 = u'testhost2.%s' % api.env.domain
 fqdn3 = u'TestHost3.%s' % api.env.domain
 service1_no_realm = u'HTTP/%s' % fqdn1
 service1 = u'%s@%s' % (service1_no_realm, api.env.realm)
+badservice = u'badservice@%s' % api.env.realm  # no hostname
 hostprincipal1 = u'host/%s@%s'  % (fqdn1, api.env.realm)
 service1dn = DN(('krbprincipalname',service1),('cn','services'),('cn','accounts'),api.env.basedn)
 host1dn = DN(('fqdn',fqdn1),('cn','computers'),('cn','accounts'),api.env.basedn)
@@ -119,6 +120,12 @@ class test_service(Declarative):
                reason=u'%s: service not found' % service1),
        ),

+        dict(
+            desc='Try to delete service without hostname %r' % badservice,
+            command=('service_del', [badservice], {}),
+            expected=errors.NotFound(
+                reason=u'%s: service not found' % badservice),
+        ),

        dict(
            desc='Create %r' % fqdn1,
@@ -757,6 +764,16 @@ class test_service(Declarative):
                reason=u'%s: service not found' % service1),
        ),

+        dict(
+            desc='Try to update service without hostname %r' % badservice,
+            command=(
+                'service_mod',
+                [badservice],
+                dict(usercertificate=servercert)
+            ),
+            expected=errors.NotFound(
+                reason=u'%s: service not found' % badservice),
+        ),

        dict(
            desc='Try to delete non-existent %r' % service1,