Check configured maximum user login length on user rename.

ticket 2587
2025-02-25 18:55:28 -06:00 · 2012-04-03 09:23:39 -04:00
parent 7471ba2237
commit dcea80fc17
2 changed files with 17 additions and 0 deletions
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -551,6 +551,16 @@ class user_mod(LDAPUpdate):
    has_output_params = LDAPUpdate.has_output_params + user_output_params

    def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
+        if 'rename' in options:
+            config = ldap.get_ipa_config()[1]
+            if 'ipamaxusernamelength' in config:
+                if len(options['rename']) > int(config.get('ipamaxusernamelength')[0]):
+                    raise errors.ValidationError(
+                        name=self.obj.primary_key.cli_name,
+                        error=_('can be at most %(len)d characters') % dict(
+                            len = int(config.get('ipamaxusernamelength')[0])
+                        )
+                    )
        if 'mail' in entry_attrs:
            entry_attrs['mail'] = self.obj._normalize_email(entry_attrs['mail'])
        if 'manager' in entry_attrs:
--- a/tests/test_xmlrpc/test_user_plugin.py
+++ b/tests/test_xmlrpc/test_user_plugin.py
@@ -685,6 +685,13 @@ class test_user(Declarative):
        ),


+        dict(
+            desc='Try to rename to a username that is too long %r' % user1,
+            command=('user_mod', [user1], dict(rename=invaliduser2)),
+            expected=errors.ValidationError(name='uid', error='can be at most 33 characters'),
+        ),
+
+
        dict(
            desc='Create %r' % group1,
            command=(