trustdomain-del: fix the way how subdomain is searched

With FreeIPA 4.4 we moved child domains behind the 'trustdomain' topic. Update 'ipa trustdomain-del' command to properly calculate DN to the actual child domain and handle the case when it is missing correctly. Fixes https://fedorahosted.org/freeipa/ticket/6445 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2025-02-25 18:55:28 -06:00 · 2016-10-31 18:17:35 +02:00 · 2016-10-31 18:17:35 +02:00 · e8b94ef352
commit e8b94ef352
parent 842bf3d09f
1 changed files with 9 additions and 6 deletions
--- a/ipaserver/plugins/trust.py
+++ b/ipaserver/plugins/trust.py
@ -1614,13 +1614,16 @@ class trustdomain_del(LDAPDelete):
        # to always receive empty keys. We need to catch the case when root domain is being deleted

        for domain in keys[1]:
-            # Fetch the trust to verify that the entered domain is trusted
-            self.api.Command.trust_show(domain)
-
+            try:
+                self.obj.get_dn_if_exists(keys[0], domain, trust_type=u'ad')
+            except errors.NotFound:
                if keys[0].lower() == domain:
-                raise errors.ValidationError(name='domain',
+                    raise errors.ValidationError(
+                        name='domain',
                        error=_("cannot delete root domain of the trust, "
                                "use trust-del to delete the trust itself"))
+                self.obj.handle_not_found(keys[0], domain)
+
            try:
                self.api.Command.trustdomain_enable(keys[0], domain)
            except errors.AlreadyActive: