IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Raise more specific error when an Objectclass Violation occurs Fix the virtual plugin to work with the new backend

Browse Source
This commit is contained in:
Rob Crittenden
2009-09-10 16:10:30 -04:00
parent 2c3bca7e74
commit eca7cdc94a
3 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
ipalib/errors.py
View File

@@ -1119,6 +1119,21 @@ class LimitsExceeded(ExecutionError):
errno = 4204 errno = 4204
format = _('limits exceeded for this query') format = _('limits exceeded for this query')
class ObjectclassViolation(ExecutionError):
"""
**4205** Raised when an entry is missing a required attribute or objectclass
For example:
>>> raise ObjectclassViolation(info='attribute "krbPrincipalName" not allowed')
Traceback (most recent call last):
...
ObjectclassViolation: attribute "krbPrincipalName" not allowed
"""
errno = 4205
format = _('%(info)s')
############################################################################## ##############################################################################
# 5000 - 5999: Generic errors # 5000 - 5999: Generic errors

6
ipalib/plugins/virtual.py
View File

@@ -49,7 +49,7 @@ class VirtualCommand(Command):
if self.operation is None: if self.operation is None:
raise errors.ACIError(info='operation not defined') raise errors.ACIError(info='operation not defined')
ldap = self.api.Backend.ldap ldap = self.api.Backend.ldap2
self.log.info("IPA: virtual verify %s" % self.operation) self.log.info("IPA: virtual verify %s" % self.operation)
operationdn = "cn=%s,%s,%s" % (self.operation, self.api.env.container_virtual, self.api.env.basedn) operationdn = "cn=%s,%s,%s" % (self.operation, self.api.env.container_virtual, self.api.env.basedn)
@@ -65,9 +65,9 @@ class VirtualCommand(Command):
except errors.ACIError, e: except errors.ACIError, e:
self.log.debug("%s" % str(e)) self.log.debug("%s" % str(e))
raise errors.ACIError(info='not allowed to perform this command') raise errors.ACIError(info='not allowed to perform this command')
except errors.DatabaseError: except errors.ObjectclassViolation:
return return
except Exception, e: except Exception, e:
# Something unexpected happened. Log it and deny access to be safe. # Something unexpected happened. Log it and deny access to be safe.
self.log.info("Virtual verify failed: %s" % str(e)) self.log.info("Virtual verify failed: %s %s" % (type(e), str(e)))
raise errors.ACIError(info='not allowed to perform this command') raise errors.ACIError(info='not allowed to perform this command')

2
ipaserver/plugins/ldap2.py
View File

@@ -99,6 +99,8 @@ def _handle_errors(e, **kw):
# it indicates the previous attribute was removed by another # it indicates the previous attribute was removed by another
# update, making the oldentry stale. # update, making the oldentry stale.
raise errors.MidairCollision() raise errors.MidairCollision()
except _ldap.OBJECT_CLASS_VIOLATION:
raise errors.ObjectclassViolation(info=info)
except _ldap.ADMINLIMIT_EXCEEDED, e: except _ldap.ADMINLIMIT_EXCEEDED, e:
raise errors.LimitsExceeded() raise errors.LimitsExceeded()
except _ldap.SIZELIMIT_EXCEEDED, e: except _ldap.SIZELIMIT_EXCEEDED, e: