replica install: relax domain level check for promotion

promote_check currently requires DL == 1.  Relax the check to
require DL >= 1, so that things will work for future DL increases.

Also separate the concerns of retrieving the current domain level,
validating whether the domain level is supported by the IPA version,
and validating whether the current domain level supports the replica
installation method attempted (i.e. replica file versus promotion).

Part of: https://fedorahosted.org/freeipa/ticket/5011

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>

ipaserver/install/server/replicainstall.py

@@ -556,38 +556,25 @@ def common_check(no_ntp):
             pass
 
 
-def check_domain_level(api, expected):
+def current_domain_level(api):
+    """Return the current domain level.
+
+    """
     # Detect the current domain level
     try:
-        current = api.Command['domainlevel_get']()['result']
+        return api.Command['domainlevel_get']()['result']
     except errors.NotFound:
         # If we're joining an older master, domain entry is not
         # available
-        current = constants.DOMAIN_LEVEL_0
+        return constants.DOMAIN_LEVEL_0
 
-    if current == constants.DOMAIN_LEVEL_0:
-        message = (
-            "You must provide a file generated by ipa-replica-prepare to "
-            "create a replica when the domain is at level 0."
-        )
-    else:
-        message = (
-            "You used wrong mechanism to install a replica in domain level "
-            "{dl}:\n"
-            "\tDomain level 0 requires a replica file as a positional "
-            "arugment.\n"
-            "\tFor domain level 1 replica instalation, a replica file must "
-            "not be used but you can can join the domain by running "
-            "ipa-client-install first and then try"
-            "to run this installation again."
-            .format(dl=expected)
-        )
 
-    if current != expected:
-        raise RuntimeError(message)
+def check_domain_level_is_supported(current):
+    """Check that the given domain level is supported by this server version.
 
-    # Detect if current level is out of supported range
-    # for this IPA version
+    :raises: ScriptError if DL is out of supported range for this IPA version.
+
+    """
     under_lower_bound = current < constants.MIN_DOMAIN_LEVEL
     above_upper_bound = current > constants.MAX_DOMAIN_LEVEL
 
@@ -768,7 +755,13 @@ def install_check(installer):
                    config.host_name)
             raise ScriptError(msg, rval=3)
 
-        check_domain_level(remote_api, expected=constants.DOMAIN_LEVEL_0)
+        domain_level = current_domain_level(remote_api)
+        check_domain_level_is_supported(domain_level)
+        if domain_level != constants.DOMAIN_LEVEL_0:
+            raise RuntimeError(
+                "You must provide a file generated by ipa-replica-prepare to "
+                "create a replica when the domain is at level 0."
+            )
 
         # Check pre-existing host entry
         try:
@@ -1090,7 +1083,18 @@ def promote_check(installer):
                                      config.master_host_name, None)
 
         promotion_check_ipa_domain(conn, remote_api.env.basedn)
-        check_domain_level(remote_api, expected=constants.DOMAIN_LEVEL_1)
+
+        domain_level = current_domain_level(remote_api)
+        check_domain_level_is_supported(domain_level)
+        if domain_level < constants.DOMAIN_LEVEL_1:
+            raise RuntimeError(
+                "You used the wrong mechanism to install a replica in "
+                "domain level {dl}:\n"
+                "\tFor domain level >= 1 replica installation, first join the "
+                "domain by running ipa-client-install, then run "
+                "ipa-replica-install without a replica file."
+                .format(dl=domain_level)
+            )
 
         # Check authorization
         result = remote_api.Command['hostgroup_find'](