-- John Dennis <jden...@redhat.com>
Looking to carve out IT costs? www.redhat.com/carveoutcosts/
>From b33aaad1058c78eedd00ce24e3b41531b5340294 Mon Sep 17 00:00:00 2001 From: John Dennis <jden...@redhat.com> Date: Thu, 5 Apr 2012 21:18:09 -0400 Subject: [PATCH 72] Validate DN & RDN parameters for migrate command Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Ticket #2555 We were generating a traceback (server error) if a malformed RDN was passed as a parameter to the migrate command. * add parameter validation functions validate_dn_param() and validate_rdn_param() to ipalib.util. Those functions simply invoke the DN or RDN constructor from our dn module passing it the string representation. If the constructor does not throw an error it's valid. * Add the parameter validation function pointers to the Param objects in the migrate command. --- ipalib/plugins/migration.py | 7 ++++--- ipalib/util.py | 16 ++++++++++++++++ 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 4b104a8..6ce584c 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -23,6 +23,7 @@ import ldap as _ldap from ipalib import api, errors, output from ipalib import Command, Password, Str, Flag, StrEnum from ipalib.cli import to_cli +from ipalib.util import validate_rdn_param, validate_dn_param from ipalib.dn import * if api.env.in_server and api.env.context in ['lite', 'server']: try: @@ -402,20 +403,20 @@ class migrate_ds(Command): ) takes_options = ( - Str('binddn?', + Str('binddn?', validate_dn_param, cli_name='bind_dn', label=_('Bind DN'), default=u'cn=directory manager', autofill=True, ), - Str('usercontainer?', + Str('usercontainer?', validate_rdn_param, cli_name='user_container', label=_('User container'), doc=_('RDN of container for users in DS relative to base DN'), default=u'ou=people', autofill=True, ), - Str('groupcontainer?', + Str('groupcontainer?', validate_rdn_param, cli_name='group_container', label=_('Group container'), doc=_('RDN of container for groups in DS relative to base DN'), diff --git a/ipalib/util.py b/ipalib/util.py index a79f41c..487d278 100644 --- a/ipalib/util.py +++ b/ipalib/util.py @@ -31,6 +31,7 @@ from weakref import WeakKeyDictionary from ipalib import errors from ipalib.text import _ +from ipalib.dn import DN, RDN from ipapython import dnsclient from ipapython.ipautil import decode_ssh_pubkey @@ -484,3 +485,18 @@ def gen_dns_update_policy(realm, rrtypes=('A', 'AAAA', 'SSHFP')): policy += ";" return policy + +def validate_rdn_param(ugettext, value): + try: + rdn = RDN(value) + except Exception, e: + return str(e) + return None + +def validate_dn_param(ugettext, value): + try: + rdn = DN(value) + except Exception, e: + return str(e) + return None + -- 1.7.7.6
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel