Using incorrect input for --subtree option of ipa permission-add command
now raises a ValidationError.
Previously, a ValueError was raised, which resulted in a user unfriendly
error message:
ipa: ERROR: an internal error has occurred
I have added a try-except block to catch the ValueError and raise an
appropriate ValidationError.
https://fedorahosted.org/freeipa/ticket/3233
--
Regards,
Ana Krivokapic
Associate Software Engineer
FreeIPA team
Red Hat Inc.
From e6dc0fa67f9b8d6c2e4450af8cded51b0e6afe75 Mon Sep 17 00:00:00 2001
From: Ana Krivokapic <akriv...@redhat.com>
Date: Wed, 2 Jan 2013 16:12:46 -0500
Subject: [PATCH] Raise ValidationError for incorrect subtree option.
Ticket: https://fedorahosted.org/freeipa/ticket/3233
---
ipalib/plugins/aci.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py
index 702ae010160984636603c75872ddbdddd79bd52c..fa64c8a7a7a3ec9cb04da3729399edb4d501160e 100644
--- a/ipalib/plugins/aci.py
+++ b/ipalib/plugins/aci.py
@@ -341,7 +341,10 @@ def _aci_to_kw(ldap, a, test=False, pkey_only=False):
else:
# See if the target is a group. If so we set the
# targetgroup attr, otherwise we consider it a subtree
- targetdn = DN(target.replace('ldap:///',''))
+ try:
+ targetdn = DN(target.replace('ldap:///',''))
+ except ValueError as e:
+ raise errors.ValidationError(name='subtree', error=_(e.message))
if targetdn.endswith(DN(api.env.container_group, api.env.basedn)):
kw['targetgroup'] = targetdn[0]['cn']
else:
--
1.8.0.1
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
