Martin Kosek wrote:
On Mon, 2011-10-17 at 10:22 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
When the NGP plugin is enabled, a managed netgroup is created for
every hostgroup. We already check that netgroup with the same
name does not exist and provide a meaningful error message.
However, this error message was also printed when a duplicate
hostgroup existed.
This patch checks for duplicate hostgroup existence first and
netgroup on the second place. It also makes sure that when NGP
plugin is (temporarily) disabled, a colliding netgroup cannot
be created.
https://fedorahosted.org/freeipa/ticket/1914
NACK, you should use self.obj.handle_duplicate_entry and/or
self.obj.already_exists_msg for reporting errors. See my patch 898 for
an example of this.
rob
I was thinking about this too. My motivation was to add a bit of
information why we reported a colliding hostgroup/netgroup, that they
share a common namespace.
I was afraid that the error "netgroup ... already exists" when user
tries to add a colliding hostgroup may rise questions.
If we go your way, we may want to add a second check I included in my
patch - test that when adding a new netgroup, a hostgroup of the same
name does not exist. This would prevent name space collisions if user
decides to enable NGP plugin again.
Additionally, the DuplicateEntry exception you are rising in your patch
may be simplified:
self.api.Object['netgroup'].handle_duplicate_entry(keys[-1])
Martin
Ok, I see where you were going now. ACK to your patch as-is. Go ahead
and push to ipa-2-1 and master.
rob
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
