Check naming policy on wallet object creation before checking the

default ACLs to avoid creating and stranding an ACL when the naming policy check fails.
author: Russ Allbery <rra@stanford.edu> 2008-02-06 21:29:51 +0000
committer: Russ Allbery <rra@stanford.edu> 2008-02-06 21:29:51 +0000
commit: 5cd3a6fe3988677d865d666aeefd3ed2f2e549c5 (patch)
tree: bf905e412ecefecf09d36ffc3b4633260f584d46 /perl/Wallet/Server.pm
parent: 431ece2b824bd4c77703a2b8ecbc3e8eca184ecb (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/perl/Wallet/Server.pm b/perl/Wallet/Server.pm
index e0c0f29..b5b76fe 100644
--- a/perl/Wallet/Server.pm
+++ b/perl/Wallet/Server.pm
@@ -186,10 +186,6 @@ sub create {
     my $dbh = $self->{dbh};
     my $user = $self->{user};
     my $host = $self->{host};
-    my $acl = $self->create_check ($type, $name);
-    unless ($acl) {
-        return unless $self->{admin}->check ($user);
-    }
     if (defined (&Wallet::Config::verify_name)) {
         my $error = Wallet::Config::verify_name ($type, $name, $user);
         if ($error) {
@@ -197,6 +193,10 @@ sub create {
             return;
         }
     }
+    my $acl = $self->create_check ($type, $name);
+    unless ($acl) {
+        return unless $self->{admin}->check ($user);
+    }
     my $object = eval { $class->create ($type, $name, $dbh, $user, $host) };
     if ($@) {
         $self->error ($@);
author	Russ Allbery <rra@stanford.edu>	2008-02-06 21:29:51 +0000
committer	Russ Allbery <rra@stanford.edu>	2008-02-06 21:29:51 +0000
commit	5cd3a6fe3988677d865d666aeefd3ed2f2e549c5 (patch)
tree	bf905e412ecefecf09d36ffc3b4633260f584d46 /perl/Wallet/Server.pm
parent	431ece2b824bd4c77703a2b8ecbc3e8eca184ecb (diff)