Verify that an ACL to be deleted is not referenced

When deleting an ACL on the server, verify that the ACL is not
referenced by any object first.  Database referential integrity should
also catch this, but not all database backends may enforce referential
integrity.  This also allows us to return a better error message
naming an object that's still using that ACL.

1 files changed, 16 insertions, 1 deletions

diff --git a/perl/t/server.t b/perl/t/server.t
index 7b30053..2a178e8 100755
--- a/perl/t/server.t
+++ b/perl/t/server.t
@@ -7,7 +7,7 @@
 #
 # See LICENSE for licensing terms.
 
-use Test::More tests => 341;
+use Test::More tests => 349;
 
 use POSIX qw(strftime);
 use Wallet::Admin;
@@ -923,6 +923,21 @@ is ($server->error, 'base:host/default.stanford.edu rejected: host'
     . ' default.stanford.edu not in .example.edu domain',
     ' with the right error');
 
+# Ensure that we can't destroy an ACL that's in use.
+is ($server->acl_create ('test-destroy'), 1, 'Creating an ACL works');
+is ($server->create ('base', 'service/acl-user'), 1, 'Creating object works');
+is ($server->owner ('base', 'service/acl-user', 'test-destroy'), 1,
+    ' and setting owner');
+is ($server->acl_destroy ('test-destroy'), undef,
+    ' and now we cannot destroy that ACL');
+is ($server->error,
+    'cannot destroy ACL 9: ACL in use by base:service/acl-user',
+    ' with the right error');
+is ($server->owner ('base', 'service/acl-user', ''), 1,
+    ' but after we clear the owner');
+is ($server->acl_destroy ('test-destroy'), 1, ' now we can destroy the ACL');
+is ($server->destroy ('base', 'service/acl-user'), 1, ' and the object');
+
 # Clean up.
 $setup->destroy;
 unlink 'wallet-db';