diff options
Diffstat (limited to 'perl')
| -rw-r--r-- | perl/Wallet/Server.pm | 8 | ||||
| -rwxr-xr-x | perl/t/server.t | 6 |
2 files changed, 9 insertions, 5 deletions
diff --git a/perl/Wallet/Server.pm b/perl/Wallet/Server.pm index e0c0f29..b5b76fe 100644 --- a/perl/Wallet/Server.pm +++ b/perl/Wallet/Server.pm @@ -186,10 +186,6 @@ sub create { my $dbh = $self->{dbh}; my $user = $self->{user}; my $host = $self->{host}; - my $acl = $self->create_check ($type, $name); - unless ($acl) { - return unless $self->{admin}->check ($user); - } if (defined (&Wallet::Config::verify_name)) { my $error = Wallet::Config::verify_name ($type, $name, $user); if ($error) { @@ -197,6 +193,10 @@ sub create { return; } } + my $acl = $self->create_check ($type, $name); + unless ($acl) { + return unless $self->{admin}->check ($user); + } my $object = eval { $class->create ($type, $name, $dbh, $user, $host) }; if ($@) { $self->error ($@); diff --git a/perl/t/server.t b/perl/t/server.t index a7b3cc5..39e1090 100755 --- a/perl/t/server.t +++ b/perl/t/server.t @@ -8,7 +8,7 @@ # # See LICENSE for licensing terms. -use Test::More tests => 332; +use Test::More tests => 334; use POSIX qw(strftime); use Wallet::Admin; @@ -771,6 +771,8 @@ sub default_owner { return ('user2', [ 'krb5', $user2 ]); } elsif ($type eq 'base' and $name eq 'service/default-admin') { return ('auto-admin', [ 'krb5', $admin ]); + } elsif ($type eq 'base' and $name eq 'host/default') { + return ('auto-host', [ 'krb5', $admin ]); } else { return; } @@ -928,6 +930,8 @@ is ($server->create ('base', 'host/default'), undef, ' but an unqualified host fails'); is ($server->error, 'base:host/default rejected: host default must be fully' . ' qualified (add .example.edu)', ' with the right error'); +is ($server->acl_show ('auto-host'), undef, ' and the ACL is not present'); +is ($server->error, 'ACL auto-host not found', ' with the right error'); is ($server->create ('base', 'host/default.stanford.edu'), undef, ' and a host in the wrong domain fails'); is ($server->error, 'base:host/default.stanford.edu rejected: host' |