From 5cd3a6fe3988677d865d666aeefd3ed2f2e549c5 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Wed, 6 Feb 2008 21:29:51 +0000 Subject: Check naming policy on wallet object creation before checking the default ACLs to avoid creating and stranding an ACL when the naming policy check fails. --- perl/Wallet/Server.pm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'perl/Wallet/Server.pm') diff --git a/perl/Wallet/Server.pm b/perl/Wallet/Server.pm index e0c0f29..b5b76fe 100644 --- a/perl/Wallet/Server.pm +++ b/perl/Wallet/Server.pm @@ -186,10 +186,6 @@ sub create { my $dbh = $self->{dbh}; my $user = $self->{user}; my $host = $self->{host}; - my $acl = $self->create_check ($type, $name); - unless ($acl) { - return unless $self->{admin}->check ($user); - } if (defined (&Wallet::Config::verify_name)) { my $error = Wallet::Config::verify_name ($type, $name, $user); if ($error) { @@ -197,6 +193,10 @@ sub create { return; } } + my $acl = $self->create_check ($type, $name); + unless ($acl) { + return unless $self->{admin}->check ($user); + } my $object = eval { $class->create ($type, $name, $dbh, $user, $host) }; if ($@) { $self->error ($@); -- cgit v1.2.3