diff --git management/univention-directory-manager-modules/modules/univention/admin/uldap.py management/univention-directory-manager-modules/modules/univention/admin/uldap.py index d9d5d3bc38..77cfec2839 100644 --- management/univention-directory-manager-modules/modules/univention/admin/uldap.py +++ management/univention-directory-manager-modules/modules/univention/admin/uldap.py @@ -191,7 +191,8 @@ def _err2str(err): msgs = [] for iarg in err.args: if isinstance(iarg, dict): - msg = ': '.join([str(m) for m in (iarg.get('desc'), iarg.get('info')) if m]) + matched = 'matched %s' % (iarg['matched'],) if 'matched' in iarg else '' + msg = ': '.join([str(m) for m in (iarg.get('desc'), iarg.get('info'), matched) if m]) else: msg = str(iarg) if msg: @@ -668,7 +669,7 @@ class access(object): try: return self.lo.search(filter, base, scope, attr, unique, required, timeout, sizelimit, serverctrls=serverctrls, response=response) except ldap.NO_SUCH_OBJECT as msg: - raise univention.admin.uexceptions.noObject(_err2str(msg)) + raise univention.admin.uexceptions.noObject('%s: %s' % (_err2str(msg), base)) except ldap.INAPPROPRIATE_MATCHING as msg: raise univention.admin.uexceptions.insufficientInformation(_err2str(msg)) except (ldap.TIMEOUT, ldap.TIMELIMIT_EXCEEDED) as msg: @@ -710,7 +711,7 @@ class access(object): try: return self.lo.searchDn(filter, base, scope, unique, required, timeout, sizelimit, serverctrls=serverctrls, response=response) except ldap.NO_SUCH_OBJECT as msg: - raise univention.admin.uexceptions.noObject(_err2str(msg)) + raise univention.admin.uexceptions.noObject('%s: %s' % (_err2str(msg), base)) except ldap.INAPPROPRIATE_MATCHING as msg: raise univention.admin.uexceptions.insufficientInformation(_err2str(msg)) except (ldap.TIMEOUT, ldap.TIMELIMIT_EXCEEDED) as msg: @@ -773,6 +774,9 @@ class access(object): raise univention.admin.uexceptions.permissionDenied() except ldap.INVALID_DN_SYNTAX as msg: raise univention.admin.uexceptions.ldapError('%s: %s' % (_err2str(msg), dn), original_exception=msg) + except ldap.NO_SUCH_OBJECT as msg: + ud.debug(ud.LDAP, ud.ALL, 'add dn=%s err=%s' % (dn, msg)) + raise univention.admin.uexceptions.ldapError('%s: %s' % (_err2str(msg), self.parentDn(dn)), original_exception=msg) except ldap.LDAPError as msg: ud.debug(ud.LDAP, ud.ALL, 'add dn=%s err=%s' % (dn, msg)) raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg) @@ -803,7 +807,7 @@ class access(object): return self.lo.modify(dn, changes, serverctrls=serverctrls, response=response) except ldap.NO_SUCH_OBJECT as msg: ud.debug(ud.LDAP, ud.ALL, 'mod dn=%s err=%s' % (dn, msg)) - raise univention.admin.uexceptions.noObject(dn) + raise univention.admin.uexceptions.noObject('%s: %s' % (_err2str(msg), dn)) except ldap.INSUFFICIENT_ACCESS as msg: ud.debug(ud.LDAP, ud.ALL, 'mod dn=%s err=%s' % (dn, msg)) raise univention.admin.uexceptions.permissionDenied() @@ -826,8 +830,8 @@ class access(object): :type serverctrls: list[ldap.controls.LDAPControl] :param dict response: An optional dictionary to receive the server controls of the result. """ - if not move_childs == 0: - raise univention.admin.uexceptions.noObject(_("Moving children is not supported.")) + if move_childs: + raise univention.admin.uexceptions.noObject('%s: %s' % (_("Moving children is not supported."), dn)) self._validateLicense() if not self.allow_modify and not ignore_license: ud.debug(ud.ADMIN, ud.WARN, 'move dn: %s' % dn) @@ -837,7 +841,7 @@ class access(object): return self.lo.rename(dn, newdn, serverctrls=serverctrls, response=response) except ldap.NO_SUCH_OBJECT as msg: ud.debug(ud.LDAP, ud.ALL, 'ren dn=%s err=%s' % (dn, msg)) - raise univention.admin.uexceptions.noObject(dn) + raise univention.admin.uexceptions.noObject('%s: %s' % (_err2str(msg), dn, newdn)) except ldap.INSUFFICIENT_ACCESS as msg: ud.debug(ud.LDAP, ud.ALL, 'ren dn=%s err=%s' % (dn, msg)) raise univention.admin.uexceptions.permissionDenied() @@ -870,7 +874,7 @@ class access(object): return self.lo.delete(dn) except ldap.NO_SUCH_OBJECT as msg: ud.debug(ud.LDAP, ud.ALL, 'del dn=%s err=%s' % (dn, msg)) - raise univention.admin.uexceptions.noObject(dn) + raise univention.admin.uexceptions.noObject('%s: %s' % (_err2str(msg), dn)) except ldap.INSUFFICIENT_ACCESS as msg: ud.debug(ud.LDAP, ud.ALL, 'del dn=%s err=%s' % (dn, msg)) raise univention.admin.uexceptions.permissionDenied()