From 7950b1322842bbb5153976a5097fe8cd50874e73 Mon Sep 17 00:00:00 2001
From: Stephane de Labrusse <stephdl@de-labrusse.fr>
Date: Wed, 19 Feb 2025 10:59:34 +0100
Subject: [PATCH] fix(validation): ensure group and user names do not conflict
 during validation

---
 imageroot/actions/add-group/01validate_group | 11 +++++------
 imageroot/actions/add-user/01validate_user   | 11 +++++------
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/imageroot/actions/add-group/01validate_group b/imageroot/actions/add-group/01validate_group
index ee541aec..3c037e67 100755
--- a/imageroot/actions/add-group/01validate_group
+++ b/imageroot/actions/add-group/01validate_group
@@ -32,16 +32,15 @@ group = request['group']
 
 testexists_cmd = ['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'group', 'show', group]
 proc = subprocess.run(testexists_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, text=True)
-
-# we test if the group does not have the same name than a user
-testnameavailable_cmd = ['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'user', 'show', group]
-user = subprocess.run(testnameavailable_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, text=True)
-
 if proc.returncode == 0:
     agent.set_status('validation-failed')
     json.dump([{'field':'group', 'parameter':'group','value': group, 'error':'group_already_exists'}], fp=sys.stdout)
     sys.exit(2)
-elif user.returncode == 0:
+
+# we test if the group does not have the same name than a user
+testnameavailable_cmd = ['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'user', 'show', group]
+testnameavailable_proc = subprocess.run(testnameavailable_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, text=True)
+if testnameavailable_proc.returncode == 0:
     agent.set_status('validation-failed')
     json.dump([{'field':'group', 'parameter':'group','value': group, 'error':'user_with_same_name'}], fp=sys.stdout)
     sys.exit(2)
diff --git a/imageroot/actions/add-user/01validate_user b/imageroot/actions/add-user/01validate_user
index 7d10ae78..7050ba08 100755
--- a/imageroot/actions/add-user/01validate_user
+++ b/imageroot/actions/add-user/01validate_user
@@ -32,16 +32,15 @@ user = request['user']
 
 testexists_cmd = ['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'user', 'show', user]
 proc = subprocess.run(testexists_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, text=True)
-
-# we test if the user does not have the same name than a group
-testnameavailable_cmd = ['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'group', 'show', user]
-group = subprocess.run(testnameavailable_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, text=True)
-
 if proc.returncode == 0:
     agent.set_status('validation-failed')
     json.dump([{'field':'user', 'parameter':'user','value': user, 'error':'user_already_exists'}], fp=sys.stdout)
     sys.exit(2)
-elif group.returncode == 0:
+
+# we test if the user does not have the same name than a group
+testnameavailable_cmd = ['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'group', 'show', user]
+testnameavailable_proc = subprocess.run(testnameavailable_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, text=True)
+if testnameavailable_proc.returncode == 0:
     agent.set_status('validation-failed')
     json.dump([{'field':'user', 'parameter':'user','value': user, 'error':'group_with_same_name'}], fp=sys.stdout)
     sys.exit(2)