X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=validators%2Fsrc%2FHostsValidation.py;h=e59ed26257a8744679796133b58471312fd1575c;hb=69a3689dc1dbec809f9af555f54e971e8b48bc1f;hp=86494e8ad190fc95a1ce1d96aa3b6f36b887d88f;hpb=a58547f77cc273737e083e440c6ec3b234839a14;p=ta%2Fcm-plugins.git

diff --git a/validators/src/HostsValidation.py b/validators/src/HostsValidation.py
index 86494e8..e59ed26 100644
--- a/validators/src/HostsValidation.py
+++ b/validators/src/HostsValidation.py
@@ -403,12 +403,22 @@ class HostsValidation(cmvalidator.CMValidator):
                                                  (attribute, profile, host))
 
     def validate_hwmgmt(self, hwmgmt, host):
+        # this list may not be comprehensive, but it matches ironic's idea
+        # of valid privileges.  In practice, we'll likely only see OPERATOR
+        # and ADMINISTRATOR.  Case seems to matter here.
+        valid_ipmi_priv = ['USER', 'CALLBACK', 'OPERATOR', 'ADMINISTRATOR']
+
         if not hwmgmt:
             raise validation.ValidationError('Missing hwmgmt configuration for %s' % host)
         if not hwmgmt.get('user'):
             raise validation.ValidationError('Missing hwmgmt username for %s' % host)
         if not hwmgmt.get('password'):
             raise validation.ValidationError('Missing hwmgmt password for %s' % host)
+        priv_level = hwmgmt.get('priv_level')
+        if priv_level and priv_level not in valid_ipmi_priv:
+            # priv_level is optional, but should be in the valid range.
+            raise validation.ValidationError('Invalid IPMI privilege level %s for %s' %
+                                             (priv_level, host))
         validationutils = validation.ValidationUtils()
         validationutils.validate_ip_address(hwmgmt.get('address'))