Bug2176233_part2_StatusChange_holdRevocationUntilLastCredential

This patch requires the previous commit that addresses part 1&3 of the bug. This previous commit for bug 2092522 must be applied first. This patch addresses "part 2" of the original Bug 2092522 ("part 2" has been cloned to bug 2176233). The issue reported regards holdRevocationUntilLastCredential when if set, and if there are shared tokens existing, an error Exception is thrown. fixes part 2 of https://bugzilla.redhat.com/show_bug.cgi?id=2176233
dogtagpki · Mar 31, 2023 · a76405a · a76405a
1 parent 969092e
commit a76405a
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/base/tps/src/main/java/org/dogtagpki/server/tps/TokenDB.java b/base/tps/src/main/java/org/dogtagpki/server/tps/TokenDB.java
@@ -828,8 +828,9 @@ private void checkShouldRevoke(TokenRecord tokenRecord, TPSCertRecord cert, Stri
             if (!isLastActiveSharedCert(cert.getSerialNumber(), cert.getIssuedBy(), tokenRecord.getId())) {
                 msg = "revocation not permitted as certificate " + cert.getSerialNumber() +
                         " is shared by another active token";
-                logger.error(method + " holdRevocation true; " + msg);
-                throw new TPSException(msg);
+                logger.error(method + " holdRevocationUntilLastCredential true; " + msg);
+                throw new TPSException(msg,
+                    TPSStatus.STATUS_NO_ERROR);
             }
         }
         logger.debug(method + "revocation allowed.");