Fixes #589. Allows 2+ roles to delegate to same role

Removes an incorrect check that prevents delegating to a role (X) if any role has previously delegated to that role (X). See #589 for more details. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
theupdateframework · Jan 16, 2018 · 2e59048 · 2e59048
1 parent aa2ab21
commit 2e59048
Showing 1 changed file with 0 additions and 5 deletions.
diff --git a/tuf/repository_tool.py b/tuf/repository_tool.py
@@ -2222,11 +2222,6 @@ def delegate(self, rolename, public_keys, paths, threshold=1,
     if path_hash_prefixes is not None:
       securesystemslib.formats.PATH_HASH_PREFIXES_SCHEMA.check_match(path_hash_prefixes)
 
-    # Check if 'rolename' is not already a delegation.
-    if tuf.roledb.role_exists(rolename, self._repository_name):
-      raise securesystemslib.exceptions.Error(repr(rolename) + ' already'
-        ' delegated.')
-
     # Keep track of the valid keyids (added to the new Targets object) and
     # their keydicts (added to this Targets delegations).
     keyids = []