From 6848a3dc810758d267a5f4a1bc4e6c08340c466e Mon Sep 17 00:00:00 2001
From: Jeremy Stretch <jstretch@digitalocean.com>
Date: Tue, 28 Jun 2016 10:04:03 -0400
Subject: [PATCH] Fixes #67: Improved Aggregate validation; extended aggregate
 documentation

---
 docs/ipam.md          | 2 ++
 netbox/ipam/models.py | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/docs/ipam.md b/docs/ipam.md
index d37a16319..53c5858f2 100644
--- a/docs/ipam.md
+++ b/docs/ipam.md
@@ -32,6 +32,8 @@ Additionally, you might define an aggregate for each large swath of public IPv4
 
 Any prefixes you create in NetBox (discussed below) will be automatically organized under their respective aggregates. Any space within an aggregate which is not covered by an existing prefix will be annotated as available for allocation.
 
+Aggregates cannot overlap with one another; they can only exist in parallel. For instance, you cannot define both 10.0.0.0/8 and 10.16.0.0/16 as aggregates, because they overlap. 10.16.0.0/16 in this example would be created as a prefix.
+
 ### RIRs
 
 Regional Internet Registries (RIRs) are responsible for the allocation of global address space. The five RIRs are ARIN, RIPE, APNIC, LACNIC, and AFRINIC. However, some address space has been set aside for private or internal use only, such as defined in RFCs 1918 and 6598. NetBox considers these RFCs as a sort of RIR as well; that is, an authority which "owns" certain address space.
diff --git a/netbox/ipam/models.py b/netbox/ipam/models.py
index 91d04a09a..4dbfa801a 100644
--- a/netbox/ipam/models.py
+++ b/netbox/ipam/models.py
@@ -121,6 +121,12 @@ class Aggregate(CreatedUpdatedModel):
                 raise ValidationError("{} is already covered by an existing aggregate ({})"
                                       .format(self.prefix, covering_aggregates[0]))
 
+            # Ensure that the aggregate being added does not cover an existing aggregate
+            covered_aggregates = Aggregate.objects.filter(prefix__net_contained=str(self.prefix))
+            if covered_aggregates:
+                raise ValidationError("{} is overlaps with an existing aggregate ({})"
+                                      .format(self.prefix, covered_aggregates[0]))
+
     def save(self, *args, **kwargs):
         if self.prefix:
             # Infer address family from IPNetwork object