sysdb_views.c revision e087497ad7648e81a1b4d0752e07c2fb6fcfe2b1
/*
SSSD
System Database - View and Override related calls
Copyright (C) 2014 Sumit Bose <sbose@redhat.com>
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "db/sysdb_private.h"
/* In general is should not be possible that there is a view container without
* a view name set. But to be on the safe side we return both information
* separately. */
char **_view_name,
bool *view_container_exists)
{
const char *tmp_str;
struct ldb_dn *view_base_dn;
struct ldb_result *res;
const char *attrs[] = {SYSDB_VIEW_NAME,
NULL};
return ENOMEM;
}
if (view_base_dn == NULL) {
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
goto done;
}
*view_container_exists = false;
goto done;
} else {
*view_container_exists = true;
NULL);
goto done;
}
}
done:
return ret;
}
char **view_name)
{
bool view_container_exists;
}
const char *view_name)
{
char *tmp_str;
bool view_container_exists = false;
bool add_view_name = false;
struct ldb_message *msg;
return ENOMEM;
}
goto done;
}
/* view name already known, nothing to do */
goto done;
} else {
/* view name changed */
/* not supported atm */
"View name changed from [%s] to [%s]. NOT SUPPORTED.\n",
goto done;
}
}
add_view_name = true;
goto done;
}
goto done;
}
NULL);
if (ret != LDB_SUCCESS) {
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
if (view_container_exists) {
} else {
}
if (ret != LDB_SUCCESS) {
goto done;
}
done:
return ret;
}
static errno_t
struct sysdb_attrs *attrs,
bool add_name,
const char *name_override)
{
int ret;
return ENOMEM;
}
if (!domain->case_sensitive) {
} else {
fq_name);
}
"sysdb_attrs_add_lc_name_alias failed.\n");
goto done;
}
}
if (add_name) {
goto done;
}
}
if (!domain->case_sensitive) {
} else {
}
goto done;
}
done:
return ret;
}
const char *view_name,
enum sysdb_member_type type,
{
const char *anchor;
int ret;
struct ldb_dn *override_dn;
const char *override_dn_str;
const char *obj_dn_str;
const char *obj_attrs[] = { SYSDB_OBJECTCLASS,
NULL};
struct ldb_message **msgs;
const char *obj_override_dn;
bool add_ref = true;
size_t c;
bool in_transaction = false;
bool has_override = true;
const char *name_override;
goto done;
}
has_override = true;
&anchor);
"Missing anchor in override attributes.\n");
goto done;
}
if (override_dn == NULL) {
goto done;
}
} else {
/* if there is no override for the given object, just store the DN of
* the object iself in the SYSDB_OVERRIDE_DN attribute to indicate
* that it was checked if an override exists and none was found. */
has_override = false;
}
goto done;
}
} else {
}
goto done;
}
if (count != 1) {
goto done;
}
NULL);
if (obj_override_dn != NULL) {
"Existing [%s] and new [%s] override DN do not match.\n",
goto done;
}
add_ref = false;
}
return sysdb_error_to_errno(ret);
}
in_transaction = true;
if (has_override) {
"ldb_delete failed, maybe object did not exist. Ignoring.\n");
}
"add_name_and_aliases_for_name_override failed.\n");
goto done;
}
goto done;
}
goto done;
}
goto done;
}
/* TODO: add nameAlias for case-insentitive searches */
}
if (ret != LDB_SUCCESS) {
goto done;
}
switch(type) {
case SYSDB_MEMBER_USER:
break;
case SYSDB_MEMBER_GROUP:
break;
default:
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
NULL);
if (ret != LDB_SUCCESS) {
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
if (ret != LDB_SUCCESS) {
"Failed to store override entry: %s(%d)[%s]\n",
goto done;
}
}
if (add_ref) {
goto done;
}
NULL);
if (ret != LDB_SUCCESS) {
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
if (ret != LDB_SUCCESS) {
"Failed to store override DN: %s(%d)[%s]\n",
goto done;
}
}
done:
if (in_transaction) {
} else {
}
}
return ret;
}
struct sysdb_attrs *attrs,
const char **allowed_attrs)
{
int ret;
size_t c;
struct ldb_result *orig_obj;
char *orig_attr_name;
return ENOMEM;
}
goto done;
}
/* Safe orginal values in attributes prefixed by OriginalAD. */
for (c = 0; allowed_attrs[c] != NULL; c++) {
allowed_attrs[c]);
if (orig_attr_name == NULL) {
goto done;
}
"sysdb_attrs_add_val failed.\n");
goto done;
}
} else {
"Original object does not have [%s] set.\n",
allowed_attrs[c]);
}
}
/* Add existing aliases to new ones */
for (c = 0; c < el->num_values; c++) {
/* To avoid issue with ldb_modify if e.g. the orginal and the
* override name are the same, we use the *_safe version here. */
goto done;
}
}
}
done:
return ret;
}
struct sysdb_attrs *override_attrs,
{
int ret;
struct sysdb_attrs *attrs;
size_t c;
const char *allowed_attrs[] = { SYSDB_UIDNUM,
NULL };
bool override_attrs_found = false;
return ENOMEM;
}
goto done;
}
for (c = 0; allowed_attrs[c] != NULL; c++) {
/* TODO: add nameAlias for case-insentitive searches */
&el);
override_attrs_found = true;
"String attribute does not end with \\0.\n");
goto done;
}
true,
"add_name_and_aliases_for_name_override failed.\n");
goto done;
}
} else {
goto done;
}
allowed_attrs[c],
}
goto done;
}
}
if (override_attrs_found) {
goto done;
}
goto done;
}
}
done:
return ret;
}
#define SYSDB_USER_NAME_OVERRIDE_FILTER "(&(objectClass="SYSDB_OVERRIDE_USER_CLASS")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
#define SYSDB_USER_UID_OVERRIDE_FILTER "(&(objectClass="SYSDB_OVERRIDE_USER_CLASS")("SYSDB_UIDNUM"=%lu))"
#define SYSDB_GROUP_NAME_OVERRIDE_FILTER "(&(objectClass="SYSDB_OVERRIDE_GROUP_CLASS")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
#define SYSDB_GROUP_GID_OVERRIDE_FILTER "(&(objectClass="SYSDB_OVERRIDE_GROUP_CLASS")("SYSDB_GIDNUM"=%lu))"
enum override_object_type {
OO_TYPE_UNDEF = 0,
};
struct sss_domain_info *domain,
const char *name,
const char *filter,
const char **attrs,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
struct ldb_result *override_res;
struct ldb_result *orig_res;
char *sanitized_name;
char *lc_sanitized_name;
const char *src_name;
int ret;
const char *orig_obj_dn;
if (!tmp_ctx) {
return ENOMEM;
}
goto done;
}
/* If this is a subdomain we need to use fully qualified names for the
* search as well by default */
goto done;
}
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
if (override_res->count == 0) {
name);
goto done;
"Found more than one override for name [%s].\n", name);
goto done;
}
NULL);
if (orig_obj_dn == NULL) {
"Missing link to original object in override [%s].\n",
goto done;
}
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
}
done:
return ret;
}
struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
}
struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
}
struct sss_domain_info *domain,
const char *name,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
const char *attrs[] = SYSDB_PW_ATTRS;
}
struct sss_domain_info *domain,
const char *name,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
const char *attrs[] = SYSDB_GRSRC_ATTRS;
}
struct sss_domain_info *domain,
unsigned long int id,
enum override_object_type type,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
static const char *user_attrs[] = SYSDB_PW_ATTRS;
static const char *group_attrs[] = SYSDB_GRSRC_ATTRS;
const char **attrs;
struct ldb_result *override_res;
struct ldb_result *orig_res;
int ret;
const char *orig_obj_dn;
const char *filter;
if (!tmp_ctx) {
return ENOMEM;
}
goto done;
}
switch(type) {
case OO_TYPE_USER:
attrs = user_attrs;
break;
case OO_TYPE_GROUP:
attrs = group_attrs;
break;
default:
type);
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
if (override_res->count == 0) {
"No user override found for %s with id [%lu].\n",
goto done;
"Found more than one override for id [%lu].\n", id);
goto done;
}
NULL);
if (orig_obj_dn == NULL) {
"Missing link to original object in override [%s].\n",
goto done;
}
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
}
done:
return ret;
}
struct sss_domain_info *domain,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
}
struct sss_domain_info *domain,
struct ldb_result **override_obj,
struct ldb_result **orig_obj)
{
}
/**
* @brief Add override data to the original object
*
* @param[in] domain Domain struct, needed to access the cache
* @oaram[in] obj The original object
* @param[in] override_obj The object with the override data, may be NULL
*
* @return EOK - Override data was added successfully
* @return ENOMEM - There was insufficient memory to complete the operation
* @return ENOENT - The original object did not have the SYSDB_OVERRIDE_DN
* attribute or the value of the attribute points an object
* which does not exists. Both conditions indicate that the
* cache must be refreshed.
*/
struct ldb_message *obj,
struct ldb_message *override_obj)
{
int ret;
const char *override_dn_str;
struct ldb_dn *override_dn;
struct ldb_result *res;
struct ldb_message *override;
static const char *user_attrs[] = SYSDB_PW_ATTRS;
static const char *group_attrs[] = SYSDB_GRSRC_ATTRS;
const char **attrs;
struct attr_map {
const char *attr;
const char *new_attr;
} attr_map[] = {
};
size_t c;
const char *tmp_str;
return ENOMEM;
}
if (override_obj == NULL) {
if (override_dn_str == NULL) {
"Missing override DN for objext [%s].\n",
goto done;
}
if (override_dn == NULL) {
goto done;
}
goto done;
}
if (uid == 0) {
/* No UID hence group object */
attrs = group_attrs;
} else {
attrs = user_attrs;
}
if (ret != LDB_SUCCESS) {
goto done;
}
goto done;
} else {
"Base search for override object returned [%d] results.\n",
goto done;
}
} else {
}
if (ret != LDB_SUCCESS) {
goto done;
}
}
}
done:
return ret;
}
struct ldb_message *obj)
{
int ret;
size_t c;
struct ldb_message_element *members;
struct ldb_result *member_obj;
struct ldb_result *override_obj;
static const char *member_attrs[] = SYSDB_PW_ATTRS;
const char *override_dn_str;
struct ldb_dn *override_dn;
const char *memberuid;
return EOK;
}
goto done;
}
for (c = 0; c < members->num_values; c++) {
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
"Base search for member object returned [%d] results.\n",
member_obj->count);
goto done;
}
if (override_dn_str == NULL) {
"Missing override DN for objext [%s].\n",
goto done;
}
if (override_dn == NULL) {
goto done;
}
if (ret != LDB_SUCCESS) {
goto done;
}
"Base search for override object returned [%d] results.\n",
member_obj->count);
goto done;
}
NULL);
}
NULL);
goto done;
}
}
if (ret != LDB_SUCCESS) {
goto done;
}
/* Free all temporary data of the current member to avoid memory usage
* spikes. All temporary data should be allocated below member_dn. */
}
done:
return ret;
}
struct ldb_message_element *
const struct ldb_message *msg,
const char *attr_name)
{
struct ldb_message_element *val;
char *override_attr_name;
if (DOM_HAS_VIEWS(dom)) {
goto done;
}
if (override_attr_name == NULL) {
goto done;
}
goto done;
}
}
done:
return val;
}
const struct ldb_message *msg,
const char *attr_name,
{
char *override_attr_name;
if (DOM_HAS_VIEWS(dom)) {
val = default_value;
goto done;
}
if (override_attr_name == NULL) {
val = default_value;
goto done;
}
goto done;
}
}
done:
return val;
}
const struct ldb_message *msg,
const char *attr_name,
const char * default_value)
{
const char *val;
char *override_attr_name;
if (DOM_HAS_VIEWS(dom)) {
val = default_value;
goto done;
}
if (override_attr_name == NULL) {
val = default_value;
goto done;
}
goto done;
}
}
done:
return val;
}