summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2015-07-24 09:55:28 +0200
committerPavel Březina <pbrezina@redhat.com>2015-07-27 18:52:48 +0200
commit30f2932b773aa6cea186a41268afd5ba1934cd34 (patch)
treef620c5fa043e81c5c2a3cfb106b0d8831444a4bd
parentdb9ba08b8c359eec318fa3dfc28e038618ea35f7 (diff)
downloadsssd-30f2932b773aa6cea186a41268afd5ba1934cd34.tar.gz
sssd-30f2932b773aa6cea186a41268afd5ba1934cd34.tar.xz
sssd-30f2932b773aa6cea186a41268afd5ba1934cd34.zip
SYSDB: prepare for LOCAL view
Objects doesn't have to have overrideDN specified when using LOCAL view. Since the view is not stored on the server we do not want to contact LDAP therefore we special case LOCAL view saying that it is OK that this attribute is missing. Preparation for: https://fedorahosted.org/sssd/ticket/2584
-rw-r--r--src/db/sysdb.h14
-rw-r--r--src/db/sysdb_views.c7
-rw-r--r--src/providers/ipa/ipa_subdomains.c3
-rw-r--r--src/tests/cmocka/test_sysdb_views.c66
4 files changed, 88 insertions, 2 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 0f745ccb1..9e28b5c66 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -157,9 +157,10 @@
#define SYSDB_AD_ACCOUNT_EXPIRES "adAccountExpires"
#define SYSDB_AD_USER_ACCOUNT_CONTROL "adUserAccountControl"
+#define SYSDB_DEFAULT_VIEW_NAME "default"
+#define SYSDB_LOCAL_VIEW_NAME "LOCAL" /* reserved for client-side overrides */
#define SYSDB_VIEW_CLASS "view"
#define SYSDB_VIEW_NAME "viewName"
-#define SYSDB_DEFAULT_VIEW_NAME "default"
#define SYSDB_OVERRIDE_CLASS "overrride"
#define SYSDB_OVERRIDE_ANCHOR_UUID "overrideAnchorUUID"
#define SYSDB_OVERRIDE_USER_CLASS "userOverride"
@@ -473,6 +474,17 @@ static inline bool is_default_view(const char *view_name)
}
}
+static inline bool is_local_view(const char *view_name)
+{
+ /* NULL is treated as default */
+ if (view_name != NULL
+ && strcmp(view_name, SYSDB_LOCAL_VIEW_NAME) == 0) {
+ return true;
+ } else {
+ return false;
+ }
+}
+
errno_t sysdb_delete_view_tree(struct sysdb_ctx *sysdb, const char *view_name);
errno_t sysdb_invalidate_overrides(struct sysdb_ctx *sysdb);
diff --git a/src/db/sysdb_views.c b/src/db/sysdb_views.c
index aadd6018f..1db6c892d 100644
--- a/src/db/sysdb_views.c
+++ b/src/db/sysdb_views.c
@@ -1186,9 +1186,16 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain,
override_dn_str = ldb_msg_find_attr_as_string(obj,
SYSDB_OVERRIDE_DN, NULL);
if (override_dn_str == NULL) {
+ if (is_local_view(domain->view_name)) {
+ /* LOCAL view doesn't have to have overrideDN specified. */
+ ret = EOK;
+ goto done;
+ }
+
DEBUG(SSSDBG_CRIT_FAILURE,
"Missing override DN for objext [%s].\n",
ldb_dn_get_linearized(obj->dn));
+
ret = ENOENT;
goto done;
}
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
index cf7278447..cec8b3918 100644
--- a/src/providers/ipa/ipa_subdomains.c
+++ b/src/providers/ipa/ipa_subdomains.c
@@ -905,7 +905,8 @@ static void ipa_get_view_name_done(struct tevent_req *req)
goto done;
}
- if (!is_default_view(ctx->sd_ctx->id_ctx->view_name)) {
+ if (!is_default_view(ctx->sd_ctx->id_ctx->view_name)
+ && !is_local_view(ctx->sd_ctx->id_ctx->view_name)) {
/* Old view was not the default view, delete view tree */
ret = sysdb_delete_view_tree(
ctx->sd_ctx->be_ctx->domain->sysdb,
diff --git a/src/tests/cmocka/test_sysdb_views.c b/src/tests/cmocka/test_sysdb_views.c
index 123d4c5cb..83007b76a 100644
--- a/src/tests/cmocka/test_sysdb_views.c
+++ b/src/tests/cmocka/test_sysdb_views.c
@@ -281,6 +281,68 @@ void test_sysdb_add_overrides_to_object(void **state)
assert_int_equal(ldb_val_string_cmp(&el->values[1], "OVERRIDEKEY2"), 0);
}
+void test_sysdb_add_overrides_to_object_local(void **state)
+{
+ int ret;
+ struct ldb_message *orig;
+ struct ldb_message_element *el;
+ char *tmp_str;
+ struct sysdb_test_ctx *test_ctx = talloc_get_type_abort(*state,
+ struct sysdb_test_ctx);
+
+ orig = ldb_msg_new(test_ctx);
+ assert_non_null(orig);
+
+ tmp_str = talloc_strdup(orig, "ORIGNAME");
+ assert_non_null(tmp_str);
+ ret = ldb_msg_add_string(orig, SYSDB_NAME, tmp_str);
+ assert_int_equal(ret, EOK);
+
+ tmp_str = talloc_strdup(orig, "ORIGGECOS");
+ assert_non_null(tmp_str);
+ ret = ldb_msg_add_string(orig, SYSDB_GECOS, tmp_str);
+ assert_int_equal(ret, EOK);
+
+ test_ctx->domain->has_views = true;
+ test_ctx->domain->view_name = "LOCAL";
+
+ ret = sysdb_add_overrides_to_object(test_ctx->domain, orig, NULL, NULL);
+ assert_int_equal(ret, EOK);
+}
+
+void test_sysdb_add_overrides_to_object_missing_overridedn(void **state)
+{
+ int ret;
+ struct ldb_message *orig;
+ struct ldb_message_element *el;
+ char *tmp_str;
+ struct sysdb_test_ctx *test_ctx = talloc_get_type_abort(*state,
+ struct sysdb_test_ctx);
+
+ orig = ldb_msg_new(test_ctx);
+ assert_non_null(orig);
+
+ orig->dn = ldb_dn_new(orig, test_ctx->domain->sysdb->ldb,
+ "cn=somedn,dc=example,dc=com");
+ assert_non_null(orig->dn);
+
+ tmp_str = talloc_strdup(orig, "ORIGNAME");
+ assert_non_null(tmp_str);
+ ret = ldb_msg_add_string(orig, SYSDB_NAME, tmp_str);
+ assert_int_equal(ret, EOK);
+
+ tmp_str = talloc_strdup(orig, "ORIGGECOS");
+ assert_non_null(tmp_str);
+ ret = ldb_msg_add_string(orig, SYSDB_GECOS, tmp_str);
+ assert_int_equal(ret, EOK);
+
+ test_ctx->domain->has_views = true;
+ test_ctx->domain->view_name = "NON-LOCAL";
+
+ ret = sysdb_add_overrides_to_object(test_ctx->domain, orig, NULL, NULL);
+ assert_int_equal(ret, ENOENT);
+}
+
void test_split_ipa_anchor(void **state)
{
int ret;
@@ -923,6 +985,10 @@ int main(int argc, const char *argv[])
test_sysdb_setup, test_sysdb_teardown),
cmocka_unit_test_setup_teardown(test_sysdb_add_overrides_to_object,
test_sysdb_setup, test_sysdb_teardown),
+ cmocka_unit_test_setup_teardown(test_sysdb_add_overrides_to_object_local,
+ test_sysdb_setup, test_sysdb_teardown),
+ cmocka_unit_test_setup_teardown(test_sysdb_add_overrides_to_object_missing_overridedn,
+ test_sysdb_setup, test_sysdb_teardown),
cmocka_unit_test_setup_teardown(test_split_ipa_anchor,
test_sysdb_setup, test_sysdb_teardown),
cmocka_unit_test_setup_teardown(test_sysdb_delete_view_tree,