idmap: add sss_idmap_domain_has_algorithmic_mapping

With this call it can be checked if for a given domain algorithmic
mapping is available or if the ID must be read from an external source.
The default if an error occurs or no matching range was found is false,
i.e external mapping, to meet the requirements for simple LDAP based
domains where only external mapping is available.

Fixes https://fedorahosted.org/sssd/ticket/1960

2 files changed, 55 insertions, 0 deletions

diff --git a/src/lib/idmap/sss_idmap.c b/src/lib/idmap/sss_idmap.c
index 34539cebe..c7ac0c709 100644
--- a/src/lib/idmap/sss_idmap.c
+++ b/src/lib/idmap/sss_idmap.c
@@ -898,3 +898,44 @@ sss_idmap_ctx_get_rangesize(struct sss_idmap_ctx *ctx, id_t *_rangesize)
     *_rangesize =  ctx->idmap_opts.rangesize;
     return IDMAP_SUCCESS;
 }
+
+enum idmap_error_code
+sss_idmap_domain_has_algorithmic_mapping(struct sss_idmap_ctx *ctx,
+                                         const char *dom_sid,
+                                         bool *has_algorithmic_mapping)
+{
+    struct idmap_domain_info *idmap_domain_info;
+    size_t len;
+    size_t dom_sid_len;
+
+    if (dom_sid == NULL) {
+        return IDMAP_SID_INVALID;
+    }
+
+    CHECK_IDMAP_CTX(ctx, IDMAP_CONTEXT_INVALID);
+
+    if (ctx->idmap_domain_info == NULL) {
+        return IDMAP_NO_DOMAIN;
+    }
+
+    idmap_domain_info = ctx->idmap_domain_info;
+
+    while (idmap_domain_info != NULL) {
+        if (idmap_domain_info->sid != NULL) {
+            len = strlen(idmap_domain_info->sid);
+            dom_sid_len = strlen(dom_sid);
+            if (((dom_sid_len > len && dom_sid[len] == '-')
+                        || dom_sid_len == len)
+                    && strncmp(dom_sid, idmap_domain_info->sid, len) == 0) {
+
+                *has_algorithmic_mapping = !idmap_domain_info->external_mapping;
+                return IDMAP_SUCCESS;
+
+            }
+        }
+
+        idmap_domain_info = idmap_domain_info->next;
+    }
+
+    return IDMAP_SID_UNKNOWN;
+}
diff --git a/src/lib/idmap/sss_idmap.h b/src/lib/idmap/sss_idmap.h
index c9e996d0e..d326469ec 100644
--- a/src/lib/idmap/sss_idmap.h
+++ b/src/lib/idmap/sss_idmap.h
@@ -521,6 +521,20 @@ const char *idmap_error_string(enum idmap_error_code err);
 bool is_domain_sid(const char *str);
 
 /**
+ * @brief Check if a domain is configured with algorithmic mapping
+ *
+ * @param[in] ctx      Idmap context
+ * @param[in] dom_sid  SID string, can be either a domain SID or an object SID
+ *
+ * @return
+ * TODO ....
+ */
+enum idmap_error_code
+sss_idmap_domain_has_algorithmic_mapping(struct sss_idmap_ctx *ctx,
+                                         const char *dom_sid,
+                                         bool *has_algorithmic_mapping);
+
+/**
  * @brief Convert binary SID to SID structure
  *
  * @param[in] ctx      Idmap context