diff options
| author | Sumit Bose <sbose@redhat.com> | 2014-10-27 15:11:08 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-11-05 15:26:32 +0100 |
| commit | 1a9f66352070d71a6b998c5afbc268ba6fddc51c (patch) | |
| tree | f069bf7a43ddebd35e9f140971f7fe36c42628e5 /src/db | |
| parent | 16c37880f089431211290aa31bdcd3c9bc12aa77 (diff) | |
| download | sssd-1a9f66352070d71a6b998c5afbc268ba6fddc51c.tar.gz sssd-1a9f66352070d71a6b998c5afbc268ba6fddc51c.tar.xz sssd-1a9f66352070d71a6b998c5afbc268ba6fddc51c.zip | |
sysdb_add_overrides_to_object: add new parameter and multi-value support
With the new parameter an attribute list other than the default one can
be used.
Override attributes with multiple values (e.g. SSH public keys) are now
supported as well.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/db')
| -rw-r--r-- | src/db/sysdb.h | 3 | ||||
| -rw-r--r-- | src/db/sysdb_search.c | 24 | ||||
| -rw-r--r-- | src/db/sysdb_views.c | 41 |
3 files changed, 43 insertions, 25 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index ebb1bbeda..f582f6a51 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -487,7 +487,8 @@ errno_t sysdb_search_group_override_by_gid(TALLOC_CTX *mem_ctx, errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, struct ldb_message *obj, - struct ldb_message *override_obj); + struct ldb_message *override_obj, + const char **req_attrs); errno_t sysdb_add_group_member_overrides(struct sss_domain_info *domain, struct ldb_message *obj); diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index dacbd239d..677257405 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -124,7 +124,8 @@ errno_t sysdb_getpwnam_with_views(TALLOC_CTX *mem_ctx, * the original object. */ if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj->msgs[0], + NULL); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -229,7 +230,8 @@ errno_t sysdb_getpwuid_with_views(TALLOC_CTX *mem_ctx, * the original object. */ if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj->msgs[0]); + override_obj == NULL ? NULL : override_obj->msgs[0], + NULL); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -314,7 +316,8 @@ int sysdb_enumpwent_with_views(TALLOC_CTX *mem_ctx, if (DOM_HAS_VIEWS(domain)) { for (c = 0; c < res->count; c++) { - ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL); + ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL, + NULL); /* enumeration assumes that the cache is up-to-date, hence we do not * need to handle ENOENT separately. */ if (ret != EOK) { @@ -426,7 +429,8 @@ int sysdb_getgrnam_with_views(TALLOC_CTX *mem_ctx, } ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj ->msgs[0], + NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -578,7 +582,8 @@ int sysdb_getgrgid_with_views(TALLOC_CTX *mem_ctx, } ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj ->msgs[0], + NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -734,7 +739,8 @@ int sysdb_enumgrent_with_views(TALLOC_CTX *mem_ctx, if (DOM_HAS_VIEWS(domain)) { for (c = 0; c < res->count; c++) { - ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL); + ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL, + NULL); /* enumeration assumes that the cache is up-to-date, hence we do not * need to handle ENOENT separately. */ if (ret != EOK) { @@ -956,7 +962,8 @@ int sysdb_initgroups_with_views(TALLOC_CTX *mem_ctx, if (DOM_HAS_VIEWS(domain)) { /* Skip user entry because it already has override values added */ for (c = 1; c < res->count; c++) { - ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL); + ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL, + NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); @@ -1083,7 +1090,8 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx, * the original object. */ if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj ->msgs[0], + attrs); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); return ret; diff --git a/src/db/sysdb_views.c b/src/db/sysdb_views.c index a42aa96ed..f2cf37023 100644 --- a/src/db/sysdb_views.c +++ b/src/db/sysdb_views.c @@ -948,6 +948,8 @@ errno_t sysdb_search_group_override_by_gid(TALLOC_CTX *mem_ctx, * @param[in] domain Domain struct, needed to access the cache * @oaram[in] obj The original object * @param[in] override_obj The object with the override data, may be NULL + * @param[in] req_attrs List of attributes to be requested, if not set a + * default list dependig on the object type will be used * * @return EOK - Override data was added successfully * @return ENOMEM - There was insufficient memory to complete the operation @@ -958,7 +960,8 @@ errno_t sysdb_search_group_override_by_gid(TALLOC_CTX *mem_ctx, */ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, struct ldb_message *obj, - struct ldb_message *override_obj) + struct ldb_message *override_obj, + const char **req_attrs) { int ret; const char *override_dn_str; @@ -983,7 +986,8 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, {NULL, NULL} }; size_t c; - const char *tmp_str; + size_t d; + struct ldb_message_element *tmp_el; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { @@ -1016,12 +1020,15 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, goto done; } - uid = ldb_msg_find_attr_as_uint64(obj, SYSDB_UIDNUM, 0); - if (uid == 0) { - /* No UID hence group object */ - attrs = group_attrs; - } else { - attrs = user_attrs; + attrs = req_attrs; + if (attrs == NULL) { + uid = ldb_msg_find_attr_as_uint64(obj, SYSDB_UIDNUM, 0); + if (uid == 0) { + /* No UID hence group object */ + attrs = group_attrs; + } else { + attrs = user_attrs; + } } ret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, override_dn, @@ -1050,14 +1057,16 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, } for (c = 0; attr_map[c].attr != NULL; c++) { - tmp_str = ldb_msg_find_attr_as_string(override, attr_map[c].attr, NULL); - if (tmp_str != NULL) { - talloc_steal(obj, tmp_str); - ret = ldb_msg_add_string(obj, attr_map[c].new_attr, tmp_str); - if (ret != LDB_SUCCESS) { - DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_string failed.\n"); - ret = sysdb_error_to_errno(ret); - goto done; + tmp_el = ldb_msg_find_element(override, attr_map[c].attr); + if (tmp_el != NULL) { + for (d = 0; d < tmp_el->num_values; d++) { + ret = ldb_msg_add_steal_value(obj, attr_map[c].new_attr, + &tmp_el->values[d]); + if (ret != LDB_SUCCESS) { + DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_value failed.\n"); + ret = sysdb_error_to_errno(ret); + goto done; + } } } } |