sysdb_get_user_attr_with_views: add mandatory override attributes

This patch add another attribute with is needs for override processing
to the attribute list of sysdb_get_user_attr_with_views(). With two
attribute it does not seem useful to check for existence and add each of
the attributes conditionally. With this patch they are added
unconditionally if the domain has views. Additionally the attributes are
not removed in the end because it is expected that they do not cause any
harm.

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

1 files changed, 8 insertions, 39 deletions

diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
index bbc5af8a0..dacbd239d 100644
--- a/src/db/sysdb_search.c
+++ b/src/db/sysdb_search.c
@@ -1037,11 +1037,11 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,
     int ret;
     struct ldb_result *orig_obj = NULL;
     struct ldb_result *override_obj = NULL;
-    struct ldb_message_element *el = NULL;
     const char **attrs = NULL;
-    bool has_override_dn;
+    const char *mandatory_override_attrs[] = {SYSDB_OVERRIDE_DN,
+                                              SYSDB_OVERRIDE_OBJECT_DN,
+                                              NULL};
     TALLOC_CTX *tmp_ctx;
-    int count;
 
     tmp_ctx = talloc_new(NULL);
     if (tmp_ctx == NULL) {
@@ -1049,35 +1049,15 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,
         return ENOMEM;
     }
 
-    /* Assume that overrideDN is requested to simplify the code. If no view
-     * is applied it doesn't really matter. */
-    has_override_dn = true;
     attrs = attributes;
 
     /* If there are views we first have to search the overrides for matches */
     if (DOM_HAS_VIEWS(domain)) {
-        /* We need overrideDN for views, so append it if missing. */
-        has_override_dn = false;
-        for (count = 0; attributes[count] != NULL; count++) {
-            if (strcmp(attributes[count], SYSDB_OVERRIDE_DN) == 0) {
-                has_override_dn = true;
-                break;
-            }
-        }
-
-        if (!has_override_dn) {
-            /* Copy original attributes and add overrideDN. */
-            attrs = talloc_zero_array(tmp_ctx, const char *, count + 2);
-            if (attrs == NULL) {
-                ret = ENOMEM;
-                goto done;
-            }
-
-            for (count = 0; attributes[count] != NULL; count++) {
-                attrs[count] = attributes[count];
-            }
-
-            attrs[count] = SYSDB_OVERRIDE_DN;
+        ret = add_strings_lists(tmp_ctx, attributes, mandatory_override_attrs,
+                                false, discard_const(&attrs));
+        if (ret != EOK) {
+            DEBUG(SSSDBG_OP_FAILURE, "add_strings_lists failed.\n");
+            goto done;
         }
 
         ret = sysdb_search_user_override_attrs_by_name(tmp_ctx, domain, name,
@@ -1121,17 +1101,6 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,
         }
     }
 
-    /* Remove overrideDN if needed. */
-    if (!has_override_dn && orig_obj != NULL && orig_obj->count == 1) {
-        el = ldb_msg_find_element(orig_obj->msgs[0], SYSDB_OVERRIDE_DN);
-        if (el == NULL) {
-            ret = EINVAL;
-            goto done;
-        }
-
-        ldb_msg_remove_element(orig_obj->msgs[0], el);
-    }
-
     *_res = talloc_steal(mem_ctx, orig_obj);
     ret = EOK;