summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2014-06-17 12:06:29 +0200
committerJakub Hrozek <jhrozek@redhat.com>2014-06-20 13:45:30 +0200
commit7ecb5aea65cb1899f16e7a41bffa93d074defd4a (patch)
treed73d0fd053ffd7a2a6716b2e8ff52bcfacd7b4a2
parent9ad2756fcf4df945f4cd09238e3f9fe707b0b70c (diff)
downloadsssd-7ecb5aea65cb1899f16e7a41bffa93d074defd4a.tar.gz
sssd-7ecb5aea65cb1899f16e7a41bffa93d074defd4a.tar.xz
sssd-7ecb5aea65cb1899f16e7a41bffa93d074defd4a.zip
sysdb: add sysdb_search_user_by_upn() with tests
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat
-rw-r--r--src/db/sysdb.h7
-rw-r--r--src/db/sysdb_ops.c60
-rw-r--r--src/tests/sysdb-tests.c231
3 files changed, 298 insertions, 0 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 1057090e6..95834eed0 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -148,6 +148,7 @@
#define SYSDB_PWNAM_FILTER "(&("SYSDB_UC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
#define SYSDB_PWUID_FILTER "(&("SYSDB_UC")("SYSDB_UIDNUM"=%lu))"
#define SYSDB_PWSID_FILTER "(&("SYSDB_UC")("SYSDB_SID_STR"=%s))"
+#define SYSDB_PWUPN_FILTER "(&("SYSDB_UC")(|("SYSDB_UPN"=%s)("SYSDB_CANONICAL_UPN"=%s)))"
#define SYSDB_PWENT_FILTER "("SYSDB_UC")"
#define SYSDB_GRNAM_FILTER "(&("SYSDB_GC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
@@ -527,6 +528,12 @@ int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx,
const char **attrs,
struct ldb_message **msg);
+int sysdb_search_user_by_upn(TALLOC_CTX *mem_ctx,
+ struct sss_domain_info *domain,
+ const char *sid_str,
+ const char **attrs,
+ struct ldb_message **msg);
+
/* Search Group (by gid, sid or name) */
int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 915ef1ad9..50f339149 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -435,6 +435,66 @@ int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx,
sid_str, attrs, msg);
}
+int sysdb_search_user_by_upn(TALLOC_CTX *mem_ctx,
+ struct sss_domain_info *domain,
+ const char *upn,
+ const char **attrs,
+ struct ldb_message **msg)
+{
+ TALLOC_CTX *tmp_ctx;
+ const char *def_attrs[] = { SYSDB_NAME, SYSDB_UPN, SYSDB_CANONICAL_UPN,
+ NULL };
+ struct ldb_message **msgs = NULL;
+ struct ldb_dn *basedn;
+ size_t msgs_count = 0;
+ char *filter;
+ int ret;
+
+ tmp_ctx = talloc_new(NULL);
+ if (tmp_ctx == NULL) {
+ return ENOMEM;
+ }
+
+ basedn = ldb_dn_new_fmt(tmp_ctx, domain->sysdb->ldb,
+ SYSDB_TMPL_USER_BASE, domain->name);
+ if (basedn == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ filter = talloc_asprintf(tmp_ctx, SYSDB_PWUPN_FILTER, upn, upn);
+ if (filter == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = sysdb_search_entry(tmp_ctx, domain->sysdb, basedn, LDB_SCOPE_SUBTREE,
+ filter, attrs?attrs:def_attrs, &msgs_count,
+ &msgs);
+ if (ret != EOK) {
+ goto done;
+ }
+
+ if (msgs_count > 1) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Search for upn [%s] returns more than one result.\n", upn);
+ ret = EINVAL;
+ goto done;
+ }
+
+ *msg = talloc_steal(mem_ctx, msgs[0]);
+
+done:
+ if (ret == ENOENT) {
+ DEBUG(SSSDBG_TRACE_FUNC, "No entry with upn [%s] found.\n", upn);
+ } else if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, "Error: %d (%s)\n", ret, strerror(ret));
+ }
+
+ talloc_zfree(tmp_ctx);
+ return ret;
+}
+
/* =Search-Group-by-[GID/SID/NAME]============================================ */
int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 3d67441bf..ac78f368f 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -5214,6 +5214,228 @@ START_TEST(test_confdb_list_all_domain_names_single_dom)
}
END_TEST
+#define UPN_USER_NAME "upn_user"
+#define UPN_PRINC "upn_user@UPN.TEST"
+#define UPN_PRINC_WRONG_CASE "UpN_uSeR@uPn.TeSt"
+#define UPN_CANON_PRINC "upn_user@UPN.CANON"
+#define UPN_CANON_PRINC_WRONG_CASE "uPn_UsEr@UpN.CaNoN"
+
+START_TEST(test_upn_basic)
+{
+ struct sysdb_test_ctx *test_ctx;
+ struct sysdb_attrs *attrs;
+ int ret;
+ struct ldb_message *msg;
+ const char *str;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ attrs = sysdb_new_attrs(test_ctx);
+ fail_unless(attrs != NULL, "sysdb_new_attrs failed.\n");
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_UPN, UPN_PRINC);
+ fail_unless(ret == EOK, "sysdb_attrs_add_string failed.");
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_CANONICAL_UPN, UPN_CANON_PRINC);
+ fail_unless(ret == EOK, "sysdb_attrs_add_string failed.");
+
+ ret = sysdb_store_user(test_ctx->domain,
+ UPN_USER_NAME, "x",
+ 12345, 0, "UPN USER", "/home/upn_user",
+ "/bin/bash", NULL,
+ attrs, NULL, -1, 0);
+ fail_unless(ret == EOK, "Could not store user.");
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ "abc@def.ghi", NULL, &msg);
+ fail_unless(ret == ENOENT,
+ "sysdb_search_user_by_upn failed with non-existing UPN.");
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ UPN_PRINC, NULL, &msg);
+ fail_unless(ret == EOK, "sysdb_search_user_by_upn failed.");
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_USER_NAME) == 0, "Expected [%s], got [%s].",
+ UPN_USER_NAME, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_PRINC, str);
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST(test_upn_basic_case)
+{
+ struct sysdb_test_ctx *test_ctx;
+ int ret;
+ struct ldb_message *msg;
+ const char *str;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ UPN_PRINC_WRONG_CASE, NULL, &msg);
+ fail_unless(ret == EOK, "sysdb_search_user_by_upn failed.");
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_USER_NAME) == 0, "Expected [%s], got [%s].",
+ UPN_USER_NAME, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_PRINC, str);
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST(test_upn_canon)
+{
+ struct sysdb_test_ctx *test_ctx;
+ int ret;
+ struct ldb_message *msg;
+ const char *str;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ UPN_CANON_PRINC, NULL, &msg);
+ fail_unless(ret == EOK, "sysdb_search_user_by_upn failed.");
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_USER_NAME) == 0, "Expected [%s], got [%s].",
+ UPN_USER_NAME, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_PRINC, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_CANONICAL_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_CANON_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_CANON_PRINC, str);
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST(test_upn_canon_case)
+{
+ struct sysdb_test_ctx *test_ctx;
+ int ret;
+ struct ldb_message *msg;
+ const char *str;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ UPN_CANON_PRINC_WRONG_CASE, NULL, &msg);
+ fail_unless(ret == EOK, "sysdb_search_user_by_upn failed.");
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_USER_NAME) == 0, "Expected [%s], got [%s].",
+ UPN_USER_NAME, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_PRINC, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_CANONICAL_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_CANON_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_CANON_PRINC, str);
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST(test_upn_dup)
+{
+ struct sysdb_test_ctx *test_ctx;
+ struct sysdb_attrs *attrs;
+ int ret;
+ struct ldb_message *msg;
+ const char *str;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ attrs = sysdb_new_attrs(test_ctx);
+ fail_unless(attrs != NULL, "sysdb_new_attrs failed.\n");
+
+ ret = sysdb_attrs_add_string(attrs, SYSDB_UPN, UPN_CANON_PRINC);
+ fail_unless(ret == EOK, "sysdb_attrs_add_string failed.");
+
+ ret = sysdb_store_user(test_ctx->domain,
+ UPN_USER_NAME"_dup", "x",
+ 23456, 0, "UPN USER DUP", "/home/upn_user_dup",
+ "/bin/bash", NULL,
+ attrs, NULL, -1, 0);
+ fail_unless(ret == EOK, "Could not store user.");
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ UPN_CANON_PRINC, NULL, &msg);
+ fail_unless(ret == EINVAL,
+ "sysdb_search_user_by_upn failed for duplicated UPN.");
+
+ ret = sysdb_search_user_by_upn(test_ctx, test_ctx->domain,
+ UPN_PRINC, NULL, &msg);
+ fail_unless(ret == EOK, "sysdb_search_user_by_upn failed.");
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_USER_NAME) == 0, "Expected [%s], got [%s].",
+ UPN_USER_NAME, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_PRINC, str);
+
+ str = ldb_msg_find_attr_as_string(msg, SYSDB_CANONICAL_UPN, NULL);
+ fail_unless(str != NULL, "ldb_msg_find_attr_as_string failed.");
+ fail_unless(strcmp(str, UPN_CANON_PRINC) == 0,
+ "Expected [%s], got [%s].", UPN_CANON_PRINC, str);
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
START_TEST(test_confdb_list_all_domain_names_multi_dom)
{
int ret;
@@ -5610,6 +5832,15 @@ Suite *create_sysdb_suite(void)
suite_add_tcase(s, tc_autofs);
#endif
+ TCase *tc_upn = tcase_create("SYSDB UPN tests");
+ tcase_add_test(tc_upn, test_upn_basic);
+ tcase_add_test(tc_upn, test_upn_basic_case);
+ tcase_add_test(tc_upn, test_upn_canon);
+ tcase_add_test(tc_upn, test_upn_canon_case);
+ tcase_add_test(tc_upn, test_upn_dup);
+
+ suite_add_tcase(s, tc_upn);
+
/* ConfDB tests -- modify confdb, must always be last!! */
TCase *tc_confdb = tcase_create("confDB tests");
generated by cgit (git 2.34.1) at 2024-06-07 20:19:25 +0000