From f76e48596bc30b19eedacd838dd306bc1607d4eb Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Wed, 13 Jul 2016 17:42:51 +0200
Subject: wip

---
 src/db/sysdb_ops.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)

(limited to 'src/db/sysdb_ops.c')

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 4755ea342..60bd746e7 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2290,6 +2290,77 @@ fail:
     return ret;
 }
 
+errno_t sysdb_refresh_group_memberships(struct sss_domain_info *dom,
+                                        struct ldb_dn *dn)
+{
+    int ret;
+    TALLOC_CTX *tmp_ctx;
+    const char *attrs[] = { SYSDB_MEMBEROF, NULL };
+    size_t msgs_count;
+    struct ldb_message **msgs;
+    struct ldb_message_element *groups;
+    size_t c;
+    struct ldb_dn *group_dn;
+
+    tmp_ctx = talloc_new(NULL);
+    if (tmp_ctx == NULL) {
+        DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");
+        return ENOMEM;
+    }
+
+    ret = sysdb_search_entry(tmp_ctx, dom->sysdb, dn, LDB_SCOPE_BASE, NULL,
+                             attrs, &msgs_count, &msgs);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_entry failed for [%s].\n",
+                                 ldb_dn_get_linearized(dn));
+        goto done;
+    }
+
+    if (msgs_count != 1) {
+        DEBUG(SSSDBG_OP_FAILURE,
+              "Expected 1 result for base search, got [%d].\n", msgs_count);
+        ret = EINVAL;
+        goto done;
+    }
+
+    groups = ldb_msg_find_element(msgs[0], SYSDB_MEMBEROF);
+    if (groups == NULL) {
+        DEBUG(SSSDBG_TRACE_ALL, "[%s] is not member of any group.\n",
+                                ldb_dn_get_linearized(dn));
+        ret = EOK;
+        goto done;
+    }
+
+    for (c = 0; c < groups->num_values; c++) {
+        group_dn = ldb_dn_from_ldb_val(tmp_ctx, dom->sysdb->ldb,
+                                       &groups->values[c]);
+        if (group_dn == NULL) {
+            DEBUG(SSSDBG_OP_FAILURE, "ldb_dn_from_ldb_val failed.\n");
+            ret = ENOMEM;
+            goto done;
+        }
+
+        ret = sysdb_mod_group_member(dom, dn, group_dn, SYSDB_MOD_DEL);
+        if (ret != EOK) {
+            DEBUG(SSSDBG_OP_FAILURE,
+                  "sysdb_mod_group_member SYSDB_MOD_DEL failed.\n");
+            goto done;
+        }
+        ret = sysdb_mod_group_member(dom, dn, group_dn, SYSDB_MOD_ADD);
+        if (ret != EOK) {
+            DEBUG(SSSDBG_OP_FAILURE,
+                  "sysdb_mod_group_member SYSDB_MOD_ADD failed.\n");
+            goto done;
+        }
+    }
+
+    ret = EOK;
+done:
+    talloc_free(tmp_ctx);
+
+    return ret;
+}
+
 /* =Add-Basic-Netgroup-NO-CHECKS============================================= */
 
 int sysdb_add_basic_netgroup(struct sss_domain_info *domain,
-- 
cgit