]>
Commit | Line | Data |
---|---|---|
92ae11e3 SS |
1 | From 0cf03315bc74555aa70a6fec854d6d66826eb608 Mon Sep 17 00:00:00 2001 |
2 | From: Sumit Bose <sbose@redhat.com> | |
3 | Date: Tue, 18 Oct 2016 14:59:19 +0200 | |
4 | Subject: [PATCH 12/39] sysdb: add parent_dom to sysdb_get_direct_parents() | |
5 | ||
6 | Currently sysdb_get_direct_parents() only return direct parents from the | |
7 | same domain as the child object. In setups with sub-domains this might | |
8 | not be sufficient. A new option parent_dom is added which allows to | |
9 | specify a domain the direct parents should be lookup up in. If it is | |
10 | NULL the whole cache is searched. | |
11 | ||
12 | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> | |
13 | (cherry picked from commit 3dd4c3eca80e9223a65f3318821bd0fb5b45aedd) | |
14 | (cherry picked from commit 9a243dcdbf5a908d23c1a64f3fb33914eefef9e8) | |
15 | --- | |
16 | src/db/sysdb.h | 21 +++++++++++++++++++++ | |
17 | src/db/sysdb_search.c | 7 ++++++- | |
18 | src/providers/ldap/sdap_async_initgroups.c | 11 +++++++---- | |
19 | 3 files changed, 34 insertions(+), 5 deletions(-) | |
20 | ||
21 | diff --git a/src/db/sysdb.h b/src/db/sysdb.h | |
22 | index 7de3acdf3..f5d3ddb84 100644 | |
23 | --- a/src/db/sysdb.h | |
24 | +++ b/src/db/sysdb.h | |
25 | @@ -1137,8 +1137,29 @@ errno_t sysdb_remove_attrs(struct sss_domain_info *domain, | |
26 | enum sysdb_member_type type, | |
27 | char **remove_attrs); | |
28 | ||
29 | +/** | |
30 | + * @brief Return direct parents of an object in the cache | |
31 | + * | |
32 | + * @param[in] mem_ctx Memory context the result should be allocated | |
33 | + * on | |
34 | + * @param[in] dom domain the object is in | |
35 | + * @param[in] parent_dom domain which should be searched for direct | |
36 | + * parents if NULL all domains in the given cache | |
37 | + * are searched | |
38 | + * @param[in] mtype Type of the object, SYSDB_MEMBER_USER or | |
39 | + * SYSDB_MEMBER_GROUP | |
40 | + * @param[in] name Name of the object | |
41 | + * @param[out] _direct_parents List of names of the direct parent groups | |
42 | + * | |
43 | + * | |
44 | + * @return | |
45 | + * - EOK: success | |
46 | + * - EINVAL: wrong mtype | |
47 | + * - ENOMEM: Memory allocation failed | |
48 | + */ | |
49 | errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx, | |
50 | struct sss_domain_info *dom, | |
51 | + struct sss_domain_info *parent_dom, | |
52 | enum sysdb_member_type mtype, | |
53 | const char *name, | |
54 | char ***_direct_parents); | |
55 | diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c | |
56 | index cfee5784d..4d63c3838 100644 | |
57 | --- a/src/db/sysdb_search.c | |
58 | +++ b/src/db/sysdb_search.c | |
59 | @@ -1981,6 +1981,7 @@ done: | |
60 | ||
61 | errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx, | |
62 | struct sss_domain_info *dom, | |
63 | + struct sss_domain_info *parent_dom, | |
64 | enum sysdb_member_type mtype, | |
65 | const char *name, | |
66 | char ***_direct_parents) | |
67 | @@ -2029,7 +2030,11 @@ errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx, | |
68 | goto done; | |
69 | } | |
70 | ||
71 | - basedn = sysdb_group_base_dn(tmp_ctx, dom); | |
72 | + if (parent_dom == NULL) { | |
73 | + basedn = sysdb_base_dn(dom->sysdb, tmp_ctx); | |
74 | + } else { | |
75 | + basedn = sysdb_group_base_dn(tmp_ctx, parent_dom); | |
76 | + } | |
77 | if (!basedn) { | |
78 | ret = ENOMEM; | |
79 | goto done; | |
80 | diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c | |
81 | index df39de3cc..7a2eef43d 100644 | |
82 | --- a/src/providers/ldap/sdap_async_initgroups.c | |
83 | +++ b/src/providers/ldap/sdap_async_initgroups.c | |
84 | @@ -1301,7 +1301,8 @@ sdap_initgr_store_user_memberships(struct sdap_initgr_nested_state *state) | |
85 | } | |
86 | } | |
87 | ||
88 | - ret = sysdb_get_direct_parents(tmp_ctx, state->dom, SYSDB_MEMBER_USER, | |
89 | + ret = sysdb_get_direct_parents(tmp_ctx, state->dom, state->dom, | |
90 | + SYSDB_MEMBER_USER, | |
91 | state->username, &sysdb_parent_name_list); | |
92 | if (ret) { | |
93 | DEBUG(SSSDBG_CRIT_FAILURE, | |
94 | @@ -1388,7 +1389,7 @@ sdap_initgr_nested_get_membership_diff(TALLOC_CTX *mem_ctx, | |
95 | goto done; | |
96 | } | |
97 | ||
98 | - ret = sysdb_get_direct_parents(tmp_ctx, dom, SYSDB_MEMBER_GROUP, | |
99 | + ret = sysdb_get_direct_parents(tmp_ctx, dom, dom, SYSDB_MEMBER_GROUP, | |
100 | group_name, &sysdb_parents_names_list); | |
101 | if (ret) { | |
102 | DEBUG(SSSDBG_CRIT_FAILURE, | |
103 | @@ -2070,7 +2071,8 @@ rfc2307bis_group_memberships_build(hash_entry_t *item, void *user_data) | |
104 | goto done; | |
105 | } | |
106 | ||
107 | - ret = sysdb_get_direct_parents(tmp_ctx, mstate->dom, SYSDB_MEMBER_GROUP, | |
108 | + ret = sysdb_get_direct_parents(tmp_ctx, mstate->dom, mstate->dom, | |
109 | + SYSDB_MEMBER_GROUP, | |
110 | group_name, &sysdb_parents_names_list); | |
111 | if (ret) { | |
112 | DEBUG(SSSDBG_CRIT_FAILURE, | |
113 | @@ -2130,7 +2132,8 @@ errno_t save_rfc2307bis_user_memberships( | |
114 | } | |
115 | in_transaction = true; | |
116 | ||
117 | - ret = sysdb_get_direct_parents(tmp_ctx, state->dom, SYSDB_MEMBER_USER, | |
118 | + ret = sysdb_get_direct_parents(tmp_ctx, state->dom, state->dom, | |
119 | + SYSDB_MEMBER_USER, | |
120 | state->name, &sysdb_parent_name_list); | |
121 | if (ret) { | |
122 | DEBUG(SSSDBG_CRIT_FAILURE, | |
123 | -- | |
124 | 2.11.0 | |
125 |