ITS#9747 dynlist: fix Compare for static groups

Fallback to static check if static groups are configured and
dynamic group check returns false.

diff --git a/servers/slapd/overlays/dynlist.c b/servers/slapd/overlays/dynlist.c
index 9b63d459e4d7a6e7a66e4fdf2151717d5577b516..edfbf7c7c40b659b949f58c1e85c84891957e6d6 100644 (file)
--- a/servers/slapd/overlays/dynlist.c
+++ b/servers/slapd/overlays/dynlist.c
@@ -887,6 +887,13 @@ dynlist_compare( Operation *op, SlapReply *rs )
                                 * the assertion is FALSE rather than
                                 * UNDEFINED */
                                rs->sr_err = LDAP_COMPARE_FALSE;
+
+                               /* If also using static groups, fallback to
+                                * vanilla compare
+                                */
+                               if ( dlm->dlm_static_oc )
+                                       return SLAP_CB_CONTINUE;
+
                                break;
                        }
 

diff --git a/tests/data/dynlist.out b/tests/data/dynlist.out
index a5374c366bfba2df6e78e4dfdc528ebbdec45ac0..45dc1ff7357fbb377a1ca1c3a142aec9308fcaa0 100644 (file)
--- a/tests/data/dynlist.out
+++ b/tests/data/dynlist.out
@@ -386,6 +386,10 @@ memberOf: cn=all staff,ou=groups,dc=example,dc=com
 memberOf: cn=alumni assoc staff,ou=groups,dc=example,dc=com
 memberOf: cn=dynamic list of members,ou=dynamic lists,dc=example,dc=com
 
+TRUE
+
+FALSE
+
 # Testing nested dynamic group functionality...
 dn: cn=Dynamic List,ou=Dynamic Lists,dc=example,dc=com
 objectClass: groupOfURLs

diff --git a/tests/scripts/test044-dynlist b/tests/scripts/test044-dynlist
index 25ed0abf736ced01be13a0a8216f87e2fe662130..03bcbe834bb736c4d56cf060fa2df854b41f502a 100755 (executable)
--- a/tests/scripts/test044-dynlist
+++ b/tests/scripts/test044-dynlist
@@ -808,6 +808,60 @@ if test $RC != 0 ; then
        exit $RC
 fi
 
+echo "Testing static group member compare..."
+echo "# Testing static group member compare..." >> $SEARCHOUT
+$LDAPCOMPARE -H $URI1 \
+       "cn=all staff,ou=groups,$BASEDN" "member:cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT
+RC=$?
+case $RC in
+5)
+       echo "ldapcompare returned FALSE ($RC)!"
+       test $KILLSERVERS != no && kill -HUP $KILLPIDS
+       exit $RC
+       ;;
+6)
+       echo "ldapcompare returned TRUE ($RC)"
+       ;;
+0)
+       echo "ldapcompare returned success ($RC)!"
+       test $KILLSERVERS != no && kill -HUP $KILLPIDS
+       exit 1
+       ;;
+*)
+       echo "ldapcompare failed ($RC)!"
+       test $KILLSERVERS != no && kill -HUP $KILLPIDS
+       exit $RC
+       ;;
+esac
+echo "" >> $SEARCHOUT
+
+echo "Testing static group non-member compare (should return FALSE)..."
+echo "# Testing static group non-member compare (should return FALSE)..." >> $SEARCHOUT
+$LDAPCOMPARE -H $URI1 \
+       "cn=all staff,ou=groups,$BASEDN" "member:cn=Not A User,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT
+RC=$?
+case $RC in
+5)
+       echo "ldapcompare returned FALSE ($RC)"
+       ;;
+6)
+       echo "ldapcompare returned TRUE ($RC)!"
+       test $KILLSERVERS != no && kill -HUP $KILLPIDS
+       exit $RC
+       ;;
+0)
+       echo "ldapcompare returned success ($RC)!"
+       test $KILLSERVERS != no && kill -HUP $KILLPIDS
+       exit 1
+       ;;
+*)
+       echo "ldapcompare failed ($RC)!"
+       test $KILLSERVERS != no && kill -HUP $KILLPIDS
+       exit $RC
+       ;;
+esac
+echo "" >> $SEARCHOUT
+
 echo "Reconfiguring slapd..."
 $LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
        $TESTOUT 2>&1 << EOMODS