From 093d040c372c9e3c8901f0b1bce24338c28e5ba0 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Tue, 3 Feb 2009 20:06:20 +0000
Subject: [PATCH] more for ITS#5903
---
servers/slapd/overlays/memberof.c | 49 +++++++--------
tests/data/memberof.out | 41 ++++++++++++
tests/scripts/test052-memberof | 100 +++++++++++++++++++++++++++++-
3 files changed, 164 insertions(+), 26 deletions(-)
diff --git a/servers/slapd/overlays/memberof.c b/servers/slapd/overlays/memberof.c
index 8c72ad1e6a..574e102b1d 100644
--- a/servers/slapd/overlays/memberof.c
+++ b/servers/slapd/overlays/memberof.c
@@ -188,6 +188,7 @@ typedef struct memberof_cbinfo_t {
slap_overinst *on;
BerVarray member;
BerVarray memberof;
+ memberof_is_t what;
} memberof_cbinfo_t;
static int
@@ -244,7 +245,7 @@ memberof_saveMember_cb( Operation *op, SlapReply *rs )
* attribute values of groups being deleted.
*/
static int
-memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo_t *mci )
+memberof_isGroupOrMember( Operation *op, memberof_cbinfo_t *mci )
{
slap_overinst *on = mci->on;
memberof_t *mo = (memberof_t *)on->on_bi.bi_private;
@@ -258,8 +259,7 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
memberof_is_t iswhat = MEMBEROF_IS_NONE;
memberof_cookie_t mc;
- assert( iswhatp != NULL );
- assert( *iswhatp != MEMBEROF_IS_NONE );
+ assert( mci->what != MEMBEROF_IS_NONE );
cb.sc_private = &mc;
if ( op->o_tag == LDAP_REQ_DELETE ) {
@@ -283,7 +283,7 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
op2.ors_slimit = 1;
op2.ors_tlimit = SLAP_NO_LIMIT;
- if ( *iswhatp & MEMBEROF_IS_GROUP ) {
+ if ( mci->what & MEMBEROF_IS_GROUP ) {
mc.ad = mo->mo_ad_member;
mc.foundit = 0;
mc.vals = NULL;
@@ -298,12 +298,12 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
if ( mc.foundit ) {
iswhat |= MEMBEROF_IS_GROUP;
- mci->member = mc.vals;
+ if ( mc.vals ) mci->member = mc.vals;
}
}
- if ( *iswhatp & MEMBEROF_IS_MEMBER ) {
+ if ( mci->what & MEMBEROF_IS_MEMBER ) {
mc.ad = mo->mo_ad_memberof;
mc.foundit = 0;
mc.vals = NULL;
@@ -318,12 +318,12 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
if ( mc.foundit ) {
iswhat |= MEMBEROF_IS_MEMBER;
- mci->memberof = mc.vals;
+ if ( mc.vals ) mci->memberof = mc.vals;
}
}
- *iswhatp = iswhat;
+ mci->what = iswhat;
return LDAP_SUCCESS;
}
@@ -718,13 +718,9 @@ memberof_op_delete( Operation *op, SlapReply *rs )
slap_overinst *on = (slap_overinst *)op->o_bd->bd_info;
memberof_t *mo = (memberof_t *)on->on_bi.bi_private;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
slap_callback *sc;
memberof_cbinfo_t *mci;
- if ( MEMBEROF_REFINT( mo ) ) {
- iswhat = MEMBEROF_IS_BOTH;
- }
sc = op->o_tmpalloc( sizeof(slap_callback)+sizeof(*mci), op->o_tmpmemctx );
sc->sc_private = sc+1;
@@ -734,8 +730,12 @@ memberof_op_delete( Operation *op, SlapReply *rs )
mci->on = on;
mci->member = NULL;
mci->memberof = NULL;
+ mci->what = MEMBEROF_IS_GROUP;
+ if ( MEMBEROF_REFINT( mo ) ) {
+ mci->what = MEMBEROF_IS_BOTH;
+ }
- memberof_isGroupOrMember( op, &iswhat, mci );
+ memberof_isGroupOrMember( op, mci );
sc->sc_next = op->o_callback;
op->o_callback = sc;
@@ -752,7 +752,6 @@ memberof_op_modify( Operation *op, SlapReply *rs )
Modifications **mlp, **mmlp = NULL;
int rc = SLAP_CB_CONTINUE, save_member = 0;
struct berval save_dn, save_ndn;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
slap_callback *sc;
memberof_cbinfo_t *mci, mcis;
@@ -770,9 +769,10 @@ memberof_op_modify( Operation *op, SlapReply *rs )
save_dn = op->o_dn;
save_ndn = op->o_ndn;
mcis.on = on;
+ mcis.what = MEMBEROF_IS_GROUP;
- if ( memberof_isGroupOrMember( op, &iswhat, &mcis ) == LDAP_SUCCESS
- && ( iswhat & MEMBEROF_IS_GROUP ) )
+ if ( memberof_isGroupOrMember( op, &mcis ) == LDAP_SUCCESS
+ && ( mcis.what & MEMBEROF_IS_GROUP ) )
{
Modifications *ml;
@@ -1127,6 +1127,7 @@ done2:;
mci->on = on;
mci->member = NULL;
mci->memberof = NULL;
+ mci->what = mcis.what;
if ( save_member ) {
op->o_dn = op->o_bd->be_rootdn;
@@ -1287,7 +1288,6 @@ memberof_res_modify( Operation *op, SlapReply *rs )
int i, rc;
Modifications *ml, *mml = NULL;
BerVarray vals;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
if ( rs->sr_err != LDAP_SUCCESS ) {
return SLAP_CB_CONTINUE;
@@ -1355,8 +1355,7 @@ memberof_res_modify( Operation *op, SlapReply *rs )
}
}
- if ( memberof_isGroupOrMember( op, &iswhat, mci ) == LDAP_SUCCESS
- && ( iswhat & MEMBEROF_IS_GROUP ) )
+ if ( mci->what & MEMBEROF_IS_GROUP )
{
for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
if ( ml->sml_desc != mo->mo_ad_member ) {
@@ -1431,14 +1430,14 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
BerVarray vals;
struct berval save_dn, save_ndn;
- memberof_is_t iswhat = MEMBEROF_IS_GROUP;
if ( rs->sr_err != LDAP_SUCCESS ) {
return SLAP_CB_CONTINUE;
}
+ mci->what = MEMBEROF_IS_GROUP;
if ( MEMBEROF_REFINT( mo ) ) {
- iswhat |= MEMBEROF_IS_MEMBER;
+ mci->what |= MEMBEROF_IS_MEMBER;
}
if ( op->orr_nnewSup ) {
@@ -1455,11 +1454,11 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
op->o_req_dn = newNDN;
op->o_req_ndn = newNDN;
- rc = memberof_isGroupOrMember( op, &iswhat, mci );
+ rc = memberof_isGroupOrMember( op, mci );
op->o_req_dn = save_dn;
op->o_req_ndn = save_ndn;
- if ( rc != LDAP_SUCCESS || iswhat == MEMBEROF_IS_NONE ) {
+ if ( rc != LDAP_SUCCESS || mci->what == MEMBEROF_IS_NONE ) {
goto done;
}
@@ -1472,7 +1471,7 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
build_new_dn( &newDN, &newPDN, &op->orr_newrdn, op->o_tmpmemctx );
- if ( iswhat & MEMBEROF_IS_GROUP ) {
+ if ( mci->what & MEMBEROF_IS_GROUP ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
rc = backend_attribute( op, NULL, &newNDN,
mo->mo_ad_member, &vals, ACL_READ );
@@ -1489,7 +1488,7 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
}
}
- if ( MEMBEROF_REFINT( mo ) && ( iswhat & MEMBEROF_IS_MEMBER ) ) {
+ if ( MEMBEROF_REFINT( mo ) && ( mci->what & MEMBEROF_IS_MEMBER ) ) {
op->o_bd->bd_info = (BackendInfo *)on->on_info;
rc = backend_attribute( op, NULL, &newNDN,
mo->mo_ad_memberof, &vals, ACL_READ );
diff --git a/tests/data/memberof.out b/tests/data/memberof.out
index ff6e7e3a63..833df204af 100644
--- a/tests/data/memberof.out
+++ b/tests/data/memberof.out
@@ -148,3 +148,44 @@ cn: Roger Rabbit
sn: Rabbit
memberOf: cn=Cartoonia,ou=Groups,dc=example,dc=com
+# Re-search the entire database...
+dn: dc=example,dc=com
+objectClass: organization
+objectClass: dcObject
+o: Example, Inc.
+dc: example
+
+dn: cn=group1,ou=Groups,dc=example,dc=com
+objectClass: groupA
+cn: group1
+
+dn: cn=group2,ou=Groups,dc=example,dc=com
+objectClass: groupB
+cn: group2
+memberB: cn=person1,ou=People,dc=example,dc=com
+memberB: cn=person2,ou=People,dc=example,dc=com
+
+dn: ou=Groups,dc=example,dc=com
+objectClass: organizationalUnit
+ou: Groups
+
+dn: ou=People,dc=example,dc=com
+objectClass: organizationalUnit
+ou: People
+
+dn: cn=person1,ou=People,dc=example,dc=com
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person1
+sn: person1
+memberOfB: cn=group2,ou=Groups,dc=example,dc=com
+
+dn: cn=person2,ou=People,dc=example,dc=com
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person2
+sn: person2
+memberOfB: cn=group2,ou=Groups,dc=example,dc=com
+
diff --git a/tests/scripts/test052-memberof b/tests/scripts/test052-memberof
index 307336241a..22a45d2686 100755
--- a/tests/scripts/test052-memberof
+++ b/tests/scripts/test052-memberof
@@ -75,6 +75,26 @@ fi
echo "Running ldapadd to build slapd config database..."
$LDAPADD -h $LOCALHOST -p $PORT1 -D 'cn=config' -w `cat $CONFIGPWF` \
>> $TESTOUT 2>&1 <<EOF
+dn: cn=symas group example,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: symas group example
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.1
+ NAME 'memberA' SUP distinguishedName )
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.2
+ NAME 'memberOfA' SUP distinguishedName )
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.3
+ NAME 'memberB' SUP distinguishedName )
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.4
+ NAME 'memberOfB' SUP distinguishedName )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.1
+ NAME 'groupA' SUP top STRUCTURAL MUST cn MAY memberA )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.2
+ NAME 'groupMemberA' SUP top AUXILIARY MAY memberOfA )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.3
+ NAME 'groupB' SUP top STRUCTURAL MUST cn MAY memberB )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.4
+ NAME 'groupMemberB' SUP top AUXILIARY MAY memberOfB )
+
dn: olcDatabase={1}$BACKEND,cn=config
objectClass: olcDatabaseConfig
objectClass: olc${BACKEND}Config
@@ -91,7 +111,6 @@ olcDbIndex: uid pres,eq,sub
olcDbIndex: sn pres,eq,sub
olcDbMode: 384
-# {0}memberof, {1}$BACKEND, config
dn: olcOverlay={0}memberof,olcDatabase={1}$BACKEND,cn=config
objectClass: olcOverlayConfig
objectClass: olcMemberOf
@@ -100,6 +119,25 @@ olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
+
+dn: olcOverlay={1}memberof,olcDatabase={1}$BACKEND,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcMemberOf
+olcOverlay: {1}memberof
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupA
+olcMemberOfMemberAD: memberA
+olcMemberOfMemberOfAD: memberOfA
+
+dn: olcOverlay={2}memberof,olcDatabase={1}$BACKEND,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcMemberOf
+olcOverlay: {2}memberof
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupB
+olcMemberOfMemberAD: memberB
+olcMemberOfMemberOfAD: memberOfB
+
EOF
RC=$?
if test $RC != 0 ; then
@@ -227,6 +265,66 @@ if test $RC != 0 ; then
exit $RC
fi
+echo "Adding groups with MAY member type schemas..."
+$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
+ -D "cn=Manager,$BASEDN" -w secret \
+ >> $TESTOUT 2>&1 <<EOF
+dn: cn=Roger Rabbit,ou=People,$BASEDN
+changetype: delete
+
+dn: cn=Jessica Rabbit,ou=People,$BASEDN
+changetype: delete
+
+dn: cn=Cartoonia,ou=Groups,$BASEDN
+changetype: delete
+
+dn: cn=person1,ou=People,$BASEDN
+changetype: add
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person1
+sn: person1
+
+dn: cn=person2,ou=People,$BASEDN
+changetype: add
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person2
+sn: person2
+
+dn: cn=group1,ou=Groups,$BASEDN
+changetype: add
+objectclass: groupA
+cn: group1
+memberA: cn=person1,ou=People,$BASEDN
+memberA: cn=person2,ou=People,$BASEDN
+
+dn: cn=group2,ou=Groups,$BASEDN
+changetype: add
+objectclass: groupB
+cn: group2
+memberB: cn=person1,ou=People,$BASEDN
+memberB: cn=person2,ou=People,$BASEDN
+
+dn: cn=group1,ou=Groups,$BASEDN
+changetype: modify
+delete: memberA
+
+EOF
+
+echo "Re-search the entire database..."
+echo "# Re-search the entire database..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
test $KILLSERVERS != no && kill -HUP $KILLPIDS
LDIF=$MEMBEROFOUT
--
GitLab