more for ITS#5903

093d040c · Quanah Gibson-Mount · f32c8b4d · 093d040c · 093d040c · 093d040c
Commit 093d040c authored 16 years ago by Quanah Gibson-Mount
--- a/servers/slapd/overlays/memberof.c
+++ b/servers/slapd/overlays/memberof.c
@@ -188,6 +188,7 @@ typedef struct memberof_cbinfo_t {
 	slap_overinst *on;
 	BerVarray member;
 	BerVarray memberof;
+	memberof_is_t what;
 } memberof_cbinfo_t;
 static int
@@ -244,7 +245,7 @@ memberof_saveMember_cb( Operation *op, SlapReply *rs )
 * attribute values of groups being deleted.
 */
 static int
-memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo_t *mci )
+memberof_isGroupOrMember( Operation *op, memberof_cbinfo_t *mci )
 {
 	slap_overinst		*on = mci->on;
 	memberof_t		*mo = (memberof_t *)on->on_bi.bi_private;
@@ -258,8 +259,7 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
 	memberof_is_t		iswhat = MEMBEROF_IS_NONE;
 	memberof_cookie_t	mc;
-	assert( iswhatp != NULL );
+	assert( mci->what != MEMBEROF_IS_NONE );
-	assert( *iswhatp != MEMBEROF_IS_NONE );
 	cb.sc_private = &mc;
 	if ( op->o_tag == LDAP_REQ_DELETE ) {
@@ -283,7 +283,7 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
 	op2.ors_slimit = 1;
 	op2.ors_tlimit = SLAP_NO_LIMIT;
-	if ( *iswhatp & MEMBEROF_IS_GROUP ) {
+	if ( mci->what & MEMBEROF_IS_GROUP ) {
 		mc.ad = mo->mo_ad_member;
 		mc.foundit = 0;
 		mc.vals = NULL;
@@ -298,12 +298,12 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
 		if ( mc.foundit ) {
 			iswhat |= MEMBEROF_IS_GROUP;
-			mci->member = mc.vals;
+			if ( mc.vals ) mci->member = mc.vals;
 		}
 	}
-	if ( *iswhatp & MEMBEROF_IS_MEMBER ) {
+	if ( mci->what & MEMBEROF_IS_MEMBER ) {
 		mc.ad = mo->mo_ad_memberof;
 		mc.foundit = 0;
 		mc.vals = NULL;
@@ -318,12 +318,12 @@ memberof_isGroupOrMember( Operation *op, memberof_is_t *iswhatp, memberof_cbinfo
 		if ( mc.foundit ) {
 			iswhat |= MEMBEROF_IS_MEMBER;
-			mci->memberof = mc.vals;
+			if ( mc.vals ) mci->memberof = mc.vals;
 		}
 	}
-	*iswhatp = iswhat;
+	mci->what = iswhat;
 	return LDAP_SUCCESS;
 }
@@ -718,13 +718,9 @@ memberof_op_delete( Operation *op, SlapReply *rs )
 	slap_overinst	*on = (slap_overinst *)op->o_bd->bd_info;
 	memberof_t	*mo = (memberof_t *)on->on_bi.bi_private;
-	memberof_is_t	iswhat = MEMBEROF_IS_GROUP;
 	slap_callback *sc;
 	memberof_cbinfo_t *mci;
-	if ( MEMBEROF_REFINT( mo ) ) {
-		iswhat = MEMBEROF_IS_BOTH;
-	}
 	sc = op->o_tmpalloc( sizeof(slap_callback)+sizeof(*mci), op->o_tmpmemctx );
 	sc->sc_private = sc+1;
@@ -734,8 +730,12 @@ memberof_op_delete( Operation *op, SlapReply *rs )
 	mci->on = on;
 	mci->member = NULL;
 	mci->memberof = NULL;
+	mci->what = MEMBEROF_IS_GROUP;
+	if ( MEMBEROF_REFINT( mo ) ) {
+		mci->what = MEMBEROF_IS_BOTH;
+	}
-	memberof_isGroupOrMember( op, &iswhat, mci );
+	memberof_isGroupOrMember( op, mci );
 	sc->sc_next = op->o_callback;
 	op->o_callback = sc;
@@ -752,7 +752,6 @@ memberof_op_modify( Operation *op, SlapReply *rs )
 	Modifications	**mlp, **mmlp = NULL;
 	int		rc = SLAP_CB_CONTINUE, save_member = 0;
 	struct berval	save_dn, save_ndn;
-	memberof_is_t	iswhat = MEMBEROF_IS_GROUP;
 	slap_callback *sc;
 	memberof_cbinfo_t *mci, mcis;
@@ -770,9 +769,10 @@ memberof_op_modify( Operation *op, SlapReply *rs )
 	save_dn = op->o_dn;
 	save_ndn = op->o_ndn;
 	mcis.on = on;
+	mcis.what = MEMBEROF_IS_GROUP;
-	if ( memberof_isGroupOrMember( op, &iswhat, &mcis ) == LDAP_SUCCESS
+	if ( memberof_isGroupOrMember( op, &mcis ) == LDAP_SUCCESS
-		&& ( iswhat & MEMBEROF_IS_GROUP ) )
+		&& ( mcis.what & MEMBEROF_IS_GROUP ) )
 	{
 		Modifications *ml;
@@ -1127,6 +1127,7 @@ done2:;
 	mci->on = on;
 	mci->member = NULL;
 	mci->memberof = NULL;
+	mci->what = mcis.what;
 	if ( save_member ) {
 		op->o_dn = op->o_bd->be_rootdn;
@@ -1287,7 +1288,6 @@ memberof_res_modify( Operation *op, SlapReply *rs )
 	int		i, rc;
 	Modifications	*ml, *mml = NULL;
 	BerVarray	vals;
-	memberof_is_t	iswhat = MEMBEROF_IS_GROUP;
 	if ( rs->sr_err != LDAP_SUCCESS ) {
 		return SLAP_CB_CONTINUE;
@@ -1355,8 +1355,7 @@ memberof_res_modify( Operation *op, SlapReply *rs )
 		}
 	}
-	if ( memberof_isGroupOrMember( op, &iswhat, mci ) == LDAP_SUCCESS
+	if ( mci->what & MEMBEROF_IS_GROUP )
-			&& ( iswhat & MEMBEROF_IS_GROUP ) )
 	{
 		for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
 			if ( ml->sml_desc != mo->mo_ad_member ) {
@@ -1431,14 +1430,14 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
 	BerVarray	vals;
 	struct berval	save_dn, save_ndn;
-	memberof_is_t	iswhat = MEMBEROF_IS_GROUP;
 	if ( rs->sr_err != LDAP_SUCCESS ) {
 		return SLAP_CB_CONTINUE;
 	}
+	mci->what = MEMBEROF_IS_GROUP;
 	if ( MEMBEROF_REFINT( mo ) ) {
-		iswhat |= MEMBEROF_IS_MEMBER;
+		mci->what |= MEMBEROF_IS_MEMBER;
 	}
 	if ( op->orr_nnewSup ) {
@@ -1455,11 +1454,11 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
 	op->o_req_dn = newNDN;
 	op->o_req_ndn = newNDN;
-	rc = memberof_isGroupOrMember( op, &iswhat, mci );
+	rc = memberof_isGroupOrMember( op, mci );
 	op->o_req_dn = save_dn;
 	op->o_req_ndn = save_ndn;
-	if ( rc != LDAP_SUCCESS || iswhat == MEMBEROF_IS_NONE ) {
+	if ( rc != LDAP_SUCCESS || mci->what == MEMBEROF_IS_NONE ) {
 		goto done;
 	}
@@ -1472,7 +1471,7 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
 	build_new_dn( &newDN, &newPDN, &op->orr_newrdn, op->o_tmpmemctx ); 
-	if ( iswhat & MEMBEROF_IS_GROUP ) {
+	if ( mci->what & MEMBEROF_IS_GROUP ) {
 		op->o_bd->bd_info = (BackendInfo *)on->on_info;
 		rc = backend_attribute( op, NULL, &newNDN,
 				mo->mo_ad_member, &vals, ACL_READ );
@@ -1489,7 +1488,7 @@ memberof_res_modrdn( Operation *op, SlapReply *rs )
 		}
 	}
-	if ( MEMBEROF_REFINT( mo ) && ( iswhat & MEMBEROF_IS_MEMBER ) ) {
+	if ( MEMBEROF_REFINT( mo ) && ( mci->what & MEMBEROF_IS_MEMBER ) ) {
 		op->o_bd->bd_info = (BackendInfo *)on->on_info;
 		rc = backend_attribute( op, NULL, &newNDN,
 				mo->mo_ad_memberof, &vals, ACL_READ );

--- a/tests/data/memberof.out
+++ b/tests/data/memberof.out
@@ -148,3 +148,44 @@ cn: Roger Rabbit
 sn: Rabbit
 memberOf: cn=Cartoonia,ou=Groups,dc=example,dc=com
+# Re-search the entire database...
+dn: dc=example,dc=com
+objectClass: organization
+objectClass: dcObject
+o: Example, Inc.
+dc: example
+dn: cn=group1,ou=Groups,dc=example,dc=com
+objectClass: groupA
+cn: group1
+dn: cn=group2,ou=Groups,dc=example,dc=com
+objectClass: groupB
+cn: group2
+memberB: cn=person1,ou=People,dc=example,dc=com
+memberB: cn=person2,ou=People,dc=example,dc=com
+dn: ou=Groups,dc=example,dc=com
+objectClass: organizationalUnit
+ou: Groups
+dn: ou=People,dc=example,dc=com
+objectClass: organizationalUnit
+ou: People
+dn: cn=person1,ou=People,dc=example,dc=com
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person1
+sn: person1
+memberOfB: cn=group2,ou=Groups,dc=example,dc=com
+dn: cn=person2,ou=People,dc=example,dc=com
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person2
+sn: person2
+memberOfB: cn=group2,ou=Groups,dc=example,dc=com
--- a/tests/scripts/test052-memberof
+++ b/tests/scripts/test052-memberof
@@ -75,6 +75,26 @@ fi
 echo "Running ldapadd to build slapd config database..."
 $LDAPADD -h $LOCALHOST -p $PORT1 -D 'cn=config' -w `cat $CONFIGPWF` \
 	>> $TESTOUT 2>&1 <<EOF
+dn: cn=symas group example,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: symas group example
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.1 
+ NAME 'memberA' SUP distinguishedName )
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.2
+ NAME 'memberOfA' SUP distinguishedName )
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.3 
+ NAME 'memberB' SUP distinguishedName )
+olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.4 
+ NAME 'memberOfB' SUP distinguishedName )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.1 
+ NAME 'groupA' SUP top STRUCTURAL MUST cn MAY memberA )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.2 
+ NAME 'groupMemberA' SUP top AUXILIARY MAY memberOfA )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.3 
+ NAME 'groupB' SUP top STRUCTURAL MUST cn MAY memberB )
+olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.4 
+ NAME 'groupMemberB' SUP top AUXILIARY MAY memberOfB )
 dn: olcDatabase={1}$BACKEND,cn=config
 objectClass: olcDatabaseConfig
 objectClass: olc${BACKEND}Config
@@ -91,7 +111,6 @@ olcDbIndex: uid pres,eq,sub
 olcDbIndex: sn pres,eq,sub
 olcDbMode: 384
-# {0}memberof, {1}$BACKEND, config
 dn: olcOverlay={0}memberof,olcDatabase={1}$BACKEND,cn=config
 objectClass: olcOverlayConfig
 objectClass: olcMemberOf
@@ -100,6 +119,25 @@ olcMemberOfRefInt: TRUE
 olcMemberOfGroupOC: groupOfNames
 olcMemberOfMemberAD: member
 olcMemberOfMemberOfAD: memberOf
+dn: olcOverlay={1}memberof,olcDatabase={1}$BACKEND,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcMemberOf
+olcOverlay: {1}memberof
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupA
+olcMemberOfMemberAD: memberA
+olcMemberOfMemberOfAD: memberOfA
+dn: olcOverlay={2}memberof,olcDatabase={1}$BACKEND,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcMemberOf
+olcOverlay: {2}memberof
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupB
+olcMemberOfMemberAD: memberB
+olcMemberOfMemberOfAD: memberOfB
 EOF
 RC=$?
 if test $RC != 0 ; then
@@ -227,6 +265,66 @@ if test $RC != 0 ; then
 	exit $RC
 fi
+echo "Adding groups with MAY member type schemas..."
+$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
+	-D "cn=Manager,$BASEDN" -w secret \
+	>> $TESTOUT 2>&1 <<EOF
+dn: cn=Roger Rabbit,ou=People,$BASEDN
+changetype: delete
+dn: cn=Jessica Rabbit,ou=People,$BASEDN
+changetype: delete
+dn: cn=Cartoonia,ou=Groups,$BASEDN
+changetype: delete
+dn: cn=person1,ou=People,$BASEDN
+changetype: add
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person1
+sn: person1
+dn: cn=person2,ou=People,$BASEDN
+changetype: add
+objectClass: person
+objectClass: groupMemberA
+objectClass: groupMemberB
+cn: person2
+sn: person2
+dn: cn=group1,ou=Groups,$BASEDN
+changetype: add
+objectclass: groupA
+cn: group1
+memberA: cn=person1,ou=People,$BASEDN
+memberA: cn=person2,ou=People,$BASEDN
+dn: cn=group2,ou=Groups,$BASEDN
+changetype: add
+objectclass: groupB
+cn: group2
+memberB: cn=person1,ou=People,$BASEDN
+memberB: cn=person2,ou=People,$BASEDN
+dn: cn=group1,ou=Groups,$BASEDN
+changetype: modify
+delete: memberA
+EOF
+echo "Re-search the entire database..."
+echo "# Re-search the entire database..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapsearch failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
 test $KILLSERVERS != no && kill -HUP $KILLPIDS
 LDIF=$MEMBEROFOUT