complete merging of dyngroup into dynlist; add back-config support

7841f4f5 · Pierangelo Masarati · 976d6b4b · 7841f4f5 · 7841f4f5 · 7841f4f5
Commit 7841f4f5 authored Nov 29, 2005 by Pierangelo Masarati
--- a/doc/man/man5/slapo-dynlist.5
+++ b/doc/man/man5/slapo-dynlist.5
@@ -35,41 +35,45 @@ or to the frontend, if used before any database instantiation; see
 for details.

 .LP
-These 
+This
 .B slapd.conf
-configuration options apply to the dynlist overlay. They must appear
-after the
+configuration option is define for the dynlist overlay. It may have multiple 
+occurrences, and it must appear after the
 .B overlay
 directive.
 .TP
-.B dynlist-oc <objectClass>
-The name of the objectClass that triggers the dynamic expansion of the
-data.  This statement is required.
-.TP
-.B dynlist-ad <attributeName>
-The name of the attributeDescription that holds the LDAP URI values that
-will expand; if none is present, no expansion occurs.  If the intersection
-of the attributes requested by the search operation (or the asserted attribute
-for compares) and the attributes listed in the URI is empty, no expansion 
-occurs for that specific URI.  This statement is required.
-.TP
-.B dynlist-member-ad <attributeName>
-The name of the attributeDescription that will list the DN of the entries
-resulting from the internal search.  This statement is optional and, if
-present, changes the behavior of the overlay into that of a dynamic group.
-The <attrs> portion of the URI must be absent, and the DNs of all the entries 
-resulting from the expansion of the URI are listed as values of this 
-attribute.
-Compares to
-.B dynlist-member-ad
-attributes of entries with 
-.B dynlist-oc
+.B dynlist-attrset <group-oc> <URL-ad> [<member-ad>]
+The value 
+.B <group-oc> 
+is the name of the objectClass that triggers the dynamic expansion of the
+data.
+
+The value
+.B <URL-ad>
+is the name of the attributeDescription that cointains the URI that is 
+expanded by the overlay; if none is present, no expansion occurs.
+If the intersection of the attributes requested by the search operation 
+(or the asserted attribute for compares) and the attributes listed 
+in the URI is empty, no expansion occurs for that specific URI.
+It must be a subtype of \fIlabeledURI\fP.
+
+The value
+.B <member-ad>
+is optional; if present, the overlay behaves as a dynamic group: this
+attribute will list the DN of the entries resulting from the internal search.
+In this case, the <attrs> portion of the URI must be absent, and the DNs 
+of all the entries resulting from the expansion of the URI are listed
+as values of this attribute.
+Compares that assert the value of the
+.B <member-ad>
+attribute of entries with 
+.B <group-oc>
 objectClass apply as if the DN of the entries resulting from the expansion 
 of the URI were present in the 
-.B dynlist-oc 
+.B <group-oc> 
 entry as values of the
-.B dynlist-member-ad
-attributeType.
+.B <member-ad>
+attribute.
 .LP
 The dynlist overlay may be used with any backend, but it is mainly 
 intended for use with local storage backends.
@@ -90,8 +94,7 @@ entry; first of all, make sure that slapd.conf contains the directives:
    # ...

    overlay dynlist
-    dynlist-oc groupOfURLs
-    dynlist-ad memberURL
+    dynlist-attrset groupOfURLs memberURL
 .fi
 .LP
 and that slapd loads dynlist.la, if compiled as a run-time module;
@@ -107,6 +110,22 @@ then add to the database an entry like
 If no <attrs> are provided in the URI, all (non-operational) attributes are
 collected.

+This example implements the dynamic group feature on the 
+.B member
+attribute:
+
+.LP
+.nf
+    include /path/to/dyngroup.schema
+    # ...
+
+    database <database>
+    # ...
+
+    overlay dynlist
+    dynlist-attrset groupOfURLs memberURL member
+.fi
+.LP

 .SH FILES
 .TP
@@ -115,6 +134,10 @@ default slapd configuration file
 .SH SEE ALSO
 .BR slapd.conf (5),
 .BR slapd (8).
+The
+.BR slapo-dynlist (5)
+overlay supports dynamic configuration via
+.BR back-config .
 .SH ACKNOWLEDGEMENTS
 .P
 This module was written in 2004 by Pierangelo Masarati for SysNet s.n.c.
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -1350,7 +1350,7 @@ loopit:
 		} else {
 			rc = LDAP_NO_SUCH_ATTRIBUTE;
 		}
-		if (e != target ) {
+		if ( e != target ) {
 			be_entry_release_r( op, e );
 		}
 	} else {

--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -40,8 +40,6 @@
 static struct berval config_rdn = BER_BVC("cn=config");
 static struct berval schema_rdn = BER_BVC("cn=schema");

-#define	SLAP_X_ORDERED_FMT	"{%d}"
-
 #ifdef SLAPD_MODULES
 typedef struct modpath_s {
 	struct modpath_s *mp_next;
@@ -186,10 +184,11 @@ static OidRec OidMacros[] = {
 	{ "OLcfgDbOc", "OLcfgOc:2" },
 	{ "OLcfgOvOc", "OLcfgOc:3" },
 	{ "OMsyn", "1.3.6.1.4.1.1466.115.121.1" },
-	{ "OMsInteger", "OMsyn:27" },
 	{ "OMsBoolean", "OMsyn:7" },
 	{ "OMsDN", "OMsyn:12" },
 	{ "OMsDirectoryString", "OMsyn:15" },
+	{ "OMsInteger", "OMsyn:27" },
+	{ "OMsOID", "OMsyn:38" },
 	{ "OMsOctetString", "OMsyn:40" },
 	{ NULL, NULL }
 };
@@ -213,6 +212,8 @@ static OidRec OidMacros[] = {
 * OLcfgOv{Oc|At}:5			-> valsort
 * (FIXME: separate arc for contribware?)
 * OLcfgOv{Oc|At}:6			-> smbk5pwd
+ * OLcfgOv{Oc|At}:7			-> distproc
+ * OLcfgOv{Oc|At}:8			-> dynlist
 */

 /* alphabetical ordering */
@@ -1175,7 +1176,7 @@ config_generic(ConfigArgs *c) {
 			break;

 		case CFG_ACL:
-			if ( parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, c->valx) ) {
+			if ( parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, c->valx ) ) {
 				return 1;
 			}
 			break;

--- a/servers/slapd/config.h
+++ b/servers/slapd/config.h
@@ -181,4 +181,6 @@ int config_shadow( ConfigArgs *c, int flag );
 #define	config_check_userland(last) \
 	assert( ( ( (last) - 1 ) & ARGS_USERLAND ) == ( (last) - 1 ) );

+#define	SLAP_X_ORDERED_FMT	"{%d}"
+
 #endif /* CONFIG_H */
--- a/servers/slapd/overlays/dynlist.c
+++ b/servers/slapd/overlays/dynlist.c
--- a/tests/data/dynlist.out
+++ b/tests/data/dynlist.out
@@ -61,6 +61,13 @@ memberURL: ldap:///ou=People,dc=example,dc=com?cn,mail?sub?(objectClass=person
 # Testing list compare...
 TRUE

+# Testing list compare (should return FALSE)...
+FALSE
+
+# Testing list compare (should return UNDEFINED)...
+Compare Result: No such attribute (16)
+UNDEFINED
+
 # Testing list compare with manageDSAit...
 FALSE

@@ -114,6 +121,9 @@ memberURL: ldap:///ou=People,dc=example,dc=com??sub?(objectClass=person)
 # Testing list compare...
 TRUE

+# Testing list compare (should return FALSE)...
+FALSE
+
 # Testing list compare with manageDSAit...
 FALSE

--- a/tests/data/slapd-dynlist.conf
+++ b/tests/data/slapd-dynlist.conf
@@ -50,6 +50,4 @@ rootpw		secret
 #ldbm#index		cn,sn,uid	pres,eq,sub

 overlay			dynlist
-dynlist-oc		groupOfURLs
-dynlist-ad		memberURL
 ### DO NOT ADD ANY DIRECTIVE BELOW THIS; TEST APPENDS STUFF ###
--- a/tests/scripts/test044-dynlist
+++ b/tests/scripts/test044-dynlist
@@ -31,8 +31,10 @@ if test $RC != 0 ; then
 	exit $RC
 fi

-echo "Running slapindex to index slapd database..."
 . $CONFFILTER $BACKEND $MONITORDB < $DYNLISTCONF > $CONF1
+echo "dynlist-attrset	groupOfURLs memberURL" >> $CONF1
+
+echo "Running slapindex to index slapd database..."
 $SLAPINDEX -f $CONF1
 RC=$?
 if test $RC != 0 ; then
@@ -151,8 +153,36 @@ case $RC in
 0)
 	echo "ldapcompare returned success ($RC)!"
 	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit -1
+	;;
+*)
+	echo "ldapcompare failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+esac
+echo "" >> $SEARCHOUT
+
+echo "Testing list compare (should return FALSE)..."
+echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
+$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
+	"cn=Dynamic List,$LISTDN" "cn:FALSE" \
+	>> $SEARCHOUT 2>&1
+RC=$?
+case $RC in
+5)
+	echo "ldapcompare returned FALSE ($RC)"
+	;;
+6)
+	echo "ldapcompare returned TRUE ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
 	exit $RC
 	;;
+0)
+	echo "ldapcompare returned success ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit -1
+	;;
 *)
 	echo "ldapcompare failed ($RC)!"
 	test $KILLSERVERS != no && kill -HUP $KILLPIDS
@@ -161,6 +191,37 @@ case $RC in
 esac
 echo "" >> $SEARCHOUT

+echo "Testing list compare (should return UNDEFINED)..."
+echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT
+$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
+	"cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \
+	>> $SEARCHOUT 2>&1
+RC=$?
+case $RC in
+5)
+	echo "ldapcompare returned FALSE ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+6)
+	echo "ldapcompare returned TRUE ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+16|32)
+	echo "ldapcompare returned UNDEFINED ($RC)"
+	;;
+0)
+	echo "ldapcompare returned success ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit -1
+	;;
+*)
+	echo "ldapcompare failed ($RC)"
+	;;
+esac
+echo "" >> $SEARCHOUT
+
 echo "Testing list compare with manageDSAit..."
 echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
 $LDAPCOMPARE -h $LOCALHOST -p $PORT1 -MM \
@@ -179,7 +240,7 @@ case $RC in
 0)
 	echo "ldapcompare returned success ($RC)!"
 	test $KILLSERVERS != no && kill -HUP $KILLPIDS
-	exit $RC
+	exit -1
 	;;
 *)
 	echo "ldapcompare failed ($RC)!"
@@ -194,7 +255,8 @@ kill -HUP $KILLPIDS
 wait $KILLPIDS

 echo "Reconfiguring slapd..."
-echo "dynlist-member-ad	member" >> $CONF1
+. $CONFFILTER $BACKEND $MONITORDB < $DYNLISTCONF > $CONF1
+echo "dynlist-attrset	groupOfURLs memberURL member" >> $CONF1

 echo "==========================================================" >> $LOG1

@@ -303,8 +365,36 @@ case $RC in
 0)
 	echo "ldapcompare returned success ($RC)!"
 	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit -1
+	;;
+*)
+	echo "ldapcompare failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+esac
+echo "" >> $SEARCHOUT
+
+echo "Testing list compare (should return FALSE)..."
+echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
+$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
+	"cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \
+	>> $SEARCHOUT 2>&1
+RC=$?
+case $RC in
+5)
+	echo "ldapcompare returned FALSE ($RC)"
+	;;
+6)
+	echo "ldapcompare returned TRUE ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
 	exit $RC
 	;;
+0)
+	echo "ldapcompare returned success ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit -1
+	;;
 *)
 	echo "ldapcompare failed ($RC)!"
 	test $KILLSERVERS != no && kill -HUP $KILLPIDS
@@ -331,7 +421,7 @@ case $RC in
 0)
 	echo "ldapcompare returned success ($RC)!"
 	test $KILLSERVERS != no && kill -HUP $KILLPIDS
-	exit $RC
+	exit -1
 	;;
 *)
 	echo "ldapcompare failed ($RC)!"