andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0042-Ticket-49249-cos_cache-is-erroneously-logging-schema.patch

b69e47
From 834b5f7355d4233c4b9d6931ba6ec8482413bca8 Mon Sep 17 00:00:00 2001
b69e47
From: Thierry Bordaz <tbordaz@redhat.com>
b69e47
Date: Thu, 11 May 2017 09:21:38 +0200
b69e47
Subject: [PATCH] Ticket 49249 - cos_cache is erroneously logging schema
b69e47
 checking failure
b69e47
b69e47
Bug Description:
b69e47
    cos is generating virtual attributes in several steps.
b69e47
    One of the first step is to check that the generated attribute will
b69e47
    conform the schema.
b69e47
    Then additional checks (override/merge and cos scope) are performed.
b69e47
    If the entry does not conform the schema, it skips the additional checks.
b69e47
    In such case it logs a message stating that the virtual attribute does not
b69e47
    apply.
b69e47
    During slapi-log-err refactoring (https://pagure.io/389-ds-base/issue/48978)
b69e47
    the logging level, in case of schema violation, was move from SLAPI_LOG_PLUGIN
b69e47
    to SLAPI_LOG_ERR.
b69e47
b69e47
    This change is incorrect because the potential failure to schema check is
b69e47
    normal and does not imply the cos would apply to the entry (for example if
b69e47
    the entry was not in the scope, the cos would also be skipped).
b69e47
b69e47
Fix Description:
b69e47
    Move back the logging level from SLAPI_LOG_ERR to SLAPI_LOG_PLUGIN
b69e47
b69e47
https://pagure.io/389-ds-base/issue/49249
b69e47
b69e47
Reviewed by: Mark Reynolds
b69e47
b69e47
Platforms tested: F23
b69e47
b69e47
Flag Day: no
b69e47
b69e47
Doc impact: no
b69e47
---
b69e47
 dirsrvtests/tests/tickets/ticket49249_test.py | 140 ++++++++++++++++++++++++++
b69e47
 ldap/servers/plugins/cos/cos_cache.c          |   2 +-
b69e47
 2 files changed, 141 insertions(+), 1 deletion(-)
b69e47
 create mode 100644 dirsrvtests/tests/tickets/ticket49249_test.py
b69e47
b69e47
diff --git a/dirsrvtests/tests/tickets/ticket49249_test.py b/dirsrvtests/tests/tickets/ticket49249_test.py
b69e47
new file mode 100644
b69e47
index 0000000..1dfd07e
b69e47
--- /dev/null
b69e47
+++ b/dirsrvtests/tests/tickets/ticket49249_test.py
b69e47
@@ -0,0 +1,140 @@
b69e47
+import time
b69e47
+import ldap
b69e47
+import logging
b69e47
+import pytest
b69e47
+from lib389 import DirSrv, Entry, tools, tasks
b69e47
+from lib389.tools import DirSrvTools
b69e47
+from lib389._constants import *
b69e47
+from lib389.properties import *
b69e47
+from lib389.tasks import *
b69e47
+from lib389.utils import *
b69e47
+from lib389.topologies import topology_st as topo
b69e47
+
b69e47
+DEBUGGING = os.getenv("DEBUGGING", default=False)
b69e47
+if DEBUGGING:
b69e47
+    logging.getLogger(__name__).setLevel(logging.DEBUG)
b69e47
+else:
b69e47
+    logging.getLogger(__name__).setLevel(logging.INFO)
b69e47
+log = logging.getLogger(__name__)
b69e47
+
b69e47
+COS_BRANCH = 'ou=cos_scope,' + DEFAULT_SUFFIX
b69e47
+COS_DEF = 'cn=cos_definition,' + COS_BRANCH
b69e47
+COS_TEMPLATE = 'cn=cos_template,' + COS_BRANCH
b69e47
+INVALID_USER_WITH_COS = 'cn=cos_user_no_mail,' + COS_BRANCH
b69e47
+VALID_USER_WITH_COS = 'cn=cos_user_with_mail,' + COS_BRANCH
b69e47
+
b69e47
+NO_COS_BRANCH = 'ou=no_cos_scope,' + DEFAULT_SUFFIX
b69e47
+INVALID_USER_WITHOUT_COS = 'cn=no_cos_user_no_mail,' + NO_COS_BRANCH
b69e47
+VALID_USER_WITHOUT_COS = 'cn=no_cos_user_with_mail,' + NO_COS_BRANCH
b69e47
+
b69e47
+def test_ticket49249(topo):
b69e47
+    """Write your testcase here...
b69e47
+
b69e47
+    Also, if you need any testcase initialization,
b69e47
+    please, write additional fixture for that(include finalizer).
b69e47
+    """
b69e47
+    # Add the branches
b69e47
+    try:
b69e47
+        topo.standalone.add_s(Entry((COS_BRANCH, {
b69e47
+            'objectclass': 'top extensibleObject'.split(),
b69e47
+            'ou': 'cos_scope'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add cos_scope: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        topo.standalone.add_s(Entry((NO_COS_BRANCH, {
b69e47
+            'objectclass': 'top extensibleObject'.split(),
b69e47
+            'ou': 'no_cos_scope'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add no_cos_scope: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        topo.standalone.add_s(Entry((COS_TEMPLATE, {
b69e47
+            'objectclass': 'top ldapsubentry costemplate extensibleObject'.split(),
b69e47
+            'cn': 'cos_template',
b69e47
+            'cosPriority': '1',
b69e47
+            'cn': 'cn=nsPwTemplateEntry,ou=level1,dc=example,dc=com',
b69e47
+            'mailAlternateAddress': 'hello@world'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add cos_template: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        topo.standalone.add_s(Entry((COS_DEF, {
b69e47
+            'objectclass': 'top ldapsubentry cosSuperDefinition cosPointerDefinition'.split(),
b69e47
+            'cn': 'cos_definition',
b69e47
+            'costemplatedn': COS_TEMPLATE,
b69e47
+            'cosAttribute': 'mailAlternateAddress default'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add cos_definition: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        # This entry is not allowed to have mailAlternateAddress
b69e47
+        topo.standalone.add_s(Entry((INVALID_USER_WITH_COS, {
b69e47
+            'objectclass': 'top person'.split(),
b69e47
+            'cn': 'cos_user_no_mail',
b69e47
+            'sn': 'cos_user_no_mail'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add cos_user_no_mail: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        # This entry is allowed to have mailAlternateAddress
b69e47
+        topo.standalone.add_s(Entry((VALID_USER_WITH_COS, {
b69e47
+            'objectclass': 'top mailGroup'.split(),
b69e47
+            'cn': 'cos_user_with_mail'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add cos_user_no_mail: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        # This entry is not allowed to have mailAlternateAddress
b69e47
+        topo.standalone.add_s(Entry((INVALID_USER_WITHOUT_COS, {
b69e47
+            'objectclass': 'top person'.split(),
b69e47
+            'cn': 'no_cos_user_no_mail',
b69e47
+            'sn': 'no_cos_user_no_mail'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add no_cos_user_no_mail: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        # This entry is  allowed to have mailAlternateAddress
b69e47
+        topo.standalone.add_s(Entry((VALID_USER_WITHOUT_COS, {
b69e47
+            'objectclass': 'top mailGroup'.split(),
b69e47
+            'cn': 'no_cos_user_with_mail'
b69e47
+        })))
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.error('Failed to add no_cos_user_with_mail: error ' + e.message['desc'])
b69e47
+        assert False
b69e47
+
b69e47
+    try:
b69e47
+        entries = topo.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, '(mailAlternateAddress=*)')
b69e47
+        assert len(entries) == 1
b69e47
+        assert entries[0].hasValue('mailAlternateAddress', 'hello@world')
b69e47
+    except ldap.LDAPError as e:
b69e47
+        log.fatal('Unable to retrieve cos_user_with_mail (only entry with mailAlternateAddress) : error %s' % (USER1_DN, e.message['desc']))
b69e47
+        assert False
b69e47
+
b69e47
+    assert not topo.standalone.ds_error_log.match(".*cos attribute mailAlternateAddress failed schema.*")
b69e47
+
b69e47
+    if DEBUGGING:
b69e47
+        # Add debugging steps(if any)...
b69e47
+        pass
b69e47
+
b69e47
+
b69e47
+if __name__ == '__main__':
b69e47
+    # Run isolated
b69e47
+    # -s for DEBUG mode
b69e47
+    CURRENT_FILE = os.path.realpath(__file__)
b69e47
+    pytest.main("-s %s" % CURRENT_FILE)
b69e47
+
b69e47
diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c
b69e47
index 8942254..66c6c7f 100644
b69e47
--- a/ldap/servers/plugins/cos/cos_cache.c
b69e47
+++ b/ldap/servers/plugins/cos/cos_cache.c
b69e47
@@ -2362,7 +2362,7 @@ static int cos_cache_query_attr(cos_cache *ptheCache, vattr_context *context,
b69e47
 
b69e47
 		if(!cos_cache_schema_check(pCache, attr_index, pObjclasses))
b69e47
 		{
b69e47
-			slapi_log_err(SLAPI_LOG_ERR, COS_PLUGIN_SUBSYSTEM, "cos_cache_query_attr - cos attribute %s failed schema check on dn: %s\n",type,pDn);
b69e47
+			slapi_log_err(SLAPI_LOG_PLUGIN, COS_PLUGIN_SUBSYSTEM, "cos_cache_query_attr - cos attribute %s failed schema check on dn: %s\n",type,pDn);
b69e47
 			goto bail;
b69e47
 		}
b69e47
 	}
b69e47
-- 
b69e47
2.9.4
b69e47