dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0173-IFP-Add-domain-and-domainname-attributes-to-the-user.patch

bb7cd1
From a35b5c33a76857ad9223363e15558facec5c269d Mon Sep 17 00:00:00 2001
bb7cd1
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
bb7cd1
Date: Thu, 8 Jun 2017 11:46:25 +0200
bb7cd1
Subject: [PATCH 173/181] IFP: Add domain and domainname attributes to the user
bb7cd1
MIME-Version: 1.0
bb7cd1
Content-Type: text/plain; charset=UTF-8
bb7cd1
Content-Transfer-Encoding: 8bit
bb7cd1
bb7cd1
org.freedekstop.sssd.infopipe.Users.User gets two new attributes:
bb7cd1
- domain: object path of user's domain
bb7cd1
- domainname: user's domain name
bb7cd1
bb7cd1
org.freedekstop.sssd.infopipe.GetUserAttr can now request new attribute:
bb7cd1
- domainname: user's domain name
bb7cd1
bb7cd1
Resolves:
bb7cd1
https://pagure.io/SSSD/sssd/issue/2714
bb7cd1
bb7cd1
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
bb7cd1
(cherry picked from commit 37d2194cc9ea4d0254c88a3419e2376572562bab)
bb7cd1
---
bb7cd1
 src/responder/ifp/ifp_iface.c           |  2 +
bb7cd1
 src/responder/ifp/ifp_iface.xml         |  2 +
bb7cd1
 src/responder/ifp/ifp_iface_generated.c | 18 ++++++++
bb7cd1
 src/responder/ifp/ifp_iface_generated.h |  4 ++
bb7cd1
 src/responder/ifp/ifp_private.h         |  4 ++
bb7cd1
 src/responder/ifp/ifp_users.c           | 46 ++++++++++++++++++++
bb7cd1
 src/responder/ifp/ifp_users.h           |  8 ++++
bb7cd1
 src/responder/ifp/ifpsrv_cmd.c          |  8 ++++
bb7cd1
 src/responder/ifp/ifpsrv_util.c         | 74 ++++++++++++++++++++++++++++++++-
bb7cd1
 src/tests/cmocka/test_ifp.c             | 12 ++++--
bb7cd1
 10 files changed, 173 insertions(+), 5 deletions(-)
bb7cd1
bb7cd1
diff --git a/src/responder/ifp/ifp_iface.c b/src/responder/ifp/ifp_iface.c
bb7cd1
index e413e74f955c067a0efbe385a08b4b2cc6f2bba1..3293b92d750d33b2ecf77a03098c5169d052c924 100644
bb7cd1
--- a/src/responder/ifp/ifp_iface.c
bb7cd1
+++ b/src/responder/ifp/ifp_iface.c
bb7cd1
@@ -104,6 +104,8 @@ struct iface_ifp_users_user iface_ifp_users_user = {
bb7cd1
     .get_loginShell = ifp_users_user_get_login_shell,
bb7cd1
     .get_uniqueID = ifp_users_user_get_unique_id,
bb7cd1
     .get_groups = ifp_users_user_get_groups,
bb7cd1
+    .get_domain = ifp_users_user_get_domain,
bb7cd1
+    .get_domainname = ifp_users_user_get_domainname,
bb7cd1
     .get_extraAttributes = ifp_users_user_get_extra_attributes
bb7cd1
 };
bb7cd1
 
bb7cd1
diff --git a/src/responder/ifp/ifp_iface.xml b/src/responder/ifp/ifp_iface.xml
bb7cd1
index 0a23f56907f64c4c24db3ec3c0a312adbdb3edc8..ce071bb999bd207b8cc81f054da80de52a13d3df 100644
bb7cd1
--- a/src/responder/ifp/ifp_iface.xml
bb7cd1
+++ b/src/responder/ifp/ifp_iface.xml
bb7cd1
@@ -188,6 +188,8 @@
bb7cd1
         <property name="loginShell" type="s" access="read" />
bb7cd1
         <property name="uniqueID" type="s" access="read" />
bb7cd1
         <property name="groups" type="ao" access="read" />
bb7cd1
+        <property name="domain" type="o" access="read" />
bb7cd1
+        <property name="domainname" type="s" access="read" />
bb7cd1
         <property name="extraAttributes" type="a{sas}" access="read" />
bb7cd1
     </interface>
bb7cd1
 
bb7cd1
diff --git a/src/responder/ifp/ifp_iface_generated.c b/src/responder/ifp/ifp_iface_generated.c
bb7cd1
index 211646b6760d15e0df55ac20b9611b800b11d16c..51db4a9e5c7d72663f8845bd0da22d3f21526be8 100644
bb7cd1
--- a/src/responder/ifp/ifp_iface_generated.c
bb7cd1
+++ b/src/responder/ifp/ifp_iface_generated.c
bb7cd1
@@ -982,6 +982,24 @@ const struct sbus_property_meta iface_ifp_users_user__properties[] = {
bb7cd1
         NULL, /* no invoker */
bb7cd1
     },
bb7cd1
     {
bb7cd1
+        "domain", /* name */
bb7cd1
+        "o", /* type */
bb7cd1
+        SBUS_PROPERTY_READABLE,
bb7cd1
+        offsetof(struct iface_ifp_users_user, get_domain),
bb7cd1
+        sbus_invoke_get_o,
bb7cd1
+        0, /* not writable */
bb7cd1
+        NULL, /* no invoker */
bb7cd1
+    },
bb7cd1
+    {
bb7cd1
+        "domainname", /* name */
bb7cd1
+        "s", /* type */
bb7cd1
+        SBUS_PROPERTY_READABLE,
bb7cd1
+        offsetof(struct iface_ifp_users_user, get_domainname),
bb7cd1
+        sbus_invoke_get_s,
bb7cd1
+        0, /* not writable */
bb7cd1
+        NULL, /* no invoker */
bb7cd1
+    },
bb7cd1
+    {
bb7cd1
         "extraAttributes", /* name */
bb7cd1
         "a{sas}", /* type */
bb7cd1
         SBUS_PROPERTY_READABLE,
bb7cd1
diff --git a/src/responder/ifp/ifp_iface_generated.h b/src/responder/ifp/ifp_iface_generated.h
bb7cd1
index e69fc3a3efc6bdcef5d6539790908795818cd857..76f729fcb268e9c07668b3a5ee5bbd7d0b44ca16 100644
bb7cd1
--- a/src/responder/ifp/ifp_iface_generated.h
bb7cd1
+++ b/src/responder/ifp/ifp_iface_generated.h
bb7cd1
@@ -88,6 +88,8 @@
bb7cd1
 #define IFACE_IFP_USERS_USER_LOGINSHELL "loginShell"
bb7cd1
 #define IFACE_IFP_USERS_USER_UNIQUEID "uniqueID"
bb7cd1
 #define IFACE_IFP_USERS_USER_GROUPS "groups"
bb7cd1
+#define IFACE_IFP_USERS_USER_DOMAIN "domain"
bb7cd1
+#define IFACE_IFP_USERS_USER_DOMAINNAME "domainname"
bb7cd1
 #define IFACE_IFP_USERS_USER_EXTRAATTRIBUTES "extraAttributes"
bb7cd1
 
bb7cd1
 /* constants for org.freedesktop.sssd.infopipe.Groups */
bb7cd1
@@ -288,6 +290,8 @@ struct iface_ifp_users_user {
bb7cd1
     void (*get_loginShell)(struct sbus_request *, void *data, const char **);
bb7cd1
     void (*get_uniqueID)(struct sbus_request *, void *data, const char **);
bb7cd1
     void (*get_groups)(struct sbus_request *, void *data, const char ***, int *);
bb7cd1
+    void (*get_domain)(struct sbus_request *, void *data, const char **);
bb7cd1
+    void (*get_domainname)(struct sbus_request *, void *data, const char **);
bb7cd1
     void (*get_extraAttributes)(struct sbus_request *, void *data, hash_table_t **);
bb7cd1
 };
bb7cd1
 
bb7cd1
diff --git a/src/responder/ifp/ifp_private.h b/src/responder/ifp/ifp_private.h
bb7cd1
index e800070a59f77f8ce58a2fc402e616bb773e996b..a6e5701b8d1ebb27af0c35fa3ebe0c6c00d16bd6 100644
bb7cd1
--- a/src/responder/ifp/ifp_private.h
bb7cd1
+++ b/src/responder/ifp/ifp_private.h
bb7cd1
@@ -70,6 +70,10 @@ errno_t ifp_req_create(struct sbus_request *dbus_req,
bb7cd1
 /* Returns an appropriate DBus error for specific ifp_req_create failures */
bb7cd1
 int ifp_req_create_handle_failure(struct sbus_request *dbus_req, errno_t err);
bb7cd1
 
bb7cd1
+errno_t ifp_add_value_to_dict(DBusMessageIter *iter_dict,
bb7cd1
+                              const char *key,
bb7cd1
+                              const char *value);
bb7cd1
+
bb7cd1
 errno_t ifp_add_ldb_el_to_dict(DBusMessageIter *iter_dict,
bb7cd1
                                struct ldb_message_element *el);
bb7cd1
 const char **
bb7cd1
diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c
bb7cd1
index 188194f2ab356d0e67b0f26b003f3a9ce48e6acd..90b947ed9ca345fbeba6772c90f898451a0868aa 100644
bb7cd1
--- a/src/responder/ifp/ifp_users.c
bb7cd1
+++ b/src/responder/ifp/ifp_users.c
bb7cd1
@@ -1328,6 +1328,52 @@ void ifp_users_user_get_groups(struct sbus_request *sbus_req,
bb7cd1
     *_size = num_groups;
bb7cd1
 }
bb7cd1
 
bb7cd1
+void ifp_users_user_get_domain(struct sbus_request *sbus_req,
bb7cd1
+                               void *data,
bb7cd1
+                               const char **_out)
bb7cd1
+{
bb7cd1
+    const char *domainname;
bb7cd1
+
bb7cd1
+    *_out = NULL;
bb7cd1
+    ifp_users_user_get_domainname(sbus_req, data, &domainname);
bb7cd1
+
bb7cd1
+    if (domainname == NULL) {
bb7cd1
+        return;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    *_out = sbus_opath_compose(sbus_req, IFP_PATH_DOMAINS,
bb7cd1
+                               domainname);
bb7cd1
+}
bb7cd1
+
bb7cd1
+void ifp_users_user_get_domainname(struct sbus_request *sbus_req,
bb7cd1
+                                   void *data,
bb7cd1
+                                   const char **_out)
bb7cd1
+{
bb7cd1
+    struct ifp_ctx *ifp_ctx;
bb7cd1
+    struct sss_domain_info *domain;
bb7cd1
+    errno_t ret;
bb7cd1
+
bb7cd1
+    *_out = NULL;
bb7cd1
+
bb7cd1
+    ifp_ctx = talloc_get_type(data, struct ifp_ctx);
bb7cd1
+    if (ifp_ctx == NULL) {
bb7cd1
+        DEBUG(SSSDBG_CRIT_FAILURE, "Invalid pointer!\n");
bb7cd1
+        return;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    if (!ifp_is_user_attr_allowed(ifp_ctx, "domainname")) {
bb7cd1
+        DEBUG(SSSDBG_TRACE_ALL, "Attribute domainname is not allowed\n");
bb7cd1
+        return;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    ret = ifp_users_user_get(sbus_req, ifp_ctx, &domain, NULL);
bb7cd1
+    if (ret != EOK) {
bb7cd1
+        return;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    *_out = domain->name;
bb7cd1
+}
bb7cd1
+
bb7cd1
 void ifp_users_user_get_extra_attributes(struct sbus_request *sbus_req,
bb7cd1
                                          void *data,
bb7cd1
                                          hash_table_t **_out)
bb7cd1
diff --git a/src/responder/ifp/ifp_users.h b/src/responder/ifp/ifp_users.h
bb7cd1
index f8fefeb7f658b6e0a5f72371da1b025d69e6f412..715a8bc31996bfd93c21dbe263f2567bd0b50b03 100644
bb7cd1
--- a/src/responder/ifp/ifp_users.h
bb7cd1
+++ b/src/responder/ifp/ifp_users.h
bb7cd1
@@ -103,6 +103,14 @@ void ifp_users_user_get_groups(struct sbus_request *sbus_req,
bb7cd1
                                const char ***_out,
bb7cd1
                                int *_size);
bb7cd1
 
bb7cd1
+void ifp_users_user_get_domain(struct sbus_request *sbus_req,
bb7cd1
+                               void *data,
bb7cd1
+                               const char **_out);
bb7cd1
+
bb7cd1
+void ifp_users_user_get_domainname(struct sbus_request *sbus_req,
bb7cd1
+                                   void *data,
bb7cd1
+                                   const char **_out);
bb7cd1
+
bb7cd1
 void ifp_users_user_get_extra_attributes(struct sbus_request *sbus_req,
bb7cd1
                                          void *data,
bb7cd1
                                          hash_table_t **_out);
bb7cd1
diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c
bb7cd1
index 70728e1bb656fd032b7f1c240683e8aa3b91a726..d86aed57206ba8f0a6facbd64051fa7c901513f3 100644
bb7cd1
--- a/src/responder/ifp/ifpsrv_cmd.c
bb7cd1
+++ b/src/responder/ifp/ifpsrv_cmd.c
bb7cd1
@@ -233,6 +233,14 @@ ifp_user_get_attr_handle_reply(struct sss_domain_info *domain,
bb7cd1
         }
bb7cd1
 
bb7cd1
         for (ai = 0; attrs[ai]; ai++) {
bb7cd1
+            if (strcmp(attrs[ai], "domainname") == 0) {
bb7cd1
+                ret = ifp_add_value_to_dict(&iter_dict, "domainname",
bb7cd1
+                                            domain->name);
bb7cd1
+                DEBUG(SSSDBG_MINOR_FAILURE,
bb7cd1
+                      "Cannot add attribute %s to message\n", attrs[ai]);
bb7cd1
+                continue;
bb7cd1
+            }
bb7cd1
+
bb7cd1
             el = sss_view_ldb_msg_find_element(domain, res->msgs[0], attrs[ai]);
bb7cd1
             if (el == NULL || el->num_values == 0) {
bb7cd1
                 DEBUG(SSSDBG_MINOR_FAILURE,
bb7cd1
diff --git a/src/responder/ifp/ifpsrv_util.c b/src/responder/ifp/ifpsrv_util.c
bb7cd1
index 5866d30d8a5845c21f5b05fc5de150162eba747e..643881515fb4805ae93ba56c3bca9d1da7796319 100644
bb7cd1
--- a/src/responder/ifp/ifpsrv_util.c
bb7cd1
+++ b/src/responder/ifp/ifpsrv_util.c
bb7cd1
@@ -29,7 +29,7 @@
bb7cd1
 #define IFP_USER_DEFAULT_ATTRS {SYSDB_NAME, SYSDB_UIDNUM,   \
bb7cd1
                                 SYSDB_GIDNUM, SYSDB_GECOS,  \
bb7cd1
                                 SYSDB_HOMEDIR, SYSDB_SHELL, \
bb7cd1
-                                "groups", \
bb7cd1
+                                "groups", "domain", "domainname", \
bb7cd1
                                 NULL}
bb7cd1
 
bb7cd1
 errno_t ifp_req_create(struct sbus_request *dbus_req,
bb7cd1
@@ -100,6 +100,78 @@ int ifp_req_create_handle_failure(struct sbus_request *dbus_req, errno_t err)
bb7cd1
                                             "Cannot create IFP request\n"));
bb7cd1
 }
bb7cd1
 
bb7cd1
+errno_t ifp_add_value_to_dict(DBusMessageIter *iter_dict,
bb7cd1
+                              const char *key,
bb7cd1
+                              const char *value)
bb7cd1
+{
bb7cd1
+    DBusMessageIter iter_dict_entry;
bb7cd1
+    DBusMessageIter iter_dict_val;
bb7cd1
+    DBusMessageIter iter_array;
bb7cd1
+    dbus_bool_t dbret;
bb7cd1
+
bb7cd1
+    if (value == NULL || key == NULL) {
bb7cd1
+        return EINVAL;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    dbret = dbus_message_iter_open_container(iter_dict,
bb7cd1
+                                             DBUS_TYPE_DICT_ENTRY, NULL,
bb7cd1
+                                             &iter_dict_entry);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    /* Start by appending the key */
bb7cd1
+    dbret = dbus_message_iter_append_basic(&iter_dict_entry,
bb7cd1
+                                           DBUS_TYPE_STRING, &key);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    dbret = dbus_message_iter_open_container(&iter_dict_entry,
bb7cd1
+                                             DBUS_TYPE_VARIANT,
bb7cd1
+                                             DBUS_TYPE_ARRAY_AS_STRING
bb7cd1
+                                             DBUS_TYPE_STRING_AS_STRING,
bb7cd1
+                                             &iter_dict_val);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    /* Open container for values */
bb7cd1
+    dbret = dbus_message_iter_open_container(&iter_dict_val,
bb7cd1
+                                 DBUS_TYPE_ARRAY, DBUS_TYPE_STRING_AS_STRING,
bb7cd1
+                                 &iter_array);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    dbret = dbus_message_iter_append_basic(&iter_array,
bb7cd1
+                                           DBUS_TYPE_STRING,
bb7cd1
+                                           &value);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    dbret = dbus_message_iter_close_container(&iter_dict_val,
bb7cd1
+                                              &iter_array);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    dbret = dbus_message_iter_close_container(&iter_dict_entry,
bb7cd1
+                                              &iter_dict_val);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    dbret = dbus_message_iter_close_container(iter_dict,
bb7cd1
+                                              &iter_dict_entry);
bb7cd1
+    if (!dbret) {
bb7cd1
+        return ENOMEM;
bb7cd1
+    }
bb7cd1
+
bb7cd1
+    return EOK;
bb7cd1
+}
bb7cd1
+
bb7cd1
 errno_t ifp_add_ldb_el_to_dict(DBusMessageIter *iter_dict,
bb7cd1
                                struct ldb_message_element *el)
bb7cd1
 {
bb7cd1
diff --git a/src/tests/cmocka/test_ifp.c b/src/tests/cmocka/test_ifp.c
bb7cd1
index 21c5475d1c74cd8325815653166bef194ea84f7b..45f718341222c6803a65130741590e10e7aded84 100644
bb7cd1
--- a/src/tests/cmocka/test_ifp.c
bb7cd1
+++ b/src/tests/cmocka/test_ifp.c
bb7cd1
@@ -269,7 +269,7 @@ void test_attr_acl(void **state)
bb7cd1
     const char *exp_defaults[] = { SYSDB_NAME, SYSDB_UIDNUM,
bb7cd1
                                    SYSDB_GIDNUM, SYSDB_GECOS,
bb7cd1
                                    SYSDB_HOMEDIR, SYSDB_SHELL,
bb7cd1
-                                   "groups", NULL };
bb7cd1
+                                   "groups", "domain", "domainname", NULL };
bb7cd1
     attr_parse_test(exp_defaults, NULL);
bb7cd1
 
bb7cd1
     /* Test adding some attributes to the defaults */
bb7cd1
@@ -277,13 +277,14 @@ void test_attr_acl(void **state)
bb7cd1
                               SYSDB_NAME, SYSDB_UIDNUM,
bb7cd1
                               SYSDB_GIDNUM, SYSDB_GECOS,
bb7cd1
                               SYSDB_HOMEDIR, SYSDB_SHELL,
bb7cd1
-                              "groups", NULL };
bb7cd1
+                              "groups", "domain", "domainname", NULL };
bb7cd1
     attr_parse_test(exp_add, "+telephoneNumber, +streetAddress");
bb7cd1
 
bb7cd1
     /* Test removing some attributes to the defaults */
bb7cd1
     const char *exp_rm[] = { SYSDB_NAME,
bb7cd1
                              SYSDB_GIDNUM, SYSDB_GECOS,
bb7cd1
                              SYSDB_HOMEDIR, "groups",
bb7cd1
+                             "domain", "domainname",
bb7cd1
                              NULL };
bb7cd1
     attr_parse_test(exp_rm, "-"SYSDB_SHELL ",-"SYSDB_UIDNUM);
bb7cd1
 
bb7cd1
@@ -292,6 +293,7 @@ void test_attr_acl(void **state)
bb7cd1
                                  SYSDB_NAME, SYSDB_UIDNUM,
bb7cd1
                                  SYSDB_GIDNUM, SYSDB_GECOS,
bb7cd1
                                  SYSDB_HOMEDIR, "groups",
bb7cd1
+                                 "domain", "domainname",
bb7cd1
                                  NULL };
bb7cd1
     attr_parse_test(exp_add_rm, "+telephoneNumber, -"SYSDB_SHELL);
bb7cd1
 
bb7cd1
@@ -299,7 +301,8 @@ void test_attr_acl(void **state)
bb7cd1
     const char *exp_add_rm_override[] = { SYSDB_NAME, SYSDB_UIDNUM,
bb7cd1
                                           SYSDB_GIDNUM, SYSDB_GECOS,
bb7cd1
                                           SYSDB_HOMEDIR, SYSDB_SHELL,
bb7cd1
-                                          "groups", NULL };
bb7cd1
+                                          "groups", "domain",
bb7cd1
+                                          "domainname", NULL };
bb7cd1
     attr_parse_test(exp_add_rm_override,
bb7cd1
                     "+telephoneNumber, -telephoneNumber, +telephoneNumber");
bb7cd1
 
bb7cd1
@@ -307,7 +310,8 @@ void test_attr_acl(void **state)
bb7cd1
     const char *rm_all[] = { NULL };
bb7cd1
     attr_parse_test(rm_all,  "-"SYSDB_NAME ", -"SYSDB_UIDNUM
bb7cd1
                              ", -"SYSDB_GIDNUM ", -"SYSDB_GECOS
bb7cd1
-                             ", -"SYSDB_HOMEDIR ", -"SYSDB_SHELL", -groups");
bb7cd1
+                             ", -"SYSDB_HOMEDIR ", -"SYSDB_SHELL", -groups, "
bb7cd1
+                             "-domain, -domainname");
bb7cd1
 
bb7cd1
     /* Malformed list */
bb7cd1
     attr_parse_test(NULL,  "missing_plus_or_minus");
bb7cd1
-- 
bb7cd1
2.9.4
bb7cd1