From ac992d1ae46ec5ff44a1300718f12c10b1cbd60a Mon Sep 17 00:00:00 2001

From: Sumit Bose <sbose@redhat.com>

Date: Mon, 27 Oct 2014 13:33:08 +0100

Subject: [PATCH 60/64] sysdb_get_user_attr_with_views: add mandatory override

 attributes

This patch add another attribute with is needs for override processing

to the attribute list of sysdb_get_user_attr_with_views(). With two

attribute it does not seem useful to check for existence and add each of

the attributes conditionally. With this patch they are added

unconditionally if the domain has views. Additionally the attributes are

not removed in the end because it is expected that they do not cause any

harm.

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

---

 src/db/sysdb_search.c | 47 ++++++++---------------------------------------

 1 file changed, 8 insertions(+), 39 deletions(-)

diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c

index bbc5af8a02777c1519a9d0b5d77c50559e66f462..dacbd239db6be7e4c738d5bd6b495b613411b126 100644

--- a/src/db/sysdb_search.c

+++ b/src/db/sysdb_search.c

@@ -1037,11 +1037,11 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,

     int ret;

     struct ldb_result *orig_obj = NULL;

     struct ldb_result *override_obj = NULL;

-    struct ldb_message_element *el = NULL;

     const char **attrs = NULL;

-    bool has_override_dn;

+    const char *mandatory_override_attrs[] = {SYSDB_OVERRIDE_DN,

+                                              SYSDB_OVERRIDE_OBJECT_DN,

+                                              NULL};

     TALLOC_CTX *tmp_ctx;

-    int count;

     tmp_ctx = talloc_new(NULL);

     if (tmp_ctx == NULL) {

@@ -1049,35 +1049,15 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,

         return ENOMEM;

     }

-    /* Assume that overrideDN is requested to simplify the code. If no view

-     * is applied it doesn't really matter. */

-    has_override_dn = true;

     attrs = attributes;

     /* If there are views we first have to search the overrides for matches */

     if (DOM_HAS_VIEWS(domain)) {

-        /* We need overrideDN for views, so append it if missing. */

-        has_override_dn = false;

-        for (count = 0; attributes[count] != NULL; count++) {

-            if (strcmp(attributes[count], SYSDB_OVERRIDE_DN) == 0) {

-                has_override_dn = true;

-                break;

-            }

-        }

-

-        if (!has_override_dn) {

-            /* Copy original attributes and add overrideDN. */

-            attrs = talloc_zero_array(tmp_ctx, const char *, count + 2);

-            if (attrs == NULL) {

-                ret = ENOMEM;

-                goto done;

-            }

-

-            for (count = 0; attributes[count] != NULL; count++) {

-                attrs[count] = attributes[count];

-            }

-

-            attrs[count] = SYSDB_OVERRIDE_DN;

+        ret = add_strings_lists(tmp_ctx, attributes, mandatory_override_attrs,

+                                false, discard_const(&attrs));

+        if (ret != EOK) {

+            DEBUG(SSSDBG_OP_FAILURE, "add_strings_lists failed.\n");

+            goto done;

         }

         ret = sysdb_search_user_override_attrs_by_name(tmp_ctx, domain, name,

@@ -1121,17 +1101,6 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,

         }

     }

-    /* Remove overrideDN if needed. */

-    if (!has_override_dn && orig_obj != NULL && orig_obj->count == 1) {

-        el = ldb_msg_find_element(orig_obj->msgs[0], SYSDB_OVERRIDE_DN);

-        if (el == NULL) {

-            ret = EINVAL;

-            goto done;

-        }

-

-        ldb_msg_remove_element(orig_obj->msgs[0], el);

-    }

-

     *_res = talloc_steal(mem_ctx, orig_obj);

     ret = EOK;

-- 

1.9.3