1 /* group.c - ldbm backend acl group routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/socket.h>
13 #include <ac/string.h>
16 #include "back-ldbm.h"
17 #include "proto-back-ldbm.h"
20 /* return 0 IFF op_dn is a value in member attribute
21 * of entry with gr_dn AND that entry has an objectClass
22 * value of groupOfNames
30 const char *objectclassValue,
31 #ifdef SLAPD_SCHEMA_NOT_COMPAT
32 AttributeDescription *group_at
38 struct ldbminfo *li = (struct ldbminfo *) be->be_private;
43 #ifdef SLAPD_SCHEMA_NOT_COMPAT
44 static AttributeDescription *objectClass = NULL;
45 const char *groupattrName = group_at->ad_cname->bv_val;
48 const char *objectClass = "objectclass";
49 const char *groupattrName = group_at;
52 Debug( LDAP_DEBUG_ARGS,
53 "=> ldbm_back_group: gr dn: \"%s\"\n",
55 Debug( LDAP_DEBUG_ARGS,
56 "=> ldbm_back_group: op dn: \"%s\"\n",
58 Debug( LDAP_DEBUG_ARGS,
59 "=> ldbm_back_group: objectClass: \"%s\" attrName: \"%s\"\n",
60 objectclassValue, groupattrName, 0 );
62 Debug( LDAP_DEBUG_ARGS,
63 "=> ldbm_back_group: tr dn: \"%s\"\n",
64 target->e_ndn, 0, 0 );
66 if (strcmp(target->e_ndn, gr_ndn) == 0) {
67 /* we already have a LOCKED copy of the entry */
69 Debug( LDAP_DEBUG_ARGS,
70 "=> ldbm_back_group: target is group: \"%s\"\n",
74 /* can we find group entry with reader lock */
75 if ((e = dn2entry_r(be, gr_ndn, NULL )) == NULL) {
76 Debug( LDAP_DEBUG_ACL,
77 "=> ldbm_back_group: cannot find group: \"%s\"\n",
82 Debug( LDAP_DEBUG_ACL,
83 "=> ldbm_back_group: found group: \"%s\"\n",
87 /* find it's objectClass and member attribute values
88 * make sure this is a group entry
89 * finally test if we can find op_dn in the member attribute value list *
94 if ((attr = attr_find(e->e_attrs, objectClass)) == NULL) {
95 Debug( LDAP_DEBUG_ACL,
96 "<= ldbm_back_group: failed to find objectClass\n", 0, 0, 0 );
100 #ifdef SLAPD_SCHEMA_NOT_COMPAT
101 /* not yet implemented */
105 bv.bv_len = sizeof("ALIAS")-1;
107 if ( value_find(attr->a_vals, &bv, attr->a_syntax, 1) == 0) {
108 Debug( LDAP_DEBUG_ACL,
109 "<= ldbm_back_group: group is an alias\n", 0, 0, 0 );
113 bv.bv_val = "REFERRAL";
114 bv.bv_len = sizeof("REFERRAL")-1;
116 if ( value_find(attr->a_vals, &bv, attr->a_syntax, 1) == 0) {
117 Debug( LDAP_DEBUG_ACL,
118 "<= ldbm_back_group: group is a referral\n",
123 bv.bv_val = (char *) objectclassValue;
124 bv.bv_len = strlen( bv.bv_val );
126 if (value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
127 Debug( LDAP_DEBUG_ACL,
128 "<= ldbm_back_group: failed to find %s in objectClass\n",
129 objectclassValue, 0, 0 );
133 if ((attr = attr_find(e->e_attrs, group_at)) == NULL) {
134 Debug( LDAP_DEBUG_ACL,
135 "<= ldbm_back_group: failed to find %s\n",
136 groupattrName, 0, 0 );
140 Debug( LDAP_DEBUG_ACL,
141 "<= ldbm_back_group: found objectClass %s and %s\n",
142 objectclassValue, groupattrName, 0 );
144 bv.bv_val = (char *) op_ndn;
145 bv.bv_len = strlen( op_ndn );
147 if( value_find( attr->a_vals, &bv, attr->a_syntax, 1) != 0 )
149 Debug( LDAP_DEBUG_ACL,
150 "<= ldbm_back_group: \"%s\" not in \"%s\": %s\n",
151 op_ndn, gr_ndn, groupattrName );
156 Debug( LDAP_DEBUG_ACL,
157 "<= ldbm_back_group: \"%s\" is in \"%s\": %s\n",
158 op_ndn, gr_ndn, groupattrName );
164 /* free entry and reader lock */
165 cache_return_entry_r( &li->li_cache, e );
168 Debug( LDAP_DEBUG_TRACE, "ldbm_back_group: rc=%d\n", rc, 0, 0 );