if ( e ) {
a = attr_find( e->e_attrs, group_at );
if ( a ) {
- rc = value_find_ex( group_at,
+ /* If the attribute is a subtype of labeledURI, treat this as
+ * a dynamic group ala groupOfURLs
+ */
+ if (is_at_subtype( group_at->ad_type, slap_schema.si_ad_labeledURI->ad_type ) ) {
+ int i;
+ LDAPURLDesc *ludp;
+ struct berval bv, nbase;
+ Filter *filter;
+ Entry *user;
+ Backend *b2 = op->o_bd;
+
+ if ( target && dn_match( &target->e_nname, op_ndn ) ) {
+ user = target;
+ } else {
+ op->o_bd = select_backend( op_ndn, 0, 0 );
+ rc = be_entry_get_rw(op, op_ndn, NULL, NULL, 0, &user );
+ }
+
+ if ( rc == 0 ) {
+ rc = 1;
+ for (i=0; a->a_vals[i].bv_val; i++) {
+ if ( ldap_url_parse( a->a_vals[i].bv_val, &ludp ) != LDAP_SUCCESS )
+ continue;
+ nbase.bv_val = NULL;
+ /* host part must be empty */
+ /* attrs and extensions parts must be empty */
+ if (( ludp->lud_host && *ludp->lud_host )
+ || ludp->lud_attrs || ludp->lud_exts )
+ goto loopit;
+ ber_str2bv( ludp->lud_dn, 0, 0, &bv );
+ if ( dnNormalize( 0, NULL, NULL, &bv, &nbase, op->o_tmpmemctx ) != LDAP_SUCCESS )
+ goto loopit;
+ switch(ludp->lud_scope) {
+ case LDAP_SCOPE_BASE:
+ if ( !dn_match(&nbase, op_ndn)) goto loopit;
+ break;
+ case LDAP_SCOPE_ONELEVEL:
+ dnParent(op_ndn, &bv );
+ if ( !dn_match(&nbase, &bv)) goto loopit;
+ break;
+ case LDAP_SCOPE_SUBTREE:
+ if ( !dnIsSuffix(op_ndn, &nbase)) goto loopit;
+ break;
+ }
+ filter = str2filter_x( op, ludp->lud_filter );
+ if ( filter ) {
+ if ( test_filter( NULL, user, filter ) == LDAP_COMPARE_TRUE )
+ {
+ rc = 0;
+ }
+ filter_free_x( op, filter );
+ }
+ loopit:
+ ldap_free_urldesc( ludp );
+ if ( nbase.bv_val ) {
+ op->o_tmpfree( nbase.bv_val, op->o_tmpmemctx );
+ }
+ if ( rc == 0 ) break;
+ }
+ if ( user != target ) {
+ be_entry_release_r( op, user );
+ }
+ }
+ op->o_bd = b2;
+ } else {
+ rc = value_find_ex( group_at,
SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
a->a_nvals, op_ndn, op->o_tmpmemctx );
+ }
} else {
rc = LDAP_NO_SUCH_ATTRIBUTE;
}
#
# Standard Track URI label schema from RFC 2079
-#
-attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
- DESC 'RFC2079: Uniform Resource Identifier with optional label'
- EQUALITY caseExactMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+# system schema
+#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
+# DESC 'RFC2079: Uniform Resource Identifier with optional label'
+# EQUALITY caseExactMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
DESC 'RFC2079: object that contains the URI attribute type'
--- /dev/null
+# $OpenLDAP$
+#
+# Dynamic Group schema, as defined by Netscape
+#
+# depends upon:
+# core.schema
+
+objectIdentifier NetscapeRoot 2.16.840.1.113730
+
+objectIdentifier NetscapeLDAP NetscapeRoot:3
+objectIdentifier NetscapeLDAPattributeType NetscapeLDAP:1
+objectIdentifier NetscapeLDAPobjectClass NetscapeLDAP:2
+
+attributetype ( NetscapeLDAPattributeType:198
+ NAME 'memberURL'
+ DESC 'Identifies an URL associated with each member of a group. Any type of labeled URL can be used.'
+ SUP labeledURI )
+
+objectClass ( NetscapeLDAPobjectClass:33
+ NAME 'groupOfURLs'
+ SUP top STRUCTURAL
+ MUST cn
+ MAY ( memberURL $ businessCategory $ description $ o $ ou $
+ owner $ seeAlso ) )
NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_userPassword) },
+ { "labeledURI", "( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' "
+ "DESC 'RFC2079: Uniform Resource Identifier with optional label' "
+ "EQUALITY caseExactMatch "
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )",
+ NULL, 0,
+ NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL,
+ offsetof(struct slap_internal_schema, si_ad_labeledURI) },
+
#ifdef SLAPD_AUTHPASSWD
{ "authPassword", "( 1.3.6.1.4.1.4203.1.3.4 "
"NAME 'authPassword' "
projects / openldap / commitdiff