diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-08-07 11:04:53 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-08-07 14:22:42 +0200 |
commit | 6e6af9c14c1a421b8c3323982e5bd8bbb69589bb (patch) | |
tree | 51e3fa5dfaf0b7a933d2b721832291fdf17c1a42 /source4/dsdb | |
parent | 299b59b7c3603642154d78a5e3251926c8ce6e62 (diff) | |
download | samba-6e6af9c14c1a421b8c3323982e5bd8bbb69589bb.tar.gz samba-6e6af9c14c1a421b8c3323982e5bd8bbb69589bb.tar.bz2 samba-6e6af9c14c1a421b8c3323982e5bd8bbb69589bb.zip |
s4:objectclass LDB module - "add operation" - implement "objectCategory" validation
Diffstat (limited to 'source4/dsdb')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/objectclass.c | 39 |
1 files changed, 34 insertions, 5 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index d280298174..3d7dde8b2a 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -443,6 +443,7 @@ static int objectclass_do_add(struct oc_context *ac) const char *rdn_name = NULL; char *value; const struct dsdb_class *objectclass; + struct ldb_dn *objectcategory; int32_t systemFlags = 0; int ret; @@ -609,21 +610,49 @@ static int objectclass_do_add(struct oc_context *ac) } } - if (!ldb_msg_find_element(msg, "objectCategory")) { - struct dsdb_extended_dn_store_format *dn_format = talloc_get_type(ldb_module_get_private(ac->module), struct dsdb_extended_dn_store_format); + objectcategory = ldb_msg_find_attr_as_dn(ldb, ac, msg, + "objectCategory"); + if (objectcategory == NULL) { + struct dsdb_extended_dn_store_format *dn_format = + talloc_get_type(ldb_module_get_private(ac->module), + struct dsdb_extended_dn_store_format); if (dn_format && dn_format->store_extended_dn_in_ldb == false) { /* Strip off extended components */ - struct ldb_dn *dn = ldb_dn_new(msg, ldb, objectclass->defaultObjectCategory); + struct ldb_dn *dn = ldb_dn_new(ac, ldb, + objectclass->defaultObjectCategory); value = ldb_dn_alloc_linearized(msg, dn); talloc_free(dn); } else { - value = talloc_strdup(msg, objectclass->defaultObjectCategory); + value = talloc_strdup(msg, + objectclass->defaultObjectCategory); } if (value == NULL) { return ldb_oom(ldb); } - ldb_msg_add_string(msg, "objectCategory", value); + + ret = ldb_msg_add_string(msg, "objectCategory", value); + if (ret != LDB_SUCCESS) { + return ret; + } + } else { + const struct dsdb_class *ocClass = + dsdb_class_by_cn_ldb_val(ac->schema, + ldb_dn_get_rdn_val(objectcategory)); + if (ocClass != NULL) { + struct ldb_dn *dn = ldb_dn_new(ac, ldb, + ocClass->defaultObjectCategory); + if (ldb_dn_compare(objectcategory, dn) != 0) { + ocClass = NULL; + } + } + talloc_free(objectcategory); + if (ocClass == NULL) { + ldb_asprintf_errstring(ldb, "objectclass: Cannot add %s, 'objectCategory' attribute invalid!", + ldb_dn_get_linearized(msg->dn)); + return LDB_ERR_OBJECT_CLASS_VIOLATION; + } } + if (!ldb_msg_find_element(msg, "showInAdvancedViewOnly") && (objectclass->defaultHidingValue == true)) { ldb_msg_add_string(msg, "showInAdvancedViewOnly", "TRUE"); |