summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-09-12 14:41:53 +0200
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-09-12 19:23:05 +0200
commit79f22e5d700c5ffb6c0f0d64ad701558aa53bf57 (patch)
treed606442812561ab7dab971daf630ee98c4df288d /source4
parentbb1da645ed1005b5e77dd3e013af93b0f027d51e (diff)
downloadsamba-79f22e5d700c5ffb6c0f0d64ad701558aa53bf57.tar.gz
samba-79f22e5d700c5ffb6c0f0d64ad701558aa53bf57.tar.bz2
samba-79f22e5d700c5ffb6c0f0d64ad701558aa53bf57.zip
s4:samldb LDB module - move "samldb_prim_group_users_check" more down to see that it is only in use by the delete operation
add and modify helpers will stay on the top of the add and modify operation since they will likely be shared as much as possible.
Diffstat (limited to 'source4')
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c82
1 files changed, 41 insertions, 41 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index e616295e3a..2c82445ba8 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1052,47 +1052,6 @@ static int samldb_member_check(struct samldb_ctx *ac)
}
-static int samldb_prim_group_users_check(struct samldb_ctx *ac)
-{
- struct ldb_context *ldb;
- struct dom_sid *sid;
- uint32_t rid;
- NTSTATUS status;
- int count;
-
- ldb = ldb_module_get_ctx(ac->module);
-
- /* Finds out the SID/RID of the SAM object */
- sid = samdb_search_dom_sid(ldb, ac, ac->req->op.del.dn, "objectSID",
- NULL);
- if (sid == NULL) {
- /* No SID - it might not be a SAM object - therefore ok */
- return LDB_SUCCESS;
- }
- status = dom_sid_split_rid(ac, sid, NULL, &rid);
- if (!NT_STATUS_IS_OK(status)) {
- return ldb_operr(ldb);
- }
- if (rid == 0) {
- /* Special object (security principal?) */
- return LDB_SUCCESS;
- }
-
- /* Deny delete requests from groups which are primary ones */
- count = samdb_search_count(ldb, NULL,
- "(&(primaryGroupID=%u)(objectClass=user))",
- rid);
- if (count < 0) {
- return ldb_operr(ldb);
- }
- if (count > 0) {
- return LDB_ERR_ENTRY_ALREADY_EXISTS;
- }
-
- return LDB_SUCCESS;
-}
-
-
/* add */
static int samldb_add(struct ldb_module *module, struct ldb_request *req)
{
@@ -1307,6 +1266,47 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
}
/* delete */
+
+static int samldb_prim_group_users_check(struct samldb_ctx *ac)
+{
+ struct ldb_context *ldb;
+ struct dom_sid *sid;
+ uint32_t rid;
+ NTSTATUS status;
+ int count;
+
+ ldb = ldb_module_get_ctx(ac->module);
+
+ /* Finds out the SID/RID of the SAM object */
+ sid = samdb_search_dom_sid(ldb, ac, ac->req->op.del.dn, "objectSID",
+ NULL);
+ if (sid == NULL) {
+ /* No SID - it might not be a SAM object - therefore ok */
+ return LDB_SUCCESS;
+ }
+ status = dom_sid_split_rid(ac, sid, NULL, &rid);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ldb_operr(ldb);
+ }
+ if (rid == 0) {
+ /* Special object (security principal?) */
+ return LDB_SUCCESS;
+ }
+
+ /* Deny delete requests from groups which are primary ones */
+ count = samdb_search_count(ldb, NULL,
+ "(&(primaryGroupID=%u)(objectClass=user))",
+ rid);
+ if (count < 0) {
+ return ldb_operr(ldb);
+ }
+ if (count > 0) {
+ return LDB_ERR_ENTRY_ALREADY_EXISTS;
+ }
+
+ return LDB_SUCCESS;
+}
+
static int samldb_delete(struct ldb_module *module, struct ldb_request *req)
{
struct samldb_ctx *ac;