diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-09-12 14:41:53 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-09-12 19:23:05 +0200 |
commit | 79f22e5d700c5ffb6c0f0d64ad701558aa53bf57 (patch) | |
tree | d606442812561ab7dab971daf630ee98c4df288d /source4 | |
parent | bb1da645ed1005b5e77dd3e013af93b0f027d51e (diff) | |
download | samba-79f22e5d700c5ffb6c0f0d64ad701558aa53bf57.tar.gz samba-79f22e5d700c5ffb6c0f0d64ad701558aa53bf57.tar.bz2 samba-79f22e5d700c5ffb6c0f0d64ad701558aa53bf57.zip |
s4:samldb LDB module - move "samldb_prim_group_users_check" more down to see that it is only in use by the delete operation
add and modify helpers will stay on the top of the add and modify operation
since they will likely be shared as much as possible.
Diffstat (limited to 'source4')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 82 |
1 files changed, 41 insertions, 41 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index e616295e3a..2c82445ba8 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1052,47 +1052,6 @@ static int samldb_member_check(struct samldb_ctx *ac) } -static int samldb_prim_group_users_check(struct samldb_ctx *ac) -{ - struct ldb_context *ldb; - struct dom_sid *sid; - uint32_t rid; - NTSTATUS status; - int count; - - ldb = ldb_module_get_ctx(ac->module); - - /* Finds out the SID/RID of the SAM object */ - sid = samdb_search_dom_sid(ldb, ac, ac->req->op.del.dn, "objectSID", - NULL); - if (sid == NULL) { - /* No SID - it might not be a SAM object - therefore ok */ - return LDB_SUCCESS; - } - status = dom_sid_split_rid(ac, sid, NULL, &rid); - if (!NT_STATUS_IS_OK(status)) { - return ldb_operr(ldb); - } - if (rid == 0) { - /* Special object (security principal?) */ - return LDB_SUCCESS; - } - - /* Deny delete requests from groups which are primary ones */ - count = samdb_search_count(ldb, NULL, - "(&(primaryGroupID=%u)(objectClass=user))", - rid); - if (count < 0) { - return ldb_operr(ldb); - } - if (count > 0) { - return LDB_ERR_ENTRY_ALREADY_EXISTS; - } - - return LDB_SUCCESS; -} - - /* add */ static int samldb_add(struct ldb_module *module, struct ldb_request *req) { @@ -1307,6 +1266,47 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) } /* delete */ + +static int samldb_prim_group_users_check(struct samldb_ctx *ac) +{ + struct ldb_context *ldb; + struct dom_sid *sid; + uint32_t rid; + NTSTATUS status; + int count; + + ldb = ldb_module_get_ctx(ac->module); + + /* Finds out the SID/RID of the SAM object */ + sid = samdb_search_dom_sid(ldb, ac, ac->req->op.del.dn, "objectSID", + NULL); + if (sid == NULL) { + /* No SID - it might not be a SAM object - therefore ok */ + return LDB_SUCCESS; + } + status = dom_sid_split_rid(ac, sid, NULL, &rid); + if (!NT_STATUS_IS_OK(status)) { + return ldb_operr(ldb); + } + if (rid == 0) { + /* Special object (security principal?) */ + return LDB_SUCCESS; + } + + /* Deny delete requests from groups which are primary ones */ + count = samdb_search_count(ldb, NULL, + "(&(primaryGroupID=%u)(objectClass=user))", + rid); + if (count < 0) { + return ldb_operr(ldb); + } + if (count > 0) { + return LDB_ERR_ENTRY_ALREADY_EXISTS; + } + + return LDB_SUCCESS; +} + static int samldb_delete(struct ldb_module *module, struct ldb_request *req) { struct samldb_ctx *ac; |