summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/schema.c77
1 files changed, 60 insertions, 17 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/schema.c b/source4/dsdb/samdb/ldb_modules/schema.c
index 3e8a70a043..090a211927 100644
--- a/source4/dsdb/samdb/ldb_modules/schema.c
+++ b/source4/dsdb/samdb/ldb_modules/schema.c
@@ -81,23 +81,29 @@ struct schema_attribute {
bool single; /* isSingleValued */
int min; /* rangeLower */
int max; /* rangeUpper */
+ int systemflag; /* systemFlag */
+ int searchflag; /* searchFlag */
+ bool isdefunct; /* isDefunct */
};
struct schema_class {
- char *OID; /* governsID */
- char *name; /* lDAPDisplayName */
- enum schema_class_type type; /* objectClassCategory */
- bool systemOnly; /* systemOnly */
- struct schema_class *parent; /* subClassOf */
- struct schema_class **sysaux; /* systemAuxiliaryClass */
- struct schema_class **aux; /* auxiliaryClass */
- struct schema_class **sysposssup; /* systemPossSuperiors */
- struct schema_class **posssup; /* possSuperiors */
- struct schema_class **possinf; /* possibleInferiors */
- struct schema_attribute **sysmust; /* systemMustContain */
- struct schema_attribute **must; /* MustContain */
- struct schema_attribute **sysmay; /* systemMayContain */
- struct schema_attribute **may; /* MayContain */
+ char *OID; /* governsID */
+ char *name; /* lDAPDisplayName */
+ enum schema_class_type type; /* objectClassCategory */
+ bool systemOnly; /* systemOnly */
+ bool isdefunct; /* isDefunct */
+ int systemflag; /* systemFlag */
+ char *defobjcat; /* defaultObjectCategory */
+ struct schema_class *parent; /* subClassOf */
+ struct schema_class **sysaux; /* systemAuxiliaryClass */
+ struct schema_class **aux; /* auxiliaryClass */
+ struct schema_class **sysposssup; /* systemPossSuperiors */
+ struct schema_class **posssup; /* possSuperiors */
+ struct schema_class **possinf; /* possibleInferiors */
+ struct schema_attribute **sysmust; /* systemMustContain */
+ struct schema_attribute **must; /* MustContain */
+ struct schema_attribute **sysmay; /* systemMayContain */
+ struct schema_attribute **may; /* MayContain */
};
/* TODO: ditcontentrules */
@@ -365,6 +371,9 @@ static int schema_init_attrs(struct ldb_module *module, struct schema_private_da
"isSingleValued",
"rangeLower",
"rangeUpper",
+ "searchFlag",
+ "systemFlag",
+ "isDefunct",
NULL };
struct ldb_result *res;
int ret, i;
@@ -433,9 +442,12 @@ static int schema_init_attrs(struct ldb_module *module, struct schema_private_da
data->attrs[i]->single = 0;
}
- /* rangeLower and rangeUpper are optional */
+ /* the following are optional */
data->attrs[i]->min = ldb_msg_find_attr_as_int(res->msgs[i], "rangeLower", -1);
data->attrs[i]->max = ldb_msg_find_attr_as_int(res->msgs[i], "rangeUpper", -1);
+ data->attrs[i]->systemflag = ldb_msg_find_attr_as_int(res->msgs[i], "systemFlag", 0);
+ data->attrs[i]->searchflag = ldb_msg_find_attr_as_int(res->msgs[i], "searchFlag", 0);
+ data->attrs[i]->isdefunct = ldb_msg_find_attr_as_bool(res->msgs[i], "isDefunct", False);
}
done:
@@ -448,7 +460,10 @@ static int schema_init_classes(struct ldb_module *module, struct schema_private_
static const char *schema_attrs[] = { "governsID",
"lDAPDisplayName",
"objectClassCategory",
+ "defaultObjectCategory"
"systemOnly",
+ "systemFlag",
+ "isDefunct",
"subClassOf",
"systemAuxiliaryClass",
"auxiliaryClass",
@@ -503,9 +518,16 @@ static int schema_init_classes(struct ldb_module *module, struct schema_private_
/* 0 should not be a valid value, but turn out it is so test with -1 */
SCHEMA_CHECK_VALUE(data->class[i]->type, -1, module);
+ data->class[i]->defobjcat = talloc_strdup(data->class[i],
+ ldb_msg_find_attr_as_string(res->msgs[i],
+ "defaultObjectCategory", NULL));
+ SCHEMA_CHECK_VALUE(data->class[i]->defobjcat, NULL, module);
+
/* the following attributes are all optional */
data->class[i]->systemOnly = ldb_msg_find_attr_as_bool(res->msgs[i], "systemOnly", False);
+ data->class[i]->systemflag = ldb_msg_find_attr_as_int(res->msgs[i], "systemFlag", 0);
+ data->class[i]->isdefunct = ldb_msg_find_attr_as_bool(res->msgs[i], "isDefunct", False);
/* attributes are loaded first, so we can just go an query the attributes repo */
@@ -689,6 +711,11 @@ static int schema_add_class_to_dlist(struct schema_class_dlist *list, struct sch
struct schema_class_dlist *temp;
int ret;
+ /* see if this class is usable */
+ if (class->isdefunct) {
+ return LDB_ERR_NO_SUCH_ATTRIBUTE;
+ }
+
/* see if this class already exist in the class list */
if (schema_add_get_dlist_entry_with_class(list, class)) {
return LDB_SUCCESS;
@@ -828,7 +855,7 @@ static int schema_add_build_objectclass_list(struct schema_context *sctx)
class = schema_store_find(sctx->data->class_store, (char *)el->values[i].data);
if (!class) {
- return LDB_ERR_NO_SUCH_OBJECT;
+ return LDB_ERR_NO_SUCH_ATTRIBUTE;
}
ret = schema_add_class_to_dlist(sctx->class_list, class, class->type);
@@ -984,6 +1011,7 @@ static int schema_add_build_down_req(struct schema_context *sctx)
{
struct schema_class_dlist *temp;
struct ldb_message *msg;
+ char *oc;
int ret;
sctx->down_req = talloc(sctx, struct ldb_request);
@@ -999,6 +1027,7 @@ static int schema_add_build_down_req(struct schema_context *sctx)
return LDB_ERR_OPERATIONS_ERROR;
}
+ /* rebuild the objectclass list */
ldb_msg_remove_attr(msg, "objectClass");
ret = ldb_msg_add_empty(msg, "objectClass", 0);
if (ret != LDB_SUCCESS) {
@@ -1012,7 +1041,21 @@ static int schema_add_build_down_req(struct schema_context *sctx)
return ret;
}
}
-
+
+ /* objectCategory can be set only by the system */
+ if (ldb_msg_find_element(msg, "objectCategory")) {
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ /* the OC is mandatory, every class defines it */
+ /* use the one defined in the structural class that defines the object */
+ for (temp = sctx->class_list->next; temp; temp = temp->next) {
+ if (!temp->next) break;
+ if (temp->next->role != SCHEMA_CT_STRUCTURAL) break;
+ }
+ oc = talloc_strdup(msg, temp->class->defobjcat);
+ ret = ldb_msg_add_string(msg, "objectCategory", oc);
+
sctx->down_req->op.add.message = msg;
return LDB_SUCCESS;