/* 
   ldb database library

   Copyright (C) Simo Sorce  2005-2008

     ** NOTE! The following LGPL license applies to the ldb
     ** library. This does NOT imply that all of Samba is released
     ** under the LGPL
   
   This library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 3 of the License, or (at your option) any later version.

   This library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/

/*
 *  Name: ldb
 *
 *  Component: ldb attribute scoped query control module
 *
 *  Description: this module searches all the objects pointed by
 *  		 the DNs contained in the references attribute
 *
 *  Author: Simo Sorce
 */

#include "ldb_module.h"

struct asq_context {

	enum {ASQ_SEARCH_BASE, ASQ_SEARCH_MULTI} step;

	struct ldb_module *module;
	struct ldb_request *req;

	struct ldb_asq_control *asq_ctrl;

	const char * const *req_attrs;
	char *req_attribute;
	enum {
		ASQ_CTRL_SUCCESS			= 0,
		ASQ_CTRL_INVALID_ATTRIBUTE_SYNTAX	= 21,
		ASQ_CTRL_UNWILLING_TO_PERFORM		= 53,
		ASQ_CTRL_AFFECTS_MULTIPLE_DSA		= 71
	} asq_ret;

	struct ldb_reply *base_res;

	struct ldb_request **reqs;
	unsigned int num_reqs;
	unsigned int cur_req;

	struct ldb_control **controls;
};

static struct asq_context *asq_context_init(struct ldb_module *module, struct ldb_request *req)
{
	struct ldb_context *ldb;
	struct asq_context *ac;

	ldb = ldb_module_get_ctx(module);

	ac = talloc_zero(req, struct asq_context);
	if (ac == NULL) {
		ldb_oom(ldb);
		return NULL;
	}

	ac->module = module;
	ac->req = req;

	return ac;
}

static int asq_search_continue(struct asq_context *ac);

static int asq_search_terminate(struct asq_context *ac)
{
	struct ldb_asq_control *asq;
	unsigned int i;

	if (ac->controls) {
		for (i = 0; ac->controls[i]; i++) /* count em */ ;
	} else {
		i = 0;
	}

	ac->controls = talloc_realloc(ac, ac->controls, struct ldb_control *, i + 2);

	if (ac->controls == NULL) {
		return LDB_ERR_OPERATIONS_ERROR;
	}

	ac->controls[i] = talloc(ac->controls, struct ldb_control);
	if (ac->controls[i] == NULL) {
		return LDB_ERR_OPERATIONS_ERROR;
	}

	ac->controls[i]->oid = LDB_CONTROL_ASQ_OID;
	ac->controls[i]->critical = 0;

	asq = talloc_zero(ac->controls[i], struct ldb_asq_control);
	if (asq == NULL)
		return LDB_ERR_OPERATIONS_ERROR;

	asq->result = ac->asq_ret;

	ac->controls[i]->data = asq;

	ac->controls[i + 1] = NULL;

	return ldb_module_done(ac->req, ac->controls, NULL, LDB_SUCCESS);
}

static int asq_base_callback(struct ldb_request *req, struct ldb_reply *ares)
{
	struct asq_context *ac;
	int ret;

	ac = talloc_get_type(req->context, struct asq_context);

	if (!ares) {
		return ldb_module_done(ac->req, NULL, NULL,
					LDB_ERR_OPERATIONS_ERROR);
	}
	if (ares->error != LDB_SUCCESS) {
		return ldb_module_done(ac->req, ares->controls,
					ares->response, ares->error);
	}

	switch (ares->type) {
	case LDB_REPLY_ENTRY:
		ac->base_res = talloc_move(ac, &ares);
		break;

	case LDB_REPLY_REFERRAL:
		/* ignore referrals */
		talloc_free(ares);
		break;

	case LDB_REPLY_DONE:

		talloc_free(ares);

		/* next step */
		ret = asq_search_continue(ac);
		if (ret != LDB_SUCCESS) {
			return ldb_module_done(ac->req, NULL, NULL, ret);
		}
		break;

	}
	return LDB_SUCCESS;
}

static int asq_reqs_callback(struct ldb_request *req, struct ldb_reply *ares)
{
	struct asq_context *ac;
	int ret;

	ac = talloc_get_type(req->context, struct asq_context);

	if (!ares) {
		return ldb_module_done(ac->req, NULL, NULL,
					LDB_ERR_OPERATIONS_ERROR);
	}
	if (ares->error != LDB_SUCCESS) {
		return ldb_module_done(ac->req, ares->controls,
					ares->response, ares->error);
	}

	switch (ares->type) {
	case LDB_REPLY_ENTRY:
		/* pass the message up to the original callback as we
		 * do not have to elaborate on it any further */
		ret = ldb_module_send_entry(ac->req, ares->message, ares->controls);
		if (ret != LDB_SUCCESS) {
			return ldb_module_done(ac->req, NULL, NULL, ret);
		}
		talloc_free(ares);
		break;

	case LDB_REPLY_REFERRAL:
		/* ignore referrals */
		talloc_free(ares);
		break;

	case LDB_REPLY_DONE:

		talloc_free(ares);

		ret = asq_search_continue(ac);
		if (ret != LDB_SUCCESS) {
			return ldb_module_done(ac->req, NULL, NULL, ret);
		}
		break;
	}

	return LDB_SUCCESS;
}

static int asq_build_first_request(struct asq_context *ac, struct ldb_request **base_req)
{
	struct ldb_context *ldb;
	const char **base_attrs;
	int ret;

	ldb = ldb_module_get_ctx(ac->module);

	ac->req_attrs = ac->req->op.search.attrs;
	ac->req_attribute = talloc_strdup(ac, ac->asq_ctrl->source_attribute);
	if (ac->req_attribute == NULL)
		return LDB_ERR_OPERATIONS_ERROR;

	base_attrs = talloc_array(ac, const char *, 2);
	if (base_attrs == NULL) return LDB_ERR_OPERATIONS_ERROR;

	base_attrs[0] = talloc_strdup(base_attrs, ac->asq_ctrl->source_attribute);
	if (base_attrs[0] == NULL) return LDB_ERR_OPERATIONS_ERROR;

	base_attrs[1] = NULL;

	ret = ldb_build_search_req(base_req, ldb, ac,
					ac->req->op.search.base,
					LDB_SCOPE_BASE,
					NULL,
					(const char * const *)base_attrs,
					NULL,
					ac, asq_base_callback,
					ac->req);
	if (ret != LDB_SUCCESS) {
		return ret;
	}

	return LDB_SUCCESS;
}

static int asq_build_multiple_requests(struct asq_context *ac, bool *terminated)
{
	struct ldb_context *ldb;
	struct ldb_control **saved_controls;
	struct ldb_control *control;
	struct ldb_dn *dn;
	struct ldb_message_element *el;
	unsigned int i;
	int ret;

	if (ac->base_res == NULL) {
		return LDB_ERR_NO_SUCH_OBJECT;
	}

	ldb = ldb_module_get_ctx(ac->module);

	el = ldb_msg_find_element(ac->base_res->message, ac->req_attribute);
	/* no values found */
	if (el == NULL) {
		ac->asq_ret = ASQ_CTRL_SUCCESS;
		*terminated = true;
		return asq_search_terminate(ac);
	}

	ac->num_reqs = el->num_values;
	ac->cur_req = 0;
	ac->reqs = talloc_array(ac, struct ldb_request *, ac->num_reqs);
	if (ac->reqs == NULL) {
		return LDB_ERR_OPERATIONS_ERROR;
	}

	for (i = 0; i < el->num_values; i++) {

		dn = ldb_dn_new(ac, ldb,
				(const char *)el->values[i].data);
		if ( ! ldb_dn_validate(dn)) {
			ac->asq_ret = ASQ_CTRL_INVALID_ATTRIBUTE_SYNTAX;
			*terminated = true;
			return asq_search_terminate(ac);
		}

		ret = ldb_build_search_req_ex(&ac->reqs[i],
						ldb, ac,
						dn, LDB_SCOPE_BASE,
						ac->req->op.search.tree,
						ac->req_attrs,
						ac->req->controls,
						ac, asq_reqs_callback,
						ac->req);
		if (ret != LDB_SUCCESS) {
			return ret;
		}

		/* remove the ASQ control itself */
		control = ldb_request_get_control(ac->req, LDB_CONTROL_ASQ_OID);
		if (!save_controls(control, ac->reqs[i], &saved_controls)) {
			return LDB_ERR_OPERATIONS_ERROR;
		}
	}

	return LDB_SUCCESS;
}

static int asq_search_continue(struct asq_context *ac)
{
	struct ldb_context *ldb;
	bool terminated = false;
	int ret;

	ldb = ldb_module_get_ctx(ac->module);

	switch (ac->step) {
	case ASQ_SEARCH_BASE:

		/* build up the requests call chain */
		ret = asq_build_multiple_requests(ac, &terminated);
		if (ret != LDB_SUCCESS || terminated) {
			return ret;
		}

		ac->step = ASQ_SEARCH_MULTI;

		return ldb_request(ldb, ac->reqs[ac->cur_req]);

	case ASQ_SEARCH_MULTI:

		ac->cur_req++;

		if (ac->cur_req == ac->num_reqs) {
			/* done */
			return asq_search_terminate(ac);
		}

		return ldb_request(ldb, ac->reqs[ac->cur_req]);
	}

	return LDB_ERR_OPERATIONS_ERROR;
}

static int asq_search(struct ldb_module *module, struct ldb_request *req)
{
	struct ldb_context *ldb;
	struct ldb_request *base_req;
	struct ldb_control *control;
	struct asq_context *ac;
	int ret;

	ldb = ldb_module_get_ctx(module);

	/* check if there's an ASQ control */
	control = ldb_request_get_control(req, LDB_CONTROL_ASQ_OID);
	if (control == NULL) {
		/* not found go on */
		return ldb_next_request(module, req);
	}

	ac = asq_context_init(module, req);
	if (!ac) {
		return LDB_ERR_OPERATIONS_ERROR;
	}

	/* check the search is well formed */
	if (req->op.search.scope != LDB_SCOPE_BASE) {
		ac->asq_ret = ASQ_CTRL_UNWILLING_TO_PERFORM;
		return asq_search_terminate(ac);
	}

	ac->asq_ctrl = talloc_get_type(control->data, struct ldb_asq_control);
	if (!ac->asq_ctrl) {
		return LDB_ERR_PROTOCOL_ERROR;
	}

	ret = asq_build_first_request(ac, &base_req);
	if (ret != LDB_SUCCESS) {
		return ret;
	}

	ac->step = ASQ_SEARCH_BASE;

	return ldb_request(ldb, base_req);
}

static int asq_init(struct ldb_module *module)
{
	struct ldb_context *ldb;
	int ret;

	ldb = ldb_module_get_ctx(module);

	ret = ldb_mod_register_control(module, LDB_CONTROL_ASQ_OID);
	if (ret != LDB_SUCCESS) {
		ldb_debug(ldb, LDB_DEBUG_WARNING, "asq: Unable to register control with rootdse!");
	}

	return ldb_next_init(module);
}

const struct ldb_module_ops ldb_asq_module_ops = {
	.name		   = "asq",
	.search		   = asq_search,
	.init_context	   = asq_init
};