diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-08-02 10:47:10 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-08-03 13:54:38 -0400 |
commit | d59e1d2397c92a2c9f43eb310d99d81cc835b37e (patch) | |
tree | bef54f33c54332d4cc6f867143b0484e3d3c773c /src/db | |
parent | dae0af263a9490c57962c2d43ede2083d618e637 (diff) | |
download | sssd-d59e1d2397c92a2c9f43eb310d99d81cc835b37e.tar.gz sssd-d59e1d2397c92a2c9f43eb310d99d81cc835b37e.tar.bz2 sssd-d59e1d2397c92a2c9f43eb310d99d81cc835b37e.zip |
Add sysdb_update_members function
This function will take a user, a list of groups that this user
should be added to and a list of groups the user should be removed
from and will recursively call sysdb_[add|remove]_group_member
Includes a unit test
Diffstat (limited to 'src/db')
-rw-r--r-- | src/db/sysdb.h | 5 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 56 |
2 files changed, 61 insertions, 0 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 5c0b744f..e199ed94 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -453,6 +453,11 @@ int sysdb_remove_group_member(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *group, const char *user); +errno_t sysdb_update_members(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *user, + const char **add_groups, + const char **del_groups); /* Password caching function. * If you are in a transaction ignore sysdb and pass in the handle. diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 7f454311..d86c35d6 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -2199,3 +2199,59 @@ done: } return ret; } + +errno_t sysdb_update_members(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *user, + const char **add_groups, + const char **del_groups) +{ + errno_t ret; + int i; + + TALLOC_CTX *tmp_ctx = talloc_new(NULL); + if(!tmp_ctx) { + return ENOMEM; + } + + ret = sysdb_transaction_start(sysdb); + if (ret != EOK) { + DEBUG(0, ("Failed to start update transaction\n")); + goto done; + } + + if (add_groups) { + /* Add the user to all add_groups */ + for (i = 0; add_groups[i]; i++) { + ret = sysdb_add_group_member(tmp_ctx, sysdb, domain, + add_groups[i], user); + if (ret != EOK) { + DEBUG(1, ("Could not add user [%s] to group [%s]. " + "Skipping.\n")); + /* Continue on, we should try to finish the rest */ + } + } + } + + if (del_groups) { + /* Remove the user from all del_groups */ + for (i = 0; del_groups[i]; i++) { + ret = sysdb_remove_group_member(tmp_ctx, sysdb, domain, + del_groups[i], user); + if (ret != EOK) { + DEBUG(1, ("Could not remove user [%s] from group [%s]. " + "Skipping\n")); + /* Continue on, we should try to finish the rest */ + } + } + } + + ret = sysdb_transaction_commit(sysdb); + +done: + if (ret != EOK) { + sysdb_transaction_cancel(sysdb); + } + talloc_free(tmp_ctx); + return ret; +} |