summaryrefslogtreecommitdiff
path: root/src/db
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-08-02 10:47:10 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-08-03 13:54:38 -0400
commitd59e1d2397c92a2c9f43eb310d99d81cc835b37e (patch)
treebef54f33c54332d4cc6f867143b0484e3d3c773c /src/db
parentdae0af263a9490c57962c2d43ede2083d618e637 (diff)
downloadsssd-d59e1d2397c92a2c9f43eb310d99d81cc835b37e.tar.gz
sssd-d59e1d2397c92a2c9f43eb310d99d81cc835b37e.tar.bz2
sssd-d59e1d2397c92a2c9f43eb310d99d81cc835b37e.zip
Add sysdb_update_members function
This function will take a user, a list of groups that this user should be added to and a list of groups the user should be removed from and will recursively call sysdb_[add|remove]_group_member Includes a unit test
Diffstat (limited to 'src/db')
-rw-r--r--src/db/sysdb.h5
-rw-r--r--src/db/sysdb_ops.c56
2 files changed, 61 insertions, 0 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 5c0b744f..e199ed94 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -453,6 +453,11 @@ int sysdb_remove_group_member(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *group,
const char *user);
+errno_t sysdb_update_members(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *user,
+ const char **add_groups,
+ const char **del_groups);
/* Password caching function.
* If you are in a transaction ignore sysdb and pass in the handle.
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 7f454311..d86c35d6 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2199,3 +2199,59 @@ done:
}
return ret;
}
+
+errno_t sysdb_update_members(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *user,
+ const char **add_groups,
+ const char **del_groups)
+{
+ errno_t ret;
+ int i;
+
+ TALLOC_CTX *tmp_ctx = talloc_new(NULL);
+ if(!tmp_ctx) {
+ return ENOMEM;
+ }
+
+ ret = sysdb_transaction_start(sysdb);
+ if (ret != EOK) {
+ DEBUG(0, ("Failed to start update transaction\n"));
+ goto done;
+ }
+
+ if (add_groups) {
+ /* Add the user to all add_groups */
+ for (i = 0; add_groups[i]; i++) {
+ ret = sysdb_add_group_member(tmp_ctx, sysdb, domain,
+ add_groups[i], user);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not add user [%s] to group [%s]. "
+ "Skipping.\n"));
+ /* Continue on, we should try to finish the rest */
+ }
+ }
+ }
+
+ if (del_groups) {
+ /* Remove the user from all del_groups */
+ for (i = 0; del_groups[i]; i++) {
+ ret = sysdb_remove_group_member(tmp_ctx, sysdb, domain,
+ del_groups[i], user);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not remove user [%s] from group [%s]. "
+ "Skipping\n"));
+ /* Continue on, we should try to finish the rest */
+ }
+ }
+ }
+
+ ret = sysdb_transaction_commit(sysdb);
+
+done:
+ if (ret != EOK) {
+ sysdb_transaction_cancel(sysdb);
+ }
+ talloc_free(tmp_ctx);
+ return ret;
+}