From b56b06e199f15a8a840b36bc7cb8010e39ae761d Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Wed, 12 Jun 2013 15:47:26 +0200
Subject: Replace SDAP_ID_MAPPING checks with
 sdap_idmap_domain_has_algorithmic_mapping

Currently the decision if external or algorithmic mapping should be used
in the LDAP or AD provider was based on the value of the ldap_id_mapping
config option. Since now all information about ID mapping is handled by
libsss_idmap the check for this options can be replace with a call which
checks the state via libss_idmap.

https://fedorahosted.org/sssd/ticket/1961
---
 src/providers/ldap/ldap_id.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'src/providers/ldap/ldap_id.c')

diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c
index d76a81a3..addb2f3c 100644
--- a/src/providers/ldap/ldap_id.c
+++ b/src/providers/ldap/ldap_id.c
@@ -79,6 +79,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx,
     uid_t uid;
     enum idmap_error_code err;
     char *sid;
+    bool use_id_mapping;
 
     req = tevent_req_create(memctx, &state, struct users_get_state);
     if (!req) return NULL;
@@ -102,6 +103,9 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx,
     state->name = name;
     state->filter_type = filter_type;
 
+    use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping(
+                                                          ctx->opts->idmap_ctx,
+                                                          sdom->dom->domain_id);
     switch (filter_type) {
     case BE_FILTER_NAME:
         attr_name = ctx->opts->user_map[SDAP_AT_USER_NAME].name;
@@ -111,7 +115,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx,
         }
         break;
     case BE_FILTER_IDNUM:
-        if (dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING)) {
+        if (use_id_mapping) {
             /* If we're ID-mapping, we need to use the objectSID
              * in the search filter.
              */
@@ -416,7 +420,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx,
     gid_t gid;
     enum idmap_error_code err;
     char *sid;
-    bool use_id_mapping = dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING);
+    bool use_id_mapping;
     const char *member_filter[2];
 
     req = tevent_req_create(memctx, &state, struct groups_get_state);
@@ -441,6 +445,10 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx,
     state->name = name;
     state->filter_type = filter_type;
 
+    use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping(
+                                                          ctx->opts->idmap_ctx,
+                                                          sdom->dom->domain_id);
+
     switch(filter_type) {
     case BE_FILTER_NAME:
         attr_name = ctx->opts->group_map[SDAP_AT_GROUP_NAME].name;
@@ -451,7 +459,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx,
         }
         break;
     case BE_FILTER_IDNUM:
-        if (dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING)) {
+        if (use_id_mapping) {
             /* If we're ID-mapping, we need to use the objectSID
              * in the search filter.
              */
-- 
cgit