From 361b29ff4cc0eac948074cb0f54fdc7bd556a1b6 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Fri, 15 Apr 2011 10:12:36 +0200 Subject: Add user and group search LDAP filter options https://fedorahosted.org/sssd/ticket/647 --- src/providers/ldap/ldap_id_enum.c | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) (limited to 'src/providers/ldap/ldap_id_enum.c') diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index 6899b87c..d7dd33e4 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -431,6 +431,7 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, { struct tevent_req *req, *subreq; struct enum_users_state *state; + char *base_filter; int ret; req = tevent_req_create(memctx, &state, struct enum_users_state); @@ -441,7 +442,7 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, state->op = op; if (ctx->srv_opts && ctx->srv_opts->max_user_value && !purge) { - state->filter = talloc_asprintf( + base_filter = talloc_asprintf( state, "(&(objectclass=%s)(%s=*)(%s=*)(%s=*)(%s>=%s)(!(%s=%s)))", ctx->opts->user_map[SDAP_OC_USER].name, @@ -453,7 +454,7 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, ctx->opts->user_map[SDAP_AT_USER_USN].name, ctx->srv_opts->max_user_value); } else { - state->filter = talloc_asprintf( + base_filter = talloc_asprintf( state, "(&(objectclass=%s)(%s=*)(%s=*)(%s=*))", ctx->opts->user_map[SDAP_OC_USER].name, @@ -461,8 +462,17 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, ctx->opts->user_map[SDAP_AT_USER_UID].name, ctx->opts->user_map[SDAP_AT_USER_GID].name); } + if (!base_filter) { + DEBUG(2, ("Failed to build base filter\n")); + ret = ENOMEM; + goto fail; + } + + state->filter = sdap_get_id_specific_filter(state, base_filter, + dp_opt_get_string(ctx->opts->basic, SDAP_USER_SEARCH_FILTER)); + talloc_zfree(base_filter); if (!state->filter) { - DEBUG(2, ("Failed to build filter\n")); + DEBUG(2, ("Failed to build user filter\n")); ret = ENOMEM; goto fail; } @@ -542,6 +552,7 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, { struct tevent_req *req, *subreq; struct enum_groups_state *state; + char *base_filter; int ret; req = tevent_req_create(memctx, &state, struct enum_groups_state); @@ -552,7 +563,7 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, state->op = op; if (ctx->srv_opts && ctx->srv_opts->max_group_value && !purge) { - state->filter = talloc_asprintf( + base_filter = talloc_asprintf( state, "(&(objectclass=%s)(%s=*)(%s=*)(%s>=%s)(!(%s=%s)))", ctx->opts->group_map[SDAP_OC_GROUP].name, @@ -563,19 +574,28 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, ctx->opts->group_map[SDAP_AT_GROUP_USN].name, ctx->srv_opts->max_group_value); } else { - state->filter = talloc_asprintf( + base_filter = talloc_asprintf( state, "(&(objectclass=%s)(%s=*)(%s=*))", ctx->opts->group_map[SDAP_OC_GROUP].name, ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, ctx->opts->group_map[SDAP_AT_GROUP_GID].name); } - if (!state->filter) { + if (!base_filter) { DEBUG(2, ("Failed to build filter\n")); ret = ENOMEM; goto fail; } + state->filter = sdap_get_id_specific_filter(state, base_filter, + dp_opt_get_string(ctx->opts->basic, SDAP_GROUP_SEARCH_FILTER)); + talloc_zfree(base_filter); + if (!state->filter) { + DEBUG(2, ("Failed to build group filter\n")); + ret = ENOMEM; + goto fail; + } + /* TODO: handle attrs_type */ ret = build_attrs_from_map(state, ctx->opts->group_map, SDAP_OPTS_GROUP, &state->attrs); -- cgit