4 Copyright (C) Andrew Tridgell 2005
5 Copyright (C) Simo Sorce 2006-2008
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 3 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 handle operational attributes
29 createTimestamp: HIDDEN, searchable, ldaptime, alias for whenCreated
30 modifyTimestamp: HIDDEN, searchable, ldaptime, alias for whenChanged
32 for the above two, we do the search as normal, and if
33 createTimestamp or modifyTimestamp is asked for, then do
34 additional searches for whenCreated and whenChanged and fill in
37 we also need to replace these with the whenCreated/whenChanged
38 equivalent in the search expression trees
40 whenCreated: not-HIDDEN, CONSTRUCTED, SEARCHABLE
41 whenChanged: not-HIDDEN, CONSTRUCTED, SEARCHABLE
43 on init we need to setup attribute handlers for these so
44 comparisons are done correctly. The resolution is 1 second.
46 on add we need to add both the above, for current time
48 on modify we need to change whenChanged
51 subschemaSubentry: HIDDEN, not-searchable,
52 points at DN CN=Aggregate,$SCHEMADN
54 for this one we do the search as normal, then add the static
55 value if requested. How do we work out the $BASEDN from inside a
59 structuralObjectClass: HIDDEN, CONSTRUCTED, not-searchable. always same as objectclass?
61 for this one we do the search as normal, then if requested ask
62 for objectclass, change the attribute name, and add it
64 allowedAttributesEffective: HIDDEN, CONSTRUCTED, not-searchable,
65 list of attributes that can be modified - requires schema lookup
68 attributeTypes: in schema only
69 objectClasses: in schema only
70 matchingRules: in schema only
71 matchingRuleUse: in schema only
72 creatorsName: not supported by w2k3?
73 modifiersName: not supported by w2k3?
76 #include "ldb_includes.h"
77 #include "ldb_module.h"
80 #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
84 construct a canonical name from a message
86 static int construct_canonical_name(struct ldb_module *module, struct ldb_message *msg)
89 canonicalName = ldb_dn_canonical_string(msg, msg->dn);
90 if (canonicalName == NULL) {
93 return ldb_msg_add_steal_string(msg, "canonicalName", canonicalName);
97 a list of attribute names that should be substituted in the parse
98 tree before the search is done
100 static const struct {
103 } parse_tree_sub[] = {
104 { "createTimestamp", "whenCreated" },
105 { "modifyTimestamp", "whenChanged" }
110 a list of attribute names that are hidden, but can be searched for
111 using another (non-hidden) name to produce the correct result
113 static const struct {
116 int (*constructor)(struct ldb_module *, struct ldb_message *);
118 { "createTimestamp", "whenCreated", NULL },
119 { "modifyTimestamp", "whenChanged", NULL },
120 { "structuralObjectClass", "objectClass", NULL },
121 { "canonicalName", "distinguishedName", construct_canonical_name }
125 post process a search result record. For any search_sub[] attributes that were
126 asked for, we need to call the appropriate copy routine to copy the result
127 into the message, then remove any attributes that we added to the search but were
128 not asked for by the user
130 static int operational_search_post_process(struct ldb_module *module,
131 struct ldb_message *msg,
132 const char * const *attrs)
134 struct ldb_context *ldb;
137 ldb = ldb_module_get_ctx(module);
139 for (a=0;attrs && attrs[a];a++) {
140 for (i=0;i<ARRAY_SIZE(search_sub);i++) {
141 if (ldb_attr_cmp(attrs[a], search_sub[i].attr) != 0) {
145 /* construct the new attribute, using either a supplied
146 constructor or a simple copy */
147 if (search_sub[i].constructor) {
148 if (search_sub[i].constructor(module, msg) != 0) {
151 } else if (ldb_msg_copy_attr(msg,
152 search_sub[i].replace,
153 search_sub[i].attr) != 0) {
157 /* remove the added search attribute, unless it was asked for
159 if (search_sub[i].replace == NULL ||
160 ldb_attr_in_list(attrs, search_sub[i].replace) ||
161 ldb_attr_in_list(attrs, "*")) {
165 ldb_msg_remove_attr(msg, search_sub[i].replace);
172 ldb_debug_set(ldb, LDB_DEBUG_WARNING,
173 "operational_search_post_process failed for attribute '%s'\n",
180 hook search operations
183 struct operational_context {
184 struct ldb_module *module;
185 struct ldb_request *req;
187 const char * const *attrs;
190 static int operational_callback(struct ldb_request *req, struct ldb_reply *ares)
192 struct operational_context *ac;
195 ac = talloc_get_type(req->context, struct operational_context);
198 return ldb_module_done(ac->req, NULL, NULL,
199 LDB_ERR_OPERATIONS_ERROR);
201 if (ares->error != LDB_SUCCESS) {
202 return ldb_module_done(ac->req, ares->controls,
203 ares->response, ares->error);
206 switch (ares->type) {
207 case LDB_REPLY_ENTRY:
208 /* for each record returned post-process to add any derived
209 attributes that have been asked for */
210 ret = operational_search_post_process(ac->module,
214 return ldb_module_done(ac->req, NULL, NULL,
215 LDB_ERR_OPERATIONS_ERROR);
217 return ldb_module_send_entry(ac->req, ares->message, ares->controls);
219 case LDB_REPLY_REFERRAL:
220 /* ignore referrals */
225 return ldb_module_done(ac->req, ares->controls,
226 ares->response, LDB_SUCCESS);
233 static int operational_search(struct ldb_module *module, struct ldb_request *req)
235 struct ldb_context *ldb;
236 struct operational_context *ac;
237 struct ldb_request *down_req;
238 const char **search_attrs = NULL;
242 ldb = ldb_module_get_ctx(module);
244 ac = talloc(req, struct operational_context);
246 return LDB_ERR_OPERATIONS_ERROR;
251 ac->attrs = req->op.search.attrs;
253 /* FIXME: We must copy the tree and keep the original
255 /* replace any attributes in the parse tree that are
256 searchable, but are stored using a different name in the
258 for (i=0;i<ARRAY_SIZE(parse_tree_sub);i++) {
259 ldb_parse_tree_attr_replace(req->op.search.tree,
260 parse_tree_sub[i].attr,
261 parse_tree_sub[i].replace);
264 /* in the list of attributes we are looking for, rename any
265 attributes to the alias for any hidden attributes that can
266 be fetched directly using non-hidden names */
267 for (a=0;ac->attrs && ac->attrs[a];a++) {
268 for (i=0;i<ARRAY_SIZE(search_sub);i++) {
269 if (ldb_attr_cmp(ac->attrs[a], search_sub[i].attr) == 0 &&
270 search_sub[i].replace) {
272 search_attrs = ldb_attr_list_copy(req, ac->attrs);
273 if (search_attrs == NULL) {
274 return LDB_ERR_OPERATIONS_ERROR;
277 search_attrs[a] = search_sub[i].replace;
282 ret = ldb_build_search_req_ex(&down_req, ldb, ac,
284 req->op.search.scope,
286 /* use new set of attrs if any */
287 search_attrs == NULL?req->op.search.attrs:search_attrs,
289 ac, operational_callback,
291 if (ret != LDB_SUCCESS) {
292 return LDB_ERR_OPERATIONS_ERROR;
295 /* perform the search */
296 return ldb_next_request(module, down_req);
299 static int operational_init(struct ldb_module *ctx)
307 return ldb_next_init(ctx);
310 const struct ldb_module_ops ldb_operational_module_ops = {
311 .name = "operational",
312 .search = operational_search,
313 .init_context = operational_init
git.samba.org / ira / wip.git / blob