diff options
| author | Alexander Sulfrian <alexander@sulfrian.net> | 2016-11-11 19:49:55 +0100 |
|---|---|---|
| committer | Alexander Sulfrian <alexander@sulfrian.net> | 2016-11-11 19:49:55 +0100 |
| commit | 48f38fb952bf76e0f237d79f23f5a6e01f3f66f9 (patch) | |
| tree | 67d5de08f205a591d2b718acbceab34446ab8650 | |
| parent | e5400a3d25d3162a4df511f5941a1f011cb2e85e (diff) | |
| download | ldap-plugin-48f38fb952bf76e0f237d79f23f5a6e01f3f66f9.tar.gz ldap-plugin-48f38fb952bf76e0f237d79f23f5a6e01f3f66f9.tar.bz2 ldap-plugin-48f38fb952bf76e0f237d79f23f5a6e01f3f66f9.zip | |
is_user: Add possibility to check for gold accounts
| -rw-r--r-- | service_passwords.c | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/service_passwords.c b/service_passwords.c index b2cb1d6..8a572e3 100644 --- a/service_passwords.c +++ b/service_passwords.c @@ -78,15 +78,24 @@ static int get_entry(const char *dn, char **attrs, Slapi_Entry **entry) * accounts have to have the \c splineAccount object class. * * @param[in] dn DN of the entry. + * @param[out] gold_account If not \c NULL, this method will also check, if + * the entry has the \c splineGoldAccount object + * class. If the entry is a gold account this will + * be set to 1, otherwise 0. + * * @return 0 if the entry is a user account, 1 otherwise */ -static int is_user(const char *dn) +static int is_user(const char *dn, int *gold_account) { char *attrs[] = { "objectClass", NULL }; Slapi_Entry *entry = NULL; int rc = 0; + if (gold_account != NULL) { + *gold_account = 0; + } + rc |= get_entry(dn, attrs, &entry); if (rc != 0 || entry == NULL) { /* dn not found */ @@ -101,6 +110,14 @@ static int is_user(const char *dn) goto fail1; } + /* check if this user has a "gold" account */ + if (gold_account != NULL) { + if (slapi_entry_attr_hasvalue( + entry, "objectClass", "splineGoldAccount") != 0) { + *gold_account = 1; + } + } + fail1: slapi_entry_free(entry); @@ -481,7 +498,7 @@ static int pre_bind(Slapi_PBlock *pb) } parent_dn = slapi_dn_parent(dn); - rc |= is_user(parent_dn); + rc |= is_user(parent_dn, NULL); slapi_ch_free_string(&parent_dn); if (rc != 0) { @@ -579,7 +596,7 @@ static int pre_entry(Slapi_PBlock *pb) if (is_service(bind_dn, &service) != 0) { parent_dn = slapi_dn_parent(bind_dn); - rc |= is_user(parent_dn); + rc |= is_user(parent_dn, NULL); slapi_ch_free_string(&parent_dn); if (rc != 0) { @@ -593,7 +610,7 @@ static int pre_entry(Slapi_PBlock *pb) /* ignore service_password entries */ parent_dn = slapi_dn_parent(result_dn); - rc |= is_user(parent_dn); + rc |= is_user(parent_dn, NULL); slapi_ch_free_string(&parent_dn); if (rc == 0) { @@ -602,7 +619,7 @@ static int pre_entry(Slapi_PBlock *pb) } /* modify the dn of the returned entry */ - if (is_user(result_dn) == 0) { + if (is_user(result_dn, NULL) == 0) { new_entry = prepend_service_prefix(entry, service); /* Set the new entry as the new result in the pblock and also set the @@ -675,7 +692,7 @@ static int pre_search(Slapi_PBlock *pb) if (is_service(bind_dn, NULL) != 0) { parent_dn = slapi_dn_parent(bind_dn); - rc |= is_user(parent_dn); + rc |= is_user(parent_dn, NULL); slapi_ch_free_string(&parent_dn); if (rc != 0) { @@ -685,7 +702,7 @@ static int pre_search(Slapi_PBlock *pb) parent_dn = slapi_dn_parent(base); - if (is_user(parent_dn) == 0) { + if (is_user(parent_dn, NULL) == 0) { rc |= slapi_pblock_set(pb, SLAPI_TARGET_DN, parent_dn); } |