int member_remove(LDAP *ldap_handle, char *dn_path, char *group_name,
char *group_ou, char *group_membership, char *user_name,
char *pUserOu, char *MoiraId);
+int contains_member(LDAP *ldap_handle, char *dn_path, char *group_name,
+ char *UserOu, char *member);
int populate_group(LDAP *ldap_handle, char *dn_path, char *group_name,
char *group_ou, char *group_membership,
int group_security_flag, char *MoiraId, int synchronize);
char *mitMoiraId_v[] = {NULL, NULL};
char *mitMoiraPublic_v[] = {NULL, NULL};
char *mitMoiraHidden_v[] = {NULL, NULL};
+ char *mitMoiraActive_v[] = {NULL, NULL};
char *groupTypeControl_v[] = {NULL, NULL};
char *mail_v[] = {NULL, NULL};
char *proxy_address_v[] = {NULL, NULL};
{
mitMoiraPublic_v[0] = av[L_PUBLIC];
mitMoiraHidden_v[0] = av[L_HIDDEN];
+ mitMoiraActive_v[0] = av[L_ACTIVE];
ADD_ATTR("objectClass", objectClass_ldap_v, LDAP_MOD_ADD);
ADD_ATTR("mitMoiraPublic", mitMoiraPublic_v, LDAP_MOD_ADD);
ADD_ATTR("mitMoiraHidden", mitMoiraHidden_v, LDAP_MOD_ADD);
+ ADD_ATTR("mitMoiraActive", mitMoiraActive_v, LDAP_MOD_ADD);
if(atoi(av[L_GROUP]))
{
{
mitMoiraPublic_v[0] = av[L_PUBLIC];
mitMoiraHidden_v[0] = av[L_HIDDEN];
+ mitMoiraActive_v[0] = av[L_ACTIVE];
ADD_ATTR("mitMoiraPublic", mitMoiraPublic_v, LDAP_MOD_REPLACE);
ADD_ATTR("mitMoiraHidden", mitMoiraHidden_v, LDAP_MOD_REPLACE);
+ ADD_ATTR("mitMoiraActive", mitMoiraActive_v, LDAP_MOD_REPLACE);
if(atoi(av[L_GROUP]))
{
if (!check_string(group_name))
return(AD_INVALID_NAME);
+ if(!contains_member(ldap_handle, dn_path, group_name, UserOu, user_name))
+ return(0);
+
memset(filter, '\0', sizeof(filter));
group_base = NULL;
group_count = 0;
if (!check_string(group_name))
return(AD_INVALID_NAME);
+ if(contains_member(ldap_handle, dn_path, group_name, UserOu, user_name) > 0)
+ return(0);
+
rc = 0;
memset(filter, '\0', sizeof(filter));
group_base = NULL;
return MR_CONT;
}
+
+int contains_member(LDAP *ldap_handle, char *dn_path, char *group_name,
+ char *UserOu, char *user_name)
+{
+ char search_filter[1024];
+ char *attr_array[3];
+ LK_ENTRY *group_base;
+ int group_count;
+ int rc;
+ char temp[256];
+
+ if(ActiveDirectory)
+ {
+ sprintf(temp, "CN=%s,%s,%s", user_name, UserOu, dn_path);
+ }
+ else
+ {
+ if(!strcmp(UserOu, user_ou))
+ sprintf(temp, "uid=%s,%s,%s", user_name, UserOu, dn_path);
+ else
+ sprintf(temp, "CN=%s,%s,%s", user_name, UserOu, dn_path);
+ }
+
+ group_base = NULL;
+ group_count = 0;
+
+ sprintf(search_filter, "(&(objectClass=group)(cn=%s)(member=%s))",
+ group_name, temp);
+
+ attr_array[0] = "mitMoiraId";
+ attr_array[1] = NULL;
+
+ if ((rc = linklist_build(ldap_handle, dn_path, search_filter,
+ attr_array, &group_base, &group_count,
+ LDAP_SCOPE_SUBTREE)) != 0)
+ {
+ com_err(whoami, 0, "Unable to check group %s for membership of %s : %s",
+ group_name, user_name, ldap_err2string(rc));
+ return(-1);
+ }
+
+ if (group_count)
+ {
+ com_err(whoami, 0, "Group %s contains member %s", group_name, user_name);
+ rc = 1;
+ }
+ else
+ {
+ com_err(whoami, 0, "Group %s does not contain member %s", group_name, user_name);
+ rc = 0;
+ }
+
+ linklist_free(group_base);
+ group_count = 0;
+ group_base = NULL;
+
+ return(rc);
+}
andersk / moira.git / commitdiff
