Mailinglist Archive: yast-commit (953 mails)

< Previous Next >
[yast-commit] r49795 - in /trunk/ldap-server/src: LdapServer.pm agent/SlapdConfigAgent.cc lib/slapd-config.cpp lib/slapd-config.h
  • From: rhafer@xxxxxxxxxxxxxxxx
  • Date: Wed, 06 Aug 2008 16:25:51 -0000
  • Message-id: <20080806162551.8CE332A012@xxxxxxxxxxxxxxxx>
Author: rhafer
Date: Wed Aug 6 18:25:51 2008
New Revision: 49795

URL: http://svn.opensuse.org/viewcvs/yast?rev=49795&view=rev
Log:
- Add some very basic ACLs to new databases
- calculate {index} of database correctly

Modified:
trunk/ldap-server/src/LdapServer.pm
trunk/ldap-server/src/agent/SlapdConfigAgent.cc
trunk/ldap-server/src/lib/slapd-config.cpp
trunk/ldap-server/src/lib/slapd-config.h

Modified: trunk/ldap-server/src/LdapServer.pm
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=49795&r1=49794&r2=49795&view=diff
==============================================================================
--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Wed Aug 6 18:25:51 2008
@@ -1223,20 +1223,31 @@
}
my $rc;
$db->{'rootpw'} = $self->HashPassword($db->{'pwenctype'},
$db->{'rootpw_clear'} );
- if ( $index > 0 )
+ if ( $index == 0 )
{
- $rc = SCR->Write(".ldapserver.database.new.{".$index."}", $db);
- }
- else
- {
- $rc = SCR->Write(".ldapserver.database.new.", $db);
+ # calculate new database index
+ $index = (scalar(@{$self->GetDatabaseList()} )) - 1;
}
+ $rc = SCR->Write(".ldapserver.database.new.{$index}", $db);
if(! $rc ) {
my $err = SCR->Error(".ldapserver");
y2error("Adding Database failed: ".$err->{'summary'}."
".$err->{'description'});
$self->SetError( $err->{'summary'}, $err->{'description'} );
return 0;
}
+ my @acls = ('to dn.subtree="'. $db->{'suffix'} .'" attrs=userPassword by
self write by * auth',
+ # 'to attrs=shadowLastChange by self write by * read',
+ 'to dn.subtree="'. $db->{'suffix'} .'" by * read');
+ foreach my $acl (@acls )
+ {
+ $rc = SCR->Write(".ldapserver.database.{$index}.access", $acl );
+ if(! $rc ) {
+ my $err = SCR->Error(".ldapserver");
+ y2error("Adding default ACLs failed: ".$err->{'summary'}."
".$err->{'description'});
+ $self->SetError( $err->{'summary'}, $err->{'description'} );
+ return 0;
+ }
+ }
return 1;
}


Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.cc
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.cc?rev=49795&r1=49794&r2=49795&view=diff
==============================================================================
--- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Wed Aug 6 18:25:51 2008
@@ -115,15 +115,26 @@
y2milestone("Path %s Length %ld ", path->toString().c_str(),
path->length());

- if ( path->component_str(0) == "global" ) {
+ if ( path->component_str(0) == "global" )
+ {
y2milestone("Global Write");
return WriteGlobal(path->at(1), arg, arg2);
- } else if ( (path->component_str(0) == "database") && (path->length() > 1)
) {
+ }
+ else if ( (path->component_str(0) == "database") && (path->length() > 1) )
+ {
y2milestone("Database Write");
return WriteDatabase(path->at(1), arg, arg2);
- } else if ( path->component_str(0) == "schema" ) {
+ }
+ else if ( path->component_str(0) == "schema" )
+ {
y2milestone("Schema Write");
return WriteSchema(path->at(1), arg, arg2);
+ }
+ else if ( path->component_str(0) == "sambaACLHack" )
+ {
+ // FIXME: remove this, when ACL support in WriteDatabase() is
implemented
+ y2error("Warning: sambaACL is currently not implemented");
+ return YCPBoolean(true);
} else {
lastError->add(YCPString("summary"), YCPString("Write Failed") );
std::string msg = "Unsupported SCR path: `.ldapserver.";
@@ -167,7 +178,7 @@
olc = OlcConfig(lc);
}
}
- if ( path->component_str(0) == "initFromLdif" )
+ else if ( path->component_str(0) == "initFromLdif" )
{
std::istringstream ldifstream(arg->asString()->value_cstr());
LdifReader ldif(ldifstream);
@@ -811,7 +822,6 @@
dbIndexStr = "";
}
}
- YCPMap dbMap= arg->asMap();
int dbIndex = -2;
if ( dbIndexStr[0] == '{' )
{
@@ -834,12 +844,13 @@
bool ret = false;
if ( databaseAdd )
{
+ YCPMap dbMap= arg->asMap();
y2milestone("creating new Database");
if ( dbIndex == -2 )
{
dbIndex = databases.size()-1; //Database indexes start counting
from -1
}
- else if ( (dbIndex <=0) || (dbIndex > (int)databases.size()-2) )
+ else if ( (dbIndex <=0) || (dbIndex > (int)databases.size()-1) )
{
lastError->add(YCPString("summary"), YCPString("Adding Database
Failed") );
std::string msg = "Invalid Index for new Database";
@@ -925,6 +936,7 @@
{
if ( path->length() == 1 )
{
+ YCPMap dbMap= arg->asMap();
YCPValue val = dbMap.value( YCPString("rootdn") );
if ( ! val.isNull() && val->isString() )
{
@@ -1031,6 +1043,12 @@
}
ret = true;
}
+ else if ( dbComponent == "access" )
+ {
+ y2milestone("adding ACL rule: %s",
arg->asString()->value_cstr() );
+ (*i)->addAccessControl(arg->asString()->value_cstr());
+ ret = true;
+ }
else
{
lastError->add(YCPString("summary"), YCPString("Write
Failed") );

Modified: trunk/ldap-server/src/lib/slapd-config.cpp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config.cpp?rev=49795&r1=49794&r2=49795&view=diff
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.cpp (original)
+++ trunk/ldap-server/src/lib/slapd-config.cpp Wed Aug 6 18:25:51 2008
@@ -653,6 +653,16 @@
return this->m_type;
}

+void OlcDatabase::addAccessControl(const std::string& acl, int index )
+{
+ if ( index < 0 )
+ {
+ StringList sl = this->getStringValues( "olcAccess" );
+ index = sl.size();
+ }
+ this->addIndexedStringValue( "olcAccess", acl, index );
+}
+
void OlcDatabase::addOverlay(boost::shared_ptr<OlcOverlay> overlay)
{
m_overlays.push_back(overlay);
@@ -749,6 +759,14 @@
}
}

+void OlcConfigEntry::addIndexedStringValue(const std::string &type,
+ const std::string &value, int index)
+{
+ std::ostringstream oStr;
+ oStr << "{" << index << "}" << value;
+ this->addStringValue( type, oStr.str() );
+}
+
int OlcConfigEntry::getIntValue( const std::string &type ) const
{
StringList sl = this->getStringValues(type);

Modified: trunk/ldap-server/src/lib/slapd-config.h
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config.h?rev=49795&r1=49794&r2=49795&view=diff
==============================================================================
--- trunk/ldap-server/src/lib/slapd-config.h (original)
+++ trunk/ldap-server/src/lib/slapd-config.h Wed Aug 6 18:25:51 2008
@@ -65,6 +65,9 @@
void setStringValue(const std::string &type, const std::string &value);
void addStringValue(const std::string &type, const std::string &value);

+ void addIndexedStringValue( const std::string &type,
+ const std::string &value, int index );
+
int getIntValue( const std::string &type ) const;
void setIntValue( const std::string &type, int value );

@@ -72,7 +75,6 @@

int getEntryIndex() const;

-// virtual std::map<std::string, std::list<std::string> > toMap() const;
virtual std::string toLdif() const;

protected:
@@ -130,7 +132,7 @@
const std::string getSuffix() const;
const std::string getType() const;

- //virtual std::map<std::string, std::list<std::string> > toMap() const;
+ virtual void addAccessControl( const std::string& acl, int index=-1 );

void addOverlay(boost::shared_ptr<OlcOverlay> overlay);
OlcOverlayList& getOverlays() ;
@@ -140,7 +142,6 @@
virtual void updateEntryDn();
std::string m_type;
OlcOverlayList m_overlays;
-
};

class OlcBdbDatabase : public OlcDatabase
@@ -148,7 +149,6 @@
public:
OlcBdbDatabase();
OlcBdbDatabase( const LDAPEntry& le );
- //virtual std::map<std::string, std::list<std::string> > toMap() const;
void setDirectory( const std::string &dir);

virtual IndexMap getDatabaseIndexes() const;
@@ -185,7 +185,6 @@

OlcTlsSettings getTlsSettings() const;
void setTlsSettings( const OlcTlsSettings& tls);
- //virtual std::map<std::string, std::list<std::string> > toMap() const;
};

class OlcSchemaConfig : public OlcConfigEntry

--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages