[yast-commit] r49795 - in /trunk/ldap-server/src: LdapServer.pm agent/SlapdConfigAgent.cc lib/slapd-config.cpp lib/slapd-config.h

Author: rhafer Date: Wed Aug 6 18:25:51 2008 New Revision: 49795 URL: http://svn.opensuse.org/viewcvs/yast?rev=49795&view=rev Log: - Add some very basic ACLs to new databases - calculate {index} of database correctly Modified: trunk/ldap-server/src/LdapServer.pm trunk/ldap-server/src/agent/SlapdConfigAgent.cc trunk/ldap-server/src/lib/slapd-config.cpp trunk/ldap-server/src/lib/slapd-config.h Modified: trunk/ldap-server/src/LdapServer.pm URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=49795&r1=49794&r2=49795&view=diff ============================================================================== --- trunk/ldap-server/src/LdapServer.pm (original) +++ trunk/ldap-server/src/LdapServer.pm Wed Aug 6 18:25:51 2008 @@ -1223,20 +1223,31 @@ } my $rc; $db->{'rootpw'} = $self->HashPassword($db->{'pwenctype'}, $db->{'rootpw_clear'} ); - if ( $index > 0 ) + if ( $index == 0 ) { - $rc = SCR->Write(".ldapserver.database.new.{".$index."}", $db); - } - else - { - $rc = SCR->Write(".ldapserver.database.new.", $db); + # calculate new database index + $index = (scalar(@{$self->GetDatabaseList()} )) - 1; } + $rc = SCR->Write(".ldapserver.database.new.{$index}", $db); if(! $rc ) { my $err = SCR->Error(".ldapserver"); y2error("Adding Database failed: ".$err->{'summary'}." ".$err->{'description'}); $self->SetError( $err->{'summary'}, $err->{'description'} ); return 0; } + my @acls = ('to dn.subtree="'. $db->{'suffix'} .'" attrs=userPassword by self write by * auth', + # 'to attrs=shadowLastChange by self write by * read', + 'to dn.subtree="'. $db->{'suffix'} .'" by * read'); + foreach my $acl (@acls ) + { + $rc = SCR->Write(".ldapserver.database.{$index}.access", $acl ); + if(! $rc ) { + my $err = SCR->Error(".ldapserver"); + y2error("Adding default ACLs failed: ".$err->{'summary'}." ".$err->{'description'}); + $self->SetError( $err->{'summary'}, $err->{'description'} ); + return 0; + } + } return 1; } Modified: trunk/ldap-server/src/agent/SlapdConfigAgent.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.cc?rev=49795&r1=49794&r2=49795&view=diff ============================================================================== --- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (original) +++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Wed Aug 6 18:25:51 2008 @@ -115,15 +115,26 @@ y2milestone("Path %s Length %ld ", path->toString().c_str(), path->length()); - if ( path->component_str(0) == "global" ) { + if ( path->component_str(0) == "global" ) + { y2milestone("Global Write"); return WriteGlobal(path->at(1), arg, arg2); - } else if ( (path->component_str(0) == "database") && (path->length() > 1) ) { + } + else if ( (path->component_str(0) == "database") && (path->length() > 1) ) + { y2milestone("Database Write"); return WriteDatabase(path->at(1), arg, arg2); - } else if ( path->component_str(0) == "schema" ) { + } + else if ( path->component_str(0) == "schema" ) + { y2milestone("Schema Write"); return WriteSchema(path->at(1), arg, arg2); + } + else if ( path->component_str(0) == "sambaACLHack" ) + { + // FIXME: remove this, when ACL support in WriteDatabase() is implemented + y2error("Warning: sambaACL is currently not implemented"); + return YCPBoolean(true); } else { lastError->add(YCPString("summary"), YCPString("Write Failed") ); std::string msg = "Unsupported SCR path: `.ldapserver."; @@ -167,7 +178,7 @@ olc = OlcConfig(lc); } } - if ( path->component_str(0) == "initFromLdif" ) + else if ( path->component_str(0) == "initFromLdif" ) { std::istringstream ldifstream(arg->asString()->value_cstr()); LdifReader ldif(ldifstream); @@ -811,7 +822,6 @@ dbIndexStr = ""; } } - YCPMap dbMap= arg->asMap(); int dbIndex = -2; if ( dbIndexStr[0] == '{' ) { @@ -834,12 +844,13 @@ bool ret = false; if ( databaseAdd ) { + YCPMap dbMap= arg->asMap(); y2milestone("creating new Database"); if ( dbIndex == -2 ) { dbIndex = databases.size()-1; //Database indexes start counting from -1 } - else if ( (dbIndex <=0) || (dbIndex > (int)databases.size()-2) ) + else if ( (dbIndex <=0) || (dbIndex > (int)databases.size()-1) ) { lastError->add(YCPString("summary"), YCPString("Adding Database Failed") ); std::string msg = "Invalid Index for new Database"; @@ -925,6 +936,7 @@ { if ( path->length() == 1 ) { + YCPMap dbMap= arg->asMap(); YCPValue val = dbMap.value( YCPString("rootdn") ); if ( ! val.isNull() && val->isString() ) { @@ -1031,6 +1043,12 @@ } ret = true; } + else if ( dbComponent == "access" ) + { + y2milestone("adding ACL rule: %s", arg->asString()->value_cstr() ); + (*i)->addAccessControl(arg->asString()->value_cstr()); + ret = true; + } else { lastError->add(YCPString("summary"), YCPString("Write Failed") ); Modified: trunk/ldap-server/src/lib/slapd-config.cpp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config.cpp?rev=49795&r1=49794&r2=49795&view=diff ============================================================================== --- trunk/ldap-server/src/lib/slapd-config.cpp (original) +++ trunk/ldap-server/src/lib/slapd-config.cpp Wed Aug 6 18:25:51 2008 @@ -653,6 +653,16 @@ return this->m_type; } +void OlcDatabase::addAccessControl(const std::string& acl, int index ) +{ + if ( index < 0 ) + { + StringList sl = this->getStringValues( "olcAccess" ); + index = sl.size(); + } + this->addIndexedStringValue( "olcAccess", acl, index ); +} + void OlcDatabase::addOverlay(boost::shared_ptr<OlcOverlay> overlay) { m_overlays.push_back(overlay); @@ -749,6 +759,14 @@ } } +void OlcConfigEntry::addIndexedStringValue(const std::string &type, + const std::string &value, int index) +{ + std::ostringstream oStr; + oStr << "{" << index << "}" << value; + this->addStringValue( type, oStr.str() ); +} + int OlcConfigEntry::getIntValue( const std::string &type ) const { StringList sl = this->getStringValues(type); Modified: trunk/ldap-server/src/lib/slapd-config.h URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/slapd-config.h?rev=49795&r1=49794&r2=49795&view=diff ============================================================================== --- trunk/ldap-server/src/lib/slapd-config.h (original) +++ trunk/ldap-server/src/lib/slapd-config.h Wed Aug 6 18:25:51 2008 @@ -65,6 +65,9 @@ void setStringValue(const std::string &type, const std::string &value); void addStringValue(const std::string &type, const std::string &value); + void addIndexedStringValue( const std::string &type, + const std::string &value, int index ); + int getIntValue( const std::string &type ) const; void setIntValue( const std::string &type, int value ); @@ -72,7 +75,6 @@ int getEntryIndex() const; -// virtual std::mapstd::string > toMap() const; virtual std::string toLdif() const; protected: @@ -130,7 +132,7 @@ const std::string getSuffix() const; const std::string getType() const; - //virtual std::mapstd::string > toMap() const; + virtual void addAccessControl( const std::string& acl, int index=-1 ); void addOverlay(boost::shared_ptr<OlcOverlay> overlay); OlcOverlayList& getOverlays() ; @@ -140,7 +142,6 @@ virtual void updateEntryDn(); std::string m_type; OlcOverlayList m_overlays; - }; class OlcBdbDatabase : public OlcDatabase @@ -148,7 +149,6 @@ public: OlcBdbDatabase(); OlcBdbDatabase( const LDAPEntry& le ); - //virtual std::mapstd::string > toMap() const; void setDirectory( const std::string &dir); virtual IndexMap getDatabaseIndexes() const; @@ -185,7 +185,6 @@ OlcTlsSettings getTlsSettings() const; void setTlsSettings( const OlcTlsSettings& tls); - //virtual std::mapstd::string > toMap() const; }; class OlcSchemaConfig : public OlcConfigEntry -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org