sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Code
samba-mirror/source4/dsdb/samdb/ldb_modules/show_deleted.c

178 lines
5.6 KiB
C
Raw Normal View History

r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
/*
ldb database library
Copyright (C) Simo Sorce 2005
s4:dsdb Rework show_deleted module not to liniearise the LDAP filter Instead, use the fact that the ldb_parse_tree structure is public to construct the 'and not deleted' clause as a structure, and apply each filter tree to that template. Andrew Bartlett
2009-08-25 16:25:55 +10:00
Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
Copyright (C) Matthias Dieter Wallnöfer 2010
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
s4-samdb: internal s4 ldb modules should be GPL not LGPL I think these modules ended up LGPL because someone based the module on an existing LGPL module in the core ldb, and it spread from there. Certainly there is no reason for the ldb modules that are not distributed as part of ldb to be LGPL.
2009-09-12 11:21:21 +10:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
s4-samdb: internal s4 ldb modules should be GPL not LGPL I think these modules ended up LGPL because someone based the module on an existing LGPL module in the core ldb, and it spread from there. Certainly there is no reason for the ldb modules that are not distributed as part of ldb to be LGPL.
2009-09-12 11:21:21 +10:00
This program is distributed in the hope that it will be useful,
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
but WITHOUT ANY WARRANTY; without even the implied warranty of
s4-samdb: internal s4 ldb modules should be GPL not LGPL I think these modules ended up LGPL because someone based the module on an existing LGPL module in the core ldb, and it spread from there. Certainly there is no reason for the ldb modules that are not distributed as part of ldb to be LGPL.
2009-09-12 11:21:21 +10:00
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
*/
/*
* Name: ldb
*
* Component: ldb deleted objects control module
*
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
* Description: this module hides deleted and recylced objects, and returns
* them if the right control is there
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
*
* Author: Stefan Metzmacher
*/
#include "includes.h"
ldb: use #include <ldb.h> for ldb thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-10 14:12:51 +11:00
#include <ldb_module.h>
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
#include "dsdb/samdb/samdb.h"
s4-dsdb: use dsdb_next_callback() We can't just use the callers callback directly otherwise the ldb_module_done() is never called on the parent request, as the child request is passed to the callback. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-06 09:23:29 +11:00
#include "dsdb/samdb/ldb_modules/util.h"
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
static int show_deleted_search(struct ldb_module *module, struct ldb_request *req)
{
Fix all other modules to use ldb_module.h instead of ldb_private.h The only 2 modules escaping the rule so far are rootdse and partitions
2009-01-30 16:31:19 -05:00
struct ldb_context *ldb;
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
struct ldb_control *show_del, *show_rec;
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
struct ldb_request *down_req;
s4:dsdb Rework show_deleted module not to liniearise the LDAP filter Instead, use the fact that the ldb_parse_tree structure is public to construct the 'and not deleted' clause as a structure, and apply each filter tree to that template. Andrew Bartlett
2009-08-25 16:25:55 +10:00
struct ldb_parse_tree *new_tree = req->op.search.tree;
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
int ret;
Fix all other modules to use ldb_module.h instead of ldb_private.h The only 2 modules escaping the rule so far are rootdse and partitions
2009-01-30 16:31:19 -05:00
ldb = ldb_module_get_ctx(module);
LDB ASYNC: samba4 modules
2008-09-11 18:36:28 -04:00
/* check if there's a show deleted control */
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
show_del = ldb_request_get_control(req, LDB_CONTROL_SHOW_DELETED_OID);
/* check if there's a show recycled control */
show_rec = ldb_request_get_control(req, LDB_CONTROL_SHOW_RECYCLED_OID);
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
if ((show_del == NULL) && (show_rec == NULL)) {
/* Here we have to suppress all deleted objects:
* MS-ADTS 3.1.1.3.4.1
*
* Filter: (&(!(isDeleted=TRUE))(...))
*/
/* FIXME: we could use a constant tree here once we are sure
* that no ldb modules modify trees in-site */
s4-ldb: fixed show_deleted module not to corrupt parse trees The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04 17:46:14 +11:00
new_tree = talloc(req, struct ldb_parse_tree);
if (!new_tree) {
s4-dsdb: use ldb_operr() in the dsdb code this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-07-06 13:21:54 +10:00
return ldb_oom(ldb);
s4:dsdb Rework show_deleted module not to liniearise the LDAP filter Instead, use the fact that the ldb_parse_tree structure is public to construct the 'and not deleted' clause as a structure, and apply each filter tree to that template. Andrew Bartlett
2009-08-25 16:25:55 +10:00
}
s4-ldb: fixed show_deleted module not to corrupt parse trees The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04 17:46:14 +11:00
new_tree->operation = LDB_OP_AND;
new_tree->u.list.num_elements = 2;
new_tree->u.list.elements = talloc_array(new_tree, struct ldb_parse_tree *, 2);
if (!new_tree->u.list.elements) {
s4-dsdb: use ldb_operr() in the dsdb code this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-07-06 13:21:54 +10:00
return ldb_oom(ldb);
s4-ldb: fixed show_deleted module not to corrupt parse trees The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04 17:46:14 +11:00
}
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
s4-ldb: fixed show_deleted module not to corrupt parse trees The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04 17:46:14 +11:00
new_tree->u.list.elements[0] = talloc(new_tree->u.list.elements, struct ldb_parse_tree);
new_tree->u.list.elements[0]->operation = LDB_OP_NOT;
new_tree->u.list.elements[0]->u.isnot.child =
talloc(new_tree->u.list.elements, struct ldb_parse_tree);
if (!new_tree->u.list.elements[0]->u.isnot.child) {
s4-dsdb: use ldb_operr() in the dsdb code this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-07-06 13:21:54 +10:00
return ldb_oom(ldb);
s4-ldb: fixed show_deleted module not to corrupt parse trees The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04 17:46:14 +11:00
}
new_tree->u.list.elements[0]->u.isnot.child->operation = LDB_OP_EQUALITY;
new_tree->u.list.elements[0]->u.isnot.child->u.equality.attr = "isDeleted";
new_tree->u.list.elements[0]->u.isnot.child->u.equality.value = data_blob_string_const("TRUE");
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
new_tree->u.list.elements[1] = req->op.search.tree;
} else if ((show_del != NULL) && (show_rec == NULL)) {
/* Here we need to suppress all recycled objects:
* MS-ADTS 3.1.1.3.4.1
*
* Filter: (&(!(isRecycled=TRUE))(...))
*/
/* FIXME: we could use a constant tree here once we are sure
* that no ldb modules modify trees in-site */
new_tree = talloc(req, struct ldb_parse_tree);
if (!new_tree) {
return ldb_oom(ldb);
}
new_tree->operation = LDB_OP_AND;
new_tree->u.list.num_elements = 2;
new_tree->u.list.elements = talloc_array(new_tree, struct ldb_parse_tree *, 2);
if (!new_tree->u.list.elements) {
return ldb_oom(ldb);
}
new_tree->u.list.elements[0] = talloc(new_tree->u.list.elements, struct ldb_parse_tree);
new_tree->u.list.elements[0]->operation = LDB_OP_NOT;
new_tree->u.list.elements[0]->u.isnot.child =
talloc(new_tree->u.list.elements, struct ldb_parse_tree);
if (!new_tree->u.list.elements[0]->u.isnot.child) {
return ldb_oom(ldb);
}
new_tree->u.list.elements[0]->u.isnot.child->operation = LDB_OP_EQUALITY;
new_tree->u.list.elements[0]->u.isnot.child->u.equality.attr = "isRecycled";
new_tree->u.list.elements[0]->u.isnot.child->u.equality.value = data_blob_string_const("TRUE");
s4-ldb: fixed show_deleted module not to corrupt parse trees The show_deleted module was using a static private ptr in the module to hold a parse tree to save on parsing. The code caused this static ptr to change with each search, which caused incorrect searches and numerous valgrind errors. This patch replaces it with a hand-built parse tree.
2009-12-04 17:46:14 +11:00
new_tree->u.list.elements[1] = req->op.search.tree;
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
}
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
s4:dsdb Rework show_deleted module not to liniearise the LDAP filter Instead, use the fact that the ldb_parse_tree structure is public to construct the 'and not deleted' clause as a structure, and apply each filter tree to that template. Andrew Bartlett
2009-08-25 16:25:55 +10:00
ret = ldb_build_search_req_ex(&down_req, ldb, req,
req->op.search.base,
req->op.search.scope,
new_tree,
req->op.search.attrs,
req->controls,
s4-dsdb: use dsdb_next_callback() We can't just use the callers callback directly otherwise the ldb_module_done() is never called on the parent request, as the child request is passed to the callback. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-06 09:23:29 +11:00
req, dsdb_next_callback,
s4:dsdb Rework show_deleted module not to liniearise the LDAP filter Instead, use the fact that the ldb_parse_tree structure is public to construct the 'and not deleted' clause as a structure, and apply each filter tree to that template. Andrew Bartlett
2009-08-25 16:25:55 +10:00
req);
ldb: mark the location of a lot more ldb requests
2010-09-24 12:50:13 -07:00
LDB_REQ_SET_LOCATION(down_req);
LDB ASYNC: samba4 modules
2008-09-11 18:36:28 -04:00
if (ret != LDB_SUCCESS) {
return ret;
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
}
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
/* mark the controls as done */
if (show_del != NULL) {
show_del->critical = 0;
}
if (show_rec != NULL) {
show_rec->critical = 0;
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
}
LDB ASYNC: samba4 modules
2008-09-11 18:36:28 -04:00
/* perform the search */
return ldb_next_request(module, down_req);
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
}
static int show_deleted_init(struct ldb_module *module)
{
Fix all other modules to use ldb_module.h instead of ldb_private.h The only 2 modules escaping the rule so far are rootdse and partitions
2009-01-30 16:31:19 -05:00
struct ldb_context *ldb;
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
int ret;
Fix all other modules to use ldb_module.h instead of ldb_private.h The only 2 modules escaping the rule so far are rootdse and partitions
2009-01-30 16:31:19 -05:00
ldb = ldb_module_get_ctx(module);
LDB ASYNC: samba4 modules
2008-09-11 18:36:28 -04:00
ret = ldb_mod_register_control(module, LDB_CONTROL_SHOW_DELETED_OID);
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
if (ret != LDB_SUCCESS) {
Fix all other modules to use ldb_module.h instead of ldb_private.h The only 2 modules escaping the rule so far are rootdse and partitions
2009-01-30 16:31:19 -05:00
ldb_debug(ldb, LDB_DEBUG_ERROR,
s4:ldb_modules: Correct typos.
2009-05-24 17:40:57 -05:00
"show_deleted: Unable to register control with rootdse!\n");
s4-dsdb: use ldb_operr() in the dsdb code this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-07-06 13:21:54 +10:00
return ldb_operr(ldb);
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
}
s4:show_deleted LDB module - also support the "show_recycled" control MS-ADTS 3.1.1.3.4.1 and MS-ADTS 3.1.1.5.5 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-19 18:23:20 +02:00
ret = ldb_mod_register_control(module, LDB_CONTROL_SHOW_RECYCLED_OID);
if (ret != LDB_SUCCESS) {
ldb_debug(ldb, LDB_DEBUG_ERROR,
"show_deleted: Unable to register control with rootdse!\n");
return ldb_operr(ldb);
}
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
return ldb_next_init(module);
}
s4-dsdb: convert the rest of the ldb modules to the new module type
2010-11-01 15:28:02 +11:00
static const struct ldb_module_ops ldb_show_deleted_module_ops = {
r20909: add a module that implements the LDAP_CONTROL_SHOW_DELETED_OID control it hides objects with isDeleted=TRUE by default, and let them through if the control is present metze (This used to be commit 7108d62cb0360e734045eb39c03508d8528dc9cc)
2007-01-19 16:55:38 +00:00
.name = "show_deleted",
.search = show_deleted_search,
.init_context = show_deleted_init
};
s4-dsdb: convert the rest of the ldb modules to the new module type
2010-11-01 15:28:02 +11:00
int ldb_show_deleted_module_init(const char *version)
{
s4-ldb: enable version checking in dsdb ldb modules
2010-11-01 22:30:45 +11:00
LDB_MODULE_CHECK_VERSION(version);
s4-dsdb: convert the rest of the ldb modules to the new module type
2010-11-01 15:28:02 +11:00
return ldb_register_module(&ldb_show_deleted_module_ops);
}
Copy Permalink