[389-commits] ldap/admin ldap/ldif ldap/servers Makefile.am Makefile.in

Nathan Kinder nkinder at fedoraproject.org
Wed May 11 15:44:30 UTC 2011 

 Makefile.am                                    |    1 
 Makefile.in                                    |    1 
 ldap/admin/src/scripts/50refintprecedence.ldif |    4 +
 ldap/ldif/template-dse.ldif.in                 |    1 
 ldap/servers/plugins/memberof/memberof.c       |   87 ++++++++++++++++++++++++-
 ldap/servers/plugins/memberof/memberof.h       |    1 
 6 files changed, 93 insertions(+), 2 deletions(-)

New commits:
commit 7eec67451402fecff97610780028dc7c45588d96
Author: Nathan Kinder <nkinder at redhat.com>
Date:   Tue May 10 14:32:45 2011 -0700

    Bug 697961 - memberOf needs to be triggered by internal operations
    
    The memberOf plug-in is not currently triggered by internal modify,
    add, delete, or rename operations.  This patch makes it work with
    internal operations so it can play nicely with other plug-ins that
    make membership changes, such as the new Auto Membership plug-in.
    
    The precedence for the referential integrity plug-in needed to be
    lowered to ensure consistency of membership attributes when both
    memberOf and referential integrity plug-ins are in use.

diff --git a/Makefile.am b/Makefile.am
index 5a29505..d9c5352 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -467,6 +467,7 @@ update_DATA = ldap/admin/src/scripts/exampleupdate.pl \
 	ldap/admin/src/scripts/50linkedattrsplugin.ldif \
 	ldap/admin/src/scripts/50usnplugin.ldif \
 	ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif \
+	ldap/admin/src/scripts/50refintprecedence.ldif \
 	ldap/admin/src/scripts/50retroclprecedence.ldif \
 	ldap/admin/src/scripts/60upgradeschemafiles.pl \
 	ldap/admin/src/scripts/90subtreerename.pl \
diff --git a/Makefile.in b/Makefile.in
index c653e04..2c3c311 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1656,6 +1656,7 @@ update_DATA = ldap/admin/src/scripts/exampleupdate.pl \
 	ldap/admin/src/scripts/50linkedattrsplugin.ldif \
 	ldap/admin/src/scripts/50usnplugin.ldif \
 	ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif \
+	ldap/admin/src/scripts/50refintprecedence.ldif \
 	ldap/admin/src/scripts/50retroclprecedence.ldif \
 	ldap/admin/src/scripts/60upgradeschemafiles.pl \
 	ldap/admin/src/scripts/90subtreerename.pl \
diff --git a/ldap/admin/src/scripts/50refintprecedence.ldif b/ldap/admin/src/scripts/50refintprecedence.ldif
new file mode 100644
index 0000000..dec649c
--- /dev/null
+++ b/ldap/admin/src/scripts/50refintprecedence.ldif
@@ -0,0 +1,4 @@
+dn: cn=referential integrity postoperation,cn=plugins,cn=config
+changetype: modify
+replace: nsslapd-pluginPrecedence
+nsslapd-pluginPrecedence: 40
diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in
index a345a40..fde894b 100644
--- a/ldap/ldif/template-dse.ldif.in
+++ b/ldap/ldif/template-dse.ldif.in
@@ -581,6 +581,7 @@ nsslapd-pluginpath: libreferint-plugin
 nsslapd-plugininitfunc: referint_postop_init
 nsslapd-plugintype: postoperation
 nsslapd-pluginenabled: off
+nsslapd-pluginprecedence: 40
 nsslapd-pluginArg0: 0
 nsslapd-pluginArg1: %log_dir%/referint
 nsslapd-pluginArg2: 0
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index 96aa44a..72ad1a0 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -79,6 +79,7 @@ static Slapi_PluginDesc pdesc = { "memberof", VENDOR,
 static void* _PluginID = NULL;
 static Slapi_Mutex *memberof_operation_lock = 0;
 MemberOfConfig *qsortConfig = 0;
+static int g_plugin_started = 0;
 
 typedef struct _memberofstringll
 {
@@ -97,6 +98,7 @@ typedef struct _memberof_get_groups_data
 
 /* exported functions */
 int memberof_postop_init(Slapi_PBlock *pb );
+static int memberof_internal_postop_init(Slapi_PBlock *pb);
 
 /* plugin callbacks */ 
 static int memberof_postop_del(Slapi_PBlock *pb ); 
@@ -213,7 +215,14 @@ memberof_postop_init(Slapi_PBlock *pb)
 		slapi_pblock_set(pb, SLAPI_PLUGIN_START_FN,
 			(void *) memberof_postop_start ) != 0 ||
 		slapi_pblock_set(pb, SLAPI_PLUGIN_CLOSE_FN,
-			(void *) memberof_postop_close ) != 0)
+			(void *) memberof_postop_close ) != 0 ||
+		slapi_register_plugin("internalpostoperation",  /* op type */
+			1,        /* Enabled */
+			"memberof_postop_init",   /* this function desc */
+			memberof_internal_postop_init,  /* init func */
+			MEMBEROF_INT_PREOP_DESC,      /* plugin desc */
+			NULL,     /* ? */
+			memberof_plugin_identity   /* access control */))
 	{
 		slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM,
 			"memberof_postop_init failed\n" );
@@ -225,6 +234,31 @@ memberof_postop_init(Slapi_PBlock *pb)
 	return ret;
 }
 
+static int
+memberof_internal_postop_init(Slapi_PBlock *pb)
+{
+	int status = 0;
+
+	if (slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
+			SLAPI_PLUGIN_VERSION_01) != 0 ||
+		slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION,
+			(void *) &pdesc) != 0 ||
+		slapi_pblock_set(pb, SLAPI_PLUGIN_INTERNAL_POST_DELETE_FN,
+			(void *) memberof_postop_del) != 0 ||
+		slapi_pblock_set( pb, SLAPI_PLUGIN_INTERNAL_POST_MODRDN_FN,
+			(void *) memberof_postop_modrdn ) != 0 ||
+		slapi_pblock_set( pb, SLAPI_PLUGIN_INTERNAL_POST_MODIFY_FN,
+			(void *) memberof_postop_modify ) != 0 ||
+		slapi_pblock_set( pb, SLAPI_PLUGIN_INTERNAL_POST_ADD_FN,
+			(void *) memberof_postop_add ) != 0) {
+		slapi_log_error(SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM,
+			"memberof_internal_postop_init: failed to register plugin\n");
+		status = -1;
+	}
+
+	return status;
+}
+
 /*
  * memberof_postop_start()
  *
@@ -239,6 +273,11 @@ int memberof_postop_start(Slapi_PBlock *pb)
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		"--> memberof_postop_start\n" );
 
+	/* Check if we're already started */
+	if (g_plugin_started) {
+		goto bail;
+	}
+
 	memberof_operation_lock = slapi_new_mutex();
 	if(0 == memberof_operation_lock)
 	{
@@ -265,6 +304,8 @@ int memberof_postop_start(Slapi_PBlock *pb)
 		goto bail;
 	}
 
+	g_plugin_started = 1;
+
 	/*
 	 * TODO: start up operation actor thread
 	 * need to get to a point where server failure
@@ -293,7 +334,7 @@ int memberof_postop_close(Slapi_PBlock *pb)
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "--> memberof_postop_close\n" );
 
-
+	g_plugin_started = 0;
 
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "<-- memberof_postop_close\n" );
@@ -316,10 +357,19 @@ int memberof_postop_del(Slapi_PBlock *pb)
 	int ret = 0;
 	MemberOfConfig configCopy = {0, 0, 0, 0};
 	char *dn;
+	void *caller_id = NULL;
 
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "--> memberof_postop_del\n" );
 
+	/* We don't want to process internal modify
+	 * operations that originate from this plugin. */
+	slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &caller_id);
+	if (caller_id == memberof_get_plugin_id()) {
+		/* Just return without processing */
+		return 0;
+	}
+
 	if(memberof_oktodo(pb) && (dn = memberof_getdn(pb)))
 	{
 		struct slapi_entry *e = NULL;
@@ -532,10 +582,19 @@ int memberof_call_foreach_dn(Slapi_PBlock *pb, char *dn,
 int memberof_postop_modrdn(Slapi_PBlock *pb)
 {
 	int ret = 0;
+	void *caller_id = NULL;
 
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "--> memberof_postop_modrdn\n" );
 
+	/* We don't want to process internal modify
+	 * operations that originate from this plugin. */
+	slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &caller_id);
+	if (caller_id == memberof_get_plugin_id()) {
+		/* Just return without processing */
+		return 0;
+	}
+
 	if(memberof_oktodo(pb))
 	{
 		MemberOfConfig *mainConfig = 0;
@@ -698,10 +757,19 @@ int memberof_postop_modify(Slapi_PBlock *pb)
 	Slapi_Mod *smod = 0;
 	LDAPMod **mods;
 	Slapi_Mod *next_mod = 0;
+	void *caller_id = NULL;
 
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "--> memberof_postop_modify\n" );
 
+	/* We don't want to process internal modify
+	 * operations that originate from this plugin. */
+	slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &caller_id);
+	if (caller_id == memberof_get_plugin_id()) {
+		/* Just return without processing */
+		return 0;
+	}
+
 	if(memberof_oktodo(pb) &&
 		(dn = memberof_getdn(pb)))
 	{
@@ -831,10 +899,19 @@ int memberof_postop_add(Slapi_PBlock *pb)
 	int ret = 0;
 	int interested = 0;
 	char *dn = 0;
+	void *caller_id = NULL;
 
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "--> memberof_postop_add\n" );
 
+	/* We don't want to process internal modify
+	 * operations that originate from this plugin. */
+	slapi_pblock_get(pb, SLAPI_PLUGIN_IDENTITY, &caller_id);
+	if (caller_id == memberof_get_plugin_id()) {
+		/* Just return without processing */
+		return 0;
+	}
+
 	if(memberof_oktodo(pb) && (dn = memberof_getdn(pb)))
 	{
 		MemberOfConfig *mainConfig = 0;
@@ -902,6 +979,11 @@ int memberof_oktodo(Slapi_PBlock *pb)
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "--> memberof_postop_oktodo\n" );
 
+	if (!g_plugin_started) {
+		ret = 0;
+		goto bail;
+	}
+
 	if(slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0) 
         {
 		slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM,
@@ -919,6 +1001,7 @@ int memberof_oktodo(Slapi_PBlock *pb)
 	slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
 		     "<-- memberof_postop_oktodo\n" );
 
+bail:
 	return ret;
 }
 
diff --git a/ldap/servers/plugins/memberof/memberof.h b/ldap/servers/plugins/memberof/memberof.h
index 3e41ef6..e516abe 100644
--- a/ldap/servers/plugins/memberof/memberof.h
+++ b/ldap/servers/plugins/memberof/memberof.h
@@ -62,6 +62,7 @@
  * macros
  */
 #define MEMBEROF_PLUGIN_SUBSYSTEM   "memberof-plugin"   /* used for logging */
+#define MEMBEROF_INT_PREOP_DESC "memberOf internal postop plugin"
 #define MEMBEROF_GROUP_ATTR "memberOfGroupAttr"
 #define MEMBEROF_ATTR "memberOfAttr"
 #define DN_SYNTAX_OID "1.3.6.1.4.1.1466.115.121.1.12"

More information about the 389-commits mailing list