s4:dsdb: add validate_update module

metze

diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk
index f9f1714358ba44ee33b392013f2a6283e53f2d57..e13f44af09e34999c214ebb8485e4f4b70359575 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/config.mk
+++ b/source4/dsdb/samdb/ldb_modules/config.mk
@@ -437,7 +437,6 @@ ldb_resolve_oids_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/resolve_oids.o
 PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS LIBSECURITY SAMDB
 SUBSYSTEM = LIBLDB
 INIT_FUNCTION = LDB_MODULE(acl)
-
 # End MODULE ldb_acl
 ################################################
 
@@ -454,3 +453,13 @@ INIT_FUNCTION = LDB_MODULE(lazy_commit)
 ################################################
 
 ldb_lazy_commit_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/lazy_commit.o
+
+# Start MODULE ldb_validate_update
+[MODULE::ldb_validate_update]
+PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS LIBSECURITY SAMDB
+SUBSYSTEM = LIBLDB
+INIT_FUNCTION = LDB_MODULE(validate_update)
+# End MODULE ldb_validate_update
+################################################
+
+ldb_validate_update_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/validate_update.o

diff --git a/source4/dsdb/samdb/ldb_modules/validate_update.c b/source4/dsdb/samdb/ldb_modules/validate_update.c
new file mode 100644 (file)
index 0000000..900b3d0
--- /dev/null
+++ b/source4/dsdb/samdb/ldb_modules/validate_update.c
@@ -0,0 +1,120 @@
+/*
+   ldb database library
+
+   Copyright (C) Stefan Metzmacher <metze@samba.org> 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "ldb_module.h"
+#include "dsdb/samdb/samdb.h"
+
+static int validate_update_message(struct ldb_context *ldb,
+                                  struct dsdb_schema *schema,
+                                  const struct ldb_message *msg)
+{
+       int i;
+
+       for (i=0; i < msg->num_elements; i++) {
+               WERROR werr;
+
+               werr = dsdb_attribute_validate_ldb(ldb, schema,
+                                                  &msg->elements[i]);
+               if (!W_ERROR_IS_OK(werr)) {
+                       int j;
+
+                       ldb_debug(ldb, LDB_DEBUG_ERROR,
+                                 "TODO: object[%s] add/modify attribute[%d|%s] num_values[%d] - %s\n",
+                                 ldb_dn_get_linearized(msg->dn),
+                                 i, msg->elements[i].name,
+                                 msg->elements[i].num_values,
+                                 win_errstr(werr));
+
+                       for (j=0; j < msg->elements[i].num_values; j++) {
+                               ldb_debug(ldb, LDB_DEBUG_ERROR,
+                                         "TODO: value[%d] len[%d]\n", j,
+                                         msg->elements[i].values[j].length);
+                               dump_data(0,
+                                         msg->elements[i].values[j].data,
+                                         msg->elements[i].values[j].length);
+                       }
+
+                       return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
+               }
+       }
+
+       return LDB_SUCCESS;
+}
+
+static int validate_update_add(struct ldb_module *module, struct ldb_request *req)
+{
+       struct ldb_context *ldb;
+       struct dsdb_schema *schema;
+       int ret;
+
+       ldb = ldb_module_get_ctx(module);
+       schema = dsdb_get_schema(ldb);
+
+       if (!schema) {
+               return ldb_next_request(module, req);
+       }
+
+       /* do not manipulate our control entries */
+       if (ldb_dn_is_special(req->op.add.message->dn)) {
+               return ldb_next_request(module, req);
+       }
+
+       ret = validate_update_message(ldb, schema,
+                                     req->op.add.message);
+       if (ret != LDB_SUCCESS) {
+               return ret;
+       }
+
+       return ldb_next_request(module, req);
+}
+
+static int validate_update_modify(struct ldb_module *module, struct ldb_request *req)
+{
+       struct ldb_context *ldb;
+       struct dsdb_schema *schema;
+       int ret;
+
+       ldb = ldb_module_get_ctx(module);
+       schema = dsdb_get_schema(ldb);
+
+       if (!schema) {
+               return ldb_next_request(module, req);
+       }
+
+       /* do not manipulate our control entries */
+       if (ldb_dn_is_special(req->op.mod.message->dn)) {
+               return ldb_next_request(module, req);
+       }
+
+       ret = validate_update_message(ldb, schema,
+                                     req->op.mod.message);
+       if (ret != LDB_SUCCESS) {
+               return ret;
+       }
+
+       return ldb_next_request(module, req);
+}
+
+_PUBLIC_ const struct ldb_module_ops ldb_validate_update_module_ops = {
+       .name           = "validate_update",
+       .add            = validate_update_add,
+       .modify         = validate_update_modify,
+};
+