dsdb/modules: Split up helpers a bit to prevent recursive dependencies.

author Jelmer Vernooij <jelmer@samba.org>

Sun, 10 Oct 2010 23:03:42 +0000 (01:03 +0200)

committer Jelmer Vernooij <jelmer@samba.org>

Sun, 10 Oct 2010 23:47:54 +0000 (23:47 +0000)
author Jelmer Vernooij <jelmer@samba.org>
Sun, 10 Oct 2010 23:03:42 +0000 (01:03 +0200)
committer Jelmer Vernooij <jelmer@samba.org>
Sun, 10 Oct 2010 23:47:54 +0000 (23:47 +0000)
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c

index 149c6b105efff31770b412d94593b5f6cef88f41..660b4df81812e63ffa730aefdcc96e5d80282045 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -39,6 +39,7 @@
  #include "librpc/gen_ndr/ndr_security.h"
  #include "param/param.h"
  #include "dsdb/samdb/ldb_modules/util.h"
+#include "dsdb/samdb/ldb_modules/schema.h"
  #include "lib/util/tsort.h"
  
  struct extended_access_check_attribute {
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c

index 6c41602a8246fb954e5548e783902c50dee4efdd..1a84704079a308202b4accc3e0f639e6fd220477 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -178,67 +178,6 @@ fail:
         return ldb_operr(ldb_module_get_ctx(module));
  }
  
-int acl_check_access_on_class(struct ldb_module *module,
-                             const struct dsdb_schema *schema,
-                             TALLOC_CTX *mem_ctx,
-                             struct security_descriptor *sd,
-                             struct dom_sid *rp_sid,
-                             uint32_t access,
-                             const char *class_name)
-{
-       int ret;
-       NTSTATUS status;
-       uint32_t access_granted;
-       struct object_tree *root = NULL;
-       struct object_tree *new_node = NULL;
-       const struct GUID *guid;
-       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-       struct security_token *token = acl_user_token(module);
-       if (class_name) {
-               guid = class_schemaid_guid_by_lDAPDisplayName(schema, class_name);
-               if (!guid) {
-                       DEBUG(10, ("acl_search: cannot find class %s\n",
-                                  class_name));
-                       goto fail;
-               }
-               if (!insert_in_object_tree(tmp_ctx,
-                                          guid, access,
-                                          &root, &new_node)) {
-                       DEBUG(10, ("acl_search: cannot add to object tree guid\n"));
-                       goto fail;
-               }
-       }
-       status = sec_access_check_ds(sd, token,
-                                    access,
-                                    &access_granted,
-                                    root,
-                                    rp_sid);
-       if (!NT_STATUS_IS_OK(status)) {
-               ret = LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
-       }
-       else {
-               ret = LDB_SUCCESS;
-       }
-       return ret;
-fail:
-       return ldb_operr(ldb_module_get_ctx(module));
-}
-
-const struct GUID *get_oc_guid_from_message(struct ldb_module *module,
-                                                  const struct dsdb_schema *schema,
-                                                  struct ldb_message *msg)
-{
-       struct ldb_message_element *oc_el;
-
-       oc_el = ldb_msg_find_element(msg, "objectClass");
-       if (!oc_el) {
-               return NULL;
-       }
-
-       return class_schemaid_guid_by_lDAPDisplayName(schema,
-                                                     (char *)oc_el->values[oc_el->num_values-1].data);
-}
-
  
  /* checks for validated writes */
  int acl_check_extended_right(TALLOC_CTX *mem_ctx,
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c

index 959a7d8cd119fe13bb38a0d9ea3f5c33e160eb94..c94d6bdf0be27f45cfdb5cdbada59487125d93e6 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -39,6 +39,7 @@
  #include "librpc/ndr/libndr.h"
  #include "librpc/gen_ndr/ndr_security.h"
  #include "libcli/security/security.h"
+#include "dsdb/samdb/ldb_modules/schema.h"
  #include "auth/auth.h"
  #include "param/param.h"
  #include "util.h"
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c

index fa956269f49801aa8dfe825629377f94c348834d..940290bacecbbacc96a4324e75dff5ef379a978c 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -45,6 +45,7 @@
  #include "auth/auth.h"
  #include "param/param.h"
  #include "../libds/common/flags.h"
+#include "dsdb/samdb/ldb_modules/schema.h"
  #include "util.h"
  
  struct oc_context {
diff --git a/source4/dsdb/samdb/ldb_modules/schema.c b/source4/dsdb/samdb/ldb_modules/schema.c

new file mode 100644 (file)

index 0000000..77bf9dc
--- /dev/null
+++ b/source4/dsdb/samdb/ldb_modules/schema.c
@@ -0,0 +1,120 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Samba utility functions
+
+   Copyright (C) Andrew Tridgell 2009
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "ldb.h"
+#include "ldb_module.h"
+#include "librpc/ndr/libndr.h"
+#include "dsdb/samdb/ldb_modules/util.h"
+#include "dsdb/samdb/samdb.h"
+#include "util.h"
+#include "libcli/security/security.h"
+#include "lib/ldb/include/ldb_private.h"
+
+const struct dsdb_class * get_last_structural_class(const struct dsdb_schema *schema,const struct ldb_message_element *element)
+{
+       const struct dsdb_class *last_class = NULL;
+       unsigned int i;
+
+       for (i = 0; i < element->num_values; i++){
+               const struct dsdb_class *tmp_class = dsdb_class_by_lDAPDisplayName_ldb_val(schema, &element->values[i]);
+
+               if(tmp_class == NULL) {
+                       continue;
+               }
+
+               if(tmp_class->objectClassCategory > 1) {
+                       continue;
+               }
+
+               if (!last_class) {
+                       last_class = tmp_class;
+               } else {
+                       if (tmp_class->subClass_order > last_class->subClass_order)
+                               last_class = tmp_class;
+               }
+       }
+
+       return last_class;
+}
+
+int acl_check_access_on_class(struct ldb_module *module,
+                             const struct dsdb_schema *schema,
+                             TALLOC_CTX *mem_ctx,
+                             struct security_descriptor *sd,
+                             struct dom_sid *rp_sid,
+                             uint32_t access,
+                             const char *class_name)
+{
+       int ret;
+       NTSTATUS status;
+       uint32_t access_granted;
+       struct object_tree *root = NULL;
+       struct object_tree *new_node = NULL;
+       const struct GUID *guid;
+       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+       struct security_token *token = acl_user_token(module);
+       if (class_name) {
+               guid = class_schemaid_guid_by_lDAPDisplayName(schema, class_name);
+               if (!guid) {
+                       DEBUG(10, ("acl_search: cannot find class %s\n",
+                                  class_name));
+                       goto fail;
+               }
+               if (!insert_in_object_tree(tmp_ctx,
+                                          guid, access,
+                                          &root, &new_node)) {
+                       DEBUG(10, ("acl_search: cannot add to object tree guid\n"));
+                       goto fail;
+               }
+       }
+       status = sec_access_check_ds(sd, token,
+                                    access,
+                                    &access_granted,
+                                    root,
+                                    rp_sid);
+       if (!NT_STATUS_IS_OK(status)) {
+               ret = LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
+       }
+       else {
+               ret = LDB_SUCCESS;
+       }
+       return ret;
+fail:
+       return ldb_operr(ldb_module_get_ctx(module));
+}
+
+const struct GUID *get_oc_guid_from_message(struct ldb_module *module,
+                                                  const struct dsdb_schema *schema,
+                                                  struct ldb_message *msg)
+{
+       struct ldb_message_element *oc_el;
+
+       oc_el = ldb_msg_find_element(msg, "objectClass");
+       if (!oc_el) {
+               return NULL;
+       }
+
+       return class_schemaid_guid_by_lDAPDisplayName(schema,
+                                                     (char *)oc_el->values[oc_el->num_values-1].data);
+}
+
+
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c

index 569c967e9526550acfb594c5c000529d2aa3f7e1..d7bf807c24e65188188e02314c0ee1c0ab36c868 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -484,33 +484,6 @@ int dsdb_module_del(struct ldb_module *module,
         return ret;
  }
  
-const struct dsdb_class * get_last_structural_class(const struct dsdb_schema *schema,const struct ldb_message_element *element)
-{
-       const struct dsdb_class *last_class = NULL;
-       unsigned int i;
-
-       for (i = 0; i < element->num_values; i++){
-               const struct dsdb_class *tmp_class = dsdb_class_by_lDAPDisplayName_ldb_val(schema, &element->values[i]);
-
-               if(tmp_class == NULL) {
-                       continue;
-               }
-
-               if(tmp_class->objectClassCategory > 1) {
-                       continue;
-               }
-
-               if (!last_class) {
-                       last_class = tmp_class;
-               } else {
-                       if (tmp_class->subClass_order > last_class->subClass_order)
-                               last_class = tmp_class;
-               }
-       }
-
-       return last_class;
-}
-
  /*
    check if a single valued link has multiple non-deleted values
  
diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build b/source4/dsdb/samdb/ldb_modules/wscript_build

index 399105332aeaf4417322167724b6ac2930370faa..03b138b2acad7779ebd716dc42d881d27daf9fe2 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/wscript_build
+++ b/source4/dsdb/samdb/ldb_modules/wscript_build
@@ -3,7 +3,7 @@
  bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPERS',
         source='util.c acl_util.c',
         autoproto='util_proto.h',
-       deps='ldb LIBNDR SAMDB_SCHEMA'
+       deps='ldb LIBNDR SAMDB_COMMON'
         )
  
  bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPER_RIDALLOC',
@@ -12,6 +12,12 @@ bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPER_RIDALLOC',
         deps='MESSAGING',
         )
  
+bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPER_SCHEMA',
+       source='schema.c',
+       autoproto='schema.h',
+       deps='SAMDB_SCHEMA'
+       )
+
  bld.SAMBA_MODULE('ldb_samba_dsdb',
         source='samba_dsdb.c',
         subsystem='ldb',
@@ -135,7 +141,7 @@ bld.SAMBA_MODULE('ldb_rootdse',
         subsystem='ldb',
         init_function='LDB_MODULE(rootdse)',
         internal_module=not bld.CONFIG_SET('USING_SYSTEM_LDB'),
-       deps='talloc LIBEVENTS SAMDB'
+       deps='talloc LIBEVENTS SAMDB MESSAGING'
         )
  
  
@@ -226,7 +232,7 @@ bld.SAMBA_MODULE('ldb_objectclass',
         subsystem='ldb',
         init_function='LDB_MODULE(objectclass)',
         internal_module=not bld.CONFIG_SET('USING_SYSTEM_LDB'),
-       deps='talloc LIBEVENTS LIBSECURITY NDR_SECURITY SAMDB DSDB_MODULE_HELPERS LIBSAMBA-UTIL'
+       deps='talloc LIBEVENTS LIBSECURITY NDR_SECURITY SAMDB DSDB_MODULE_HELPERS LIBSAMBA-UTIL DSDB_MODULE_HELPER_SCHEMA'
         )
  
  
@@ -307,7 +313,7 @@ bld.SAMBA_MODULE('ldb_descriptor',
         subsystem='ldb',
         init_function='LDB_MODULE(descriptor)',
         internal_module=not bld.CONFIG_SET('USING_SYSTEM_LDB'),
-       deps='talloc LIBEVENTS LIBSECURITY NDR_SECURITY SAMDB DSDB_MODULE_HELPERS'
+       deps='talloc LIBEVENTS LIBSECURITY NDR_SECURITY SAMDB DSDB_MODULE_HELPERS DSDB_MODULE_HELPER_SCHEMA'
         )
  
  
@@ -325,7 +331,7 @@ bld.SAMBA_MODULE('ldb_acl',
         subsystem='ldb',
         init_function='LDB_MODULE(acl)',
         internal_module=not bld.CONFIG_SET('USING_SYSTEM_LDB'),
-       deps='talloc LIBEVENTS LIBSECURITY SAMDB DSDB_MODULE_HELPERS'
+       deps='talloc LIBEVENTS LIBSECURITY SAMDB DSDB_MODULE_HELPERS DSDB_MODULE_HELPER_SCHEMA'
         )
author	Jelmer Vernooij <jelmer@samba.org>
	Sun, 10 Oct 2010 23:03:42 +0000 (01:03 +0200)
committer	Jelmer Vernooij <jelmer@samba.org>
	Sun, 10 Oct 2010 23:47:54 +0000 (23:47 +0000)
source4/dsdb/samdb/ldb_modules/acl.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/acl_util.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/descriptor.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/objectclass.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/schema.c	[new file with mode: 0644]	patch \| blob
source4/dsdb/samdb/ldb_modules/util.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/wscript_build		patch \| blob \| history