aboutsummaryrefslogtreecommitdiff
path: root/write.go
diff options
context:
space:
mode:
Diffstat (limited to 'write.go')
-rw-r--r--write.go49
1 files changed, 24 insertions, 25 deletions
diff --git a/write.go b/write.go
index 0af7ae5..2c35309 100644
--- a/write.go
+++ b/write.go
@@ -30,9 +30,7 @@ func (server *Server) handleAdd(s ldap.UserState, w ldap.ResponseWriter, m *ldap
}
func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (int, error) {
- dn := string(r.Entry())
-
- _, err := server.checkSuffix(dn, false)
+ dn, err := server.checkDN(string(r.Entry()), false)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err
}
@@ -81,18 +79,18 @@ func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (in
if strings.EqualFold(key, ATTR_MEMBER) {
members = vals_str
for _, member := range members {
- _, err := server.checkSuffix(member, false)
+ member_canonical, err := server.checkDN(member, false)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err
}
- exists, err = server.objectExists(member)
+ exists, err = server.objectExists(member_canonical)
if err != nil {
return ldap.LDAPResultOperationsError, err
}
if !exists {
return ldap.LDAPResultNoSuchObject, fmt.Errorf(
"Cannot add %s to members, it does not exist!",
- member)
+ member_canonical)
}
}
}
@@ -104,7 +102,7 @@ func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (in
entry[ATTR_ENTRYUUID] = []string{genUuid()}
entry[dnSplit[0].Type] = []string{dnSplit[0].Value}
- // Add our intem in the DB
+ // Add our item in the DB
err = server.addElements(dn, entry)
if err != nil {
return ldap.LDAPResultOperationsError, err
@@ -117,7 +115,7 @@ func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (in
for _, member := range members {
memberGroups, err := server.getAttribute(member, ATTR_MEMBEROF)
if err != nil {
- server.logger.Printf("Could not add %s to memberOf of %s: %s", dn, member, err)
+ server.logger.Warnf("Could not add %s to memberOf of %s: %s", dn, member, err)
continue
}
if memberGroups == nil {
@@ -128,7 +126,7 @@ func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (in
for _, mb := range memberGroups {
if mb == dn {
alreadyMember = true
- server.logger.Printf("Warning: inconsistency detected, %s was memberOf %s at a time when it didn't exist!",
+ server.logger.Warnf("Warning: inconsistency detected, %s was memberOf %s at a time when it didn't exist!",
member, dn)
break
}
@@ -140,7 +138,7 @@ func (server *Server) handleAddInternal(state *State, r *message.AddRequest) (in
ATTR_MEMBEROF: memberGroups,
})
if err != nil {
- server.logger.Printf("Could not add %s to memberOf of %s: %s", dn, member, err)
+ server.logger.Warnf("Could not add %s to memberOf of %s: %s", dn, member, err)
}
}
}
@@ -170,9 +168,7 @@ func (server *Server) handleDelete(s ldap.UserState, w ldap.ResponseWriter, m *l
}
func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest) (int, error) {
- dn := string(*r)
-
- _, err := server.checkSuffix(dn, false)
+ dn, err := server.checkDN(string(*r), false)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err
}
@@ -230,7 +226,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest)
for _, group := range memberOf {
groupMembers, err := server.getAttribute(group, ATTR_MEMBER)
if err != nil {
- server.logger.Printf("Could not remove %s from members of %s: %s", dn, group, err)
+ server.logger.Warnf("Could not remove %s from members of %s: %s", dn, group, err)
continue
}
@@ -245,7 +241,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest)
ATTR_MEMBER: newMembers,
})
if err != nil {
- server.logger.Printf("Could not remove %s from members of %s: %s", dn, group, err)
+ server.logger.Warnf("Could not remove %s from members of %s: %s", dn, group, err)
}
}
}
@@ -255,7 +251,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest)
for _, member := range memberList {
memberOf, err := server.getAttribute(member, ATTR_MEMBEROF)
if err != nil || memberOf == nil {
- server.logger.Printf("Could not remove %s from memberOf of %s: %s", dn, member, err)
+ server.logger.Warnf("Could not remove %s from memberOf of %s: %s", dn, member, err)
continue
}
@@ -270,7 +266,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest)
ATTR_MEMBEROF: newMemberOf,
})
if err != nil {
- server.logger.Printf("Could not remove %s from memberOf of %s: %s", dn, member, err)
+ server.logger.Warnf("Could not remove %s from memberOf of %s: %s", dn, member, err)
}
}
}
@@ -299,9 +295,7 @@ func (server *Server) handleModify(s ldap.UserState, w ldap.ResponseWriter, m *l
}
func (server *Server) handleModifyInternal(state *State, r *message.ModifyRequest) (int, error) {
- dn := string(r.Object())
-
- _, err := server.checkSuffix(dn, false)
+ dn, err := server.checkDN(string(r.Object()), false)
if err != nil {
return ldap.LDAPResultInvalidDNSyntax, err
}
@@ -448,7 +442,11 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
}
// Check that added members actually exist
- for _, addMem := range addMembers {
+ for i := range addMembers {
+ addMem, err := server.checkDN(addMembers[i], false)
+ if err != nil {
+ return ldap.LDAPResultInvalidDNSyntax, err
+ }
exists, err := server.objectExists(addMem)
if err != nil {
return ldap.LDAPResultOperationsError, err
@@ -457,6 +455,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
return ldap.LDAPResultNoSuchObject, fmt.Errorf(
"Cannot add member %s, it does not exist", addMem)
}
+ addMembers[i] = addMem
}
newEntry[ATTR_MODIFIERSNAME] = []string{state.login.user}
@@ -471,7 +470,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
for _, addMem := range addMembers {
memberOf, err := server.getAttribute(addMem, ATTR_MEMBEROF)
if err != nil {
- server.logger.Printf("Could not add %s to memberOf of %s: %s", dn, addMem, err)
+ server.logger.Warnf("Could not add %s to memberOf of %s: %s", dn, addMem, err)
continue
}
if memberOf == nil {
@@ -491,7 +490,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
ATTR_MEMBEROF: memberOf,
})
if err != nil {
- server.logger.Printf("Could not add %s to memberOf of %s: %s", dn, addMem, err)
+ server.logger.Warnf("Could not add %s to memberOf of %s: %s", dn, addMem, err)
}
}
}
@@ -499,7 +498,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
for _, delMem := range delMembers {
memberOf, err := server.getAttribute(delMem, ATTR_MEMBEROF)
if err != nil {
- server.logger.Printf("Could not remove %s from memberOf of %s: %s", dn, delMem, err)
+ server.logger.Warnf("Could not remove %s from memberOf of %s: %s", dn, delMem, err)
continue
}
if memberOf == nil {
@@ -514,7 +513,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
err = server.addElements(delMem, Entry{ATTR_MEMBEROF: newMemberOf})
if err != nil {
- server.logger.Printf("Could not remove %s from memberOf of %s: %s", dn, delMem, err)
+ server.logger.Warnf("Could not remove %s from memberOf of %s: %s", dn, delMem, err)
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 03:09:54 +0000