Add support for virtual operational attribute plugin type

2025-01-24 13:24:56 +08:00 · 2003-01-21 14:00:25 +00:00 · 2003-01-21 14:00:25 +00:00 · 0edb0803d2
commit 0edb0803d2
parent f327941341
2 changed files with 150 additions and 2 deletions
--- a/servers/slapd/result.c
+++ b/servers/slapd/result.c
@ -686,6 +686,11 @@ slap_send_search_entry(
 	int		userattrs;
 	int		opattrs;
 	AccessControlState acl_state = ACL_STATE_INIT;
+#ifdef LDAP_SLAPI
+	/* Support virtual attribute plugins. */
+	Slapi_PBlock *pb = op->o_pb;
+	Slapi_AttrSet *vattrs = NULL;
+#endif

 	AttributeDescription *ad_entry = slap_schema.si_ad_entry;

@ -1143,6 +1148,150 @@ slap_send_search_entry(
 		}
 	}

+#if defined( LDAP_SLAPI )
+	/* Add virtual attributes */
+	vattrs = slapi_x_attrset_new();
+	slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY, (void *)e );
+	slapi_pblock_set( pb, SLAPI_PLUGIN_OPATTR_COALESCE_DATA, (void *)vattrs );
+	rc = doPluginFNs( be, SLAPI_PLUGIN_OPATTR_COALESCE_FN, pb );
+	if ( rc == 0 ) {
+		/*
+		 * Re-fetch this to be safe; plugin could have freed and
+		 * changed it, although it shouldn't.
+		 */
+		rc = slapi_pblock_get( pb, SLAPI_PLUGIN_OPATTR_COALESCE_DATA, (void **)&vattrs );
+		if ( rc != 0 ) {
+			/* Something bad happened. */
+			vattrs = NULL;
+		}
+	}
+
+	/* Now, send the virtual attributes. */
+	if ( vattrs != NULL ) {
+		for (a = *vattrs, j = 0; a != NULL; a = a->a_next, j++ ) {
+			AttributeDescription *desc = a->a_desc;
+	
+			if ( attrs == NULL ) {
+				/* all attrs request, skip operational attributes */
+				if( is_at_operational( desc->ad_type ) ) {
+					continue;
+				}
+	
+			} else {
+				/* specific attrs requested */
+				if( is_at_operational( desc->ad_type ) ) {
+					if( !opattrs && !ad_inlist( desc, attrs ) ) {
+						continue;
+					}
+				} else {
+					if (!userattrs && !ad_inlist( desc, attrs ) )
+					{
+						continue;
+					}
+				}
+			}
+	
+			if ( ! access_allowed( be, conn, op, e,	desc, NULL,
+				ACL_READ, &acl_state ) )
+			{
+#ifdef NEW_LOGGING
+				LDAP_LOG( ACL, INFO, 
+					"send_search_entry: conn %lu "
+					"access to attribute %s not allowed\n",
+					op->o_connid, desc->ad_cname.bv_val, 0 );
+#else
+				Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s "
+						"not allowed\n",
+				    		desc->ad_cname.bv_val, 0, 0 );
+#endif
+	
+				continue;
+			}
+	
+			rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname );
+			if ( rc == -1 ) {
+#ifdef NEW_LOGGING
+				LDAP_LOG( OPERATION, ERR, 
+					"send_search_entry: conn %lu  "
+					"ber_printf failed\n", op->o_connid, 0, 0 );
+#else
+				Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
+#endif
+	
+				ber_free_buf( ber );
+				send_ldap_result( conn, op, LDAP_OTHER,
+				    NULL, "encoding description error", NULL, NULL );
+	
+				attrs_free( aa );
+				goto error_return;
+			}
+	
+			if ( ! attrsonly ) {
+				for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
+					if ( ! access_allowed( be, conn, op, e,
+						desc, &a->a_vals[i], ACL_READ, &acl_state ) )
+					{
+#ifdef NEW_LOGGING
+						LDAP_LOG( ACL, INFO, 
+							"send_search_entry: conn %lu "
+							"access to %s, value %d not allowed\n",
+							op->o_connid, desc->ad_cname.bv_val, i );
+#else
+						Debug( LDAP_DEBUG_ACL,
+							"acl: access to attribute %s, "
+							"value %d not allowed\n",
+							desc->ad_cname.bv_val, i, 0 );
+#endif
+	
+						continue;
+					}
+	
+					if ( op->vrFilter && e_flags[j][i] == 0 ){
+						continue;
+					}
+	
+					if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
+#ifdef NEW_LOGGING
+						LDAP_LOG( OPERATION, ERR, 
+							"send_search_entry: conn %lu  ber_printf failed\n", 
+							op->o_connid, 0, 0 );
+#else
+						Debug( LDAP_DEBUG_ANY,
+						    "ber_printf failed\n", 0, 0, 0 );
+#endif
+	
+						ber_free_buf( ber );
+						send_ldap_result( conn, op, LDAP_OTHER,
+							NULL, "encoding values error", 
+							NULL, NULL );
+
+						attrs_free( aa );
+						goto error_return;
+					}
+				}
+			}
+
+			if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
+#ifdef NEW_LOGGING
+				LDAP_LOG( OPERATION, ERR, 
+					"send_search_entry: conn %lu  ber_printf failed\n",
+					op->o_connid, 0, 0 );
+#else
+				Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
+#endif
+
+				ber_free_buf( ber );
+				send_ldap_result( conn, op, LDAP_OTHER,
+				    NULL, "encode end error", NULL, NULL );
+
+				attrs_free( aa );
+				goto error_return;
+			}
+		}
+		slapi_x_attrset_free( &vattrs );
+	}
+#endif /* LDAP_SLAPI */
+
 	/* free e_flags */
 	if ( e_flags ) {
 		free( e_flags );
--- a/servers/slapd/slapi/slapi_utils.c
+++ b/servers/slapd/slapi/slapi_utils.c
@ -2092,8 +2092,7 @@ void slapi_x_attrset_free( Slapi_AttrSet **pAs )

 	if ( as != NULL ) {
 		attrs_free( *as );
-		slapi_ch_free( (void **)&as );
-		*pAs = NULL;
+		slapi_ch_free( (void **)pAs );
 	}
 #endif
 }