ITS#9747 dynlist: fix Compare for static groups

Fallback to static check if static groups are configured and dynamic group check returns false.
2025-03-13 14:27:59 +08:00 · 2021-11-11 23:17:05 +00:00 · 2021-11-11 23:17:05 +00:00 · bc659074ee
commit bc659074ee
parent 30baa30bce
3 changed files with 65 additions and 0 deletions
--- a/servers/slapd/overlays/dynlist.c
+++ b/servers/slapd/overlays/dynlist.c
@ -887,6 +887,13 @@ dynlist_compare( Operation *op, SlapReply *rs )
 				 * the assertion is FALSE rather than
 				 * UNDEFINED */
 				rs->sr_err = LDAP_COMPARE_FALSE;
+
+				/* If also using static groups, fallback to
+				 * vanilla compare
+				 */
+				if ( dlm->dlm_static_oc )
+					return SLAP_CB_CONTINUE;
+
 				break;
 			}

--- a/tests/data/dynlist.out
+++ b/tests/data/dynlist.out
@ -386,6 +386,10 @@ memberOf: cn=all staff,ou=groups,dc=example,dc=com
 memberOf: cn=alumni assoc staff,ou=groups,dc=example,dc=com
 memberOf: cn=dynamic list of members,ou=dynamic lists,dc=example,dc=com

+TRUE
+
+FALSE
+
 # Testing nested dynamic group functionality...
 dn: cn=Dynamic List,ou=Dynamic Lists,dc=example,dc=com
 objectClass: groupOfURLs
--- a/tests/scripts/test044-dynlist
+++ b/tests/scripts/test044-dynlist
@ -808,6 +808,60 @@ if test $RC != 0 ; then
 	exit $RC
 fi

+echo "Testing static group member compare..."
+echo "# Testing static group member compare..." >> $SEARCHOUT
+$LDAPCOMPARE -H $URI1 \
+	"cn=all staff,ou=groups,$BASEDN" "member:cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT
+RC=$?
+case $RC in
+5)
+	echo "ldapcompare returned FALSE ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+6)
+	echo "ldapcompare returned TRUE ($RC)"
+	;;
+0)
+	echo "ldapcompare returned success ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit 1
+	;;
+*)
+	echo "ldapcompare failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+esac
+echo "" >> $SEARCHOUT
+
+echo "Testing static group non-member compare (should return FALSE)..."
+echo "# Testing static group non-member compare (should return FALSE)..." >> $SEARCHOUT
+$LDAPCOMPARE -H $URI1 \
+	"cn=all staff,ou=groups,$BASEDN" "member:cn=Not A User,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT
+RC=$?
+case $RC in
+5)
+	echo "ldapcompare returned FALSE ($RC)"
+	;;
+6)
+	echo "ldapcompare returned TRUE ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+0)
+	echo "ldapcompare returned success ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit 1
+	;;
+*)
+	echo "ldapcompare failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+	;;
+esac
+echo "" >> $SEARCHOUT
+
 echo "Reconfiguring slapd..."
 $LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
 	$TESTOUT 2>&1 << EOMODS