Forbid adding users who have a group's name

2009-01-30 22:11:38 -05:00 · 2009-01-30 22:11:38 -05:00 · cd84888b1f
parent 0ab9df26ef
commit cd84888b1f
4 changed files with 27 additions and 0 deletions
--- a/src/addclub.c
+++ b/src/addclub.c
@ -63,6 +63,8 @@ int addclub() {

    if (ceo_user_exists(userid))
        deny("user %s already exists in LDAP", userid);
+    if (ceo_group_exists(userid))
+        deny("group %s already exists in LDAP", userid);

    if ((id = ceo_new_uid(club_min_id, club_max_id)) <= 0)
        fatal("no available uids in range [%d, %d]", club_min_id, club_max_id);
--- a/src/addmember.c
+++ b/src/addmember.c
@ -72,6 +72,8 @@ int addmember() {

    if (ceo_user_exists(userid))
        deny("user %s already exists in LDAP", userid);
+    if (ceo_group_exists(userid))
+        deny("group %s already exists in LDAP", userid);

    if ((id = ceo_new_uid(member_min_id, member_max_id)) <= 0)
        fatal("no available uids in range [%d, %d]", member_min_id, member_max_id);
--- a/src/ldap.c
+++ b/src/ldap.c
@ -310,6 +310,28 @@ int ceo_user_exists(char *uid) {
    return count > 0;
 }

+int ceo_group_exists(char *cn) {
+    char *attrs[] = { LDAP_NO_ATTRS, NULL };
+    LDAPMessage *msg = NULL;
+    char filter[128];
+    int count;
+
+    if (!cn)
+        fatal("null cd");
+
+    snprintf(filter, sizeof(filter), "cn=%s", cn);
+
+    if (ldap_search_s(ld, groups_base, LDAP_SCOPE_SUBTREE, filter, attrs, 0, &msg) != LDAP_SUCCESS) {
+        ldap_err("group_exists");
+        return -1;
+    }
+
+    count = ldap_count_entries(ld, msg);
+    ldap_msgfree(msg);
+
+    return count > 0;
+}
+
 static int ldap_sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *in) {
    sasl_interact_t *interact = in;

--- a/src/ldap.h
+++ b/src/ldap.h
@ -9,3 +9,4 @@ void ceo_ldap_init();
 void ceo_ldap_cleanup();

 int ceo_user_exists(char *);
+int ceo_group_exists(char *);