>From 5d75120a654898b0ecce721950995d816af977f8 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 24 Mar 2015 23:24:50 +0100 Subject: [PATCH 04/11] cache_req: Extend cache_req with wildcard lookups Related: https://fedorahosted.org/sssd/ticket/2553 Adds two new functions to the cache_req API: - cache_req_user_by_filter_send - cache_req_group_by_filter_send These functions can be used to retrieve users or groups that match a specified filter. Also renames a variable to avoid constant confusion -- the variable is only used for debug output. --- src/responder/common/responder_cache_req.c | 135 ++++++++- src/responder/common/responder_cache_req.h | 22 ++ src/tests/cmocka/test_responder_cache_req.c | 414 +++++++++++++++++++++++++++- 3 files changed, 561 insertions(+), 10 deletions(-) diff --git a/src/responder/common/responder_cache_req.c b/src/responder/common/responder_cache_req.c index 7ba257276b064d923b6144f45ade59cac48849d5..786c4f22bdce3e5d6c57e602b6763ce5f19e8b1d 100644 --- a/src/responder/common/responder_cache_req.c +++ b/src/responder/common/responder_cache_req.c @@ -50,6 +50,8 @@ struct cache_req_input { /* Fully qualified object name used in debug messages. */ const char *debug_fqn; + /* Time when the request started. Useful for by-filter lookups */ + time_t req_start; }; struct cache_req_input * @@ -66,11 +68,14 @@ cache_req_input_create(TALLOC_CTX *mem_ctx, } input->type = type; + input->req_start = time(NULL); /* Check that input parameters match selected type. */ switch (input->type) { case CACHE_REQ_USER_BY_NAME: case CACHE_REQ_GROUP_BY_NAME: + case CACHE_REQ_USER_BY_FILTER: + case CACHE_REQ_GROUP_BY_FILTER: case CACHE_REQ_INITGROUPS: if (name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Bug: name cannot be NULL!\n"); @@ -108,6 +113,14 @@ cache_req_input_create(TALLOC_CTX *mem_ctx, case CACHE_REQ_INITGROUPS: input->dp_type = SSS_DP_INITGROUPS; break; + + case CACHE_REQ_USER_BY_FILTER: + input->dp_type = SSS_DP_WILDCARD_USER; + break; + + case CACHE_REQ_GROUP_BY_FILTER: + input->dp_type = SSS_DP_WILDCARD_GROUP; + break; } return input; @@ -141,7 +154,7 @@ cache_req_input_set_domain(struct cache_req_input *input, { TALLOC_CTX *tmp_ctx = NULL; const char *name = NULL; - const char *fqn = NULL; + const char *debug_fqn = NULL; errno_t ret; tmp_ctx = talloc_new(NULL); @@ -155,6 +168,8 @@ cache_req_input_set_domain(struct cache_req_input *input, switch (input->type) { case CACHE_REQ_USER_BY_NAME: case CACHE_REQ_GROUP_BY_NAME: + case CACHE_REQ_USER_BY_FILTER: + case CACHE_REQ_GROUP_BY_FILTER: case CACHE_REQ_INITGROUPS: name = sss_get_cased_name(tmp_ctx, input->orig_name, domain->case_sensitive); @@ -169,8 +184,8 @@ cache_req_input_set_domain(struct cache_req_input *input, goto done; } - fqn = talloc_asprintf(tmp_ctx, "%s@%s", name, domain->name); - if (fqn == NULL) { + debug_fqn = talloc_asprintf(tmp_ctx, "%s@%s", name, domain->name); + if (debug_fqn == NULL) { ret = ENOMEM; goto done; } @@ -178,16 +193,16 @@ cache_req_input_set_domain(struct cache_req_input *input, break; case CACHE_REQ_USER_BY_ID: - fqn = talloc_asprintf(tmp_ctx, "UID:%d@%s", input->id, domain->name); - if (fqn == NULL) { + debug_fqn = talloc_asprintf(tmp_ctx, "UID:%d@%s", input->id, domain->name); + if (debug_fqn == NULL) { ret = ENOMEM; goto done; } break; case CACHE_REQ_GROUP_BY_ID: - fqn = talloc_asprintf(tmp_ctx, "GID:%d@%s", input->id, domain->name); - if (fqn == NULL) { + debug_fqn = talloc_asprintf(tmp_ctx, "GID:%d@%s", input->id, domain->name); + if (debug_fqn == NULL) { ret = ENOMEM; goto done; } @@ -196,7 +211,7 @@ cache_req_input_set_domain(struct cache_req_input *input, input->domain = domain; input->dom_objname = talloc_steal(input, name); - input->debug_fqn = talloc_steal(input, fqn); + input->debug_fqn = talloc_steal(input, debug_fqn); ret = EOK; @@ -227,6 +242,10 @@ static errno_t cache_req_check_ncache(struct cache_req_input *input, case CACHE_REQ_GROUP_BY_ID: ret = sss_ncache_check_gid(ncache, neg_timeout, input->id); break; + case CACHE_REQ_USER_BY_FILTER: + case CACHE_REQ_GROUP_BY_FILTER: + ret = EOK; + break; } if (ret == EEXIST) { @@ -252,6 +271,10 @@ static void cache_req_add_to_ncache(struct cache_req_input *input, ret = sss_ncache_set_group(ncache, false, input->domain, input->dom_objname); break; + case CACHE_REQ_USER_BY_FILTER: + case CACHE_REQ_GROUP_BY_FILTER: + /* Nothing to do, adding a wildcard request to cache doesn't + * make sense */ case CACHE_REQ_USER_BY_ID: case CACHE_REQ_GROUP_BY_ID: /* Nothing to do. Those types must be unique among all domains so @@ -277,6 +300,10 @@ static void cache_req_add_to_ncache_global(struct cache_req_input *input, errno_t ret = ERR_INTERNAL; switch (input->type) { + case CACHE_REQ_USER_BY_FILTER: + case CACHE_REQ_GROUP_BY_FILTER: + /* Nothing to do, adding a wildcard request to cache doesn't + * make sense */ case CACHE_REQ_USER_BY_NAME: case CACHE_REQ_GROUP_BY_NAME: case CACHE_REQ_INITGROUPS: @@ -302,6 +329,44 @@ static void cache_req_add_to_ncache_global(struct cache_req_input *input, return; } +static errno_t updated_users_by_filter(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *name_filter, + time_t since, + struct ldb_result **_res) +{ + int ret; + char *recent_filter; + + recent_filter = talloc_asprintf(mem_ctx, "(%s>=%lu)", + SYSDB_LAST_UPDATE, since); + ret = sysdb_enumpwent_filter_with_views(mem_ctx, domain, + name_filter, recent_filter, + _res); + talloc_free(recent_filter); + + return ret; +} + +static errno_t updated_groups_by_filter(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + const char *name_filter, + time_t since, + struct ldb_result **_res) +{ + int ret; + char *recent_filter; + + recent_filter = talloc_asprintf(mem_ctx, "(%s>=%lu)", + SYSDB_LAST_UPDATE, since); + ret = sysdb_enumgrent_filter_with_views(mem_ctx, domain, + name_filter, recent_filter, + _res); + talloc_free(recent_filter); + + return ret; +} + static errno_t cache_req_get_object(TALLOC_CTX *mem_ctx, struct cache_req_input *input, struct ldb_result **_result) @@ -338,6 +403,18 @@ static errno_t cache_req_get_object(TALLOC_CTX *mem_ctx, ret = sysdb_initgroups_with_views(mem_ctx, input->domain, input->dom_objname, &result); break; + case CACHE_REQ_USER_BY_FILTER: + one_item_only = false; + ret = updated_users_by_filter(mem_ctx, input->domain, + input->dom_objname, input->req_start, + &result); + break; + case CACHE_REQ_GROUP_BY_FILTER: + one_item_only = false; + ret = updated_groups_by_filter(mem_ctx, input->domain, + input->dom_objname, input->req_start, + &result); + break; } if (ret != EOK) { @@ -464,7 +541,9 @@ static errno_t cache_req_cache_check(struct tevent_req *req) state = tevent_req_data(req, struct cache_req_cache_state); - if (state->result == NULL || state->result->count == 0) { + if (state->result == NULL || state->result->count == 0 || + state->input->type == CACHE_REQ_USER_BY_FILTER || + state->input->type == CACHE_REQ_GROUP_BY_FILTER) { ret = ENOENT; } else { if (state->input->type == CACHE_REQ_INITGROUPS) { @@ -987,3 +1066,41 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx, neg_timeout, cache_refresh_percent, domain, input); } + +struct tevent_req * +cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct resp_ctx *rctx, + const char *domain, + const char *filter) +{ + struct cache_req_input *input; + + input = cache_req_input_create(mem_ctx, CACHE_REQ_USER_BY_FILTER, + filter, 0); + if (input == NULL) { + return NULL; + } + + return cache_req_steal_input_and_send(mem_ctx, ev, rctx, NULL, + 0, 0, domain, input); +} + +struct tevent_req * +cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct resp_ctx *rctx, + const char *domain, + const char *filter) +{ + struct cache_req_input *input; + + input = cache_req_input_create(mem_ctx, CACHE_REQ_GROUP_BY_FILTER, + filter, 0); + if (input == NULL) { + return NULL; + } + + return cache_req_steal_input_and_send(mem_ctx, ev, rctx, NULL, + 0, 0, domain, input); +} diff --git a/src/responder/common/responder_cache_req.h b/src/responder/common/responder_cache_req.h index 088e8efe0ceefe49510bc5eab37e7825b667e5f3..bc3a61851189df14c20e371edfd7341e41da6bcd 100644 --- a/src/responder/common/responder_cache_req.h +++ b/src/responder/common/responder_cache_req.h @@ -30,8 +30,10 @@ enum cache_req_type { CACHE_REQ_USER_BY_NAME, CACHE_REQ_USER_BY_ID, + CACHE_REQ_USER_BY_FILTER, CACHE_REQ_GROUP_BY_NAME, CACHE_REQ_GROUP_BY_ID, + CACHE_REQ_GROUP_BY_FILTER, CACHE_REQ_INITGROUPS }; @@ -128,4 +130,24 @@ cache_req_initgr_by_name_send(TALLOC_CTX *mem_ctx, #define cache_req_initgr_by_name_recv(mem_ctx, req, _result, _domain, _name) \ cache_req_recv(mem_ctx, req, _result, _domain, _name) +struct tevent_req * +cache_req_user_by_filter_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct resp_ctx *rctx, + const char *domain, + const char *filter); + +#define cache_req_user_by_filter_recv(mem_ctx, req, _result, _domain) \ + cache_req_recv(mem_ctx, req, _result, _domain, NULL) + +struct tevent_req * +cache_req_group_by_filter_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct resp_ctx *rctx, + const char *domain, + const char *filter); + +#define cache_req_group_by_filter_recv(mem_ctx, req, _result, _domain) \ + cache_req_recv(mem_ctx, req, _result, _domain, NULL) + #endif /* RESPONDER_CACHE_H_ */ diff --git a/src/tests/cmocka/test_responder_cache_req.c b/src/tests/cmocka/test_responder_cache_req.c index e30deed1c6bc4023a4f2154db21fe1339e9bb3c5..31b6694668607815652f45bc93210554fd2ac918 100644 --- a/src/tests/cmocka/test_responder_cache_req.c +++ b/src/tests/cmocka/test_responder_cache_req.c @@ -38,6 +38,9 @@ #define TEST_GROUP_NAME "test-group" #define TEST_GROUP_ID 1000 +#define TEST_USER_NAME2 "test-user2" +#define TEST_GROUP_NAME2 "test-group2" + #define new_single_domain_test(test) \ cmocka_unit_test_setup_teardown(test_ ## test, \ test_single_domain_setup, \ @@ -1694,6 +1697,405 @@ void test_group_by_id_missing_notfound(void **state) assert_true(test_ctx->dp_called); } +static void cache_req_user_by_filter_test_done(struct tevent_req *req) +{ + struct cache_req_test_ctx *ctx = NULL; + + ctx = tevent_req_callback_data(req, struct cache_req_test_ctx); + + ctx->tctx->error = cache_req_user_by_filter_recv(ctx, req, + &ctx->result, + &ctx->domain); + talloc_zfree(req); + ctx->tctx->done = true; +} + +void test_users_by_filter_valid(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + const char *ldbname = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + test_ctx->create_user = true; + + ret = sysdb_store_user(test_ctx->tctx->dom, TEST_USER_NAME2, "pwd", 1001, 1001, + NULL, NULL, NULL, "cn="TEST_USER_NAME2",dc=test", NULL, + NULL, 1000, time(NULL)); + assert_int_equal(ret, EOK); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_user_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + test_ctx->tctx->dom->name, + "test*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_user_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ERR_OK); + assert_true(check_leaks_pop(req_mem_ctx)); + + assert_non_null(test_ctx->result); + assert_int_equal(test_ctx->result->count, 2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[0], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_USER_NAME2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[1], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_USER_NAME); +} + +void test_users_by_filter_filter_old(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + const char *ldbname = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + test_ctx->create_user = true; + + /* This user was updated in distant past, so it wont't be reported by + * the filter search */ + ret = sysdb_store_user(test_ctx->tctx->dom, TEST_USER_NAME2, "pwd", 1001, 1001, + NULL, NULL, NULL, "cn="TEST_USER_NAME2",dc=test", NULL, + NULL, 1000, 1); + assert_int_equal(ret, EOK); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_user_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + test_ctx->tctx->dom->name, + "test*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_user_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ERR_OK); + assert_true(check_leaks_pop(req_mem_ctx)); + + assert_non_null(test_ctx->result); + assert_int_equal(test_ctx->result->count, 1); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[0], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_USER_NAME); +} + +void test_users_by_filter_notfound(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_user_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + test_ctx->tctx->dom->name, + "nosuchuser*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_user_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ENOENT); + assert_true(check_leaks_pop(req_mem_ctx)); +} + +static void test_users_by_filter_multiple_domains_valid(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + struct sss_domain_info *domain = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + const char *ldbname = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + + domain = find_domain_by_name(test_ctx->tctx->dom, + "responder_cache_req_test_d", true); + assert_non_null(domain); + + ret = sysdb_store_user(domain, TEST_USER_NAME, "pwd", 1000, 1000, + NULL, NULL, NULL, "cn="TEST_USER_NAME",dc=test", NULL, + NULL, 1000, time(NULL)); + assert_int_equal(ret, EOK); + + ret = sysdb_store_user(domain, TEST_USER_NAME2, "pwd", 1001, 1001, + NULL, NULL, NULL, "cn="TEST_USER_NAME2",dc=test", NULL, + NULL, 1000, time(NULL)); + assert_int_equal(ret, EOK); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_user_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + domain->name, + "test*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_user_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ERR_OK); + assert_true(check_leaks_pop(req_mem_ctx)); + + assert_non_null(test_ctx->result); + assert_int_equal(test_ctx->result->count, 2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[0], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_USER_NAME2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[1], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_USER_NAME); +} + +static void test_users_by_filter_multiple_domains_notfound(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + struct sss_domain_info *domain = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + + domain = find_domain_by_name(test_ctx->tctx->dom, + "responder_cache_req_test_d", true); + assert_non_null(domain); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_user_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + domain->name, + "nosuchuser*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_user_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ENOENT); + assert_true(check_leaks_pop(req_mem_ctx)); +} + +static void cache_req_group_by_filter_test_done(struct tevent_req *req) +{ + struct cache_req_test_ctx *ctx = NULL; + + ctx = tevent_req_callback_data(req, struct cache_req_test_ctx); + + ctx->tctx->error = cache_req_group_by_filter_recv(ctx, req, + &ctx->result, + &ctx->domain); + talloc_zfree(req); + ctx->tctx->done = true; +} + +void test_groups_by_filter_valid(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + const char *ldbname = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + test_ctx->create_group = true; + + ret = sysdb_store_group(test_ctx->tctx->dom, TEST_GROUP_NAME2, + 1001, NULL, 1001, time(NULL)); + assert_int_equal(ret, EOK); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_group_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + test_ctx->tctx->dom->name, + "test*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_group_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ERR_OK); + assert_true(check_leaks_pop(req_mem_ctx)); + + assert_non_null(test_ctx->result); + assert_int_equal(test_ctx->result->count, 2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[0], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_GROUP_NAME2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[1], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_GROUP_NAME); +} + +void test_groups_by_filter_notfound(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_group_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + test_ctx->tctx->dom->name, + "nosuchgroup*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_group_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ENOENT); + assert_true(check_leaks_pop(req_mem_ctx)); +} + +void test_groups_by_filter_multiple_domains_valid(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + struct sss_domain_info *domain = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + const char *ldbname = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + + domain = find_domain_by_name(test_ctx->tctx->dom, + "responder_cache_req_test_d", true); + assert_non_null(domain); + + ret = sysdb_store_group(domain, TEST_GROUP_NAME, + 1000, NULL, 1000, time(NULL)); + assert_int_equal(ret, EOK); + + ret = sysdb_store_group(domain, TEST_GROUP_NAME2, + 1001, NULL, 1001, time(NULL)); + assert_int_equal(ret, EOK); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_group_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + domain->name, + "test*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_group_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ERR_OK); + assert_true(check_leaks_pop(req_mem_ctx)); + + assert_non_null(test_ctx->result); + assert_int_equal(test_ctx->result->count, 2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[0], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_GROUP_NAME2); + + ldbname = ldb_msg_find_attr_as_string(test_ctx->result->msgs[1], + SYSDB_NAME, NULL); + assert_non_null(ldbname); + assert_string_equal(ldbname, TEST_GROUP_NAME); +} + +void test_groups_by_filter_multiple_domains_notfound(void **state) +{ + struct cache_req_test_ctx *test_ctx = NULL; + struct sss_domain_info *domain = NULL; + TALLOC_CTX *req_mem_ctx = NULL; + struct tevent_req *req = NULL; + errno_t ret; + + test_ctx = talloc_get_type_abort(*state, struct cache_req_test_ctx); + domain = find_domain_by_name(test_ctx->tctx->dom, + "responder_cache_req_test_d", true); + assert_non_null(domain); + + req_mem_ctx = talloc_new(global_talloc_context); + check_leaks_push(req_mem_ctx); + + /* Filters always go to DP */ + will_return(__wrap_sss_dp_get_account_send, test_ctx); + mock_account_recv_simple(); + + req = cache_req_group_by_filter_send(req_mem_ctx, test_ctx->tctx->ev, + test_ctx->rctx, + domain->name, + "nosuchgroup*"); + assert_non_null(req); + tevent_req_set_callback(req, cache_req_group_by_filter_test_done, test_ctx); + + ret = test_ev_loop(test_ctx->tctx); + assert_int_equal(ret, ENOENT); + assert_true(check_leaks_pop(req_mem_ctx)); +} + int main(int argc, const char *argv[]) { poptContext pc; @@ -1741,7 +2143,17 @@ int main(int argc, const char *argv[]) new_single_domain_test(group_by_id_missing_found), new_single_domain_test(group_by_id_missing_notfound), new_multi_domain_test(group_by_id_multiple_domains_found), - new_multi_domain_test(group_by_id_multiple_domains_notfound) + new_multi_domain_test(group_by_id_multiple_domains_notfound), + + new_single_domain_test(users_by_filter_valid), + new_single_domain_test(users_by_filter_filter_old), + new_single_domain_test(users_by_filter_notfound), + new_multi_domain_test(users_by_filter_multiple_domains_valid), + new_multi_domain_test(users_by_filter_multiple_domains_notfound), + new_single_domain_test(groups_by_filter_valid), + new_single_domain_test(groups_by_filter_notfound), + new_multi_domain_test(groups_by_filter_multiple_domains_valid), + new_multi_domain_test(groups_by_filter_multiple_domains_notfound), }; /* Set debug level to invalid value so we can deside if -d 0 was used. */ -- 2.4.3