mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Unix gid duplicate fix (#1876)

Browse source 
* added gid removal only when the gid is actually set and updated tests

---------

Signed-off-by: Sebastiano Tocci <seba.tocci@gmail.com>
This commit is contained in:
Sebastiano Tocci 2023-07-19 01:44:51 +02:00 committed by GitHub
parent 73e6e11cd2
commit e5748fdebb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
server/core/src/actors/v1_write.rs
View file

@ -1,6 +1,5 @@
use std::iter;
use std::sync::Arc;
use std::time::Duration; use std::time::Duration;
use std::{iter, sync::Arc};
use kanidm_proto::v1::{ use kanidm_proto::v1::{
AccountUnixExtend, CUIntentToken, CUSessionToken, CUStatus, CreateRequest, DeleteRequest, AccountUnixExtend, CUIntentToken, CUSessionToken, CUStatus, CreateRequest, DeleteRequest,
@ -1102,15 +1101,22 @@ impl QueryServerWriteV1 {
gx: GroupUnixExtend, gx: GroupUnixExtend,
eventid: Uuid, eventid: Uuid,
) -> Result<(), OperationError> { ) -> Result<(), OperationError> {
// The filter_map here means we only create the mods if the gidnumber or shell are set // The if let Some here means we only create the mods if the gidnumber is set
// in the actual request. // in the actual request.
let gidnumber_mods = if let Some(gid) = gx.gidnumber {
[
Some(Modify::Purged("gidnumber".into())),
Some(Modify::Present("gidnumber".into(), Value::new_uint32(gid))),
]
} else {
[None, None]
};
let mods: Vec<_> = iter::once(Some(Modify::Present( let mods: Vec<_> = iter::once(Some(Modify::Present(
"class".into(), "class".into(),
Value::new_class("posixgroup"), Value::new_class("posixgroup"),
))) )))
.chain(iter::once(gx.gidnumber.map(|n| { .chain(gidnumber_mods)
Modify::Present("gidnumber".into(), Value::new_uint32(n))
})))
.flatten() .flatten()
.collect(); .collect();

1
server/lib/src/server/modify.rs
View file

@ -121,7 +121,6 @@ impl<'a> QueryServerWriteTransaction<'a> {
} }
// Pre mod plugins // Pre mod plugins
// We should probably supply the pre-post cands here.
Plugins::run_pre_modify(self, &pre_candidates, &mut candidates, me).map_err(|e| { Plugins::run_pre_modify(self, &pre_candidates, &mut candidates, me).map_err(|e| {
admin_error!("Pre-Modify operation failed (plugin), {:?}", e); admin_error!("Pre-Modify operation failed (plugin), {:?}", e);
e e

9
server/testkit/tests/proto_v1_test.rs
View file

@ -532,6 +532,15 @@ async fn test_server_rest_posix_lifecycle(rsclient: KanidmClient) {
.idm_group_unix_extend("posix_group", None) .idm_group_unix_extend("posix_group", None)
.await .await
.unwrap(); .unwrap();
// here we check that we can successfully change the gid without breaking anything
let res = rsclient
.idm_group_unix_extend("posix_group", Some(123123))
.await;
assert!(res.is_ok());
let res = rsclient.idm_group_unix_extend("posix_group", None).await;
assert!(res.is_ok());
// Open a new connection as anonymous // Open a new connection as anonymous
let res = rsclient.auth_anonymous().await; let res = rsclient.auth_anonymous().await;