URL: https://github.com/SSSD/sssd/pull/85 Title: #85: SYSDB: Removing of sysdb_try_to_find_expected_dn()
celestian commented: """ I pushed new version. Let me update the situation: There are three commits: ``` [1] SYSDB: Removing of sysdb_try_to_find_expected_dn() [2] TEST: create_multidom_test_ctx() extending [3] TESTS: Tests for sdap_search_initgr_user_in_batch ``` The patch [1] is refactor which is requested by https://fedorahosted.org/sssd/ticket/3230. The patch [2] extends function create_multidom_test_ctx(). We need different search bases so there is array of params instead of one set of params. The patch [3] adds tests for [1]. The core of [1] is new function sdap_search_initgr_user_in_batch() which calls sdap_object_in_domain() internally. We can see three tests in [3]: ``` a) test_user_is_on_batch b) test_user_is_from_subdomain c) test_user_is_from_another_domain ``` The tests a), b) works how expected. The test c) doesn't work. I am afraid we have bug on https://github.com/SSSD/sssd/blob/master/src/providers/ldap/sdap.c#L1695 In my opinion, there should be: ``` sdmatch = sdap_domain_get_by_dn(opts, original_dn); if (sdmatch == NULL) { DEBUG(SSSDBG_FUNC_DATA, "The group has no original DN, assuming our domain\n"); return false; } ``` What do you think about it, @jhrozek? Or anybody else? """ See the full comment at https://github.com/SSSD/sssd/pull/85#issuecomment-272900707
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org