Bug 164017 - Attribute uniqueness plugin doesn't deal with subtrees properly
Summary: Attribute uniqueness plugin doesn't deal with subtrees properly
Alias: None
Product: 389
Classification: Retired
Component: Server - Plugins (Show other bugs)
(Show other bugs)
Version: 7.1
Hardware: All Linux
Target Milestone: ---
Assignee: Nathan Kinder
QA Contact: Orla Hegarty
Depends On:
TreeView+ depends on / blocked
Reported: 2005-07-22 21:42 UTC by Nathan Kinder
Modified: 2007-04-18 17:29 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-10-14 17:53:59 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
CVS Diffs (883 bytes, patch)
2005-07-22 23:13 UTC, Nathan Kinder
no flags Details | Diff
CVS Commit (138 bytes, text/plain)
2005-08-01 18:10 UTC, Nathan Kinder
no flags Details

Description Nathan Kinder 2005-07-22 21:42:23 UTC
Description of problem:

The documentation states that the attribute uniqueness plugin is supposed to
enforce uniqueness individually within each subtree that it is configured for. 
For example, if you configure the plugin to enforce uid uniqueness in both the
"ou=sales,dc=example,dc=com" and "ou=engineering,dc=example,dc=com" subtrees,
you should be able to create a "uid=test" entry in both subtrees, but not twice
in the same one.

What actually happens is that the plugin checks all of the subtrees it is
configured to work against for a conflict, and rejects the operation if it finds
a conflict, regardless of what suffix the incoming operation affects.
Steps to Reproduce:
1. Create "ou=sales,dc=example,dc=com" and "ou=engineering,dc=example,dc=com"

2. Enable the attribute uniqueness plugin to enforce uid uniqueness within the
"ou=sales,dc=example,dc=com" subtree.

3. Add "uid=tuser,ou=sales,dc=example,dc=com" to your database.

4. Attempt to add "uid=tuser,ou=engineering,dc=example,dc=com" to your database.
Actual results: The operation will be rejected by the plugin with a constraint

Expected results: The entry should be added.

Comment 1 Nathan Kinder 2005-07-22 23:13:31 UTC
Created attachment 117086 [details]
CVS Diffs

This makes the plugin check if the target DN for the incoming operation applies
to a subtree before searching for a conflict within it.

Comment 2 Nathan Kinder 2005-08-01 18:10:12 UTC
Created attachment 117350 [details]
CVS Commit

Checked into ldapserver.  Reviewed by Noriko.

Comment 5 Orla Hegarty 2005-10-14 17:53:59 UTC
Verified Fixed. 

Note You need to log in before you can comment on or make changes to this bug.