Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 2258606

Summary: [RFE] inChain Matching Rule
Product: Red Hat Directory Server Reporter: thierry bordaz <tbordaz>
Component: 389-ds-baseAssignee: thierry bordaz <tbordaz>
Status: CLOSED ERRATA QA Contact: LDAP QA Team <idm-ds-qe-bugs>
Severity: medium Docs Contact: Evgenia Martynyuk <emartyny>
Priority: unspecified    
Version: 12.4CC: bsmejkal, idm-ds-dev-bugs, musoni
Target Milestone: DS12.4Keywords: FutureFeature, Triaged
Target Release: dirsrv-12.4   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: sync-to-jira
Fixed In Version: redhat-ds-12-9040020240116164822-1674d574 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-05-07 00:15:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description thierry bordaz 2024-01-16 13:38:36 UTC
Description of problem:
This bz is a RHDS clone of RHEL bug RHEL-16984


The goal is that 389DS supports inChain Matching Rule

        For example: As a LDAP client , I Want run a SEARCH with a filter like
        (member:1.2.840.113556.1.4.1941:=uid=foo,dc=com), so that the returned entries are all the groupOfNames groups that the user 'foo' is member of.

The implementation should follow the design https://www.port389.org/docs/389ds/design/matching-rule-in-chain.html
The upstream ticket is 5989


Version-Release number of selected component (if applicable):
12.4

How reproducible:
N/A

Actual results:


Expected results:


Additional info:

Comment 4 bsmejkal 2024-03-06 18:42:08 UTC
============================================================================================================ test session starts =============================================================================================================
platform linux -- Python 3.9.18, pytest-7.4.4, pluggy-0.13.1 -- /usr/bin/python3
cachedir: .pytest_cache
metadata: {'Python': '3.9.18', 'Platform': 'Linux-5.14.0-427.el9.x86_64-x86_64-with-glibc2.34', 'Packages': {'pytest': '7.4.4', 'pluggy': '0.13.1'}, 'Plugins': {'metadata': '3.1.1', 'html': '4.1.1', 'libfaketime': '0.1.2', 'flaky': '3.7.0'}}
389-ds-base: 2.4.5-2.module+el9dsrv+21124+30a62ae9
nss: 3.90.0-6.el9_3
nspr: 4.35.0-6.el9_3
openldap: 2.6.6-1.el9
cyrus-sasl: 2.1.27-21.el9
FIPS: disabled
rootdir: /mnt/tests/rhds/tests/upstream/ds/dirsrvtests
configfile: pytest.ini
plugins: metadata-3.1.1, html-4.1.1, libfaketime-0.1.2, flaky-3.7.0
collected 9 items                                                                                                                                                                                                                            

dirsrvtests/tests/suites/filter/inchain_test.py::test_manager_lvl_1 PASSED                                                                                                                                                             [ 11%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_manager_lvl_2 PASSED                                                                                                                                                             [ 22%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_manager_lvl_3 PASSED                                                                                                                                                             [ 33%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_recompute_del PASSED                                                                                                                                                             [ 44%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_recompute_add PASSED                                                                                                                                                             [ 55%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_anonymous_inchain PASSED                                                                                                                                                         [ 66%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_authenticated_inchain PASSED                                                                                                                                                     [ 77%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_reuse_memberof PASSED                                                                                                                                                            [ 88%]
dirsrvtests/tests/suites/filter/inchain_test.py::test_invalid_assertion PASSED                                                                                                                                                         [100%]

====================================================================================================== 9 passed, 45 warnings in 41.37s =======================================================================================================

Marking as VERIFIED.

Comment 6 errata-xmlrpc 2024-05-07 00:15:38 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (redhat-ds:12 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2024:2718