From 6df4648277ca54e5868a5e464a85b9f1e5d85c15 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Wed, 08 Aug 2007 18:19:31 +0000
Subject: [PATCH] Make a change to the Group API that will allow for better nesting support. There are now variants of the isMember methods that include an additional Set<DN> argument to which the current group's DN should be added whenever a check is made to determine whether a user is a member.  This will help provide a mechanism for avoiding infinite recursion loops if two groups both reference each other as nested groups.

---
 opendj-sdk/opends/src/server/org/opends/server/extensions/DynamicGroup.java |   14 ++++++++++++--
 1 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/opendj-sdk/opends/src/server/org/opends/server/extensions/DynamicGroup.java b/opendj-sdk/opends/src/server/org/opends/server/extensions/DynamicGroup.java
index 11916c4..35c52e5 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/extensions/DynamicGroup.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/extensions/DynamicGroup.java
@@ -299,9 +299,14 @@
    * {@inheritDoc}
    */
   @Override()
-  public boolean isMember(DN userDN)
+  public boolean isMember(DN userDN, Set<DN> examinedGroups)
          throws DirectoryException
   {
+    if (! examinedGroups.add(getGroupDN()))
+    {
+      return false;
+    }
+
     Entry entry = DirectoryConfig.getEntry(userDN);
     if (entry == null)
     {
@@ -319,9 +324,14 @@
    * {@inheritDoc}
    */
   @Override()
-  public boolean isMember(Entry userEntry)
+  public boolean isMember(Entry userEntry, Set<DN> examinedGroups)
          throws DirectoryException
   {
+    if (! examinedGroups.add(getGroupDN()))
+    {
+      return false;
+    }
+
     for (LDAPURL memberURL : memberURLs)
     {
       if (memberURL.matchesEntry(userEntry))

--
Gitblit v1.10.0