From 51ba7605f49c3fc3b9eb8ec44b279b24737d50d1 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Wed, 08 Aug 2007 18:19:31 +0000
Subject: [PATCH] Make a change to the Group API that will allow for better nesting support. There are now variants of the isMember methods that include an additional Set<DN> argument to which the current group's DN should be added whenever a check is made to determine whether a user is a member.  This will help provide a mechanism for avoiding infinite recursion loops if two groups both reference each other as nested groups.

---
 opends/src/server/org/opends/server/extensions/StaticGroup.java |   15 +++++++++++++--
 1 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/StaticGroup.java b/opends/src/server/org/opends/server/extensions/StaticGroup.java
index 95e2b05..338b0d4 100644
--- a/opends/src/server/org/opends/server/extensions/StaticGroup.java
+++ b/opends/src/server/org/opends/server/extensions/StaticGroup.java
@@ -32,6 +32,7 @@
 import java.util.LinkedHashSet;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.Set;
 
 import org.opends.server.admin.std.server.GroupImplementationCfg;
 import org.opends.server.api.Group;
@@ -358,9 +359,14 @@
    * {@inheritDoc}
    */
   @Override()
-  public boolean isMember(DN userDN)
+  public boolean isMember(DN userDN, Set<DN> examinedGroups)
          throws DirectoryException
   {
+    if (! examinedGroups.add(getGroupDN()))
+    {
+      return false;
+    }
+
     return memberDNs.contains(userDN);
   }
 
@@ -370,9 +376,14 @@
    * {@inheritDoc}
    */
   @Override()
-  public boolean isMember(Entry userEntry)
+  public boolean isMember(Entry userEntry, Set<DN> examinedGroups)
          throws DirectoryException
   {
+    if (! examinedGroups.add(getGroupDN()))
+    {
+      return false;
+    }
+
     return memberDNs.contains(userEntry.getDN());
   }
 

--
Gitblit v1.10.0