Skip to content

cache_req: use sysdb_search_user_by_upn_with_view_res()#7998

Merged
alexey-tikhonov merged 5 commits intoSSSD:masterfrom
sumit-bose:upn_view
Jan 2, 2026
Merged

cache_req: use sysdb_search_user_by_upn_with_view_res()#7998
alexey-tikhonov merged 5 commits intoSSSD:masterfrom
sumit-bose:upn_view

Conversation

@sumit-bose
Copy link
Contributor

@sumit-bose sumit-bose commented Jun 13, 2025

To make sure any overrides are applied to the user even when searched by
UPN or email address sysdb_search_user_by_upn_with_view_res() is now used
in the cache request code.

@sumit-bose sumit-bose marked this pull request as draft June 13, 2025 07:46
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jun 13, 2025
edited
Loading

Is this related to #7996?
UPD: looks like not.

@sumit-bose
Copy link
Contributor Author

sumit-bose commented Jun 13, 2025

Is this related to #7996? UPD: looks like not.

No, https://issues.redhat.com/browse/RHEL-72935

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jun 13, 2025

Do you know if it's applicable to sssd-2-9-4?

@sumit-bose
Copy link
Contributor Author

sumit-bose commented Jun 13, 2025

Do you know if it's applicable to sssd-2-9-4?

Yes, looks like the issue is present since a long time.

@alexey-tikhonov alexey-tikhonov added the backport-to-sssd-2-9-4 Corresponds to C8S label Jun 13, 2025
@pbrezina pbrezina force-pushed the master branch 2 times, most recently from f5d64b3 to b854636 Compare November 4, 2025 14:27
@sumit-bose sumit-bose marked this pull request as ready for review December 1, 2025 14:32
@alexey-tikhonov alexey-tikhonov self-requested a review December 4, 2025 13:39
@alexey-tikhonov alexey-tikhonov self-assigned this Dec 4, 2025
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Dec 5, 2025

/gemini review

gemini-code-assist[bot]
gemini-code-assist bot reviewed Dec 5, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request refactors user lookup by UPN to use a new function sysdb_search_user_by_upn_with_view_res that correctly applies overrides from views. The changes involve removing the old sysdb_getpwupn function, implementing the new one, and updating the cache request plugin and tests. The overall change is good and includes a relevant system test. I found one potential logic bug in the new function where an ENOENT error code might be incorrectly overwritten, which I've commented on with a suggested fix.

pbrezina
pbrezina requested changes Dec 5, 2025
View reviewed changes
Copy link
Member

@pbrezina pbrezina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Otherwise ack.

alexey-tikhonov
alexey-tikhonov reviewed Dec 5, 2025
View reviewed changes
alexey-tikhonov
alexey-tikhonov reviewed Dec 5, 2025
View reviewed changes
madhuriupadhye
madhuriupadhye reviewed Dec 5, 2025
View reviewed changes
alexey-tikhonov
alexey-tikhonov reviewed Dec 5, 2025
View reviewed changes
alexey-tikhonov
alexey-tikhonov reviewed Dec 5, 2025
View reviewed changes
alexey-tikhonov
alexey-tikhonov reviewed Dec 19, 2025
View reviewed changes
@alexey-tikhonov alexey-tikhonov added the coverity Trigger a coverity scan label Dec 19, 2025
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Dec 19, 2025

Note: Covscan is green.

@alexey-tikhonov alexey-tikhonov removed the coverity Trigger a coverity scan label Dec 19, 2025
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Dec 20, 2025
edited
Loading

f-44 system test fails aren't due to this PR.
At least some of them are related to https://bugzilla.redhat.com/show_bug.cgi?id=2423900

sumit-bose and others added 5 commits January 2, 2026 11:38
@sumit-bose @sssd-bot
sysdb: add sysdb_search_user_by_upn_with_view_res()
c3612fc 
The new call will apply overrides to a user object which was searched by
UPN or email address before returning it.

Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
@sumit-bose @sssd-bot
cache_req: use sysdb_search_user_by_upn_with_view_res()
d269e98 
To make sure any overrides are applied to the user even when searched by
UPN or email address sysdb_search_user_by_upn_with_view_res() is now
used in the cache request code.

Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
@sumit-bose @sssd-bot
sysdb:: remove sysdb_getpwupn()
b839aa0 
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
@sumit-bose @sssd-bot
tests: lookup user with overrides with email
deeba8a 
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
@madhuriupadhye @sssd-bot
tests: add IPA ID view test for user lookup by email
6ad1983 
Add a system test to verify that IPA ID view overrides are correctly
applied when looking up a user by email address.

The test creates a user with an email, applies ID view overrides
(login, uid, gid, home), and verifies that the overridden values are
returned when looking up the user by:
- original name
- overridden name
- email address

Signed-off-by: Madhuri Upadhye <mupadhye@redhat.com>
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
@sssd-bot
Copy link
Contributor

sssd-bot commented Jan 2, 2026

The pull request was accepted by @alexey-tikhonov with the following PR CI status:

🟢 CodeFactor (success)
🟢 CodeQL (success)
🟢 osh-diff-scan:fedora-rawhide-x86_64:upstream (success)
🟢 rpm-build:centos-stream-10-x86_64:upstream (success)
🟢 rpm-build:fedora-42-x86_64:upstream (success)
🟢 rpm-build:fedora-43-x86_64:upstream (success)
🟢 rpm-build:fedora-rawhide-x86_64:upstream (success)
🟢 Analyze (target) / cppcheck (success)
🟢 Build / freebsd (success)
🟢 Build / make-distcheck (success)
🟢 ci / intgcheck (centos-10) (success)
🟢 ci / intgcheck (fedora-42) (success)
🟢 ci / intgcheck (fedora-43) (success)
🟢 ci / intgcheck (fedora-44) (success)
🟢 ci / prepare (success)
🟢 ci / system (centos-10) (success)
🟢 ci / system (fedora-42) (success)
🟢 ci / system (fedora-43) (success)
🔴 ci / system (fedora-44) (failure)
➖ Coverity scan / coverity (skipped)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.

@alexey-tikhonov alexey-tikhonov merged commit 6413f60 into SSSD:master Jan 2, 2026
13 of 17 checks passed
This was referenced Jan 2, 2026
Merged
Merged
@sssd-bot sssd-bot mentioned this pull request Jan 20, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@madhuriupadhye madhuriupadhye madhuriupadhye left review comments

@pbrezina pbrezina pbrezina approved these changes

@alexey-tikhonov alexey-tikhonov alexey-tikhonov approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@pbrezina pbrezina

@alexey-tikhonov alexey-tikhonov

Labels

Accepted backport-to-sssd-2-9-4 Corresponds to C8S backport-to-sssd-2-9 Bugzilla

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@sumit-bose @alexey-tikhonov @sssd-bot @pbrezina @madhuriupadhye