searchUser() function hard-codes ericsson domain component

[bbbco]

I was grepping for instances of ericsson for PR #92 and noticed something wonky.

Take a look at this function in chrome/content/adutils.js

function searchUser(searchString, wantedAttribs){
    var maxEntriesWanted = 300;
    //ensure the mandatory attribs are in the list of wantedAttribs... this is important!!
    for (let ctr = 0; ctr < mandatoryAttribs.length; ctr++){
        if (wantedAttribs.indexOf(mandatoryAttribs[ctr]) === -1){
            //do nothing and return
            return;
        }
    }
    getLDAPOperation();
    if(gLdapOperation)
    {
    	gLdapOperation.searchExt("DC=ericsson,DC=se", gLdapServerURL.scope, searchString, wantedAttribs, 0, maxEntriesWanted);
    }
}

Notice the line gLdapOperation.searchExt("DC=ericsson,DC=se", gLdapServerURL.scope, searchString, wantedAttribs, 0, maxEntriesWanted);; this does not look right, it should not be hard-coding the ericsson domain component like this, right?

[advancingu]

Link to code in question.

[logological]

I agree this doesn't seem right. I don't know enough about how this code or how LDAP works to know how to fix it, though.

[mpumford]

Well I can answer the LDAP part:
Give a domain of domain.example.com you would want to split that to be:

DC=domain,DC=example,DC=com

scope would then be something like people or users so is probably okay as is.

So if this function is used it probably needs to take the configured domain as a parameter.

[advancingu]

@mpumford What do you mean by "configured domain"? It would be great to see an example.

[Trim]

I didn't read details of the code, but seeing the name of the function searchExt, it seems that it will perform a search operation on a LDAP server.

When you do a search, you will need to define a scope of where you want to look inside the LDAP server. You can view and LDAP directory as a mathematical tree.

The text DC=ericsson,DC=se describes a branch of the tree from where you want to search users (we read this from right to left: the root of the tree is DC=se and you go through the branch DC=ericsson and from there you look for users in sub-branches and leaves).

Usually, administrators configure the root of the tree as a domain name which will be only used inside the directory (here, in the code, the related domain is ericsson.se).

Edit:
According to the Mozilla XUL interface definition, we are well talking about the base root to run the search (usually named "base dn"): http://doxygen.db48x.net/mozilla/html/interfacensILDAPOperation.html#01e3948b997e7beb2aded06510af6260

[Trim]

Well, this method doesn't seem to be really used:

adrien@bureau:~/code/exchangecalendar$ grep --exclude-dir .git -rn searchUser
common/content/adutils.js:120:        searchUserByEmail(mailID);
common/content/adutils.js:124:        //this is why the mandatoryAttrib check is important in searchUser
common/content/adutils.js:243:function searchUser(searchString, wantedAttribs) {
common/content/adutils.js:260:function searchUserByEmail(mailID) {
common/content/adutils.js:272:    searchUser(searchString, wantedAttribs);
common/content/adutils.js:277:function searchUserBySignum(signum) {
common/content/adutils.js:288:    searchUser(searchString, wantedAttribs);
common/content/adutils.js:301:        searchUserBySignum(mgrSignum);
common/content/adutils.js:315:            searchUserBySignum(empSignum);
common/content/adutils.js:503:    searchUserByEmail(searchemail);

I suspect that was an helper for some specific Ericsson configuration.