From 85df6d5c95e43f6805546538e9d1d2421302a753 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come@opensides.be>
Date: Tue, 17 Sep 2019 14:23:21 +0200
Subject: [PATCH] :ambulance: fix(setup) Add locking branch if missing when
 first locking an object

There is a check at login but we want to be able to lock config object
 from setup, before any login attempt.

issue #2895
---
 include/functions.inc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/include/functions.inc b/include/functions.inc
index add8a6c5d..78152279a 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -435,6 +435,14 @@ function add_lock ($object, $user)
   $ldap->cd(get_ou('lockRDN').get_ou('fusiondirectoryRDN').$config->current['BASE']);
   $ldap->search('(&(objectClass=fdLockEntry)(fdUserDn='.ldap_escape_f($user).')(fdObjectDn='.base64_encode($object).'))',
       ['fdUserDn']);
+  if ($ldap->get_errno() == 32) {
+    /* No such object, means the locking branch is missing, create it */
+    $ldap->cd($config->current['BASE']);
+    $ldap->create_missing_trees(get_ou('lockRDN').get_ou('fusiondirectoryRDN').$config->current['BASE']);
+    $ldap->cd(get_ou('lockRDN').get_ou('fusiondirectoryRDN').$config->current['BASE']);
+    $ldap->search('(&(objectClass=fdLockEntry)(fdUserDn='.ldap_escape_f($user).')(fdObjectDn='.base64_encode($object).'))',
+      ['fdUserDn']);
+  }
   if (!$ldap->success()) {
     msg_dialog::display(_('Configuration error'), sprintf(_('Cannot create locking information in LDAP tree. Please contact your administrator!').'<br><br>'._('LDAP server returned: %s'), '<br><br><i>'.$ldap->get_error().'</i>'), ERROR_DIALOG);
     return;
-- 
GitLab