05d5c52 Ticket 49523 - memberof: schema violation error message is confusing as memberof will likely repair target entry

Authored and Committed by tbordaz 6 years ago
    Ticket 49523 - memberof: schema violation error message is confusing as memberof will likely repair target entry
    
    Bug Description:
    	When memberof is enabled it adds 'memberof' attribute to members entries.
    	If a member entry has not the appropriate objectclass to support 'memberof' attribute an ERR is logged.
    
    	ERR - oc_check_allowed_sv - Entry "cn=user_1,ou=People,dc=example,dc=com" -- attribute "memberOf" not allowed
    
    	This is confusing because memberof will catch this violation and may try to repair it.
    	So although this message is alarming, the target entry may finally have the 'memberof' attribute.
    
    	This is especially confusing since https://pagure.io/389-ds-base/issue/48985 where the repair operation
    	is done by default (if schema is violated)
    
    	We can not (and should not) eliminate the schema violation message.
    	But memberof should log a additional warning (beside the schema violation msg) stating it repaired the violation.
    
    Fix Description:
    
    	Add a warning message upon repair operation
    		ERR - oc_check_allowed_sv - Entry "<entry_dn>" -- attribute "memberOf" not allowed
    		WARN - memberof-plugin - Entry <entry_dn> - schema violation caught - repair operation succeeded
    
    https://pagure.io/389-ds-base/issue/49523
    
    Reviewed by: Mark Reynolds
    
    Platforms tested: F26
    
    Flag Day: no
    
    Doc impact: no