1 /* add.c - ldap BerkeleyDB back-end add routine */
4 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
23 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
28 char textbuf[SLAP_TEXT_BUFLEN];
29 size_t textlen = sizeof textbuf;
30 AttributeDescription *children = slap_schema.si_ad_children;
32 struct bdb_op_info opinfo;
35 Debug(LDAP_DEBUG_ARGS, "==> bdb_add: %s\n", e->e_dn, 0, 0);
37 /* check entry's schema */
38 rc = entry_schema_check( be, e, NULL, &text, textbuf, textlen );
39 if ( rc != LDAP_SUCCESS ) {
40 Debug( LDAP_DEBUG_TRACE,
41 "bdb_add: entry failed schema check: %s (%d)\n",
46 subentry = is_entry_subentry( e );
49 * acquire an ID outside of the operation transaction
50 * to avoid serializing adds.
52 rc = bdb_next_id( be, NULL, &e->e_id );
54 Debug( LDAP_DEBUG_TRACE,
55 "bdb_add: next_id failed (%d)\n",
58 text = "internal error";
63 /* transaction retry */
64 retry: rc = txn_abort( ltid );
69 text = "internal error";
74 /* begin transaction */
76 rc = txn_begin( bdb->bi_dbenv, NULL, <id,
80 Debug( LDAP_DEBUG_TRACE,
81 "bdb_add: txn_begin failed: %s (%d)\n",
82 db_strerror(rc), rc, 0 );
84 text = "internal error";
90 opinfo.boi_txn = ltid;
92 op->o_private = &opinfo;
95 * Get the parent dn and see if the corresponding entry exists.
96 * If the parent does not exist, only allow the "root" user to
99 if ( be_issuffix( be, e->e_nname.bv_val ) ) {
103 rc = dnParent( e->e_nname.bv_val, &pdn.bv_val );
104 if ( rc != LDAP_SUCCESS ) {
105 text = "internal error";
108 pdn.bv_len = e->e_nname.bv_len - (pdn.bv_val - e->e_nname.bv_val);
111 if( pdn.bv_len != 0 ) {
112 Entry *matched = NULL;
115 rc = bdb_dn2entry( be, ltid, &pdn, &p, &matched, 0 );
121 case DB_LOCK_DEADLOCK:
122 case DB_LOCK_NOTGRANTED:
126 text = "internal error";
131 char *matched_dn = NULL;
134 if ( matched != NULL ) {
135 matched_dn = ch_strdup( matched->e_dn );
136 refs = is_entry_referral( matched )
137 ? get_entry_referrals( be, conn, op, matched )
139 bdb_entry_return( be, matched );
143 refs = referral_rewrite( default_referral,
144 NULL, &e->e_name, LDAP_SCOPE_DEFAULT );
147 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent does not exist\n",
150 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
151 matched_dn, NULL, refs, NULL );
153 ber_bvarray_free( refs );
154 ch_free( matched_dn );
159 if ( ! access_allowed( be, conn, op, p,
160 children, NULL, ACL_WRITE ) )
162 Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to parent\n",
164 rc = LDAP_INSUFFICIENT_ACCESS;
165 text = "no write access to parent";
166 goto return_results;;
169 if ( is_entry_subentry( p ) ) {
170 /* parent is a subentry, don't allow add */
171 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
173 rc = LDAP_OBJECT_CLASS_VIOLATION;
174 text = "parent is a subentry";
175 goto return_results;;
178 if ( is_entry_alias( p ) ) {
179 /* parent is an alias, don't allow add */
180 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is alias\n",
182 rc = LDAP_ALIAS_PROBLEM;
183 text = "parent is an alias";
184 goto return_results;;
187 if ( is_entry_referral( p ) ) {
188 /* parent is a referral, don't allow add */
189 char *matched_dn = ch_strdup( p->e_dn );
190 BerVarray refs = is_entry_referral( p )
191 ? get_entry_referrals( be, conn, op, p )
194 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is referral\n",
197 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
198 matched_dn, NULL, refs, NULL );
200 ber_bvarray_free( refs );
207 /* parent must be an administrative point of the required kind */
210 /* free parent and writer lock */
211 bdb_entry_return( be, p );
217 * must be adding entry at suffix or with parent ""
219 if ( !be_isroot( be, &op->o_ndn )) {
220 if ( be_issuffix( be, "" ) || be_isupdate( be, &op->o_ndn ) ) {
221 p = (Entry *)&slap_entry_root;
223 /* check parent for "children" acl */
224 rc = access_allowed( be, conn, op, p,
225 children, NULL, ACL_WRITE );
229 Debug( LDAP_DEBUG_TRACE,
230 "bdb_add: no write access to parent\n",
232 rc = LDAP_INSUFFICIENT_ACCESS;
233 text = "no write access to parent";
234 goto return_results;;
238 Debug( LDAP_DEBUG_TRACE, "bdb_add: %s denied\n",
239 pdn.bv_len == 0 ? "suffix" : "entry at root",
241 rc = LDAP_INSUFFICIENT_ACCESS;
247 Debug( LDAP_DEBUG_TRACE,
248 "bdb_add: no parent, cannot add subentry\n",
250 rc = LDAP_INSUFFICIENT_ACCESS;
251 text = "no parent, cannot add subentry";
252 goto return_results;;
257 rc = bdb_dn2id_add( be, ltid, &pdn, e );
259 Debug( LDAP_DEBUG_TRACE, "bdb_add: dn2id_add failed: %s (%d)\n",
260 db_strerror(rc), rc, 0 );
263 case DB_LOCK_DEADLOCK:
264 case DB_LOCK_NOTGRANTED:
267 rc = LDAP_ALREADY_EXISTS;
276 rc = bdb_id2entry_add( be, ltid, e );
278 Debug( LDAP_DEBUG_TRACE, "bdb_add: id2entry_add failed\n",
281 case DB_LOCK_DEADLOCK:
282 case DB_LOCK_NOTGRANTED:
287 text = "entry store failed";
291 /* attribute indexes */
292 rc = bdb_index_entry_add( be, ltid, e, e->e_attrs );
293 if ( rc != LDAP_SUCCESS ) {
294 Debug( LDAP_DEBUG_TRACE, "bdb_add: index_entry_add failed\n",
297 case DB_LOCK_DEADLOCK:
298 case DB_LOCK_NOTGRANTED:
303 text = "index generation failed";
308 rc = txn_commit( ltid, 0 );
311 op->o_private = NULL;
314 Debug( LDAP_DEBUG_TRACE,
315 "bdb_add: txn_commit failed: %s (%d)\n",
316 db_strerror(rc), rc, 0 );
318 text = "commit failed";
321 Debug( LDAP_DEBUG_TRACE,
322 "bdb_add: added id=%08lx dn=\"%s\"\n",
323 e->e_id, e->e_dn, 0 );
329 send_ldap_result( conn, op, rc,
330 NULL, text, NULL, NULL );
332 if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
333 ldap_pvt_thread_yield();
334 TXN_CHECKPOINT( bdb->bi_dbenv,
335 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
340 /* free parent and writer lock */
341 bdb_entry_return( be, p );
346 op->o_private = NULL;