]> git.sur5r.net Git - openldap/blob - servers/slapd/back-bdb/add.c
Use EntryInfo navigation for search scope checks
[openldap] / servers / slapd / back-bdb / add.c
1 /* add.c - ldap BerkeleyDB back-end add routine */
2 /* $OpenLDAP$ */
3 /*
4  * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6  */
7
8 #include "portable.h"
9
10 #include <stdio.h>
11 #include <ac/string.h>
12
13 #include "back-bdb.h"
14 #include "external.h"
15
16 int
17 bdb_add(Operation *op, SlapReply *rs )
18 {
19         struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
20         struct berval   pdn;
21         Entry           *p;
22         EntryInfo       *ei;
23         char textbuf[SLAP_TEXT_BUFLEN];
24         size_t textlen = sizeof textbuf;
25         AttributeDescription *children = slap_schema.si_ad_children;
26         AttributeDescription *entry = slap_schema.si_ad_entry;
27         DB_TXN          *ltid = NULL, *lt2;
28         struct bdb_op_info opinfo;
29 #ifdef BDB_SUBENTRIES
30         int subentry;
31 #endif
32         u_int32_t       locker = 0;
33         DB_LOCK         lock;
34         int             noop = 0;
35
36 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
37         Operation* ps_list;
38 #endif
39
40 #ifdef NEW_LOGGING
41         LDAP_LOG ( OPERATION, ARGS, "==> bdb_add: %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0 );
42 #else
43         Debug(LDAP_DEBUG_ARGS, "==> bdb_add: %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0);
44 #endif
45
46         /* check entry's schema */
47         rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL, &rs->sr_text, textbuf, textlen );
48         if ( rs->sr_err != LDAP_SUCCESS ) {
49 #ifdef NEW_LOGGING
50         LDAP_LOG ( OPERATION, ERR, 
51                 "bdb_add: entry failed schema check: %s (%d)\n", rs->sr_text, rs->sr_err, 0 );
52 #else
53                 Debug( LDAP_DEBUG_TRACE,
54                         "bdb_add: entry failed schema check: %s (%d)\n",
55                         rs->sr_text, rs->sr_err, 0 );
56 #endif
57                 goto return_results;
58         }
59
60 #ifdef BDB_SUBENTRIES
61         subentry = is_entry_subentry( op->oq_add.rs_e );
62 #endif
63
64         /*
65          * acquire an ID outside of the operation transaction
66          * to avoid serializing adds.
67          */
68         rs->sr_err = bdb_next_id( op->o_bd, NULL, &op->oq_add.rs_e->e_id );
69         if( rs->sr_err != 0 ) {
70 #ifdef NEW_LOGGING
71                 LDAP_LOG ( OPERATION, ERR, 
72                         "bdb_add: next_id failed (%d)\n", rs->sr_err, 0, 0 );
73 #else
74                 Debug( LDAP_DEBUG_TRACE,
75                         "bdb_add: next_id failed (%d)\n",
76                         rs->sr_err, 0, 0 );
77 #endif
78                 rs->sr_err = LDAP_OTHER;
79                 rs->sr_text = "internal error";
80                 goto return_results;
81         }
82
83         if( 0 ) {
84 retry:  /* transaction retry */
85                 if( p ) {
86                         /* free parent and reader lock */
87                         bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p );
88                         p = NULL;
89                 }
90                 rs->sr_err = TXN_ABORT( ltid );
91                 ltid = NULL;
92                 op->o_private = NULL;
93                 op->o_do_not_cache = opinfo.boi_acl_cache;
94                 if( rs->sr_err != 0 ) {
95                         rs->sr_err = LDAP_OTHER;
96                         rs->sr_text = "internal error";
97                         goto return_results;
98                 }
99                 ldap_pvt_thread_yield();
100         }
101
102         /* begin transaction */
103         rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, &ltid, 
104                 bdb->bi_db_opflags );
105         rs->sr_text = NULL;
106         if( rs->sr_err != 0 ) {
107 #ifdef NEW_LOGGING
108                 LDAP_LOG ( OPERATION, ERR, 
109                         "bdb_add: txn_begin failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
110 #else
111                 Debug( LDAP_DEBUG_TRACE,
112                         "bdb_add: txn_begin failed: %s (%d)\n",
113                         db_strerror(rs->sr_err), rs->sr_err, 0 );
114 #endif
115                 rs->sr_err = LDAP_OTHER;
116                 rs->sr_text = "internal error";
117                 goto return_results;
118         }
119
120         locker = TXN_ID ( ltid );
121
122         opinfo.boi_bdb = op->o_bd;
123         opinfo.boi_txn = ltid;
124         opinfo.boi_locker = locker;
125         opinfo.boi_err = 0;
126         opinfo.boi_acl_cache = op->o_do_not_cache;
127         op->o_private = &opinfo;
128         
129         /*
130          * Get the parent dn and see if the corresponding entry exists.
131          * If the parent does not exist, only allow the "root" user to
132          * add the entry.
133          */
134         if ( be_issuffix( op->o_bd, &op->oq_add.rs_e->e_nname ) ) {
135                 pdn = slap_empty_bv;
136         } else {
137                 dnParent( &op->oq_add.rs_e->e_nname, &pdn );
138         }
139
140         /* get entry or parent */
141         rs->sr_err = bdb_dn2entry( op->o_bd, ltid, &op->ora_e->e_nname, &ei,
142                 1, locker, &lock, op->o_tmpmemctx );
143         switch( rs->sr_err ) {
144         case 0:
145                 rs->sr_err = LDAP_ALREADY_EXISTS;
146                 goto return_results;
147         case DB_NOTFOUND:
148                 break;
149         case DB_LOCK_DEADLOCK:
150         case DB_LOCK_NOTGRANTED:
151                 goto retry;
152         case LDAP_BUSY:
153                 rs->sr_text = "ldap server busy";
154                 goto return_results;
155         default:
156                 rs->sr_err = LDAP_OTHER;
157                 rs->sr_text = "internal error";
158                 goto return_results;
159         }
160
161         p = ei->bei_e;
162         if ( p ) {
163                 if ( !bvmatch( &pdn, &p->e_nname ) ) {
164                         rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
165                                 op->o_tmpmemctx );
166                         rs->sr_ref = is_entry_referral( p )
167                                 ? get_entry_referrals( op, p )
168                                 : NULL;
169                         bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p );
170                         p = NULL;
171 #ifdef NEW_LOGGING
172                         LDAP_LOG ( OPERATION, DETAIL1, 
173                                 "bdb_add: parent does not exist\n", 0, 0, 0 );
174 #else
175                         Debug( LDAP_DEBUG_TRACE, "bdb_add: parent does not exist\n",
176                                 0, 0, 0 );
177 #endif
178
179                         rs->sr_err = LDAP_REFERRAL;
180                         send_ldap_result( op, rs );
181
182                         ber_bvarray_free( rs->sr_ref );
183                         op->o_tmpfree( (char *)rs->sr_matched, op->o_tmpmemctx );
184                         rs->sr_ref = NULL;
185                         rs->sr_matched = NULL;
186
187                         goto done;
188                 }
189
190                 rs->sr_err = access_allowed( op, p,
191                         children, NULL, ACL_WRITE, NULL );
192
193                 if ( ! rs->sr_err ) {
194                         switch( opinfo.boi_err ) {
195                         case DB_LOCK_DEADLOCK:
196                         case DB_LOCK_NOTGRANTED:
197                                 goto retry;
198                         }
199
200 #ifdef NEW_LOGGING
201                         LDAP_LOG ( OPERATION, DETAIL1, 
202                                 "bdb_add: no write access to parent\n", 0, 0, 0 );
203 #else
204                         Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to parent\n",
205                                 0, 0, 0 );
206 #endif
207                         rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
208                         rs->sr_text = "no write access to parent";
209                         goto return_results;;
210                 }
211
212 #ifdef BDB_SUBENTRIES
213                 if ( is_entry_subentry( p ) ) {
214                         /* parent is a subentry, don't allow add */
215 #ifdef NEW_LOGGING
216                         LDAP_LOG ( OPERATION, DETAIL1, 
217                                 "bdb_add: parent is subentry\n", 0, 0, 0 );
218 #else
219                         Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
220                                 0, 0, 0 );
221 #endif
222                         rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
223                         rs->sr_text = "parent is a subentry";
224                         goto return_results;;
225                 }
226 #endif
227 #ifdef BDB_ALIASES
228                 if ( is_entry_alias( p ) ) {
229                         /* parent is an alias, don't allow add */
230 #ifdef NEW_LOGGING
231                         LDAP_LOG ( OPERATION, DETAIL1, 
232                                 "bdb_add: parent is alias\n", 0, 0, 0 );
233 #else
234                         Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is alias\n",
235                                 0, 0, 0 );
236 #endif
237                         rs->sr_err = LDAP_ALIAS_PROBLEM;
238                         rs->sr_text = "parent is an alias";
239                         goto return_results;;
240                 }
241 #endif
242
243                 if ( is_entry_referral( p ) ) {
244                         /* parent is a referral, don't allow add */
245                         rs->sr_matched = p->e_name.bv_val;
246                         rs->sr_ref = get_entry_referrals( op, p );
247
248 #ifdef NEW_LOGGING
249                         LDAP_LOG ( OPERATION, DETAIL1, 
250                                 "bdb_add: parent is referral\n", 0, 0, 0 );
251 #else
252                         Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is referral\n",
253                                 0, 0, 0 );
254 #endif
255
256                         rs->sr_err = LDAP_REFERRAL;
257                         send_ldap_result( op, rs );
258
259                         ber_bvarray_free( rs->sr_ref );
260                         bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p );
261                         rs->sr_ref = NULL;
262                         rs->sr_matched = NULL;
263                         p = NULL;
264                         goto done;
265                 }
266
267 #ifdef BDB_SUBENTRIES
268                 if ( subentry ) {
269                         /* FIXME: */
270                         /* parent must be an administrative point of the required kind */
271                 }
272 #endif
273
274                 /* free parent and reader lock */
275                 bdb_unlocked_cache_return_entry_r( &bdb->bi_cache, p );
276                 p = NULL;
277
278         } else {
279                 /*
280                  * no parent!
281                  *      must be adding entry at suffix or with parent ""
282                  */
283                 if ( !be_isroot( op->o_bd, &op->o_ndn )) {
284                         if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
285                                 || be_isupdate( op->o_bd, &op->o_ndn ) )
286                         {
287                                 p = (Entry *)&slap_entry_root;
288
289                                 /* check parent for "children" acl */
290                                 rs->sr_err = access_allowed( op, p,
291                                         children, NULL, ACL_WRITE, NULL );
292
293                                 p = NULL;
294
295                                 if ( ! rs->sr_err ) {
296                                         switch( opinfo.boi_err ) {
297                                         case DB_LOCK_DEADLOCK:
298                                         case DB_LOCK_NOTGRANTED:
299                                                 goto retry;
300                                         }
301
302 #ifdef NEW_LOGGING
303                                         LDAP_LOG ( OPERATION, DETAIL1, 
304                                                 "bdb_add: no write access to parent\n", 0, 0, 0 );
305 #else
306                                         Debug( LDAP_DEBUG_TRACE,
307                                                 "bdb_add: no write access to parent\n",
308                                                 0, 0, 0 );
309 #endif
310                                         rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
311                                         rs->sr_text = "no write access to parent";
312                                         goto return_results;;
313                                 }
314
315                         } else {
316 #ifdef NEW_LOGGING
317                                 LDAP_LOG ( OPERATION, DETAIL1, "bdb_add: %s denied\n", 
318                                         pdn.bv_len == 0 ? "suffix" : "entry at root", 0, 0 );
319 #else
320                                 Debug( LDAP_DEBUG_TRACE, "bdb_add: %s denied\n",
321                                         pdn.bv_len == 0 ? "suffix" : "entry at root",
322                                         0, 0 );
323 #endif
324                                 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
325                                 goto return_results;
326                         }
327                 }
328
329 #ifdef BDB_SUBENTRIES
330                 if( subentry ) {
331 #ifdef NEW_LOGGING
332                         LDAP_LOG ( OPERATION, DETAIL1, 
333                                 "bdb_add: no parent, cannot add subentry\n", 0, 0, 0 );
334 #else
335                         Debug( LDAP_DEBUG_TRACE,
336                                 "bdb_add: no parent, cannot add subentry\n",
337                                 0, 0, 0 );
338 #endif
339                         rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
340                         rs->sr_text = "no parent, cannot add subentry";
341                         goto return_results;;
342                 }
343 #endif
344         }
345
346         rs->sr_err = access_allowed( op, op->oq_add.rs_e,
347                 entry, NULL, ACL_WRITE, NULL );
348
349         if ( ! rs->sr_err ) {
350                 switch( opinfo.boi_err ) {
351                 case DB_LOCK_DEADLOCK:
352                 case DB_LOCK_NOTGRANTED:
353                         goto retry;
354                 }
355
356 #ifdef NEW_LOGGING
357                 LDAP_LOG ( OPERATION, DETAIL1, 
358                         "bdb_add: no write access to entry\n", 0, 0, 0 );
359 #else
360                 Debug( LDAP_DEBUG_TRACE, "bdb_add: no write access to entry\n",
361                         0, 0, 0 );
362 #endif
363                 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
364                 rs->sr_text = "no write access to entry";
365                 goto return_results;;
366         }
367
368         /* nested transaction */
369         rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, ltid, &lt2, 
370                 bdb->bi_db_opflags );
371         rs->sr_text = NULL;
372         if( rs->sr_err != 0 ) {
373 #ifdef NEW_LOGGING
374                 LDAP_LOG ( OPERATION, ERR, 
375                         "bdb_add: txn_begin(2) failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
376 #else
377                 Debug( LDAP_DEBUG_TRACE,
378                         "bdb_add: txn_begin(2) failed: %s (%d)\n",
379                         db_strerror(rs->sr_err), rs->sr_err, 0 );
380 #endif
381                 rs->sr_err = LDAP_OTHER;
382                 rs->sr_text = "internal error";
383                 goto return_results;
384         }
385
386         /* dn2id index */
387         rs->sr_err = bdb_dn2id_add( op->o_bd, lt2, &pdn, op->oq_add.rs_e );
388         if ( rs->sr_err != 0 ) {
389 #ifdef NEW_LOGGING
390                 LDAP_LOG ( OPERATION, ERR, 
391                         "bdb_add: dn2id_add failed: %s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
392 #else
393                 Debug( LDAP_DEBUG_TRACE, "bdb_add: dn2id_add failed: %s (%d)\n",
394                         db_strerror(rs->sr_err), rs->sr_err, 0 );
395 #endif
396
397                 switch( rs->sr_err ) {
398                 case DB_LOCK_DEADLOCK:
399                 case DB_LOCK_NOTGRANTED:
400                         goto retry;
401                 case DB_KEYEXIST:
402                         rs->sr_err = LDAP_ALREADY_EXISTS;
403                         break;
404                 default:
405                         rs->sr_err = LDAP_OTHER;
406                 }
407                 goto return_results;
408         }
409
410         /* id2entry index */
411         rs->sr_err = bdb_id2entry_add( op->o_bd, lt2, op->oq_add.rs_e );
412         if ( rs->sr_err != 0 ) {
413 #ifdef NEW_LOGGING
414                 LDAP_LOG ( OPERATION, ERR, "bdb_add: id2entry_add failed\n", 0, 0, 0 );
415 #else
416                 Debug( LDAP_DEBUG_TRACE, "bdb_add: id2entry_add failed\n",
417                         0, 0, 0 );
418 #endif
419                 switch( rs->sr_err ) {
420                 case DB_LOCK_DEADLOCK:
421                 case DB_LOCK_NOTGRANTED:
422                         goto retry;
423                 default:
424                         rs->sr_err = LDAP_OTHER;
425                 }
426                 rs->sr_text = "entry store failed";
427                 goto return_results;
428         }
429
430         /* attribute indexes */
431         rs->sr_err = bdb_index_entry_add( op, lt2, op->oq_add.rs_e );
432         if ( rs->sr_err != LDAP_SUCCESS ) {
433 #ifdef NEW_LOGGING
434                 LDAP_LOG ( OPERATION, ERR, 
435                         "bdb_add: index_entry_add failed\n", 0, 0, 0 );
436 #else
437                 Debug( LDAP_DEBUG_TRACE, "bdb_add: index_entry_add failed\n",
438                         0, 0, 0 );
439 #endif
440                 switch( rs->sr_err ) {
441                 case DB_LOCK_DEADLOCK:
442                 case DB_LOCK_NOTGRANTED:
443                         goto retry;
444                 default:
445                         rs->sr_err = LDAP_OTHER;
446                 }
447                 rs->sr_text = "index generation failed";
448                 goto return_results;
449         }
450         if ( TXN_COMMIT( lt2, 0 ) != 0 ) {
451                 rs->sr_err = LDAP_OTHER;
452                 rs->sr_text = "txn_commit(2) failed";
453                 goto return_results;
454         }
455
456         if( op->o_noop ) {
457                 if (( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
458                         rs->sr_text = "txn_abort (no-op) failed";
459                 } else {
460                         noop = 1;
461                         rs->sr_err = LDAP_SUCCESS;
462                 }
463
464         } else {
465                 char gid[DB_XIDDATASIZE];
466
467                 snprintf( gid, sizeof( gid ), "%s-%08lx-%08lx",
468                         bdb_uuid.bv_val, (long) op->o_connid, (long) op->o_opid );
469
470                 if (( rs->sr_err=TXN_PREPARE( ltid, gid )) != 0 ) {
471                         rs->sr_text = "txn_prepare failed";
472
473                 } else {
474                         struct berval nrdn;
475
476                         if (pdn.bv_len) {
477                                 nrdn.bv_val = op->ora_e->e_nname.bv_val;
478                                 nrdn.bv_len = pdn.bv_val - nrdn.bv_val - 1;
479                         } else {
480                                 nrdn = op->ora_e->e_nname;
481                         }
482
483                         bdb_cache_add(bdb, ei, op->oq_add.rs_e, &nrdn, locker );
484
485                         if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) {
486                                 rs->sr_text = "txn_commit failed";
487                         } else {
488                                 rs->sr_err = LDAP_SUCCESS;
489                         }
490                 }
491         }
492
493         ltid = NULL;
494         op->o_private = NULL;
495
496         if (rs->sr_err == LDAP_SUCCESS) {
497 #ifdef NEW_LOGGING
498                 LDAP_LOG ( OPERATION, RESULTS, 
499                         "bdb_add: added%s id=%08lx dn=\"%s\"\n", 
500                         op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn );
501 #else
502                 Debug(LDAP_DEBUG_TRACE, "bdb_add: added%s id=%08lx dn=\"%s\"\n",
503                         op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn );
504 #endif
505                 rs->sr_text = NULL;
506         }
507         else {
508 #ifdef NEW_LOGGING
509                 LDAP_LOG ( OPERATION, ERR, 
510                         "bdb_add: %s : %s (%d)\n",  rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
511 #else
512                 Debug( LDAP_DEBUG_TRACE, "bdb_add: %s : %s (%d)\n",
513                         rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
514 #endif
515                 rs->sr_err = LDAP_OTHER;
516         }
517
518 return_results:
519         send_ldap_result( op, rs );
520
521 #if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
522         if ( rs->sr_err == LDAP_SUCCESS && !noop ) {
523                 LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
524                         bdb_psearch( op, rs, ps_list, op->oq_add.rs_e, LDAP_PSEARCH_BY_ADD );
525                 }
526         }
527 #endif /* LDAP_CLIENT_UPDATE */
528
529         if( rs->sr_err == LDAP_SUCCESS && bdb->bi_txn_cp ) {
530                 ldap_pvt_thread_yield();
531                 TXN_CHECKPOINT( bdb->bi_dbenv,
532                         bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
533         }
534
535 done:
536
537         if( ltid != NULL ) {
538                 TXN_ABORT( ltid );
539                 op->o_private = NULL;
540         }
541
542         return ( ( rs->sr_err == LDAP_SUCCESS ) ? noop : rs->sr_err );
543 }
544