1 /* add.c - ldap BerkeleyDB back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 2000-2008 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
20 #include <ac/string.h>
25 bdb_add(Operation *op, SlapReply *rs )
27 struct bdb_info *bdb = (struct bdb_info *) op->o_bd->be_private;
29 Entry *p = NULL, *oe = op->ora_e;
31 char textbuf[SLAP_TEXT_BUFLEN];
32 size_t textlen = sizeof textbuf;
33 AttributeDescription *children = slap_schema.si_ad_children;
34 AttributeDescription *entry = slap_schema.si_ad_entry;
35 DB_TXN *ltid = NULL, *lt2, *rtxn;
37 struct bdb_op_info opinfo = {{{ 0 }}};
44 LDAPControl **postread_ctrl = NULL;
45 LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS];
52 Debug(LDAP_DEBUG_ARGS, "==> " LDAP_XSTRING(bdb_add) ": %s\n",
53 op->oq_add.rs_e->e_name.bv_val, 0, 0);
57 /* acquire connection lock */
58 ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
59 if( op->o_conn->c_txn == CONN_TXN_INACTIVE ) {
60 rs->sr_text = "invalid transaction identifier";
61 rs->sr_err = LDAP_X_TXN_ID_INVALID;
63 } else if( op->o_conn->c_txn == CONN_TXN_SETTLE ) {
68 if( op->o_conn->c_txn_backend == NULL ) {
69 op->o_conn->c_txn_backend = op->o_bd;
71 } else if( op->o_conn->c_txn_backend != op->o_bd ) {
72 rs->sr_text = "transaction cannot span multiple database contexts";
73 rs->sr_err = LDAP_AFFECTS_MULTIPLE_DSAS;
77 /* insert operation into transaction */
79 rs->sr_text = "transaction specified";
80 rs->sr_err = LDAP_X_TXN_SPECIFY_OKAY;
83 /* release connection lock */
84 ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
87 send_ldap_result( op, rs );
95 /* check entry's schema */
96 rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL,
97 get_relax(op), 1, &rs->sr_text, textbuf, textlen );
98 if ( rs->sr_err != LDAP_SUCCESS ) {
99 Debug( LDAP_DEBUG_TRACE,
100 LDAP_XSTRING(bdb_add) ": entry failed schema check: "
101 "%s (%d)\n", rs->sr_text, rs->sr_err, 0 );
105 /* add opattrs to shadow as well, only missing attrs will actually
106 * be added; helps compatibility with older OL versions */
107 rs->sr_err = slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 );
108 if ( rs->sr_err != LDAP_SUCCESS ) {
109 Debug( LDAP_DEBUG_TRACE,
110 LDAP_XSTRING(bdb_add) ": entry failed op attrs add: "
111 "%s (%d)\n", rs->sr_text, rs->sr_err, 0 );
115 if ( get_assert( op ) &&
116 ( test_filter( op, op->ora_e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
118 rs->sr_err = LDAP_ASSERTION_FAILED;
122 subentry = is_entry_subentry( op->oq_add.rs_e );
124 /* Get our reader TXN */
125 rs->sr_err = bdb_reader_get( op, bdb->bi_dbenv, &rtxn );
128 retry: /* transaction retry */
130 /* free parent and reader lock */
131 if ( p != (Entry *)&slap_entry_root ) {
132 bdb_unlocked_cache_return_entry_r( bdb, p );
136 rs->sr_err = TXN_ABORT( ltid );
138 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
139 opinfo.boi_oe.oe_key = NULL;
140 op->o_do_not_cache = opinfo.boi_acl_cache;
141 if( rs->sr_err != 0 ) {
142 rs->sr_err = LDAP_OTHER;
143 rs->sr_text = "internal error";
146 if ( op->o_abandon ) {
147 rs->sr_err = SLAPD_ABANDON;
150 bdb_trans_backoff( ++num_retries );
153 /* begin transaction */
154 rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, NULL, <id,
155 bdb->bi_db_opflags );
157 if( rs->sr_err != 0 ) {
158 Debug( LDAP_DEBUG_TRACE,
159 LDAP_XSTRING(bdb_add) ": txn_begin failed: %s (%d)\n",
160 db_strerror(rs->sr_err), rs->sr_err, 0 );
161 rs->sr_err = LDAP_OTHER;
162 rs->sr_text = "internal error";
166 opinfo.boi_oe.oe_key = bdb;
167 opinfo.boi_txn = ltid;
169 opinfo.boi_acl_cache = op->o_do_not_cache;
170 LDAP_SLIST_INSERT_HEAD( &op->o_extra, &opinfo.boi_oe, oe_next );
173 * Get the parent dn and see if the corresponding entry exists.
175 if ( be_issuffix( op->o_bd, &op->oq_add.rs_e->e_nname ) ) {
178 dnParent( &op->oq_add.rs_e->e_nname, &pdn );
181 /* get entry or parent */
182 rs->sr_err = bdb_dn2entry( op, ltid, &op->ora_e->e_nname, &ei,
184 switch( rs->sr_err ) {
186 rs->sr_err = LDAP_ALREADY_EXISTS;
190 case DB_LOCK_DEADLOCK:
191 case DB_LOCK_NOTGRANTED:
194 rs->sr_text = "ldap server busy";
197 rs->sr_err = LDAP_OTHER;
198 rs->sr_text = "internal error";
204 p = (Entry *)&slap_entry_root;
206 if ( !bvmatch( &pdn, &p->e_nname ) ) {
207 rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
209 rs->sr_ref = is_entry_referral( p )
210 ? get_entry_referrals( op, p )
212 bdb_unlocked_cache_return_entry_r( bdb, p );
214 Debug( LDAP_DEBUG_TRACE,
215 LDAP_XSTRING(bdb_add) ": parent "
216 "does not exist\n", 0, 0, 0 );
218 rs->sr_err = LDAP_REFERRAL;
219 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
223 rs->sr_err = access_allowed( op, p,
224 children, NULL, ACL_WADD, NULL );
226 if ( ! rs->sr_err ) {
227 switch( opinfo.boi_err ) {
228 case DB_LOCK_DEADLOCK:
229 case DB_LOCK_NOTGRANTED:
233 Debug( LDAP_DEBUG_TRACE,
234 LDAP_XSTRING(bdb_add) ": no write access to parent\n",
236 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
237 rs->sr_text = "no write access to parent";
238 goto return_results;;
241 if ( p != (Entry *)&slap_entry_root ) {
242 if ( is_entry_subentry( p ) ) {
243 /* parent is a subentry, don't allow add */
244 Debug( LDAP_DEBUG_TRACE,
245 LDAP_XSTRING(bdb_add) ": parent is subentry\n",
247 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
248 rs->sr_text = "parent is a subentry";
249 goto return_results;;
252 if ( is_entry_alias( p ) ) {
253 /* parent is an alias, don't allow add */
254 Debug( LDAP_DEBUG_TRACE,
255 LDAP_XSTRING(bdb_add) ": parent is alias\n",
257 rs->sr_err = LDAP_ALIAS_PROBLEM;
258 rs->sr_text = "parent is an alias";
259 goto return_results;;
262 if ( is_entry_referral( p ) ) {
263 /* parent is a referral, don't allow add */
264 rs->sr_matched = ber_strdup_x( p->e_name.bv_val,
266 rs->sr_ref = get_entry_referrals( op, p );
267 bdb_unlocked_cache_return_entry_r( bdb, p );
269 Debug( LDAP_DEBUG_TRACE,
270 LDAP_XSTRING(bdb_add) ": parent is referral\n",
273 rs->sr_err = LDAP_REFERRAL;
274 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
282 /* parent must be an administrative point of the required kind */
285 /* free parent and reader lock */
286 if ( p != (Entry *)&slap_entry_root ) {
287 bdb_unlocked_cache_return_entry_r( bdb, p );
291 rs->sr_err = access_allowed( op, op->oq_add.rs_e,
292 entry, NULL, ACL_WADD, NULL );
294 if ( ! rs->sr_err ) {
295 switch( opinfo.boi_err ) {
296 case DB_LOCK_DEADLOCK:
297 case DB_LOCK_NOTGRANTED:
301 Debug( LDAP_DEBUG_TRACE,
302 LDAP_XSTRING(bdb_add) ": no write access to entry\n",
304 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
305 rs->sr_text = "no write access to entry";
306 goto return_results;;
310 * Check ACL for attribute write access
312 if (!acl_check_modlist(op, oe, op->ora_modlist)) {
313 switch( opinfo.boi_err ) {
314 case DB_LOCK_DEADLOCK:
315 case DB_LOCK_NOTGRANTED:
319 Debug( LDAP_DEBUG_TRACE,
320 LDAP_XSTRING(bdb_add) ": no write access to attribute\n",
322 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
323 rs->sr_text = "no write access to attribute";
324 goto return_results;;
328 rs->sr_err = bdb_next_id( op->o_bd, &eid );
329 if( rs->sr_err != 0 ) {
330 Debug( LDAP_DEBUG_TRACE,
331 LDAP_XSTRING(bdb_add) ": next_id failed (%d)\n",
333 rs->sr_err = LDAP_OTHER;
334 rs->sr_text = "internal error";
337 op->oq_add.rs_e->e_id = eid;
340 /* nested transaction */
341 rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, ltid, <2,
342 bdb->bi_db_opflags );
344 if( rs->sr_err != 0 ) {
345 Debug( LDAP_DEBUG_TRACE,
346 LDAP_XSTRING(bdb_add) ": txn_begin(2) failed: "
347 "%s (%d)\n", db_strerror(rs->sr_err), rs->sr_err, 0 );
348 rs->sr_err = LDAP_OTHER;
349 rs->sr_text = "internal error";
354 rs->sr_err = bdb_dn2id_add( op, lt2, ei, op->oq_add.rs_e );
355 if ( rs->sr_err != 0 ) {
356 Debug( LDAP_DEBUG_TRACE,
357 LDAP_XSTRING(bdb_add) ": dn2id_add failed: %s (%d)\n",
358 db_strerror(rs->sr_err), rs->sr_err, 0 );
360 switch( rs->sr_err ) {
361 case DB_LOCK_DEADLOCK:
362 case DB_LOCK_NOTGRANTED:
365 rs->sr_err = LDAP_ALREADY_EXISTS;
368 rs->sr_err = LDAP_OTHER;
373 /* attribute indexes */
374 rs->sr_err = bdb_index_entry_add( op, lt2, op->oq_add.rs_e );
375 if ( rs->sr_err != LDAP_SUCCESS ) {
376 Debug( LDAP_DEBUG_TRACE,
377 LDAP_XSTRING(bdb_add) ": index_entry_add failed\n",
379 switch( rs->sr_err ) {
380 case DB_LOCK_DEADLOCK:
381 case DB_LOCK_NOTGRANTED:
384 rs->sr_err = LDAP_OTHER;
386 rs->sr_text = "index generation failed";
391 rs->sr_err = bdb_id2entry_add( op->o_bd, lt2, op->oq_add.rs_e );
392 if ( rs->sr_err != 0 ) {
393 Debug( LDAP_DEBUG_TRACE,
394 LDAP_XSTRING(bdb_add) ": id2entry_add failed\n",
396 switch( rs->sr_err ) {
397 case DB_LOCK_DEADLOCK:
398 case DB_LOCK_NOTGRANTED:
401 rs->sr_err = LDAP_OTHER;
403 rs->sr_text = "entry store failed";
407 if ( TXN_COMMIT( lt2, 0 ) != 0 ) {
408 rs->sr_err = LDAP_OTHER;
409 rs->sr_text = "txn_commit(2) failed";
414 if( op->o_postread ) {
415 if( postread_ctrl == NULL ) {
416 postread_ctrl = &ctrls[num_ctrls++];
417 ctrls[num_ctrls] = NULL;
419 if ( slap_read_controls( op, rs, op->oq_add.rs_e,
420 &slap_post_read_bv, postread_ctrl ) )
422 Debug( LDAP_DEBUG_TRACE,
423 "<=- " LDAP_XSTRING(bdb_add) ": post-read "
424 "failed!\n", 0, 0, 0 );
425 if ( op->o_postread & SLAP_CONTROL_CRITICAL ) {
426 /* FIXME: is it correct to abort
427 * operation if control fails? */
434 if (( rs->sr_err=TXN_ABORT( ltid )) != 0 ) {
435 rs->sr_text = "txn_abort (no-op) failed";
437 rs->sr_err = LDAP_X_NO_OPERATION;
445 /* pick the RDN if not suffix; otherwise pick the entire DN */
447 nrdn.bv_val = op->ora_e->e_nname.bv_val;
448 nrdn.bv_len = pdn.bv_val - op->ora_e->e_nname.bv_val - 1;
450 nrdn = op->ora_e->e_nname;
453 /* Use the reader txn here, outside the add txn */
454 bdb_cache_add( bdb, ei, op->ora_e, &nrdn, rtxn, &lock );
456 if(( rs->sr_err=TXN_COMMIT( ltid, 0 )) != 0 ) {
457 rs->sr_text = "txn_commit failed";
459 rs->sr_err = LDAP_SUCCESS;
464 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
465 opinfo.boi_oe.oe_key = NULL;
467 if ( rs->sr_err != LDAP_SUCCESS ) {
468 Debug( LDAP_DEBUG_TRACE,
469 LDAP_XSTRING(bdb_add) ": %s : %s (%d)\n",
470 rs->sr_text, db_strerror(rs->sr_err), rs->sr_err );
471 rs->sr_err = LDAP_OTHER;
475 Debug(LDAP_DEBUG_TRACE,
476 LDAP_XSTRING(bdb_add) ": added%s id=%08lx dn=\"%s\"\n",
477 op->o_noop ? " (no-op)" : "",
478 op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn );
481 if( num_ctrls ) rs->sr_ctrls = ctrls;
484 success = rs->sr_err;
485 send_ldap_result( op, rs );
486 slap_graduate_commit_csn( op );
491 if ( opinfo.boi_oe.oe_key ) {
492 LDAP_SLIST_REMOVE( &op->o_extra, &opinfo.boi_oe, OpExtra, oe_next );
495 if( success == LDAP_SUCCESS ) {
496 /* We own the entry now, and it can be purged at will
497 * Check to make sure it's the same entry we entered with.
498 * Possibly a callback may have mucked with it, although
499 * in general callbacks should treat the entry as read-only.
501 bdb_cache_return_entry_r( bdb, oe, &lock );
502 if ( op->ora_e == oe )
505 if ( bdb->bi_txn_cp_kbyte ) {
506 TXN_CHECKPOINT( bdb->bi_dbenv,
507 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
511 if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) {
512 slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx );
513 slap_sl_free( *postread_ctrl, op->o_tmpmemctx );