git.sur5r.net Git - openldap/blob - servers/slapd/back-bdb/attribute.c

   1 /* attribute.c - bdb backend acl attribute routine */
   2 /* $OpenLDAP$ */
   3 /*
   4  * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
   5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   6  */
   7
   8 #include "portable.h"
   9
  10 #include <stdio.h>
  11
  12 #include <ac/socket.h>
  13 #include <ac/string.h>
  14
  15 #include "slap.h"
  16 #include "back-bdb.h"
  17 #include "proto-bdb.h"
  18
  19
  20 /* return LDAP_SUCCESS IFF we can retrieve the attributes
  21  * of entry with e_ndn
  22  */
  23 int
  24 bdb_attribute(
  25         Backend *be,
  26         Connection *conn,
  27         Operation *op,
  28         Entry   *target,
  29         const char      *e_ndn,
  30         AttributeDescription *entry_at,
  31         struct berval ***vals )
  32 {
  33         struct bdbinfo *li = (struct bdbinfo *) be->be_private;
  34         Entry        *e;
  35         int          i, j, rc;
  36         Attribute   *attr;
  37         struct berval **v;
  38         const char *entry_at_name = entry_at->ad_cname.bv_val;
  39
  40 #ifdef NEW_LOGGING
  41         LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
  42                    "bdb_attribute: gr dn: \"%s\"\n", e_ndn ));
  43         LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
  44                    "bdb_attribute: at: \"%s\"\n", entry_at_name));
  45         LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
  46                    "bdb_attribute: tr dn: \"%s\"\n",
  47                    target ? target->e_ndn : "" ));
  48 #else
  49         Debug( LDAP_DEBUG_ARGS,
  50                 "=> bdb_attribute: gr dn: \"%s\"\n",
  51                 e_ndn, 0, 0 );
  52         Debug( LDAP_DEBUG_ARGS,
  53                 "=> bdb_attribute: at: \"%s\"\n",
  54                 entry_at_name, 0, 0 );
  55
  56         Debug( LDAP_DEBUG_ARGS,
  57                 "=> bdb_attribute: tr dn: \"%s\"\n",
  58                 target ? target->e_ndn : "", 0, 0 );
  59 #endif
  60
  61         if (target != NULL && strcmp(target->e_ndn, e_ndn) == 0) {
  62                 /* we already have a LOCKED copy of the entry */
  63                 e = target;
  64 #ifdef NEW_LOGGING
  65                 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
  66                            "bdb_attribute: target is LOCKED (%s)\n",
  67                            e_ndn ));
  68 #else
  69                 Debug( LDAP_DEBUG_ARGS,
  70                         "=> bdb_attribute: target is entry: \"%s\"\n",
  71                         e_ndn, 0, 0 );
  72 #endif
  73
  74
  75         } else {
  76                 /* can we find entry */
  77                 rc = bdb_dn2entry( be, NULL, e_ndn, &e, NULL, 0 );
  78                 switch( rc ) {
  79                 case DB_NOTFOUND:
  80                 case 0:
  81                         break;
  82                 default:
  83                         return LDAP_OTHER;
  84                 }
  85                 if (e == NULL) {
  86 #ifdef NEW_LOGGING
  87                         LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
  88                                    "bdb_attribute: cannot find entry (%s)\n",
  89                                    e_ndn ));
  90 #else
  91                         Debug( LDAP_DEBUG_ACL,
  92                                 "=> bdb_attribute: cannot find entry: \"%s\"\n",
  93                                         e_ndn, 0, 0 );
  94 #endif
  95                         return LDAP_NO_SUCH_OBJECT;
  96                 }
  97
  98 #ifdef NEW_LOGGING
  99                 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
 100                            "bdb_attribute: found entry (%s)\n", e_ndn ));
 101 #else
 102                 Debug( LDAP_DEBUG_ACL,
 103                         "=> bdb_attribute: found entry: \"%s\"\n",
 104                         e_ndn, 0, 0 );
 105 #endif
 106
 107     }
 108
 109         /* find attribute values */
 110
 111         if( is_entry_alias( e ) ) {
 112 #ifdef NEW_LOGGING
 113                 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
 114                            "bdb_attribute: entry (%s) is an alias\n", e->e_dn ));
 115 #else
 116                 Debug( LDAP_DEBUG_ACL,
 117                         "<= bdb_attribute: entry is an alias\n", 0, 0, 0 );
 118 #endif
 119                 rc = LDAP_ALIAS_PROBLEM;
 120                 goto return_results;
 121         }
 122
 123         if( is_entry_referral( e ) ) {
 124 #ifdef NEW_LOGGING
 125                 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
 126                            "bdb_attribute: entry (%s) is a referral.\n", e->e_dn ));
 127 #else
 128                 Debug( LDAP_DEBUG_ACL,
 129                         "<= bdb_attribute: entry is a referral\n", 0, 0, 0 );
 130 #endif
 131                 rc = LDAP_REFERRAL;
 132                 goto return_results;
 133         }
 134
 135         if (conn != NULL && op != NULL
 136                 && access_allowed(be, conn, op, e, slap_schema.si_ad_entry,
 137                         NULL, ACL_READ) == 0)
 138         {
 139                 rc = LDAP_INSUFFICIENT_ACCESS;
 140                 goto return_results;
 141         }
 142
 143         if ((attr = attr_find(e->e_attrs, entry_at)) == NULL) {
 144 #ifdef NEW_LOGGING
 145                 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
 146                            "bdb_attribute: failed to find %s.\n", entry_at_name ));
 147 #else
 148                 Debug( LDAP_DEBUG_ACL,
 149                         "<= bdb_attribute: failed to find %s\n",
 150                         entry_at_name, 0, 0 );
 151 #endif
 152                 rc = LDAP_NO_SUCH_ATTRIBUTE;
 153                 goto return_results;
 154         }
 155
 156         if (conn != NULL && op != NULL
 157                 && access_allowed(be, conn, op, e, entry_at, NULL, ACL_READ) == 0)
 158         {
 159                 rc = LDAP_INSUFFICIENT_ACCESS;
 160                 goto return_results;
 161         }
 162
 163         for ( i = 0; attr->a_vals[i] != NULL; i++ ) {
 164                 /* count them */
 165         }
 166
 167         v = (struct berval **) ch_malloc( sizeof(struct berval *) * (i+1) );
 168
 169         for ( i=0, j=0; attr->a_vals[i] != NULL; i++ ) {
 170                 if( conn != NULL
 171                         && op != NULL
 172                         && access_allowed(be, conn, op, e, entry_at,
 173                                 attr->a_vals[i], ACL_READ) == 0)
 174                 {
 175                         continue;
 176                 }
 177                 v[j] = ber_bvdup( attr->a_vals[i] );
 178
 179                 if( v[j] != NULL ) j++;
 180         }
 181
 182         if( j == 0 ) {
 183                 ch_free( v );
 184                 *vals = NULL;
 185                 rc = LDAP_INSUFFICIENT_ACCESS;
 186         } else {
 187                 v[j] = NULL;
 188                 *vals = v;
 189                 rc = LDAP_SUCCESS;
 190         }
 191
 192 return_results:
 193         if( target != e ) {
 194                 /* free entry */
 195                 bdb_entry_return( be, e );
 196         }
 197
 198 #ifdef NEW_LOGGING
 199         LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
 200                    "bdb_attribute: rc=%d nvals=%d.\n",
 201                    rc, j ));
 202 #else
 203         Debug( LDAP_DEBUG_TRACE,
 204                 "bdb_attribute: rc=%d nvals=%d\n",
 205                 rc, j, 0 );
 206 #endif
 207         return(rc);
 208 }