1 /* attribute.c - bdb backend acl attribute routine */
4 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/socket.h>
13 #include <ac/string.h>
17 #include "proto-bdb.h"
19 /* return LDAP_SUCCESS IFF we can retrieve the attributes
28 struct berval *entry_ndn,
29 AttributeDescription *entry_at,
32 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
33 struct bdb_op_info *boi = NULL;
39 const char *entry_at_name = entry_at->ad_cname.bv_val;
40 AccessControlState acl_state = ACL_STATE_INIT;
43 LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
44 "bdb_attribute: gr dn: \"%s\"\n", entry_ndn->bv_val ));
45 LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
46 "bdb_attribute: at: \"%s\"\n", entry_at_name));
47 LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
48 "bdb_attribute: tr dn: \"%s\"\n",
49 target ? target->e_ndn : "" ));
51 Debug( LDAP_DEBUG_ARGS,
52 "=> bdb_attribute: gr dn: \"%s\"\n",
53 entry_ndn->bv_val, 0, 0 );
54 Debug( LDAP_DEBUG_ARGS,
55 "=> bdb_attribute: at: \"%s\"\n",
56 entry_at_name, 0, 0 );
58 Debug( LDAP_DEBUG_ARGS,
59 "=> bdb_attribute: tr dn: \"%s\"\n",
60 target ? target->e_ndn : "", 0, 0 );
63 if( op ) boi = (struct bdb_op_info *) op->o_private;
64 if( boi != NULL && be == boi->boi_bdb ) {
68 if (target != NULL && dn_match(&target->e_nname, entry_ndn)) {
69 /* we already have a LOCKED copy of the entry */
72 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
73 "bdb_attribute: target is LOCKED (%s)\n",
76 Debug( LDAP_DEBUG_ARGS,
77 "=> bdb_attribute: target is entry: \"%s\"\n",
78 entry_ndn->bv_val, 0, 0 );
83 /* can we find entry */
84 rc = bdb_dn2entry_r( be, NULL, entry_ndn, &e, NULL, 0 );
93 return (rc != LDAP_BUSY) ? LDAP_OTHER : LDAP_BUSY;
97 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
98 "bdb_attribute: cannot find entry (%s)\n",
101 Debug( LDAP_DEBUG_ACL,
102 "=> bdb_attribute: cannot find entry: \"%s\"\n",
103 entry_ndn->bv_val, 0, 0 );
105 return LDAP_NO_SUCH_OBJECT;
109 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
110 "bdb_attribute: found entry (%s)\n",
111 entry_ndn->bv_val ));
113 Debug( LDAP_DEBUG_ACL,
114 "=> bdb_attribute: found entry: \"%s\"\n",
115 entry_ndn->bv_val, 0, 0 );
120 /* find attribute values */
121 if( is_entry_alias( e ) ) {
123 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
124 "bdb_attribute: entry (%s) is an alias\n", e->e_dn ));
126 Debug( LDAP_DEBUG_ACL,
127 "<= bdb_attribute: entry is an alias\n", 0, 0, 0 );
129 rc = LDAP_ALIAS_PROBLEM;
134 if( is_entry_referral( e ) ) {
136 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
137 "bdb_attribute: entry (%s) is a referral.\n", e->e_dn ));
139 Debug( LDAP_DEBUG_ACL,
140 "<= bdb_attribute: entry is a referral\n", 0, 0, 0 );
146 if (conn != NULL && op != NULL
147 && access_allowed( be, conn, op, e, slap_schema.si_ad_entry,
148 NULL, ACL_READ, &acl_state ) == 0 )
150 rc = LDAP_INSUFFICIENT_ACCESS;
154 if ((attr = attr_find(e->e_attrs, entry_at)) == NULL) {
156 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
157 "bdb_attribute: failed to find %s.\n", entry_at_name ));
159 Debug( LDAP_DEBUG_ACL,
160 "<= bdb_attribute: failed to find %s\n",
161 entry_at_name, 0, 0 );
163 rc = LDAP_NO_SUCH_ATTRIBUTE;
167 if (conn != NULL && op != NULL
168 && access_allowed( be, conn, op, e, entry_at, NULL, ACL_READ,
171 rc = LDAP_INSUFFICIENT_ACCESS;
175 for ( i = 0; attr->a_vals[i].bv_val != NULL; i++ ) {
179 v = (BerVarray) ch_malloc( sizeof(struct berval) * (i+1) );
181 for ( i=0, j=0; attr->a_vals[i].bv_val != NULL; i++ ) {
184 && access_allowed(be, conn, op, e, entry_at,
185 &attr->a_vals[i], ACL_READ, &acl_state ) == 0)
189 ber_dupbv( &v[j], &attr->a_vals[i] );
191 if( v[j].bv_val != NULL ) j++;
197 rc = LDAP_INSUFFICIENT_ACCESS;
208 bdb_cache_return_entry_r(&bdb->bi_cache, e);
212 LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
213 "bdb_attribute: rc=%d nvals=%d.\n",
216 Debug( LDAP_DEBUG_TRACE,
217 "bdb_attribute: rc=%d nvals=%d\n",
projects / openldap / blob