1 /* attribute.c - bdb backend acl attribute routine */
4 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/socket.h>
13 #include <ac/string.h>
17 #include "proto-bdb.h"
19 /* return LDAP_SUCCESS IFF we can retrieve the attributes
28 struct berval *entry_ndn,
29 AttributeDescription *entry_at,
32 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
33 struct bdb_op_info *boi = (struct bdb_op_info *) op->o_private;
39 const char *entry_at_name = entry_at->ad_cname.bv_val;
40 AccessControlState acl_state = ACL_STATE_INIT;
43 LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
44 "bdb_attribute: gr dn: \"%s\"\n", entry_ndn->bv_val ));
45 LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
46 "bdb_attribute: at: \"%s\"\n", entry_at_name));
47 LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
48 "bdb_attribute: tr dn: \"%s\"\n",
49 target ? target->e_ndn : "" ));
51 Debug( LDAP_DEBUG_ARGS,
52 "=> bdb_attribute: gr dn: \"%s\"\n",
53 entry_ndn->bv_val, 0, 0 );
54 Debug( LDAP_DEBUG_ARGS,
55 "=> bdb_attribute: at: \"%s\"\n",
56 entry_at_name, 0, 0 );
58 Debug( LDAP_DEBUG_ARGS,
59 "=> bdb_attribute: tr dn: \"%s\"\n",
60 target ? target->e_ndn : "", 0, 0 );
63 if( boi != NULL && be == boi->boi_bdb ) {
67 if (target != NULL && dn_match(&target->e_nname, entry_ndn)) {
68 /* we already have a LOCKED copy of the entry */
71 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
72 "bdb_attribute: target is LOCKED (%s)\n",
75 Debug( LDAP_DEBUG_ARGS,
76 "=> bdb_attribute: target is entry: \"%s\"\n",
77 entry_ndn->bv_val, 0, 0 );
82 /* can we find entry */
83 rc = bdb_dn2entry_r( be, NULL, entry_ndn, &e, NULL, 0 );
92 return (rc != LDAP_BUSY) ? LDAP_OTHER : LDAP_BUSY;
96 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
97 "bdb_attribute: cannot find entry (%s)\n",
100 Debug( LDAP_DEBUG_ACL,
101 "=> bdb_attribute: cannot find entry: \"%s\"\n",
102 entry_ndn->bv_val, 0, 0 );
104 return LDAP_NO_SUCH_OBJECT;
108 LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
109 "bdb_attribute: found entry (%s)\n",
110 entry_ndn->bv_val ));
112 Debug( LDAP_DEBUG_ACL,
113 "=> bdb_attribute: found entry: \"%s\"\n",
114 entry_ndn->bv_val, 0, 0 );
119 /* find attribute values */
120 if( is_entry_alias( e ) ) {
122 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
123 "bdb_attribute: entry (%s) is an alias\n", e->e_dn ));
125 Debug( LDAP_DEBUG_ACL,
126 "<= bdb_attribute: entry is an alias\n", 0, 0, 0 );
128 rc = LDAP_ALIAS_PROBLEM;
133 if( is_entry_referral( e ) ) {
135 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
136 "bdb_attribute: entry (%s) is a referral.\n", e->e_dn ));
138 Debug( LDAP_DEBUG_ACL,
139 "<= bdb_attribute: entry is a referral\n", 0, 0, 0 );
145 if (conn != NULL && op != NULL
146 && access_allowed( be, conn, op, e, slap_schema.si_ad_entry,
147 NULL, ACL_READ, &acl_state ) == 0 )
149 rc = LDAP_INSUFFICIENT_ACCESS;
153 if ((attr = attr_find(e->e_attrs, entry_at)) == NULL) {
155 LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
156 "bdb_attribute: failed to find %s.\n", entry_at_name ));
158 Debug( LDAP_DEBUG_ACL,
159 "<= bdb_attribute: failed to find %s\n",
160 entry_at_name, 0, 0 );
162 rc = LDAP_NO_SUCH_ATTRIBUTE;
166 if (conn != NULL && op != NULL
167 && access_allowed( be, conn, op, e, entry_at, NULL, ACL_READ,
170 rc = LDAP_INSUFFICIENT_ACCESS;
174 for ( i = 0; attr->a_vals[i].bv_val != NULL; i++ ) {
178 v = (BerVarray) ch_malloc( sizeof(struct berval) * (i+1) );
180 for ( i=0, j=0; attr->a_vals[i].bv_val != NULL; i++ ) {
183 && access_allowed(be, conn, op, e, entry_at,
184 &attr->a_vals[i], ACL_READ, &acl_state ) == 0)
188 ber_dupbv( &v[j], &attr->a_vals[i] );
190 if( v[j].bv_val != NULL ) j++;
196 rc = LDAP_INSUFFICIENT_ACCESS;
207 bdb_cache_return_entry_r(&bdb->bi_cache, e);
211 LDAP_LOG(( "backend", LDAP_LEVEL_ENTRY,
212 "bdb_attribute: rc=%d nvals=%d.\n",
215 Debug( LDAP_DEBUG_TRACE,
216 "bdb_attribute: rc=%d nvals=%d\n",
projects / openldap / blob