1 /* modrdn.c - bdb backend modrdn routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
25 const char *newSuperior
28 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
29 AttributeDescription *children = slap_schema.si_ad_children;
30 char *p_dn = NULL, *p_ndn = NULL;
31 char *new_dn = NULL, *new_ndn = NULL;
37 char textbuf[SLAP_TEXT_BUFLEN];
38 size_t textlen = sizeof textbuf;
40 struct bdb_op_info opinfo;
43 char **new_rdn_vals = NULL; /* Vals of new rdn */
44 char **new_rdn_types = NULL; /* Types of new rdn */
46 char *old_rdn = NULL; /* Old rdn's attr type & val */
47 char **old_rdn_types = NULL; /* Types of old rdn attr. */
48 char **old_rdn_vals = NULL; /* Old rdn attribute values */
50 Entry *np = NULL; /* newSuperior Entry */
51 char *np_dn = NULL; /* newSuperior dn */
52 char *np_ndn = NULL; /* newSuperior ndn */
53 char *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */
55 /* Used to interface with bdb_modify_internal() */
56 Modifications *mod = NULL; /* Used to delete old rdn */
58 int manageDSAit = get_manageDSAit( op );
60 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n",
61 dn, newrdn, (newSuperior ? newSuperior : "NULL") );
64 if( newSuperior != NULL ) {
65 rc = LDAP_UNWILLING_TO_PERFORM;
66 text = "newSuperior not implemented (yet)";
72 retry: /* transaction retry */
73 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn: retrying...\n", 0, 0, 0 );
74 rc = txn_abort( ltid );
79 text = "internal error";
85 /* begin transaction */
86 rc = txn_begin( bdb->bi_dbenv, NULL, <id,
90 Debug( LDAP_DEBUG_TRACE,
91 "bdb_delete: txn_begin failed: %s (%d)\n",
92 db_strerror(rc), rc, 0 );
94 text = "internal error";
100 opinfo.boi_txn = ltid;
102 op->o_private = &opinfo;
105 rc = bdb_dn2entry( be, ltid, ndn, &e, &matched, 0 );
111 case DB_LOCK_DEADLOCK:
112 case DB_LOCK_NOTGRANTED:
116 text = "internal error";
121 char* matched_dn = NULL;
122 struct berval** refs;
124 if( matched != NULL ) {
125 matched_dn = strdup( matched->e_dn );
126 refs = is_entry_referral( matched )
127 ? get_entry_referrals( be, conn, op, matched,
128 dn, LDAP_SCOPE_DEFAULT )
130 bdb_entry_return( be, matched );
134 refs = referral_rewrite( default_referral,
135 NULL, dn, LDAP_SCOPE_DEFAULT );
138 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
139 matched_dn, NULL, refs, NULL );
141 ber_bvecfree( refs );
147 if (!manageDSAit && is_entry_referral( e ) ) {
148 /* parent is a referral, don't allow add */
149 /* parent is an alias, don't allow add */
150 struct berval **refs = get_entry_referrals( be,
151 conn, op, e, dn, LDAP_SCOPE_DEFAULT );
153 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry %s is referral\n",
156 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
157 e->e_dn, NULL, refs, NULL );
159 ber_bvecfree( refs );
163 p_ndn = dn_parent( be, e->e_ndn );
165 if ( p_ndn != NULL && p_ndn[ 0 ] != '\0' ) {
166 /* Make sure parent entry exist and we can write its
170 rc = bdb_dn2entry( be, ltid, p_ndn, &p, NULL, 0 );
176 case DB_LOCK_DEADLOCK:
177 case DB_LOCK_NOTGRANTED:
181 text = "internal error";
186 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n",
192 /* check parent for "children" acl */
193 if ( ! access_allowed( be, conn, op, p,
194 children, NULL, ACL_WRITE ) )
196 Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
198 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
199 NULL, NULL, NULL, NULL );
203 Debug( LDAP_DEBUG_TRACE,
204 "bdb_modrdn: wr to children of entry %s OK\n",
207 p_dn = dn_parent( be, e->e_dn );
209 Debug( LDAP_DEBUG_TRACE,
210 "bdb_modrdn: parent dn=%s\n",
214 /* no parent, modrdn entry directly under root */
215 isroot = be_isroot( be, op->o_ndn.bv_val );
217 if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn.bv_val ) ) {
219 p = (Entry *)&slap_entry_root;
221 /* check parent for "children" acl */
222 rc = access_allowed( be, conn, op, p,
223 children, NULL, ACL_WRITE );
229 Debug( LDAP_DEBUG_TRACE,
230 "no access to parent\n",
232 send_ldap_result( conn, op,
233 LDAP_INSUFFICIENT_ACCESS,
234 NULL, NULL, NULL, NULL );
238 Debug( LDAP_DEBUG_TRACE,
239 "bdb_modrdn: wr to children of entry \"\" OK\n",
244 Debug( LDAP_DEBUG_TRACE,
245 "bdb_modrdn: parent dn=\"\"\n",
249 Debug( LDAP_DEBUG_TRACE,
250 "bdb_modrdn: no parent, not root "
251 "& \"\" is not suffix\n",
253 rc = LDAP_INSUFFICIENT_ACCESS;
259 new_parent_dn = p_dn; /* New Parent unless newSuperior given */
261 if ( newSuperior != NULL ) {
262 Debug( LDAP_DEBUG_TRACE,
263 "bdb_modrdn: new parent \"%s\" requested...\n",
266 if ( newSuperior[ 0 ] != '\0' ) {
267 np_dn = ch_strdup( newSuperior );
268 np_ndn = ch_strdup( np_dn );
269 (void) dn_normalize( np_ndn );
271 /* newSuperior == oldParent?, if so ==> ERROR */
272 /* newSuperior == entry being moved?, if so ==> ERROR */
273 /* Get Entry with dn=newSuperior. Does newSuperior exist? */
275 rc = bdb_dn2entry( be, ltid, np_ndn, &np, NULL, 0 );
281 case DB_LOCK_DEADLOCK:
282 case DB_LOCK_NOTGRANTED:
286 text = "internal error";
291 Debug( LDAP_DEBUG_TRACE,
292 "bdb_modrdn: newSup(ndn=%s) not here!\n",
298 Debug( LDAP_DEBUG_TRACE,
299 "bdb_modrdn: wr to new parent OK np=%p, id=%ld\n",
300 np, (long) np->e_id, 0 );
302 /* check newSuperior for "children" acl */
303 if ( !access_allowed( be, conn, op, np, children, NULL, ACL_WRITE ) ) {
304 Debug( LDAP_DEBUG_TRACE,
305 "bdb_modrdn: no wr to newSup children\n",
307 rc = LDAP_INSUFFICIENT_ACCESS;
311 if ( is_entry_alias( np ) ) {
312 /* parent is an alias, don't allow add */
313 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n",
316 rc = LDAP_ALIAS_PROBLEM;
320 if ( is_entry_referral( np ) ) {
321 /* parent is a referral, don't allow add */
322 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
325 rc = LDAP_OPERATIONS_ERROR;
330 if ( isroot == -1 ) {
331 isroot = be_isroot( be, op->o_ndn.bv_val );
334 np_dn = ch_strdup( "" );
336 /* no parent, modrdn entry directly under root */
338 if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn.bv_val ) ) {
340 np = (Entry *)&slap_entry_root;
342 /* check parent for "children" acl */
343 rc = access_allowed( be, conn, op, np,
344 children, NULL, ACL_WRITE );
350 Debug( LDAP_DEBUG_TRACE,
351 "no access to new superior\n",
353 send_ldap_result( conn, op,
354 LDAP_INSUFFICIENT_ACCESS,
355 NULL, NULL, NULL, NULL );
359 Debug( LDAP_DEBUG_TRACE,
360 "bdb_modrdn: wr to children of entry \"\" OK\n",
364 Debug( LDAP_DEBUG_TRACE,
365 "bdb_modrdn: new superior=\"\", not root "
366 "& \"\" is not suffix\n",
368 rc = LDAP_INSUFFICIENT_ACCESS;
373 Debug( LDAP_DEBUG_TRACE,
374 "bdb_modrdn: new superior=\"\"\n",
378 Debug( LDAP_DEBUG_TRACE,
379 "bdb_modrdn: wr to new parent's children OK\n",
382 new_parent_dn = np_dn;
385 /* Build target dn and make sure target entry doesn't exist already. */
386 build_new_dn( &new_dn, e->e_dn, new_parent_dn, newrdn );
388 new_ndn = ch_strdup(new_dn);
389 (void) dn_normalize( new_ndn );
391 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: new ndn=%s\n",
394 rc = bdb_dn2id ( be, ltid, new_ndn, &id );
396 case DB_LOCK_DEADLOCK:
397 case DB_LOCK_NOTGRANTED:
402 rc = LDAP_ALREADY_EXISTS;
406 text = "internal error";
410 Debug( LDAP_DEBUG_TRACE,
411 "bdb_modrdn: new ndn=%s does not exist\n",
414 /* Get attribute type and attribute value of our new rdn, we will
415 * need to add that to our new entry
418 if ( rdn_attrs( newrdn, &new_rdn_types, &new_rdn_vals ) ) {
419 Debug( LDAP_DEBUG_TRACE,
420 "bdb_modrdn: can't figure out type(s)/values(s) "
421 "of newrdn\n", 0, 0, 0 );
422 rc = LDAP_OPERATIONS_ERROR;
423 text = "unknown type(s) used in RDN";
427 Debug( LDAP_DEBUG_TRACE,
428 "bdb_modrdn: new_rdn_val=\"%s\", new_rdn_type=\"%s\"\n",
429 new_rdn_vals[ 0 ], new_rdn_types[ 0 ], 0 );
431 /* Retrieve the old rdn from the entry's dn */
432 if ( ( old_rdn = dn_rdn( be, dn ) ) == NULL ) {
433 Debug( LDAP_DEBUG_TRACE,
434 "bdb_modrdn: can't figure out old_rdn from dn\n",
437 text = "could not parse old DN";
441 if ( rdn_attrs( old_rdn, &old_rdn_types, &old_rdn_vals ) ) {
442 Debug( LDAP_DEBUG_TRACE,
443 "bdb_back_modrdn: can't figure out the old_rdn "
444 "type(s)/value(s)\n", 0, 0, 0 );
446 text = "cannot parse RDN from old DN";
450 if ( newSuperior == NULL
451 && charray_strcasecmp( ( const char ** )old_rdn_types,
452 ( const char ** )new_rdn_types ) != 0 ) {
453 /* Not a big deal but we may say something */
454 Debug( LDAP_DEBUG_TRACE,
455 "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s "
457 old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 );
460 /* Add new attribute values to the entry */
461 for ( a_cnt = 0; new_rdn_types[ a_cnt ]; a_cnt++ ) {
463 AttributeDescription *desc = NULL;
464 Modifications *mod_tmp;
467 rc = slap_str2ad( new_rdn_types[ a_cnt ], &desc, &text );
469 if ( rc != LDAP_SUCCESS ) {
470 Debug( LDAP_DEBUG_TRACE,
471 "bdb_modrdn: %s: %s (new)\n",
472 text, new_rdn_types[ a_cnt ], 0 );
476 /* ACL check of newly added attrs */
477 val.bv_val = new_rdn_vals[ a_cnt ];
478 val.bv_len = strlen( val.bv_val );
479 if ( !access_allowed( be, conn, op, e,
480 desc, &val, ACL_WRITE ) ) {
481 Debug( LDAP_DEBUG_TRACE,
482 "bdb_modrdn: access to attr \"%s\" "
483 "(new) not allowed\n",
484 new_rdn_types[ a_cnt ], 0, 0 );
485 rc = LDAP_INSUFFICIENT_ACCESS;
489 /* Apply modification */
490 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
491 mod_tmp->sml_desc = desc;
492 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
493 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( new_rdn_vals[ a_cnt ] );
494 mod_tmp->sml_bvalues[ 1 ] = NULL;
495 mod_tmp->sml_op = SLAP_MOD_SOFTADD;
496 mod_tmp->sml_next = mod;
500 /* Remove old rdn value if required */
501 if ( deleteoldrdn ) {
502 /* Get value of old rdn */
503 if ( old_rdn_vals == NULL) {
504 Debug( LDAP_DEBUG_TRACE,
505 "bdb_modrdn: can't figure out old RDN value(s) "
506 "from old RDN\n", 0, 0, 0 );
508 text = "could not parse value(s) from old RDN";
512 for ( d_cnt = 0; old_rdn_types[ d_cnt ]; d_cnt++ ) {
514 AttributeDescription *desc = NULL;
515 Modifications *mod_tmp;
518 rc = slap_str2ad( old_rdn_types[ d_cnt ],
521 if ( rc != LDAP_SUCCESS ) {
522 Debug( LDAP_DEBUG_TRACE,
523 "bdb_modrdn: %s: %s (old)\n",
524 text, old_rdn_types[ d_cnt ], 0 );
528 /* ACL check of newly added attrs */
529 val.bv_val = new_rdn_vals[ d_cnt ];
530 val.bv_len = strlen( val.bv_val );
531 if ( !access_allowed( be, conn, op, e,
532 desc, &val, ACL_WRITE ) ) {
533 Debug( LDAP_DEBUG_TRACE,
534 "bdb_modrdn: access to attr \"%s\" "
535 "(old) not allowed\n",
536 old_rdn_types[ d_cnt ], 0, 0 );
537 rc = LDAP_INSUFFICIENT_ACCESS;
541 /* Apply modification */
542 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
543 mod_tmp->sml_desc = desc;
544 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
545 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( old_rdn_vals[ d_cnt ] );
546 mod_tmp->sml_bvalues[ 1 ] = NULL;
547 mod_tmp->sml_op = LDAP_MOD_DELETE;
548 mod_tmp->sml_next = mod;
554 rc = bdb_dn2id_delete( be, ltid, p_ndn, e );
557 case DB_LOCK_DEADLOCK:
558 case DB_LOCK_NOTGRANTED:
562 text = "DN index delete fail";
566 /* Binary format uses a single contiguous block, cannot
567 * free individual fields. Leave new_dn/new_ndn set so
568 * they can be individually freed later.
574 rc = bdb_dn2id_add( be, ltid, np_ndn, e );
577 case DB_LOCK_DEADLOCK:
578 case DB_LOCK_NOTGRANTED:
582 text = "DN index add failed";
587 rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e,
588 &text, textbuf, textlen );
590 if( rc != LDAP_SUCCESS ) {
592 case DB_LOCK_DEADLOCK:
593 case DB_LOCK_NOTGRANTED:
600 rc = bdb_id2entry_update( be, ltid, e );
603 case DB_LOCK_DEADLOCK:
604 case DB_LOCK_NOTGRANTED:
608 text = "entry update failed";
613 rc = txn_commit( ltid, 0 );
616 op->o_private = NULL;
619 Debug( LDAP_DEBUG_TRACE,
620 "bdb_modrdn: txn_commit failed: %s (%d)\n",
621 db_strerror(rc), rc, 0 );
623 text = "commit failed";
625 Debug( LDAP_DEBUG_TRACE,
626 "bdb_modrdn: added id=%08lx dn=\"%s\"\n",
627 e->e_id, e->e_dn, 0 );
633 send_ldap_result( conn, op, rc,
634 NULL, text, NULL, NULL );
636 if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
637 ldap_pvt_thread_yield();
638 TXN_CHECKPOINT( bdb->bi_dbenv,
639 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
643 if( new_dn != NULL ) free( new_dn );
644 if( new_ndn != NULL ) free( new_ndn );
646 if( np_ndn == p_ndn ) np_ndn = NULL;
648 /* LDAP v2 supporting correct attribute handling. */
649 if( new_rdn_types != NULL ) charray_free(new_rdn_types);
650 if( new_rdn_vals != NULL ) charray_free(new_rdn_vals);
651 if( old_rdn != NULL ) free(old_rdn);
652 if( old_rdn_types != NULL ) charray_free(old_rdn_types);
653 if( old_rdn_vals != NULL ) charray_free(old_rdn_vals);
654 if( mod != NULL ) slap_mods_free(mod);
656 /* LDAP v3 Support */
657 if ( np_dn != NULL ) free( np_dn );
658 if ( np_ndn != NULL ) free( np_ndn );
661 /* free new parent and writer lock */
662 bdb_entry_return( be, np );
666 /* free parent and writer lock */
667 bdb_entry_return( be, p );
672 bdb_entry_return( be, e );
677 op->o_private = NULL;