1 /* modrdn.c - bdb backend modrdn routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
23 struct berval *newrdn,
24 struct berval *nnewrdn,
26 struct berval *newSuperior,
27 struct berval *nnewSuperior
30 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
31 AttributeDescription *children = slap_schema.si_ad_children;
32 char *p_dn = NULL, *p_ndn = NULL;
33 char *new_dn = NULL, *new_ndn = NULL;
39 char textbuf[SLAP_TEXT_BUFLEN];
40 size_t textlen = sizeof textbuf;
42 struct bdb_op_info opinfo;
45 char **new_rdn_vals = NULL; /* Vals of new rdn */
46 char **new_rdn_types = NULL; /* Types of new rdn */
48 char *old_rdn = NULL; /* Old rdn's attr type & val */
49 char **old_rdn_types = NULL; /* Types of old rdn attr. */
50 char **old_rdn_vals = NULL; /* Old rdn attribute values */
52 Entry *np = NULL; /* newSuperior Entry */
53 char *np_dn = NULL; /* newSuperior dn */
54 char *np_ndn = NULL; /* newSuperior ndn */
55 char *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */
57 /* Used to interface with bdb_modify_internal() */
58 Modifications *mod = NULL; /* Used to delete old rdn */
60 int manageDSAit = get_manageDSAit( op );
62 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n",
63 dn->bv_val, newrdn->bv_val,
64 newSuperior ? newSuperior->bv_val : "NULL" );
67 if( newSuperior != NULL ) {
68 rc = LDAP_UNWILLING_TO_PERFORM;
69 text = "newSuperior not implemented (yet)";
75 retry: /* transaction retry */
76 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn: retrying...\n", 0, 0, 0 );
77 rc = txn_abort( ltid );
82 text = "internal error";
88 /* begin transaction */
89 rc = txn_begin( bdb->bi_dbenv, NULL, <id,
93 Debug( LDAP_DEBUG_TRACE,
94 "bdb_delete: txn_begin failed: %s (%d)\n",
95 db_strerror(rc), rc, 0 );
97 text = "internal error";
103 opinfo.boi_txn = ltid;
105 op->o_private = &opinfo;
108 rc = bdb_dn2entry( be, ltid, ndn->bv_val, &e, &matched, 0 );
114 case DB_LOCK_DEADLOCK:
115 case DB_LOCK_NOTGRANTED:
119 text = "internal error";
124 char* matched_dn = NULL;
125 struct berval** refs;
127 if( matched != NULL ) {
128 matched_dn = strdup( matched->e_dn );
129 refs = is_entry_referral( matched )
130 ? get_entry_referrals( be, conn, op, matched,
131 dn->bv_val, LDAP_SCOPE_DEFAULT )
133 bdb_entry_return( be, matched );
137 refs = referral_rewrite( default_referral,
138 NULL, dn->bv_val, LDAP_SCOPE_DEFAULT );
141 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
142 matched_dn, NULL, refs, NULL );
144 ber_bvecfree( refs );
150 if (!manageDSAit && is_entry_referral( e ) ) {
151 /* parent is a referral, don't allow add */
152 /* parent is an alias, don't allow add */
153 struct berval **refs = get_entry_referrals( be,
154 conn, op, e, dn->bv_val, LDAP_SCOPE_DEFAULT );
156 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry %s is referral\n",
159 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
160 e->e_dn, NULL, refs, NULL );
162 ber_bvecfree( refs );
166 p_ndn = dn_parent( be, e->e_ndn );
168 if ( p_ndn != NULL && p_ndn[ 0 ] != '\0' ) {
169 /* Make sure parent entry exist and we can write its
173 rc = bdb_dn2entry( be, ltid, p_ndn, &p, NULL, 0 );
179 case DB_LOCK_DEADLOCK:
180 case DB_LOCK_NOTGRANTED:
184 text = "internal error";
189 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n",
195 /* check parent for "children" acl */
196 if ( ! access_allowed( be, conn, op, p,
197 children, NULL, ACL_WRITE ) )
199 Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
201 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
202 NULL, NULL, NULL, NULL );
206 Debug( LDAP_DEBUG_TRACE,
207 "bdb_modrdn: wr to children of entry %s OK\n",
210 p_dn = dn_parent( be, e->e_dn );
212 Debug( LDAP_DEBUG_TRACE,
213 "bdb_modrdn: parent dn=%s\n",
217 /* no parent, modrdn entry directly under root */
218 isroot = be_isroot( be, &op->o_ndn );
220 if ( be_issuffix( be, "" ) || be_isupdate( be, &op->o_ndn ) ) {
222 p = (Entry *)&slap_entry_root;
224 /* check parent for "children" acl */
225 rc = access_allowed( be, conn, op, p,
226 children, NULL, ACL_WRITE );
232 Debug( LDAP_DEBUG_TRACE,
233 "no access to parent\n",
235 send_ldap_result( conn, op,
236 LDAP_INSUFFICIENT_ACCESS,
237 NULL, NULL, NULL, NULL );
241 Debug( LDAP_DEBUG_TRACE,
242 "bdb_modrdn: wr to children of entry \"\" OK\n",
247 Debug( LDAP_DEBUG_TRACE,
248 "bdb_modrdn: parent dn=\"\"\n",
252 Debug( LDAP_DEBUG_TRACE,
253 "bdb_modrdn: no parent, not root "
254 "& \"\" is not suffix\n",
256 rc = LDAP_INSUFFICIENT_ACCESS;
262 new_parent_dn = p_dn; /* New Parent unless newSuperior given */
264 if ( newSuperior != NULL ) {
265 Debug( LDAP_DEBUG_TRACE,
266 "bdb_modrdn: new parent \"%s\" requested...\n",
267 newSuperior->bv_val, 0, 0 );
269 if ( newSuperior->bv_len ) {
270 np_dn = ch_strdup( newSuperior->bv_val );
271 np_ndn = ch_strdup( np_dn );
272 (void) dn_normalize( np_ndn );
274 /* newSuperior == oldParent?, if so ==> ERROR */
275 /* newSuperior == entry being moved?, if so ==> ERROR */
276 /* Get Entry with dn=newSuperior. Does newSuperior exist? */
278 rc = bdb_dn2entry( be, ltid, np_ndn, &np, NULL, 0 );
284 case DB_LOCK_DEADLOCK:
285 case DB_LOCK_NOTGRANTED:
289 text = "internal error";
294 Debug( LDAP_DEBUG_TRACE,
295 "bdb_modrdn: newSup(ndn=%s) not here!\n",
301 Debug( LDAP_DEBUG_TRACE,
302 "bdb_modrdn: wr to new parent OK np=%p, id=%ld\n",
303 np, (long) np->e_id, 0 );
305 /* check newSuperior for "children" acl */
306 if ( !access_allowed( be, conn, op, np, children, NULL, ACL_WRITE ) ) {
307 Debug( LDAP_DEBUG_TRACE,
308 "bdb_modrdn: no wr to newSup children\n",
310 rc = LDAP_INSUFFICIENT_ACCESS;
314 if ( is_entry_alias( np ) ) {
315 /* parent is an alias, don't allow add */
316 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n",
319 rc = LDAP_ALIAS_PROBLEM;
323 if ( is_entry_referral( np ) ) {
324 /* parent is a referral, don't allow add */
325 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
328 rc = LDAP_OPERATIONS_ERROR;
333 if ( isroot == -1 ) {
334 isroot = be_isroot( be, &op->o_ndn );
337 np_dn = ch_strdup( "" );
339 /* no parent, modrdn entry directly under root */
341 if ( be_issuffix( be, "" ) || be_isupdate( be, &op->o_ndn ) ) {
342 np = (Entry *)&slap_entry_root;
344 /* check parent for "children" acl */
345 rc = access_allowed( be, conn, op, np,
346 children, NULL, ACL_WRITE );
352 Debug( LDAP_DEBUG_TRACE,
353 "no access to new superior\n",
355 send_ldap_result( conn, op,
356 LDAP_INSUFFICIENT_ACCESS,
357 NULL, NULL, NULL, NULL );
361 Debug( LDAP_DEBUG_TRACE,
362 "bdb_modrdn: wr to children of entry \"\" OK\n",
366 Debug( LDAP_DEBUG_TRACE,
367 "bdb_modrdn: new superior=\"\", not root "
368 "& \"\" is not suffix\n",
370 rc = LDAP_INSUFFICIENT_ACCESS;
375 Debug( LDAP_DEBUG_TRACE,
376 "bdb_modrdn: new superior=\"\"\n",
380 Debug( LDAP_DEBUG_TRACE,
381 "bdb_modrdn: wr to new parent's children OK\n",
384 new_parent_dn = np_dn;
387 /* Build target dn and make sure target entry doesn't exist already. */
388 build_new_dn( &new_dn, e->e_dn, new_parent_dn, newrdn->bv_val );
390 new_ndn = ch_strdup( new_dn );
391 (void) dn_normalize( new_ndn );
393 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: new ndn=%s\n",
396 rc = bdb_dn2id ( be, ltid, new_ndn, &id );
398 case DB_LOCK_DEADLOCK:
399 case DB_LOCK_NOTGRANTED:
404 rc = LDAP_ALREADY_EXISTS;
408 text = "internal error";
412 Debug( LDAP_DEBUG_TRACE,
413 "bdb_modrdn: new ndn=%s does not exist\n",
416 /* Get attribute type and attribute value of our new rdn, we will
417 * need to add that to our new entry
420 if ( rdn_attrs( newrdn->bv_val, &new_rdn_types, &new_rdn_vals ) ) {
421 Debug( LDAP_DEBUG_TRACE,
422 "bdb_modrdn: can't figure out type(s)/values(s) "
423 "of newrdn\n", 0, 0, 0 );
424 rc = LDAP_OPERATIONS_ERROR;
425 text = "unknown type(s) used in RDN";
429 Debug( LDAP_DEBUG_TRACE,
430 "bdb_modrdn: new_rdn_val=\"%s\", new_rdn_type=\"%s\"\n",
431 new_rdn_vals[0], new_rdn_types[0], 0 );
433 /* Retrieve the old rdn from the entry's dn */
434 if ( ( old_rdn = dn_rdn( be, dn->bv_val ) ) == NULL ) {
435 Debug( LDAP_DEBUG_TRACE,
436 "bdb_modrdn: can't figure out old_rdn from dn\n",
439 text = "could not parse old DN";
443 if ( rdn_attrs( old_rdn, &old_rdn_types, &old_rdn_vals ) ) {
444 Debug( LDAP_DEBUG_TRACE,
445 "bdb_back_modrdn: can't figure out the old_rdn "
446 "type(s)/value(s)\n", 0, 0, 0 );
448 text = "cannot parse RDN from old DN";
452 if ( newSuperior == NULL
453 && charray_strcasecmp( ( const char ** )old_rdn_types,
454 ( const char ** )new_rdn_types ) != 0 ) {
455 /* Not a big deal but we may say something */
456 Debug( LDAP_DEBUG_TRACE,
457 "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s "
459 old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 );
462 /* Add new attribute values to the entry */
463 for ( a_cnt = 0; new_rdn_types[ a_cnt ]; a_cnt++ ) {
465 AttributeDescription *desc = NULL;
466 Modifications *mod_tmp;
469 rc = slap_str2ad( new_rdn_types[ a_cnt ], &desc, &text );
471 if ( rc != LDAP_SUCCESS ) {
472 Debug( LDAP_DEBUG_TRACE,
473 "bdb_modrdn: %s: %s (new)\n",
474 text, new_rdn_types[ a_cnt ], 0 );
478 /* ACL check of newly added attrs */
479 val.bv_val = new_rdn_vals[ a_cnt ];
480 val.bv_len = strlen( val.bv_val );
481 if ( !access_allowed( be, conn, op, e,
482 desc, &val, ACL_WRITE ) ) {
483 Debug( LDAP_DEBUG_TRACE,
484 "bdb_modrdn: access to attr \"%s\" "
485 "(new) not allowed\n",
486 new_rdn_types[ a_cnt ], 0, 0 );
487 rc = LDAP_INSUFFICIENT_ACCESS;
491 /* Apply modification */
492 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
493 mod_tmp->sml_desc = desc;
494 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
495 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( new_rdn_vals[ a_cnt ] );
496 mod_tmp->sml_bvalues[ 1 ] = NULL;
497 mod_tmp->sml_op = SLAP_MOD_SOFTADD;
498 mod_tmp->sml_next = mod;
502 /* Remove old rdn value if required */
503 if ( deleteoldrdn ) {
504 /* Get value of old rdn */
505 if ( old_rdn_vals == NULL) {
506 Debug( LDAP_DEBUG_TRACE,
507 "bdb_modrdn: can't figure out old RDN value(s) "
508 "from old RDN\n", 0, 0, 0 );
510 text = "could not parse value(s) from old RDN";
514 for ( d_cnt = 0; old_rdn_types[ d_cnt ]; d_cnt++ ) {
516 AttributeDescription *desc = NULL;
517 Modifications *mod_tmp;
520 rc = slap_str2ad( old_rdn_types[ d_cnt ],
523 if ( rc != LDAP_SUCCESS ) {
524 Debug( LDAP_DEBUG_TRACE,
525 "bdb_modrdn: %s: %s (old)\n",
526 text, old_rdn_types[ d_cnt ], 0 );
530 /* ACL check of newly added attrs */
531 val.bv_val = new_rdn_vals[ d_cnt ];
532 val.bv_len = strlen( val.bv_val );
533 if ( !access_allowed( be, conn, op, e,
534 desc, &val, ACL_WRITE ) ) {
535 Debug( LDAP_DEBUG_TRACE,
536 "bdb_modrdn: access to attr \"%s\" "
537 "(old) not allowed\n",
538 old_rdn_types[ d_cnt ], 0, 0 );
539 rc = LDAP_INSUFFICIENT_ACCESS;
543 /* Apply modification */
544 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
545 mod_tmp->sml_desc = desc;
546 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
547 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( old_rdn_vals[ d_cnt ] );
548 mod_tmp->sml_bvalues[ 1 ] = NULL;
549 mod_tmp->sml_op = LDAP_MOD_DELETE;
550 mod_tmp->sml_next = mod;
556 rc = bdb_dn2id_delete( be, ltid, p_ndn, e );
559 case DB_LOCK_DEADLOCK:
560 case DB_LOCK_NOTGRANTED:
564 text = "DN index delete fail";
568 /* Binary format uses a single contiguous block, cannot
569 * free individual fields. Leave new_dn/new_ndn set so
570 * they can be individually freed later.
573 e->e_name.bv_len = strlen( new_dn );
575 e->e_nname.bv_len = strlen( new_ndn );
578 rc = bdb_dn2id_add( be, ltid, np_ndn, e );
581 case DB_LOCK_DEADLOCK:
582 case DB_LOCK_NOTGRANTED:
586 text = "DN index add failed";
591 rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e,
592 &text, textbuf, textlen );
594 if( rc != LDAP_SUCCESS ) {
596 case DB_LOCK_DEADLOCK:
597 case DB_LOCK_NOTGRANTED:
604 rc = bdb_id2entry_update( be, ltid, e );
607 case DB_LOCK_DEADLOCK:
608 case DB_LOCK_NOTGRANTED:
612 text = "entry update failed";
617 rc = txn_commit( ltid, 0 );
620 op->o_private = NULL;
623 Debug( LDAP_DEBUG_TRACE,
624 "bdb_modrdn: txn_commit failed: %s (%d)\n",
625 db_strerror(rc), rc, 0 );
627 text = "commit failed";
629 Debug( LDAP_DEBUG_TRACE,
630 "bdb_modrdn: added id=%08lx dn=\"%s\"\n",
631 e->e_id, e->e_dn, 0 );
637 send_ldap_result( conn, op, rc,
638 NULL, text, NULL, NULL );
640 if( rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
641 ldap_pvt_thread_yield();
642 TXN_CHECKPOINT( bdb->bi_dbenv,
643 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
647 if( new_dn != NULL ) free( new_dn );
648 if( new_ndn != NULL ) free( new_ndn );
650 if( np_ndn == p_ndn ) np_ndn = NULL;
652 /* LDAP v2 supporting correct attribute handling. */
653 if( new_rdn_types != NULL ) charray_free(new_rdn_types);
654 if( new_rdn_vals != NULL ) charray_free(new_rdn_vals);
655 if( old_rdn != NULL ) free(old_rdn);
656 if( old_rdn_types != NULL ) charray_free(old_rdn_types);
657 if( old_rdn_vals != NULL ) charray_free(old_rdn_vals);
658 if( mod != NULL ) slap_mods_free(mod);
660 /* LDAP v3 Support */
661 if ( np_dn != NULL ) free( np_dn );
662 if ( np_ndn != NULL ) free( np_ndn );
665 /* free new parent and writer lock */
666 bdb_entry_return( be, np );
670 /* free parent and writer lock */
671 bdb_entry_return( be, p );
676 bdb_entry_return( be, e );
681 op->o_private = NULL;