1 /* modrdn.c - bdb backend modrdn routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
25 const char *newSuperior
28 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
29 AttributeDescription *children = slap_schema.si_ad_children;
30 char *p_dn = NULL, *p_ndn = NULL;
31 char *new_dn = NULL, *new_ndn = NULL;
36 char textbuf[SLAP_TEXT_BUFLEN];
37 size_t textlen = sizeof textbuf;
39 struct bdb_op_info opinfo;
42 char **new_rdn_vals = NULL; /* Vals of new rdn */
43 char **new_rdn_types = NULL; /* Types of new rdn */
45 char *old_rdn = NULL; /* Old rdn's attr type & val */
46 char **old_rdn_types = NULL; /* Types of old rdn attr. */
47 char **old_rdn_vals = NULL; /* Old rdn attribute values */
49 Entry *np = NULL; /* newSuperior Entry */
50 char *np_dn = NULL; /* newSuperior dn */
51 char *np_ndn = NULL; /* newSuperior ndn */
52 char *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */
54 /* Used to interface with bdb_modify_internal() */
55 Modifications *mod = NULL; /* Used to delete old rdn */
57 int manageDSAit = get_manageDSAit( op );
59 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n",
60 dn, newrdn, (newSuperior ? newSuperior : "NULL") );
62 if( newSuperior != NULL ) {
63 rc = LDAP_UNWILLING_TO_PERFORM;
64 text = "newSuperior not implemented (yet)";
69 retry: /* transaction retry */
70 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn: retrying...\n", 0, 0, 0 );
71 rc = txn_abort( ltid );
76 text = "internal error";
82 /* begin transaction */
83 rc = txn_begin( bdb->bi_dbenv, NULL, <id, 0 );
86 Debug( LDAP_DEBUG_TRACE,
87 "bdb_delete: txn_begin failed: %s (%d)\n",
88 db_strerror(rc), rc, 0 );
90 text = "internal error";
95 opinfo.boi_txn = ltid;
97 op->o_private = &opinfo;
100 rc = bdb_dn2entry( be, ltid, ndn, &e, &matched, 0 );
106 case DB_LOCK_DEADLOCK:
107 case DB_LOCK_NOTGRANTED:
111 text = "internal error";
116 char* matched_dn = NULL;
117 struct berval** refs = NULL;
119 if( matched != NULL ) {
120 matched_dn = strdup( matched->e_dn );
121 refs = is_entry_referral( matched )
122 ? get_entry_referrals( be, conn, op, matched )
124 bdb_entry_return( be, matched );
128 refs = default_referral;
131 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
132 matched_dn, NULL, refs, NULL );
134 if ( matched != NULL ) {
135 ber_bvecfree( refs );
142 if (!manageDSAit && is_entry_referral( e ) ) {
143 /* parent is a referral, don't allow add */
144 /* parent is an alias, don't allow add */
145 struct berval **refs = get_entry_referrals( be,
148 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
151 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
152 e->e_dn, NULL, refs, NULL );
154 ber_bvecfree( refs );
158 p_ndn = dn_parent( be, e->e_ndn );
159 if ( p_ndn != NULL && p_ndn[ 0 ] != '\0' ) {
160 /* Make sure parent entry exist and we can write its
164 rc = bdb_dn2entry( be, ltid, p_ndn, &p, NULL, 0 );
170 case DB_LOCK_DEADLOCK:
171 case DB_LOCK_NOTGRANTED:
175 text = "internal error";
180 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n",
186 /* check parent for "children" acl */
187 if ( ! access_allowed( be, conn, op, p,
188 children, NULL, ACL_WRITE ) )
190 Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
192 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
193 NULL, NULL, NULL, NULL );
197 Debug( LDAP_DEBUG_TRACE,
198 "bdb_modrdn: wr to children of entry %s OK\n",
201 p_dn = dn_parent( be, e->e_dn );
203 Debug( LDAP_DEBUG_TRACE,
204 "bdb_modrdn: parent dn=%s\n",
208 /* no parent, modrdn entry directly under root */
209 if( ! be_isroot( be, op->o_ndn ) && !be_issuffix( be, "" ) ) {
210 Debug( LDAP_DEBUG_TRACE,
211 "bdb_modrdn: no parent, not root "
212 "& \"\" is not suffix\n",
214 rc = LDAP_INSUFFICIENT_ACCESS;
218 Debug( LDAP_DEBUG_TRACE,
219 "bdb_modrdn: no parent, locked root\n",
223 new_parent_dn = p_dn; /* New Parent unless newSuperior given */
225 if ( newSuperior != NULL ) {
226 Debug( LDAP_DEBUG_TRACE,
227 "bdb_modrdn: new parent \"%s\" requested...\n",
230 np_dn = ch_strdup( newSuperior );
231 np_ndn = ch_strdup( np_dn );
232 (void) dn_normalize( np_ndn );
234 /* newSuperior == oldParent?, if so ==> ERROR */
235 /* newSuperior == entry being moved?, if so ==> ERROR */
236 /* Get Entry with dn=newSuperior. Does newSuperior exist? */
238 rc = bdb_dn2entry( be, ltid, np_ndn, &np, NULL, 0 );
244 case DB_LOCK_DEADLOCK:
245 case DB_LOCK_NOTGRANTED:
249 text = "internal error";
254 Debug( LDAP_DEBUG_TRACE,
255 "bdb_modrdn: newSup(ndn=%s) not here!\n",
261 Debug( LDAP_DEBUG_TRACE,
262 "bdb_modrdn: wr to new parent OK np=%p, id=%ld\n",
263 np, (long) np->e_id, 0 );
265 /* check newSuperior for "children" acl */
266 if ( !access_allowed( be, conn, op, np, children, NULL, ACL_WRITE ) ) {
267 Debug( LDAP_DEBUG_TRACE,
268 "bdb_modrdn: no wr to newSup children\n",
270 rc = LDAP_INSUFFICIENT_ACCESS;
274 if ( is_entry_alias( np ) ) {
275 /* entry is an alias, don't allow bind */
276 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n",
279 rc = LDAP_ALIAS_PROBLEM;
283 if ( is_entry_referral( np ) ) {
284 /* parent is a referral, don't allow add */
285 /* parent is an alias, don't allow add */
286 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
289 rc = LDAP_OPERATIONS_ERROR;
293 Debug( LDAP_DEBUG_TRACE,
294 "bdb_modrdn: wr to new parent's children OK\n",
297 new_parent_dn = np_dn;
300 /* Build target dn and make sure target entry doesn't exist already. */
301 build_new_dn( &new_dn, e->e_dn, new_parent_dn, newrdn );
303 new_ndn = ch_strdup(new_dn);
304 (void) dn_normalize( new_ndn );
306 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: new ndn=%s\n",
309 rc = bdb_dn2id ( be, ltid, new_ndn, &id );
311 case DB_LOCK_DEADLOCK:
312 case DB_LOCK_NOTGRANTED:
317 rc = LDAP_ALREADY_EXISTS;
321 text = "internal error";
325 Debug( LDAP_DEBUG_TRACE,
326 "bdb_modrdn: new ndn=%s does not exist\n",
329 /* Get attribute type and attribute value of our new rdn, we will
330 * need to add that to our new entry
333 if ( rdn_attrs( newrdn, &new_rdn_types, &new_rdn_vals ) ) {
334 Debug( LDAP_DEBUG_TRACE,
335 "bdb_modrdn: can't figure out type(s)/values(s) "
336 "of newrdn\n", 0, 0, 0 );
337 rc = LDAP_OPERATIONS_ERROR;
338 text = "unknown type(s) used in RDN";
342 Debug( LDAP_DEBUG_TRACE,
343 "bdb_modrdn: new_rdn_val=\"%s\", new_rdn_type=\"%s\"\n",
344 new_rdn_vals[ 0 ], new_rdn_types[ 0 ], 0 );
346 /* Retrieve the old rdn from the entry's dn */
347 if ( ( old_rdn = dn_rdn( be, dn ) ) == NULL ) {
348 Debug( LDAP_DEBUG_TRACE,
349 "bdb_modrdn: can't figure out old_rdn from dn\n",
352 text = "could not parse old DN";
356 if ( rdn_attrs( old_rdn, &old_rdn_types, &old_rdn_vals ) ) {
357 Debug( LDAP_DEBUG_TRACE,
358 "bdb_back_modrdn: can't figure out the old_rdn "
359 "type(s)/value(s)\n", 0, 0, 0 );
361 text = "cannot parse RDN from old DN";
365 if ( newSuperior == NULL
366 && charray_strcasecmp( ( const char ** )old_rdn_types,
367 ( const char ** )new_rdn_types ) != 0 ) {
368 /* Not a big deal but we may say something */
369 Debug( LDAP_DEBUG_TRACE,
370 "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s "
372 old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 );
375 /* Add new attribute values to the entry */
376 for ( a_cnt = 0; new_rdn_types[ a_cnt ]; a_cnt++ ) {
378 AttributeDescription *desc = NULL;
379 Modifications *mod_tmp;
382 rc = slap_str2ad( new_rdn_types[ a_cnt ], &desc, &text );
384 if ( rc != LDAP_SUCCESS ) {
385 Debug( LDAP_DEBUG_TRACE,
386 "bdb_modrdn: %s: %s (new)\n",
387 text, new_rdn_types[ a_cnt ], 0 );
391 /* ACL check of newly added attrs */
392 val.bv_val = new_rdn_vals[ a_cnt ];
393 val.bv_len = strlen( val.bv_val );
394 if ( !access_allowed( be, conn, op, p,
395 desc, &val, ACL_WRITE ) ) {
396 Debug( LDAP_DEBUG_TRACE,
397 "bdb_modrdn: access to attr \"%s\" "
398 "(new) not allowed\n",
399 new_rdn_types[ a_cnt ], 0, 0 );
400 rc = LDAP_INSUFFICIENT_ACCESS;
404 /* Apply modification */
405 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
406 mod_tmp->sml_desc = desc;
407 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
408 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( new_rdn_vals[ a_cnt ] );
409 mod_tmp->sml_bvalues[ 1 ] = NULL;
410 mod_tmp->sml_op = SLAP_MOD_SOFTADD;
411 mod_tmp->sml_next = mod;
415 /* Remove old rdn value if required */
416 if ( deleteoldrdn ) {
417 /* Get value of old rdn */
418 if ( old_rdn_vals == NULL) {
419 Debug( LDAP_DEBUG_TRACE,
420 "bdb_modrdn: can't figure out old RDN value(s) "
421 "from old RDN\n", 0, 0, 0 );
423 text = "could not parse value(s) from old RDN";
427 for ( d_cnt = 0; old_rdn_types[ d_cnt ]; d_cnt++ ) {
429 AttributeDescription *desc = NULL;
430 Modifications *mod_tmp;
433 rc = slap_str2ad( old_rdn_types[ d_cnt ],
436 if ( rc != LDAP_SUCCESS ) {
437 Debug( LDAP_DEBUG_TRACE,
438 "bdb_modrdn: %s: %s (old)\n",
439 text, old_rdn_types[ d_cnt ], 0 );
443 /* ACL check of newly added attrs */
444 val.bv_val = new_rdn_vals[ d_cnt ];
445 val.bv_len = strlen( val.bv_val );
446 if ( !access_allowed( be, conn, op, p,
447 desc, &val, ACL_WRITE ) ) {
448 Debug( LDAP_DEBUG_TRACE,
449 "bdb_modrdn: access to attr \"%s\" "
450 "(old) not allowed\n",
451 old_rdn_types[ d_cnt ], 0, 0 );
452 rc = LDAP_INSUFFICIENT_ACCESS;
456 /* Apply modification */
457 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
458 mod_tmp->sml_desc = desc;
459 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
460 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( old_rdn_vals[ d_cnt ] );
461 mod_tmp->sml_bvalues[ 1 ] = NULL;
462 mod_tmp->sml_op = LDAP_MOD_DELETE;
463 mod_tmp->sml_next = mod;
469 rc = bdb_dn2id_delete( be, ltid, e->e_ndn, e->e_id );
472 case DB_LOCK_DEADLOCK:
473 case DB_LOCK_NOTGRANTED:
477 text = "DN index delete fail";
481 /* Binary format uses a single contiguous block, cannot
482 * free individual fields. Leave new_dn/new_ndn set so
483 * they can be individually freed later.
489 rc = bdb_dn2id_add( be, ltid, e->e_ndn, e->e_id );
492 case DB_LOCK_DEADLOCK:
493 case DB_LOCK_NOTGRANTED:
497 text = "DN index add failed";
502 rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e,
503 &text, textbuf, textlen );
505 if( rc != LDAP_SUCCESS ) {
507 case DB_LOCK_DEADLOCK:
508 case DB_LOCK_NOTGRANTED:
515 rc = bdb_id2entry_update( be, ltid, e );
518 case DB_LOCK_DEADLOCK:
519 case DB_LOCK_NOTGRANTED:
523 text = "entry update failed";
527 rc = txn_commit( ltid, 0 );
529 op->o_private = NULL;
532 Debug( LDAP_DEBUG_TRACE,
533 "bdb_modrdn: txn_commit failed: %s (%d)\n",
534 db_strerror(rc), rc, 0 );
536 text = "commit failed";
538 Debug( LDAP_DEBUG_TRACE,
539 "bdb_modrdn: added id=%08x dn=\"%s\"\n",
540 e->e_id, e->e_dn, 0 );
546 send_ldap_result( conn, op, rc,
547 NULL, text, NULL, NULL );
549 if(rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
550 ldap_pvt_thread_yield();
551 txn_checkpoint( bdb->bi_dbenv,
552 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
556 if( new_dn != NULL ) free( new_dn );
557 if( new_ndn != NULL ) free( new_ndn );
559 if( p_dn != NULL ) free( p_dn );
560 if( p_ndn != NULL ) free( p_ndn );
562 /* LDAP v2 supporting correct attribute handling. */
563 if( new_rdn_types != NULL ) charray_free(new_rdn_types);
564 if( new_rdn_vals != NULL ) charray_free(new_rdn_vals);
565 if( old_rdn != NULL ) free(old_rdn);
566 if( old_rdn_types != NULL ) charray_free(old_rdn_types);
567 if( old_rdn_vals != NULL ) charray_free(old_rdn_vals);
568 if( mod != NULL ) slap_mods_free(mod);
570 /* LDAP v3 Support */
571 if ( np_dn != NULL ) free( np_dn );
572 if ( np_ndn != NULL ) free( np_ndn );
575 /* free new parent and writer lock */
576 bdb_entry_return( be, np );
580 /* free parent and writer lock */
581 bdb_entry_return( be, p );
586 bdb_entry_return( be, e );
591 op->o_private = NULL;
projects / openldap / blob