1 /* modrdn.c - bdb backend modrdn routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/string.h>
25 const char *newSuperior
28 struct bdb_info *bdb = (struct bdb_info *) be->be_private;
29 AttributeDescription *children = slap_schema.si_ad_children;
30 char *p_dn = NULL, *p_ndn = NULL;
31 char *new_dn = NULL, *new_ndn = NULL;
33 const static Entry roote = { NOID, "", "", NULL, NULL };
38 char textbuf[SLAP_TEXT_BUFLEN];
39 size_t textlen = sizeof textbuf;
41 struct bdb_op_info opinfo;
44 char **new_rdn_vals = NULL; /* Vals of new rdn */
45 char **new_rdn_types = NULL; /* Types of new rdn */
47 char *old_rdn = NULL; /* Old rdn's attr type & val */
48 char **old_rdn_types = NULL; /* Types of old rdn attr. */
49 char **old_rdn_vals = NULL; /* Old rdn attribute values */
51 Entry *np = NULL; /* newSuperior Entry */
52 char *np_dn = NULL; /* newSuperior dn */
53 char *np_ndn = NULL; /* newSuperior ndn */
54 char *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */
56 /* Used to interface with bdb_modify_internal() */
57 Modifications *mod = NULL; /* Used to delete old rdn */
59 int manageDSAit = get_manageDSAit( op );
61 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn(%s,%s,%s)\n",
62 dn, newrdn, (newSuperior ? newSuperior : "NULL") );
65 if( newSuperior != NULL ) {
66 rc = LDAP_UNWILLING_TO_PERFORM;
67 text = "newSuperior not implemented (yet)";
73 retry: /* transaction retry */
74 Debug( LDAP_DEBUG_TRACE, "==>bdb_modrdn: retrying...\n", 0, 0, 0 );
75 rc = txn_abort( ltid );
80 text = "internal error";
86 /* begin transaction */
87 rc = txn_begin( bdb->bi_dbenv, NULL, <id, 0 );
90 Debug( LDAP_DEBUG_TRACE,
91 "bdb_delete: txn_begin failed: %s (%d)\n",
92 db_strerror(rc), rc, 0 );
94 text = "internal error";
99 opinfo.boi_txn = ltid;
101 op->o_private = &opinfo;
104 rc = bdb_dn2entry( be, ltid, ndn, &e, &matched, 0 );
110 case DB_LOCK_DEADLOCK:
111 case DB_LOCK_NOTGRANTED:
115 text = "internal error";
120 char* matched_dn = NULL;
121 struct berval** refs;
123 if( matched != NULL ) {
124 matched_dn = strdup( matched->e_dn );
125 refs = is_entry_referral( matched )
126 ? get_entry_referrals( be, conn, op, matched,
127 dn, LDAP_SCOPE_DEFAULT )
129 bdb_entry_return( be, matched );
133 refs = referral_rewrite( default_referral,
134 NULL, dn, LDAP_SCOPE_DEFAULT );
137 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
138 matched_dn, NULL, refs, NULL );
140 ber_bvecfree( refs );
146 if (!manageDSAit && is_entry_referral( e ) ) {
147 /* parent is a referral, don't allow add */
148 /* parent is an alias, don't allow add */
149 struct berval **refs = get_entry_referrals( be,
150 conn, op, e, dn, LDAP_SCOPE_DEFAULT );
152 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry %s is referral\n",
155 send_ldap_result( conn, op, rc = LDAP_REFERRAL,
156 e->e_dn, NULL, refs, NULL );
158 ber_bvecfree( refs );
162 p_ndn = dn_parent( be, e->e_ndn );
163 if ( p_ndn != NULL && p_ndn[ 0 ] != '\0' ) {
164 /* Make sure parent entry exist and we can write its
168 rc = bdb_dn2entry( be, ltid, p_ndn, &p, NULL, 0 );
174 case DB_LOCK_DEADLOCK:
175 case DB_LOCK_NOTGRANTED:
179 text = "internal error";
184 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: parent does not exist\n",
190 /* check parent for "children" acl */
191 if ( ! access_allowed( be, conn, op, p,
192 children, NULL, ACL_WRITE ) )
194 Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
196 send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
197 NULL, NULL, NULL, NULL );
201 Debug( LDAP_DEBUG_TRACE,
202 "bdb_modrdn: wr to children of entry %s OK\n",
205 p_dn = dn_parent( be, e->e_dn );
207 Debug( LDAP_DEBUG_TRACE,
208 "bdb_modrdn: parent dn=%s\n",
212 /* no parent, modrdn entry directly under root */
213 isroot = be_isroot( be, op->o_ndn );
215 if ( be_issuffix( be, "" ) ) {
219 /* check parent for "children" acl */
220 rc = access_allowed( be, conn, op, p,
221 children, NULL, ACL_WRITE );
227 Debug( LDAP_DEBUG_TRACE,
228 "no access to parent\n",
230 send_ldap_result( conn, op,
231 LDAP_INSUFFICIENT_ACCESS,
232 NULL, NULL, NULL, NULL );
236 Debug( LDAP_DEBUG_TRACE,
237 "bdb_modrdn: wr to children of entry \"\" OK\n",
240 p_dn = ch_strdup( "" );
242 Debug( LDAP_DEBUG_TRACE,
243 "bdb_modrdn: parent dn=\"\"\n",
247 Debug( LDAP_DEBUG_TRACE,
248 "bdb_modrdn: no parent, not root "
249 "& \"\" is not suffix\n",
251 rc = LDAP_INSUFFICIENT_ACCESS;
257 new_parent_dn = p_dn; /* New Parent unless newSuperior given */
259 if ( newSuperior != NULL ) {
260 Debug( LDAP_DEBUG_TRACE,
261 "bdb_modrdn: new parent \"%s\" requested...\n",
264 if ( newSuperior[ 0 ] != '\0' ) {
265 np_dn = ch_strdup( newSuperior );
266 np_ndn = ch_strdup( np_dn );
267 (void) dn_normalize( np_ndn );
269 /* newSuperior == oldParent?, if so ==> ERROR */
270 /* newSuperior == entry being moved?, if so ==> ERROR */
271 /* Get Entry with dn=newSuperior. Does newSuperior exist? */
273 rc = bdb_dn2entry( be, ltid, np_ndn, &np, NULL, 0 );
279 case DB_LOCK_DEADLOCK:
280 case DB_LOCK_NOTGRANTED:
284 text = "internal error";
289 Debug( LDAP_DEBUG_TRACE,
290 "bdb_modrdn: newSup(ndn=%s) not here!\n",
296 Debug( LDAP_DEBUG_TRACE,
297 "bdb_modrdn: wr to new parent OK np=%p, id=%ld\n",
298 np, (long) np->e_id, 0 );
300 /* check newSuperior for "children" acl */
301 if ( !access_allowed( be, conn, op, np, children, NULL, ACL_WRITE ) ) {
302 Debug( LDAP_DEBUG_TRACE,
303 "bdb_modrdn: no wr to newSup children\n",
305 rc = LDAP_INSUFFICIENT_ACCESS;
309 if ( is_entry_alias( np ) ) {
310 /* parent is an alias, don't allow add */
311 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is alias\n",
314 rc = LDAP_ALIAS_PROBLEM;
318 if ( is_entry_referral( np ) ) {
319 /* parent is a referral, don't allow add */
320 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: entry is referral\n",
323 rc = LDAP_OPERATIONS_ERROR;
328 if ( isroot == -1 ) {
329 isroot = be_isroot( be, op->o_ndn );
332 np_dn = ch_strdup( "" );
334 /* no parent, modrdn entry directly under root */
336 if ( be_issuffix( be, "" ) ) {
338 np = (Entry *)&roote;
340 /* check parent for "children" acl */
341 rc = access_allowed( be, conn, op, np,
342 children, NULL, ACL_WRITE );
348 Debug( LDAP_DEBUG_TRACE,
349 "no access to new superior\n",
351 send_ldap_result( conn, op,
352 LDAP_INSUFFICIENT_ACCESS,
353 NULL, NULL, NULL, NULL );
357 Debug( LDAP_DEBUG_TRACE,
358 "bdb_modrdn: wr to children of entry \"\" OK\n",
362 Debug( LDAP_DEBUG_TRACE,
363 "bdb_modrdn: new superior=\"\", not root "
364 "& \"\" is not suffix\n",
366 rc = LDAP_INSUFFICIENT_ACCESS;
371 Debug( LDAP_DEBUG_TRACE,
372 "bdb_modrdn: new superior=\"\"\n",
376 Debug( LDAP_DEBUG_TRACE,
377 "bdb_modrdn: wr to new parent's children OK\n",
380 new_parent_dn = np_dn;
383 /* Build target dn and make sure target entry doesn't exist already. */
384 build_new_dn( &new_dn, e->e_dn, new_parent_dn, newrdn );
386 new_ndn = ch_strdup(new_dn);
387 (void) dn_normalize( new_ndn );
389 Debug( LDAP_DEBUG_TRACE, "bdb_modrdn: new ndn=%s\n",
392 rc = bdb_dn2id ( be, ltid, new_ndn, &id );
394 case DB_LOCK_DEADLOCK:
395 case DB_LOCK_NOTGRANTED:
400 rc = LDAP_ALREADY_EXISTS;
404 text = "internal error";
408 Debug( LDAP_DEBUG_TRACE,
409 "bdb_modrdn: new ndn=%s does not exist\n",
412 /* Get attribute type and attribute value of our new rdn, we will
413 * need to add that to our new entry
416 if ( rdn_attrs( newrdn, &new_rdn_types, &new_rdn_vals ) ) {
417 Debug( LDAP_DEBUG_TRACE,
418 "bdb_modrdn: can't figure out type(s)/values(s) "
419 "of newrdn\n", 0, 0, 0 );
420 rc = LDAP_OPERATIONS_ERROR;
421 text = "unknown type(s) used in RDN";
425 Debug( LDAP_DEBUG_TRACE,
426 "bdb_modrdn: new_rdn_val=\"%s\", new_rdn_type=\"%s\"\n",
427 new_rdn_vals[ 0 ], new_rdn_types[ 0 ], 0 );
429 /* Retrieve the old rdn from the entry's dn */
430 if ( ( old_rdn = dn_rdn( be, dn ) ) == NULL ) {
431 Debug( LDAP_DEBUG_TRACE,
432 "bdb_modrdn: can't figure out old_rdn from dn\n",
435 text = "could not parse old DN";
439 if ( rdn_attrs( old_rdn, &old_rdn_types, &old_rdn_vals ) ) {
440 Debug( LDAP_DEBUG_TRACE,
441 "bdb_back_modrdn: can't figure out the old_rdn "
442 "type(s)/value(s)\n", 0, 0, 0 );
444 text = "cannot parse RDN from old DN";
448 if ( newSuperior == NULL
449 && charray_strcasecmp( ( const char ** )old_rdn_types,
450 ( const char ** )new_rdn_types ) != 0 ) {
451 /* Not a big deal but we may say something */
452 Debug( LDAP_DEBUG_TRACE,
453 "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s "
455 old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 );
458 /* Add new attribute values to the entry */
459 for ( a_cnt = 0; new_rdn_types[ a_cnt ]; a_cnt++ ) {
461 AttributeDescription *desc = NULL;
462 Modifications *mod_tmp;
465 rc = slap_str2ad( new_rdn_types[ a_cnt ], &desc, &text );
467 if ( rc != LDAP_SUCCESS ) {
468 Debug( LDAP_DEBUG_TRACE,
469 "bdb_modrdn: %s: %s (new)\n",
470 text, new_rdn_types[ a_cnt ], 0 );
474 /* ACL check of newly added attrs */
475 val.bv_val = new_rdn_vals[ a_cnt ];
476 val.bv_len = strlen( val.bv_val );
477 if ( !access_allowed( be, conn, op, e,
478 desc, &val, ACL_WRITE ) ) {
479 Debug( LDAP_DEBUG_TRACE,
480 "bdb_modrdn: access to attr \"%s\" "
481 "(new) not allowed\n",
482 new_rdn_types[ a_cnt ], 0, 0 );
483 rc = LDAP_INSUFFICIENT_ACCESS;
487 /* Apply modification */
488 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
489 mod_tmp->sml_desc = desc;
490 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
491 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( new_rdn_vals[ a_cnt ] );
492 mod_tmp->sml_bvalues[ 1 ] = NULL;
493 mod_tmp->sml_op = SLAP_MOD_SOFTADD;
494 mod_tmp->sml_next = mod;
498 /* Remove old rdn value if required */
499 if ( deleteoldrdn ) {
500 /* Get value of old rdn */
501 if ( old_rdn_vals == NULL) {
502 Debug( LDAP_DEBUG_TRACE,
503 "bdb_modrdn: can't figure out old RDN value(s) "
504 "from old RDN\n", 0, 0, 0 );
506 text = "could not parse value(s) from old RDN";
510 for ( d_cnt = 0; old_rdn_types[ d_cnt ]; d_cnt++ ) {
512 AttributeDescription *desc = NULL;
513 Modifications *mod_tmp;
516 rc = slap_str2ad( old_rdn_types[ d_cnt ],
519 if ( rc != LDAP_SUCCESS ) {
520 Debug( LDAP_DEBUG_TRACE,
521 "bdb_modrdn: %s: %s (old)\n",
522 text, old_rdn_types[ d_cnt ], 0 );
526 /* ACL check of newly added attrs */
527 val.bv_val = new_rdn_vals[ d_cnt ];
528 val.bv_len = strlen( val.bv_val );
529 if ( !access_allowed( be, conn, op, e,
530 desc, &val, ACL_WRITE ) ) {
531 Debug( LDAP_DEBUG_TRACE,
532 "bdb_modrdn: access to attr \"%s\" "
533 "(old) not allowed\n",
534 old_rdn_types[ d_cnt ], 0, 0 );
535 rc = LDAP_INSUFFICIENT_ACCESS;
539 /* Apply modification */
540 mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
541 mod_tmp->sml_desc = desc;
542 mod_tmp->sml_bvalues = ( struct berval ** )ch_malloc( 2*sizeof( struct berval * ) );
543 mod_tmp->sml_bvalues[ 0 ] = ber_bvstrdup( old_rdn_vals[ d_cnt ] );
544 mod_tmp->sml_bvalues[ 1 ] = NULL;
545 mod_tmp->sml_op = LDAP_MOD_DELETE;
546 mod_tmp->sml_next = mod;
552 rc = bdb_dn2id_delete( be, ltid, e->e_ndn, e->e_id );
555 case DB_LOCK_DEADLOCK:
556 case DB_LOCK_NOTGRANTED:
560 text = "DN index delete fail";
564 /* Binary format uses a single contiguous block, cannot
565 * free individual fields. Leave new_dn/new_ndn set so
566 * they can be individually freed later.
572 rc = bdb_dn2id_add( be, ltid, e->e_ndn, e->e_id );
575 case DB_LOCK_DEADLOCK:
576 case DB_LOCK_NOTGRANTED:
580 text = "DN index add failed";
585 rc = bdb_modify_internal( be, conn, op, ltid, &mod[0], e,
586 &text, textbuf, textlen );
588 if( rc != LDAP_SUCCESS ) {
590 case DB_LOCK_DEADLOCK:
591 case DB_LOCK_NOTGRANTED:
598 rc = bdb_id2entry_update( be, ltid, e );
601 case DB_LOCK_DEADLOCK:
602 case DB_LOCK_NOTGRANTED:
606 text = "entry update failed";
610 rc = txn_commit( ltid, 0 );
612 op->o_private = NULL;
615 Debug( LDAP_DEBUG_TRACE,
616 "bdb_modrdn: txn_commit failed: %s (%d)\n",
617 db_strerror(rc), rc, 0 );
619 text = "commit failed";
621 Debug( LDAP_DEBUG_TRACE,
622 "bdb_modrdn: added id=%08lx dn=\"%s\"\n",
623 e->e_id, e->e_dn, 0 );
629 send_ldap_result( conn, op, rc,
630 NULL, text, NULL, NULL );
632 if(rc == LDAP_SUCCESS && bdb->bi_txn_cp ) {
633 ldap_pvt_thread_yield();
634 txn_checkpoint( bdb->bi_dbenv,
635 bdb->bi_txn_cp_kbyte, bdb->bi_txn_cp_min, 0 );
639 if( new_dn != NULL ) free( new_dn );
640 if( new_ndn != NULL ) free( new_ndn );
642 if( p_dn != NULL ) free( p_dn );
643 if( p_ndn != NULL ) free( p_ndn );
645 /* LDAP v2 supporting correct attribute handling. */
646 if( new_rdn_types != NULL ) charray_free(new_rdn_types);
647 if( new_rdn_vals != NULL ) charray_free(new_rdn_vals);
648 if( old_rdn != NULL ) free(old_rdn);
649 if( old_rdn_types != NULL ) charray_free(old_rdn_types);
650 if( old_rdn_vals != NULL ) charray_free(old_rdn_vals);
651 if( mod != NULL ) slap_mods_free(mod);
653 /* LDAP v3 Support */
654 if ( np_dn != NULL ) free( np_dn );
655 if ( np_ndn != NULL ) free( np_ndn );
658 /* free new parent and writer lock */
659 bdb_entry_return( be, np );
663 /* free parent and writer lock */
664 bdb_entry_return( be, p );
669 bdb_entry_return( be, e );
674 op->o_private = NULL;