1 /* add.c - ldap ldbm back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2005 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
21 #include <ac/socket.h>
22 #include <ac/string.h>
25 #include "back-ldbm.h"
26 #include "proto-back-ldbm.h"
33 op->o_callback = op->o_callback->sc_next;
34 slap_graduate_commit_csn( op );
35 return SLAP_CB_CONTINUE;
43 struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
47 AttributeDescription *children = slap_schema.si_ad_children;
48 AttributeDescription *entry = slap_schema.si_ad_entry;
49 char textbuf[SLAP_TEXT_BUFLEN];
50 size_t textlen = sizeof textbuf;
51 slap_callback cb = { NULL };
52 #ifdef LDBM_SUBENTRIES
56 Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n",
57 op->o_req_dn.bv_val, 0, 0);
59 slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 );
61 cb.sc_cleanup = ldbm_csn_cb;
62 cb.sc_next = op->o_callback;
65 rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL,
66 get_manageDIT(op), &rs->sr_text, textbuf, textlen );
68 if ( rs->sr_err != LDAP_SUCCESS ) {
69 Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
72 send_ldap_result( op, rs );
77 #ifdef LDBM_SUBENTRIES
78 subentry = is_entry_subentry( op->oq_add.rs_e );
81 if ( !access_allowed( op, op->oq_add.rs_e,
82 entry, NULL, ACL_WADD, NULL ) )
84 Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0,
87 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
88 "no write access to entry" );
90 return LDAP_INSUFFICIENT_ACCESS;
93 /* grab giant lock for writing */
94 ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
96 rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id );
97 if ( rs->sr_err || id != NOID ) {
98 /* if (rs->sr_err) something bad happened to ldbm cache */
99 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
100 rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
101 send_ldap_result( op, rs );
106 * Get the parent dn and see if the corresponding entry exists.
107 * If the parent does not exist, only allow the "root" user to
111 if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
114 dnParent( &op->o_req_ndn, &pdn );
118 Entry *matched = NULL;
120 /* get parent with writer lock */
121 if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) {
122 if ( matched != NULL ) {
123 rs->sr_matched = ch_strdup( matched->e_dn );
124 rs->sr_ref = is_entry_referral( matched )
125 ? get_entry_referrals( op, matched )
127 cache_return_entry_r( &li->li_cache, matched );
130 rs->sr_ref = referral_rewrite( default_referral,
131 NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
134 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
136 Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
139 rs->sr_text = rs->sr_ref
140 ? "parent is referral" : "parent does not exist";
141 rs->sr_err = LDAP_REFERRAL;
142 send_ldap_result( op, rs );
144 ber_bvarray_free( rs->sr_ref );
145 free( (char *)rs->sr_matched );
147 rs->sr_matched = NULL;
151 if ( ! access_allowed( op, p, children, NULL, ACL_WADD, NULL ) ) {
152 /* free parent and writer lock */
153 cache_return_entry_w( &li->li_cache, p );
154 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
156 Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0,
159 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
160 "no write access to parent" );
162 return LDAP_INSUFFICIENT_ACCESS;
165 #ifdef LDBM_SUBENTRIES
166 if ( is_entry_subentry( p )) {
167 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
169 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
170 rs->sr_text = "parent is a subentry";
175 if ( is_entry_alias( p ) ) {
176 /* parent is an alias, don't allow add */
178 /* free parent and writer lock */
179 cache_return_entry_w( &li->li_cache, p );
180 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
182 Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
185 send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
186 "parent is an alias" );
188 return LDAP_ALIAS_PROBLEM;
191 if ( is_entry_referral( p ) ) {
192 /* parent is a referral, don't allow add */
193 rs->sr_matched = ch_strdup( p->e_dn );
194 rs->sr_ref = is_entry_referral( p )
195 ? get_entry_referrals( op, p )
198 /* free parent and writer lock */
199 cache_return_entry_w( &li->li_cache, p );
200 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
202 Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
204 rs->sr_err = LDAP_REFERRAL;
205 send_ldap_result( op, rs );
207 ber_bvarray_free( rs->sr_ref );
208 free( (char *)rs->sr_matched );
210 rs->sr_matched = NULL;
214 #ifdef LDBM_SUBENTRIES
217 /* parent must be an administrative point of the required kind */
222 assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
224 if (( !be_isroot(op) && !be_shadow_update(op) )
225 && !is_entry_glue( op->oq_add.rs_e ))
227 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
229 Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
230 pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
232 send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
233 return LDAP_NO_SUCH_OBJECT;
237 if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
239 /* free parent and writer lock */
240 cache_return_entry_w( &li->li_cache, p );
243 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
245 Debug( LDAP_DEBUG_ANY, "ldbm_add: next_id failed\n",
248 send_ldap_error( op, rs, LDAP_OTHER,
249 "next_id add failed" );
255 * Try to add the entry to the cache, assign it a new dnid.
257 rs->sr_err = cache_add_entry_rw( &li->li_cache, op->oq_add.rs_e,
260 if ( rs->sr_err != 0 ) {
262 /* free parent and writer lock */
263 cache_return_entry_w( &li->li_cache, p );
266 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
268 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
271 rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed";
272 rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
273 send_ldap_result( op, rs );
280 /* attribute indexes */
281 if ( index_entry_add( op, op->oq_add.rs_e ) != LDAP_SUCCESS ) {
282 Debug( LDAP_DEBUG_TRACE, "index_entry_add failed\n", 0,
285 send_ldap_error( op, rs, LDAP_OTHER,
286 "index generation failed" );
292 if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname,
293 op->oq_add.rs_e->e_id ) != 0 )
295 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
297 /* FIXME: delete attr indices? */
299 send_ldap_error( op, rs, LDAP_OTHER,
300 "DN index generation failed" );
306 if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) {
307 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
310 /* FIXME: delete attr indices? */
311 (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname,
312 op->oq_add.rs_e->e_id );
314 send_ldap_error( op, rs, LDAP_OTHER,
315 "entry store failed" );
320 rs->sr_err = LDAP_SUCCESS;
322 send_ldap_result( op, rs );
324 /* marks the entry as committed, so it is added to the cache;
325 * otherwise it is removed from the cache, but not destroyed;
326 * it will be destroyed by the caller */
327 cache_entry_commit( op->oq_add.rs_e );
331 /* free parent and writer lock */
332 cache_return_entry_w( &li->li_cache, p );
337 * in case of error, writer lock is freed
338 * and entry's private data is destroyed.
339 * otherwise, this is done when entry is released
341 cache_return_entry_w( &li->li_cache, op->oq_add.rs_e );
342 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
345 return( rs->sr_err );