1 /* add.c - ldap ldbm back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2005 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
21 #include <ac/socket.h>
22 #include <ac/string.h>
25 #include "back-ldbm.h"
26 #include "proto-back-ldbm.h"
33 struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
37 AttributeDescription *children = slap_schema.si_ad_children;
38 AttributeDescription *entry = slap_schema.si_ad_entry;
39 char textbuf[SLAP_TEXT_BUFLEN];
40 size_t textlen = sizeof textbuf;
41 #ifdef LDBM_SUBENTRIES
45 Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n",
46 op->o_req_dn.bv_val, 0, 0);
48 rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL,
49 get_manageDIT(op), &rs->sr_text, textbuf, textlen );
51 if ( rs->sr_err != LDAP_SUCCESS ) {
52 Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
55 send_ldap_result( op, rs );
60 #ifdef LDBM_SUBENTRIES
61 subentry = is_entry_subentry( op->oq_add.rs_e );
64 if ( !access_allowed( op, op->oq_add.rs_e,
65 entry, NULL, ACL_WADD, NULL ) )
67 Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0,
70 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
71 "no write access to entry" );
73 return LDAP_INSUFFICIENT_ACCESS;
76 /* grab giant lock for writing */
77 ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
79 rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id );
80 if ( rs->sr_err || id != NOID ) {
81 /* if (rs->sr_err) something bad happened to ldbm cache */
82 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
83 rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
84 send_ldap_result( op, rs );
89 * Get the parent dn and see if the corresponding entry exists.
90 * If the parent does not exist, only allow the "root" user to
94 if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
97 dnParent( &op->o_req_ndn, &pdn );
101 Entry *matched = NULL;
103 /* get parent with writer lock */
104 if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) {
105 if ( matched != NULL ) {
106 rs->sr_matched = ch_strdup( matched->e_dn );
107 rs->sr_ref = is_entry_referral( matched )
108 ? get_entry_referrals( op, matched )
110 cache_return_entry_r( &li->li_cache, matched );
113 rs->sr_ref = referral_rewrite( default_referral,
114 NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
117 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
119 Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
122 rs->sr_text = rs->sr_ref
123 ? "parent is referral" : "parent does not exist";
124 rs->sr_err = LDAP_REFERRAL;
125 send_ldap_result( op, rs );
127 ber_bvarray_free( rs->sr_ref );
128 free( (char *)rs->sr_matched );
130 rs->sr_matched = NULL;
134 if ( ! access_allowed( op, p, children, NULL, ACL_WADD, NULL ) ) {
135 /* free parent and writer lock */
136 cache_return_entry_w( &li->li_cache, p );
137 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
139 Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0,
142 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
143 "no write access to parent" );
145 return LDAP_INSUFFICIENT_ACCESS;
148 #ifdef LDBM_SUBENTRIES
149 if ( is_entry_subentry( p )) {
150 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
152 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
153 rs->sr_text = "parent is a subentry";
158 if ( is_entry_alias( p ) ) {
159 /* parent is an alias, don't allow add */
161 /* free parent and writer lock */
162 cache_return_entry_w( &li->li_cache, p );
163 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
165 Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
168 send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
169 "parent is an alias" );
171 return LDAP_ALIAS_PROBLEM;
174 if ( is_entry_referral( p ) ) {
175 /* parent is a referral, don't allow add */
176 rs->sr_matched = ch_strdup( p->e_dn );
177 rs->sr_ref = is_entry_referral( p )
178 ? get_entry_referrals( op, p )
181 /* free parent and writer lock */
182 cache_return_entry_w( &li->li_cache, p );
183 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
185 Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
187 rs->sr_err = LDAP_REFERRAL;
188 send_ldap_result( op, rs );
190 ber_bvarray_free( rs->sr_ref );
191 free( (char *)rs->sr_matched );
193 rs->sr_matched = NULL;
197 #ifdef LDBM_SUBENTRIES
200 /* parent must be an administrative point of the required kind */
205 assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
207 if (( !be_isroot(op) && !be_shadow_update(op) )
208 && !is_entry_glue( op->oq_add.rs_e ))
210 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
212 Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
213 pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
215 send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
216 return LDAP_NO_SUCH_OBJECT;
220 if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
222 /* free parent and writer lock */
223 cache_return_entry_w( &li->li_cache, p );
226 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
228 Debug( LDAP_DEBUG_ANY, "ldbm_add: next_id failed\n",
231 send_ldap_error( op, rs, LDAP_OTHER,
232 "next_id add failed" );
238 * Try to add the entry to the cache, assign it a new dnid.
240 rs->sr_err = cache_add_entry_rw( &li->li_cache, op->oq_add.rs_e,
243 if ( rs->sr_err != 0 ) {
245 /* free parent and writer lock */
246 cache_return_entry_w( &li->li_cache, p );
249 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
251 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
254 rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed";
255 rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
256 send_ldap_result( op, rs );
263 /* attribute indexes */
264 if ( index_entry_add( op, op->oq_add.rs_e ) != LDAP_SUCCESS ) {
265 Debug( LDAP_DEBUG_TRACE, "index_entry_add failed\n", 0,
268 send_ldap_error( op, rs, LDAP_OTHER,
269 "index generation failed" );
275 if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname,
276 op->oq_add.rs_e->e_id ) != 0 )
278 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
280 /* FIXME: delete attr indices? */
282 send_ldap_error( op, rs, LDAP_OTHER,
283 "DN index generation failed" );
289 if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) {
290 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
293 /* FIXME: delete attr indices? */
294 (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname,
295 op->oq_add.rs_e->e_id );
297 send_ldap_error( op, rs, LDAP_OTHER,
298 "entry store failed" );
303 rs->sr_err = LDAP_SUCCESS;
305 send_ldap_result( op, rs );
307 /* marks the entry as committed, so it is added to the cache;
308 * otherwise it is removed from the cache, but not destroyed;
309 * it will be destroyed by the caller */
310 cache_entry_commit( op->oq_add.rs_e );
314 /* free parent and writer lock */
315 cache_return_entry_w( &li->li_cache, p );
320 * in case of error, writer lock is freed
321 * and entry's private data is destroyed.
322 * otherwise, this is done when entry is released
324 cache_return_entry_w( &li->li_cache, op->oq_add.rs_e );
325 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
328 return( rs->sr_err );