git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/add.c

   1 /* add.c - ldap ldbm back-end add routine */
   2 /*
   3  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
   4  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   5  */
   6
   7 #include "portable.h"
   8
   9 #include <stdio.h>
  10
  11 #include <ac/socket.h>
  12 #include <ac/string.h>
  13
  14 #include "slap.h"
  15 #include "back-ldbm.h"
  16 #include "proto-back-ldbm.h"
  17
  18 int
  19 ldbm_back_add(
  20     Backend     *be,
  21     Connection  *conn,
  22     Operation   *op,
  23     Entry       *e
  24 )
  25 {
  26         struct ldbminfo *li = (struct ldbminfo *) be->be_private;
  27         char            *pdn;
  28         Entry           *p = NULL;
  29         int                     rootlock = 0;
  30         int                     rc;
  31
  32         Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", e->e_dn, 0, 0);
  33
  34         /* nobody else can add until we lock our parent */
  35         ldap_pvt_thread_mutex_lock(&li->li_add_mutex);
  36
  37         if ( ( dn2id( be, e->e_ndn ) ) != NOID ) {
  38                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  39                 entry_free( e );
  40                 send_ldap_result( conn, op, LDAP_ALREADY_EXISTS,
  41                         NULL, NULL, NULL, NULL );
  42                 return( -1 );
  43         }
  44
  45         if ( global_schemacheck && oc_schema_check( e ) != 0 ) {
  46                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  47
  48                 Debug( LDAP_DEBUG_TRACE, "entry failed schema check\n",
  49                         0, 0, 0 );
  50
  51                 entry_free( e );
  52                 send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION,
  53                         NULL, NULL, NULL, NULL );
  54                 return( -1 );
  55         }
  56
  57         /*
  58          * Get the parent dn and see if the corresponding entry exists.
  59          * If the parent does not exist, only allow the "root" user to
  60          * add the entry.
  61          */
  62
  63         pdn = dn_parent( be, e->e_ndn );
  64
  65         if( pdn != NULL && *pdn != '\0' ) {
  66                 Entry *matched = NULL;
  67
  68                 assert( *pdn != '\0' );
  69
  70                 /* get parent with writer lock */
  71                 if ( (p = dn2entry_w( be, pdn, &matched )) == NULL ) {
  72                         char *matched_dn;
  73                         struct berval **refs;
  74
  75                         ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  76
  77                         if ( matched != NULL ) {
  78                                 matched_dn = ch_strdup( matched->e_dn );
  79                                 refs = is_entry_referral( matched )
  80                                         ? get_entry_referrals( be, conn, op, matched )
  81                                         : NULL;
  82                                 cache_return_entry_r( &li->li_cache, matched );
  83
  84                         } else {
  85                                 matched_dn = NULL;
  86                                 refs = default_referral;
  87                         }
  88
  89                         Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
  90                                 0, 0, 0 );
  91
  92                         send_ldap_result( conn, op, LDAP_REFERRAL,
  93                             matched_dn, NULL, refs, NULL );
  94
  95                         if( matched != NULL ) {
  96                                 ber_bvecfree( refs );
  97                                 free( matched_dn );
  98                         }
  99
 100                         entry_free( e );
 101                         free( pdn );
 102                         return -1;
 103                 }
 104
 105                 /* don't need the add lock anymore */
 106                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 107
 108                 free(pdn);
 109
 110                 if ( ! access_allowed( be, conn, op, p,
 111                         "children", NULL, ACL_WRITE ) )
 112                 {
 113                         /* free parent and writer lock */
 114                         cache_return_entry_w( &li->li_cache, p );
 115
 116                         Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
 117                             0, 0 );
 118                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 119                             NULL, NULL, NULL, NULL );
 120
 121
 122                         entry_free( e );
 123                         return -1;
 124                 }
 125
 126                 if ( is_entry_alias( p ) ) {
 127                         /* parent is an alias, don't allow add */
 128
 129                         /* free parent and writer lock */
 130                         cache_return_entry_w( &li->li_cache, p );
 131
 132                         Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
 133                             0, 0 );
 134
 135                         send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
 136                             NULL, NULL, NULL, NULL );
 137
 138                         entry_free( e );
 139                         return -1;
 140                 }
 141
 142                 if ( is_entry_referral( p ) ) {
 143                         /* parent is a referral, don't allow add */
 144                         char *matched_dn = ch_strdup( p->e_dn );
 145                         struct berval **refs = is_entry_referral( p )
 146                                 ? get_entry_referrals( be, conn, op, p )
 147                                 : NULL;
 148
 149                         /* free parent and writer lock */
 150                         cache_return_entry_w( &li->li_cache, p );
 151
 152                         Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
 153                             0, 0 );
 154                         send_ldap_result( conn, op, LDAP_REFERRAL,
 155                             matched_dn, NULL, refs, NULL );
 156
 157                         ber_bvecfree( refs );
 158                         free( matched_dn );
 159                         entry_free( e );
 160                         return -1;
 161                 }
 162
 163         } else {
 164                 if(pdn != NULL) {
 165                         assert( *pdn == '\0' );
 166                         free(pdn);
 167                 }
 168
 169                 /* no parent, must be adding entry to root */
 170                 if ( !be_isroot( be, op->o_ndn ) && !be_issuffix( be, "" ) ) {
 171                         ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 172
 173                         Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
 174                                         pdn == NULL ? "suffix" : "entry at root",
 175                                         0, 0 );
 176
 177                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 178                             NULL, NULL, NULL, NULL );
 179
 180                         entry_free( e );
 181                         return -1;
 182                 }
 183
 184                 /*
 185                  * no parent, acquire the root write lock
 186                  * and release the add lock.
 187                  */
 188                 ldap_pvt_thread_mutex_lock(&li->li_root_mutex);
 189                 rootlock = 1;
 190                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 191         }
 192
 193         e->e_id = next_id( be );
 194
 195         /*
 196          * Try to add the entry to the cache, assign it a new dnid.
 197          */
 198         rc = cache_add_entry_rw(&li->li_cache, e, CACHE_WRITE_LOCK);
 199
 200         if ( rc != 0 ) {
 201                 if( p != NULL) {
 202                         /* free parent and writer lock */
 203                         cache_return_entry_w( &li->li_cache, p );
 204                 }
 205
 206                 if ( rootlock ) {
 207                         /* release root lock */
 208                         ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
 209                 }
 210
 211                 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
 212                     0 );
 213
 214                 /* free the entry */
 215                 entry_free( e );
 216
 217                 send_ldap_result( conn, op,
 218                         rc > 0 ? LDAP_ALREADY_EXISTS : LDAP_OPERATIONS_ERROR,
 219                         NULL, NULL, NULL, NULL );
 220
 221                 return( -1 );
 222         }
 223
 224         rc = -1;
 225
 226         /*
 227          * Add the entry to the attribute indexes, then add it to
 228          * the id2children index, dn2id index, and the id2entry index.
 229          */
 230
 231         /* attribute indexes */
 232         if ( index_add_entry( be, e ) != 0 ) {
 233                 Debug( LDAP_DEBUG_TRACE, "index_add_entry failed\n", 0,
 234                     0, 0 );
 235                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 236                         NULL, NULL, NULL, NULL );
 237
 238                 goto return_results;
 239         }
 240
 241         /* dn2id index */
 242         if ( dn2id_add( be, e->e_ndn, e->e_id ) != 0 ) {
 243                 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
 244                     0, 0 );
 245                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 246                         NULL, NULL, NULL, NULL );
 247
 248                 goto return_results;
 249         }
 250
 251         /* id2entry index */
 252         if ( id2entry_add( be, e ) != 0 ) {
 253                 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
 254                     0, 0 );
 255                 (void) dn2id_delete( be, e->e_ndn );
 256                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 257                         NULL, NULL, NULL, NULL );
 258
 259                 goto return_results;
 260         }
 261
 262         send_ldap_result( conn, op, LDAP_SUCCESS,
 263                 NULL, NULL, NULL, NULL );
 264         rc = 0;
 265
 266 return_results:;
 267         if (p != NULL) {
 268                 /* free parent and writer lock */
 269                 cache_return_entry_w( &li->li_cache, p );
 270         }
 271
 272         if ( rootlock ) {
 273                 /* release root lock */
 274                 ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
 275         }
 276
 277         if ( rc ) {
 278                 /* free entry and writer lock */
 279                 cache_return_entry_w( &li->li_cache, e );
 280         }
 281
 282         return( rc );
 283 }