git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/add.c

   1 /* add.c - ldap ldbm back-end add routine */
   2 /* $OpenLDAP$ */
   3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
   4  *
   5  * Copyright 1998-2006 The OpenLDAP Foundation.
   6  * All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted only as authorized by the OpenLDAP
  10  * Public License.
  11  *
  12  * A copy of this license is available in the file LICENSE in the
  13  * top-level directory of the distribution or, alternatively, at
  14  * <http://www.OpenLDAP.org/license.html>.
  15  */
  16
  17 #include "portable.h"
  18
  19 #include <stdio.h>
  20
  21 #include <ac/socket.h>
  22 #include <ac/string.h>
  23
  24 #include "slap.h"
  25 #include "back-ldbm.h"
  26 #include "proto-back-ldbm.h"
  27
  28 static int
  29 ldbm_csn_cb(
  30         Operation *op,
  31         SlapReply *rs )
  32 {
  33         op->o_callback = op->o_callback->sc_next;
  34         slap_graduate_commit_csn( op );
  35         return SLAP_CB_CONTINUE;
  36 }
  37
  38 int
  39 ldbm_back_add(
  40     Operation   *op,
  41     SlapReply   *rs )
  42 {
  43         struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
  44         struct berval   pdn;
  45         Entry           *p = NULL;
  46         ID               id = NOID;
  47         AttributeDescription *children = slap_schema.si_ad_children;
  48         AttributeDescription *entry = slap_schema.si_ad_entry;
  49         char textbuf[SLAP_TEXT_BUFLEN];
  50         size_t textlen = sizeof textbuf;
  51         slap_callback cb = { NULL };
  52         int subentry;
  53
  54         Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n",
  55                 op->o_req_dn.bv_val, 0, 0);
  56
  57         slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 );
  58
  59         cb.sc_cleanup = ldbm_csn_cb;
  60         cb.sc_next = op->o_callback;
  61         op->o_callback = &cb;
  62
  63         rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL,
  64                 get_manageDIT(op), &rs->sr_text, textbuf, textlen );
  65
  66         if ( rs->sr_err != LDAP_SUCCESS ) {
  67                 Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
  68                         rs->sr_text, 0, 0 );
  69
  70                 send_ldap_result( op, rs );
  71                 return rs->sr_err;
  72         }
  73         rs->sr_text = NULL;
  74
  75         subentry = is_entry_subentry( op->oq_add.rs_e );
  76
  77         if ( !access_allowed( op, op->oq_add.rs_e,
  78                                 entry, NULL, ACL_WADD, NULL ) )
  79         {
  80                 Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0,
  81                     0, 0 );
  82
  83                 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
  84                     "no write access to entry" );
  85
  86                 return LDAP_INSUFFICIENT_ACCESS;
  87         }
  88
  89         /* grab giant lock for writing */
  90         ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
  91
  92         rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id );
  93         if ( rs->sr_err || id != NOID ) {
  94                 /* if (rs->sr_err) something bad happened to ldbm cache */
  95                 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
  96                 rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
  97                 send_ldap_result( op, rs );
  98                 return rs->sr_err;
  99         }
 100
 101         /*
 102          * Get the parent dn and see if the corresponding entry exists.
 103          * If the parent does not exist, only allow the "root" user to
 104          * add the entry.
 105          */
 106
 107         if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
 108                 pdn = slap_empty_bv;
 109         } else {
 110                 dnParent( &op->o_req_ndn, &pdn );
 111         }
 112
 113         if( pdn.bv_len ) {
 114                 Entry *matched = NULL;
 115
 116                 /* get parent with writer lock */
 117                 if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) {
 118                         if ( matched != NULL ) {
 119                                 rs->sr_matched = ch_strdup( matched->e_dn );
 120                                 rs->sr_ref = is_entry_referral( matched )
 121                                         ? get_entry_referrals( op, matched )
 122                                         : NULL;
 123                                 cache_return_entry_r( &li->li_cache, matched );
 124
 125                         } else {
 126                                 rs->sr_ref = referral_rewrite( default_referral,
 127                                         NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
 128                         }
 129
 130                         ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 131
 132                         Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
 133                                 0, 0, 0 );
 134
 135                         rs->sr_text = rs->sr_ref
 136                                 ? "parent is referral" : "parent does not exist";
 137                         rs->sr_err = LDAP_REFERRAL;
 138                         send_ldap_result( op, rs );
 139
 140                         ber_bvarray_free( rs->sr_ref );
 141                         free( (char *)rs->sr_matched );
 142                         rs->sr_ref = NULL;
 143                         rs->sr_matched = NULL;
 144                         return rs->sr_err;
 145                 }
 146
 147                 if ( ! access_allowed( op, p, children, NULL, ACL_WADD, NULL ) ) {
 148                         /* free parent and writer lock */
 149                         cache_return_entry_w( &li->li_cache, p );
 150                         ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 151
 152                         Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0,
 153                             0, 0 );
 154
 155                         send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
 156                             "no write access to parent" );
 157
 158                         return LDAP_INSUFFICIENT_ACCESS;
 159                 }
 160
 161                 if ( is_entry_subentry( p )) {
 162                         Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
 163                                 0, 0, 0 );
 164                         rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
 165                         rs->sr_text = "parent is a subentry";
 166                         goto return_results;
 167                 }
 168
 169                 if ( is_entry_alias( p ) ) {
 170                         /* parent is an alias, don't allow add */
 171
 172                         /* free parent and writer lock */
 173                         cache_return_entry_w( &li->li_cache, p );
 174                         ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 175
 176                         Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
 177                             0, 0 );
 178
 179                         send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
 180                             "parent is an alias" );
 181
 182                         return LDAP_ALIAS_PROBLEM;
 183                 }
 184
 185                 if ( is_entry_referral( p ) ) {
 186                         /* parent is a referral, don't allow add */
 187                         rs->sr_matched = ch_strdup( p->e_dn );
 188                         rs->sr_ref = is_entry_referral( p )
 189                                 ? get_entry_referrals( op, p )
 190                                 : NULL;
 191
 192                         /* free parent and writer lock */
 193                         cache_return_entry_w( &li->li_cache, p );
 194                         ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 195
 196                         Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
 197                             0, 0 );
 198                         rs->sr_err = LDAP_REFERRAL;
 199                         send_ldap_result( op, rs );
 200
 201                         ber_bvarray_free( rs->sr_ref );
 202                         free( (char *)rs->sr_matched );
 203                         rs->sr_ref = NULL;
 204                         rs->sr_matched = NULL;
 205                         return rs->sr_err;
 206                 }
 207
 208                 if ( subentry ) {
 209                         /* FIXME: */
 210                         /* parent must be an administrative point of the required kind */
 211                 }
 212
 213         } else {
 214                 assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
 215
 216                 if (( !be_isroot(op) && !be_shadow_update(op) )
 217                         && !is_entry_glue( op->oq_add.rs_e ))
 218                 {
 219                         ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 220
 221                         Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
 222                                 pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
 223
 224                         send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
 225                         return LDAP_NO_SUCH_OBJECT;
 226                 }
 227         }
 228
 229         if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
 230                 if( p != NULL) {
 231                         /* free parent and writer lock */
 232                         cache_return_entry_w( &li->li_cache, p );
 233                 }
 234
 235                 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 236
 237                 Debug( LDAP_DEBUG_ANY, "ldbm_add: next_id failed\n",
 238                         0, 0, 0 );
 239
 240                 send_ldap_error( op, rs, LDAP_OTHER,
 241                         "next_id add failed" );
 242
 243                 return LDAP_OTHER;
 244         }
 245
 246         /*
 247          * Try to add the entry to the cache, assign it a new dnid.
 248          */
 249         rs->sr_err = cache_add_entry_rw( &li->li_cache, op->oq_add.rs_e,
 250                 CACHE_WRITE_LOCK );
 251
 252         if ( rs->sr_err != 0 ) {
 253                 if( p != NULL) {
 254                         /* free parent and writer lock */
 255                         cache_return_entry_w( &li->li_cache, p );
 256                 }
 257
 258                 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 259
 260                 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
 261                     0 );
 262
 263                 rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed";
 264                 rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
 265                 send_ldap_result( op, rs );
 266
 267                 return rs->sr_err;
 268         }
 269
 270         rs->sr_err = -1;
 271
 272         /* attribute indexes */
 273         if ( index_entry_add( op, op->oq_add.rs_e ) != LDAP_SUCCESS ) {
 274                 Debug( LDAP_DEBUG_TRACE, "index_entry_add failed\n", 0,
 275                     0, 0 );
 276
 277                 send_ldap_error( op, rs, LDAP_OTHER,
 278                         "index generation failed" );
 279
 280                 goto return_results;
 281         }
 282
 283         /* dn2id index */
 284         if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname,
 285                 op->oq_add.rs_e->e_id ) != 0 )
 286         {
 287                 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
 288                     0, 0 );
 289                 /* FIXME: delete attr indices? */
 290
 291                 send_ldap_error( op, rs, LDAP_OTHER,
 292                         "DN index generation failed" );
 293
 294                 goto return_results;
 295         }
 296
 297         /* id2entry index */
 298         if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) {
 299                 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
 300                     0, 0 );
 301
 302                 /* FIXME: delete attr indices? */
 303                 (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname,
 304                         op->oq_add.rs_e->e_id );
 305
 306                 send_ldap_error( op, rs, LDAP_OTHER,
 307                         "entry store failed" );
 308
 309                 goto return_results;
 310         }
 311
 312         rs->sr_err = LDAP_SUCCESS;
 313         rs->sr_text = NULL;
 314         send_ldap_result( op, rs );
 315
 316         /* marks the entry as committed, so it is added to the cache;
 317          * otherwise it is removed from the cache, but not destroyed;
 318          * it will be destroyed by the caller */
 319         cache_entry_commit( op->oq_add.rs_e );
 320
 321 return_results:;
 322         if (p != NULL) {
 323                 /* free parent and writer lock */
 324                 cache_return_entry_w( &li->li_cache, p );
 325         }
 326
 327         if ( rs->sr_err ) {
 328                 /*
 329                  * in case of error, writer lock is freed
 330                  * and entry's private data is destroyed.
 331                  * otherwise, this is done when entry is released
 332                  */
 333                 cache_return_entry_w( &li->li_cache, op->oq_add.rs_e );
 334                 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 335         }
 336
 337         return( rs->sr_err );
 338 }