git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/add.c

   1 /* add.c - ldap ldbm back-end add routine */
   2 /* $OpenLDAP$ */
   3 /*
   4  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
   5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   6  */
   7
   8 #include "portable.h"
   9
  10 #include <stdio.h>
  11
  12 #include <ac/socket.h>
  13 #include <ac/string.h>
  14
  15 #include "slap.h"
  16 #include "back-ldbm.h"
  17 #include "proto-back-ldbm.h"
  18
  19 int
  20 ldbm_back_add(
  21     Backend     *be,
  22     Connection  *conn,
  23     Operation   *op,
  24     Entry       *e
  25 )
  26 {
  27         struct ldbminfo *li = (struct ldbminfo *) be->be_private;
  28         char            *pdn;
  29         Entry           *p = NULL;
  30         int                     rootlock = 0;
  31         int                     rc;
  32
  33         Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", e->e_dn, 0, 0);
  34
  35         /* nobody else can add until we lock our parent */
  36         ldap_pvt_thread_mutex_lock(&li->li_add_mutex);
  37
  38         if ( ( dn2id( be, e->e_ndn ) ) != NOID ) {
  39                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  40                 entry_free( e );
  41                 send_ldap_result( conn, op, LDAP_ALREADY_EXISTS,
  42                         NULL, NULL, NULL, NULL );
  43                 return( -1 );
  44         }
  45
  46         if ( global_schemacheck && oc_schema_check( e ) != 0 ) {
  47                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  48
  49                 Debug( LDAP_DEBUG_TRACE, "entry failed schema check\n",
  50                         0, 0, 0 );
  51
  52                 entry_free( e );
  53                 send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION,
  54                         NULL, NULL, NULL, NULL );
  55                 return( -1 );
  56         }
  57
  58         /*
  59          * Get the parent dn and see if the corresponding entry exists.
  60          * If the parent does not exist, only allow the "root" user to
  61          * add the entry.
  62          */
  63
  64         pdn = dn_parent( be, e->e_ndn );
  65
  66         if( pdn != NULL && *pdn != '\0' ) {
  67                 Entry *matched = NULL;
  68
  69                 assert( *pdn != '\0' );
  70
  71                 /* get parent with writer lock */
  72                 if ( (p = dn2entry_w( be, pdn, &matched )) == NULL ) {
  73                         char *matched_dn;
  74                         struct berval **refs;
  75
  76                         ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  77
  78                         if ( matched != NULL ) {
  79                                 matched_dn = ch_strdup( matched->e_dn );
  80                                 refs = is_entry_referral( matched )
  81                                         ? get_entry_referrals( be, conn, op, matched )
  82                                         : NULL;
  83                                 cache_return_entry_r( &li->li_cache, matched );
  84
  85                         } else {
  86                                 matched_dn = NULL;
  87                                 refs = default_referral;
  88                         }
  89
  90                         Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
  91                                 0, 0, 0 );
  92
  93                         send_ldap_result( conn, op, LDAP_REFERRAL,
  94                             matched_dn, NULL, refs, NULL );
  95
  96                         if( matched != NULL ) {
  97                                 ber_bvecfree( refs );
  98                                 free( matched_dn );
  99                         }
 100
 101                         entry_free( e );
 102                         free( pdn );
 103                         return -1;
 104                 }
 105
 106                 /* don't need the add lock anymore */
 107                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 108
 109                 free(pdn);
 110
 111                 if ( ! access_allowed( be, conn, op, p,
 112                         "children", NULL, ACL_WRITE ) )
 113                 {
 114                         /* free parent and writer lock */
 115                         cache_return_entry_w( &li->li_cache, p );
 116
 117                         Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
 118                             0, 0 );
 119                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 120                             NULL, NULL, NULL, NULL );
 121
 122
 123                         entry_free( e );
 124                         return -1;
 125                 }
 126
 127                 if ( is_entry_alias( p ) ) {
 128                         /* parent is an alias, don't allow add */
 129
 130                         /* free parent and writer lock */
 131                         cache_return_entry_w( &li->li_cache, p );
 132
 133                         Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
 134                             0, 0 );
 135
 136                         send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
 137                             NULL, NULL, NULL, NULL );
 138
 139                         entry_free( e );
 140                         return -1;
 141                 }
 142
 143                 if ( is_entry_referral( p ) ) {
 144                         /* parent is a referral, don't allow add */
 145                         char *matched_dn = ch_strdup( p->e_dn );
 146                         struct berval **refs = is_entry_referral( p )
 147                                 ? get_entry_referrals( be, conn, op, p )
 148                                 : NULL;
 149
 150                         /* free parent and writer lock */
 151                         cache_return_entry_w( &li->li_cache, p );
 152
 153                         Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
 154                             0, 0 );
 155                         send_ldap_result( conn, op, LDAP_REFERRAL,
 156                             matched_dn, NULL, refs, NULL );
 157
 158                         ber_bvecfree( refs );
 159                         free( matched_dn );
 160                         entry_free( e );
 161                         return -1;
 162                 }
 163
 164         } else {
 165                 if(pdn != NULL) {
 166                         assert( *pdn == '\0' );
 167                         free(pdn);
 168                 }
 169
 170                 /* no parent, must be adding entry to root */
 171                 if ( !be_isroot( be, op->o_ndn ) && !be_issuffix( be, "" ) ) {
 172                         ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 173
 174                         Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
 175                                         pdn == NULL ? "suffix" : "entry at root",
 176                                         0, 0 );
 177
 178                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 179                             NULL, NULL, NULL, NULL );
 180
 181                         entry_free( e );
 182                         return -1;
 183                 }
 184
 185                 /*
 186                  * no parent, acquire the root write lock
 187                  * and release the add lock.
 188                  */
 189                 ldap_pvt_thread_mutex_lock(&li->li_root_mutex);
 190                 rootlock = 1;
 191                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 192         }
 193
 194         e->e_id = next_id( be );
 195
 196         /*
 197          * Try to add the entry to the cache, assign it a new dnid.
 198          */
 199         rc = cache_add_entry_rw(&li->li_cache, e, CACHE_WRITE_LOCK);
 200
 201         if ( rc != 0 ) {
 202                 if( p != NULL) {
 203                         /* free parent and writer lock */
 204                         cache_return_entry_w( &li->li_cache, p );
 205                 }
 206
 207                 if ( rootlock ) {
 208                         /* release root lock */
 209                         ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
 210                 }
 211
 212                 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
 213                     0 );
 214
 215                 /* free the entry */
 216                 entry_free( e );
 217
 218                 send_ldap_result( conn, op,
 219                         rc > 0 ? LDAP_ALREADY_EXISTS : LDAP_OPERATIONS_ERROR,
 220                         NULL, NULL, NULL, NULL );
 221
 222                 return( -1 );
 223         }
 224
 225         rc = -1;
 226
 227         /*
 228          * Add the entry to the attribute indexes, then add it to
 229          * the id2children index, dn2id index, and the id2entry index.
 230          */
 231
 232         /* attribute indexes */
 233         if ( index_add_entry( be, e ) != 0 ) {
 234                 Debug( LDAP_DEBUG_TRACE, "index_add_entry failed\n", 0,
 235                     0, 0 );
 236                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 237                         NULL, NULL, NULL, NULL );
 238
 239                 goto return_results;
 240         }
 241
 242         /* dn2id index */
 243         if ( dn2id_add( be, e->e_ndn, e->e_id ) != 0 ) {
 244                 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
 245                     0, 0 );
 246                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 247                         NULL, NULL, NULL, NULL );
 248
 249                 goto return_results;
 250         }
 251
 252         /* id2entry index */
 253         if ( id2entry_add( be, e ) != 0 ) {
 254                 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
 255                     0, 0 );
 256                 (void) dn2id_delete( be, e->e_ndn, e->e_id );
 257                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 258                         NULL, NULL, NULL, NULL );
 259
 260                 goto return_results;
 261         }
 262
 263         send_ldap_result( conn, op, LDAP_SUCCESS,
 264                 NULL, NULL, NULL, NULL );
 265         rc = 0;
 266
 267 return_results:;
 268         if (p != NULL) {
 269                 /* free parent and writer lock */
 270                 cache_return_entry_w( &li->li_cache, p );
 271         }
 272
 273         if ( rootlock ) {
 274                 /* release root lock */
 275                 ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
 276         }
 277
 278         if ( rc ) {
 279                 /* free entry and writer lock */
 280                 cache_return_entry_w( &li->li_cache, e );
 281         }
 282
 283         return( rc );
 284 }