1 /* add.c - ldap ldbm back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2005 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
21 #include <ac/socket.h>
22 #include <ac/string.h>
25 #include "back-ldbm.h"
26 #include "proto-back-ldbm.h"
33 op->o_callback = op->o_callback->sc_next;
34 slap_graduate_commit_csn( op );
35 return SLAP_CB_CONTINUE;
43 struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
47 AttributeDescription *children = slap_schema.si_ad_children;
48 AttributeDescription *entry = slap_schema.si_ad_entry;
49 char textbuf[SLAP_TEXT_BUFLEN];
50 size_t textlen = sizeof textbuf;
51 slap_callback cb = { NULL };
54 Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n",
55 op->o_req_dn.bv_val, 0, 0);
57 slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 );
59 cb.sc_cleanup = ldbm_csn_cb;
60 cb.sc_next = op->o_callback;
63 rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL,
64 get_manageDIT(op), &rs->sr_text, textbuf, textlen );
66 if ( rs->sr_err != LDAP_SUCCESS ) {
67 Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
70 send_ldap_result( op, rs );
75 subentry = is_entry_subentry( op->oq_add.rs_e );
77 if ( !access_allowed( op, op->oq_add.rs_e,
78 entry, NULL, ACL_WADD, NULL ) )
80 Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0,
83 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
84 "no write access to entry" );
86 return LDAP_INSUFFICIENT_ACCESS;
89 /* grab giant lock for writing */
90 ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
92 rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id );
93 if ( rs->sr_err || id != NOID ) {
94 /* if (rs->sr_err) something bad happened to ldbm cache */
95 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
96 rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
97 send_ldap_result( op, rs );
102 * Get the parent dn and see if the corresponding entry exists.
103 * If the parent does not exist, only allow the "root" user to
107 if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
110 dnParent( &op->o_req_ndn, &pdn );
114 Entry *matched = NULL;
116 /* get parent with writer lock */
117 if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) {
118 if ( matched != NULL ) {
119 rs->sr_matched = ch_strdup( matched->e_dn );
120 rs->sr_ref = is_entry_referral( matched )
121 ? get_entry_referrals( op, matched )
123 cache_return_entry_r( &li->li_cache, matched );
126 rs->sr_ref = referral_rewrite( default_referral,
127 NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
130 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
132 Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
135 rs->sr_text = rs->sr_ref
136 ? "parent is referral" : "parent does not exist";
137 rs->sr_err = LDAP_REFERRAL;
138 send_ldap_result( op, rs );
140 ber_bvarray_free( rs->sr_ref );
141 free( (char *)rs->sr_matched );
143 rs->sr_matched = NULL;
147 if ( ! access_allowed( op, p, children, NULL, ACL_WADD, NULL ) ) {
148 /* free parent and writer lock */
149 cache_return_entry_w( &li->li_cache, p );
150 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
152 Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0,
155 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
156 "no write access to parent" );
158 return LDAP_INSUFFICIENT_ACCESS;
161 if ( is_entry_subentry( p )) {
162 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
164 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
165 rs->sr_text = "parent is a subentry";
169 if ( is_entry_alias( p ) ) {
170 /* parent is an alias, don't allow add */
172 /* free parent and writer lock */
173 cache_return_entry_w( &li->li_cache, p );
174 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
176 Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
179 send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
180 "parent is an alias" );
182 return LDAP_ALIAS_PROBLEM;
185 if ( is_entry_referral( p ) ) {
186 /* parent is a referral, don't allow add */
187 rs->sr_matched = ch_strdup( p->e_dn );
188 rs->sr_ref = is_entry_referral( p )
189 ? get_entry_referrals( op, p )
192 /* free parent and writer lock */
193 cache_return_entry_w( &li->li_cache, p );
194 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
196 Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
198 rs->sr_err = LDAP_REFERRAL;
199 send_ldap_result( op, rs );
201 ber_bvarray_free( rs->sr_ref );
202 free( (char *)rs->sr_matched );
204 rs->sr_matched = NULL;
210 /* parent must be an administrative point of the required kind */
214 assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
216 if (( !be_isroot(op) && !be_shadow_update(op) )
217 && !is_entry_glue( op->oq_add.rs_e ))
219 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
221 Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
222 pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
224 send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
225 return LDAP_NO_SUCH_OBJECT;
229 if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
231 /* free parent and writer lock */
232 cache_return_entry_w( &li->li_cache, p );
235 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
237 Debug( LDAP_DEBUG_ANY, "ldbm_add: next_id failed\n",
240 send_ldap_error( op, rs, LDAP_OTHER,
241 "next_id add failed" );
247 * Try to add the entry to the cache, assign it a new dnid.
249 rs->sr_err = cache_add_entry_rw( &li->li_cache, op->oq_add.rs_e,
252 if ( rs->sr_err != 0 ) {
254 /* free parent and writer lock */
255 cache_return_entry_w( &li->li_cache, p );
258 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
260 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
263 rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed";
264 rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
265 send_ldap_result( op, rs );
272 /* attribute indexes */
273 if ( index_entry_add( op, op->oq_add.rs_e ) != LDAP_SUCCESS ) {
274 Debug( LDAP_DEBUG_TRACE, "index_entry_add failed\n", 0,
277 send_ldap_error( op, rs, LDAP_OTHER,
278 "index generation failed" );
284 if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname,
285 op->oq_add.rs_e->e_id ) != 0 )
287 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
289 /* FIXME: delete attr indices? */
291 send_ldap_error( op, rs, LDAP_OTHER,
292 "DN index generation failed" );
298 if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) {
299 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
302 /* FIXME: delete attr indices? */
303 (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname,
304 op->oq_add.rs_e->e_id );
306 send_ldap_error( op, rs, LDAP_OTHER,
307 "entry store failed" );
312 rs->sr_err = LDAP_SUCCESS;
314 send_ldap_result( op, rs );
316 /* marks the entry as committed, so it is added to the cache;
317 * otherwise it is removed from the cache, but not destroyed;
318 * it will be destroyed by the caller */
319 cache_entry_commit( op->oq_add.rs_e );
323 /* free parent and writer lock */
324 cache_return_entry_w( &li->li_cache, p );
329 * in case of error, writer lock is freed
330 * and entry's private data is destroyed.
331 * otherwise, this is done when entry is released
333 cache_return_entry_w( &li->li_cache, op->oq_add.rs_e );
334 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
337 return( rs->sr_err );