git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/add.c

   1 /* add.c - ldap ldbm back-end add routine */
   2 /* $OpenLDAP$ */
   3 /*
   4  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
   5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   6  */
   7
   8 #include "portable.h"
   9
  10 #include <stdio.h>
  11
  12 #include <ac/socket.h>
  13 #include <ac/string.h>
  14
  15 #include "slap.h"
  16 #include "back-ldbm.h"
  17 #include "proto-back-ldbm.h"
  18
  19 int
  20 ldbm_back_add(
  21     Backend     *be,
  22     Connection  *conn,
  23     Operation   *op,
  24     Entry       *e
  25 )
  26 {
  27         struct ldbminfo *li = (struct ldbminfo *) be->be_private;
  28         char            *pdn;
  29         Entry           *p = NULL;
  30         int                     rootlock = 0;
  31         int                     rc;
  32
  33 #ifdef SLAPD_SCHEMA_NOT_COMPAT
  34         static AttributeDescription *children = NULL;
  35 #else
  36         static const char *children = "children";
  37 #endif
  38
  39
  40         Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n", e->e_dn, 0, 0);
  41
  42         /* nobody else can add until we lock our parent */
  43         ldap_pvt_thread_mutex_lock(&li->li_add_mutex);
  44
  45         if ( ( dn2id( be, e->e_ndn ) ) != NOID ) {
  46                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  47                 entry_free( e );
  48                 send_ldap_result( conn, op, LDAP_ALREADY_EXISTS,
  49                         NULL, NULL, NULL, NULL );
  50                 return( -1 );
  51         }
  52
  53         if ( schema_check_entry( e ) != 0 ) {
  54                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  55
  56                 Debug( LDAP_DEBUG_TRACE, "entry failed schema check\n",
  57                         0, 0, 0 );
  58
  59                 entry_free( e );
  60                 send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION,
  61                         NULL, NULL, NULL, NULL );
  62                 return( -1 );
  63         }
  64
  65         /*
  66          * Get the parent dn and see if the corresponding entry exists.
  67          * If the parent does not exist, only allow the "root" user to
  68          * add the entry.
  69          */
  70
  71         pdn = dn_parent( be, e->e_ndn );
  72
  73         if( pdn != NULL && *pdn != '\0' ) {
  74                 Entry *matched = NULL;
  75
  76                 assert( *pdn != '\0' );
  77
  78                 /* get parent with writer lock */
  79                 if ( (p = dn2entry_w( be, pdn, &matched )) == NULL ) {
  80                         char *matched_dn;
  81                         struct berval **refs;
  82
  83                         ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
  84
  85                         if ( matched != NULL ) {
  86                                 matched_dn = ch_strdup( matched->e_dn );
  87                                 refs = is_entry_referral( matched )
  88                                         ? get_entry_referrals( be, conn, op, matched )
  89                                         : NULL;
  90                                 cache_return_entry_r( &li->li_cache, matched );
  91
  92                         } else {
  93                                 matched_dn = NULL;
  94                                 refs = default_referral;
  95                         }
  96
  97                         Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
  98                                 0, 0, 0 );
  99
 100                         send_ldap_result( conn, op, LDAP_REFERRAL,
 101                             matched_dn, NULL, refs, NULL );
 102
 103                         if( matched != NULL ) {
 104                                 ber_bvecfree( refs );
 105                                 free( matched_dn );
 106                         }
 107
 108                         entry_free( e );
 109                         free( pdn );
 110                         return -1;
 111                 }
 112
 113                 /* don't need the add lock anymore */
 114                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 115
 116                 free(pdn);
 117
 118                 if ( ! access_allowed( be, conn, op, p,
 119                         children, NULL, ACL_WRITE ) )
 120                 {
 121                         /* free parent and writer lock */
 122                         cache_return_entry_w( &li->li_cache, p );
 123
 124                         Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
 125                             0, 0 );
 126                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 127                             NULL, NULL, NULL, NULL );
 128
 129
 130                         entry_free( e );
 131                         return -1;
 132                 }
 133
 134                 if ( is_entry_alias( p ) ) {
 135                         /* parent is an alias, don't allow add */
 136
 137                         /* free parent and writer lock */
 138                         cache_return_entry_w( &li->li_cache, p );
 139
 140                         Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
 141                             0, 0 );
 142
 143                         send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM,
 144                             NULL, NULL, NULL, NULL );
 145
 146                         entry_free( e );
 147                         return -1;
 148                 }
 149
 150                 if ( is_entry_referral( p ) ) {
 151                         /* parent is a referral, don't allow add */
 152                         char *matched_dn = ch_strdup( p->e_dn );
 153                         struct berval **refs = is_entry_referral( p )
 154                                 ? get_entry_referrals( be, conn, op, p )
 155                                 : NULL;
 156
 157                         /* free parent and writer lock */
 158                         cache_return_entry_w( &li->li_cache, p );
 159
 160                         Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
 161                             0, 0 );
 162                         send_ldap_result( conn, op, LDAP_REFERRAL,
 163                             matched_dn, NULL, refs, NULL );
 164
 165                         ber_bvecfree( refs );
 166                         free( matched_dn );
 167                         entry_free( e );
 168                         return -1;
 169                 }
 170
 171         } else {
 172                 if(pdn != NULL) {
 173                         assert( *pdn == '\0' );
 174                         free(pdn);
 175                 }
 176
 177                 /* no parent, must be adding entry to root */
 178                 if ( !be_isroot( be, op->o_ndn ) && !be_issuffix( be, "" ) ) {
 179                         ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 180
 181                         Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
 182                                         pdn == NULL ? "suffix" : "entry at root",
 183                                         0, 0 );
 184
 185                         send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 186                             NULL, NULL, NULL, NULL );
 187
 188                         entry_free( e );
 189                         return -1;
 190                 }
 191
 192                 /*
 193                  * no parent, acquire the root write lock
 194                  * and release the add lock.
 195                  */
 196                 ldap_pvt_thread_mutex_lock(&li->li_root_mutex);
 197                 rootlock = 1;
 198                 ldap_pvt_thread_mutex_unlock(&li->li_add_mutex);
 199         }
 200
 201         e->e_id = next_id( be );
 202
 203         /*
 204          * Try to add the entry to the cache, assign it a new dnid.
 205          */
 206         rc = cache_add_entry_rw(&li->li_cache, e, CACHE_WRITE_LOCK);
 207
 208         if ( rc != 0 ) {
 209                 if( p != NULL) {
 210                         /* free parent and writer lock */
 211                         cache_return_entry_w( &li->li_cache, p );
 212                 }
 213
 214                 if ( rootlock ) {
 215                         /* release root lock */
 216                         ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
 217                 }
 218
 219                 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
 220                     0 );
 221
 222                 /* free the entry */
 223                 entry_free( e );
 224
 225                 send_ldap_result( conn, op,
 226                         rc > 0 ? LDAP_ALREADY_EXISTS : LDAP_OPERATIONS_ERROR,
 227                         NULL, NULL, NULL, NULL );
 228
 229                 return( -1 );
 230         }
 231
 232         rc = -1;
 233
 234         /*
 235          * Add the entry to the attribute indexes, then add it to
 236          * the id2children index, dn2id index, and the id2entry index.
 237          */
 238
 239         /* attribute indexes */
 240         if ( index_add_entry( be, e ) != 0 ) {
 241                 Debug( LDAP_DEBUG_TRACE, "index_add_entry failed\n", 0,
 242                     0, 0 );
 243                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 244                         NULL, NULL, NULL, NULL );
 245
 246                 goto return_results;
 247         }
 248
 249         /* dn2id index */
 250         if ( dn2id_add( be, e->e_ndn, e->e_id ) != 0 ) {
 251                 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
 252                     0, 0 );
 253                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 254                         NULL, NULL, NULL, NULL );
 255
 256                 goto return_results;
 257         }
 258
 259         /* id2entry index */
 260         if ( id2entry_add( be, e ) != 0 ) {
 261                 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
 262                     0, 0 );
 263                 (void) dn2id_delete( be, e->e_ndn, e->e_id );
 264                 send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
 265                         NULL, NULL, NULL, NULL );
 266
 267                 goto return_results;
 268         }
 269
 270         send_ldap_result( conn, op, LDAP_SUCCESS,
 271                 NULL, NULL, NULL, NULL );
 272         rc = 0;
 273
 274 return_results:;
 275         if (p != NULL) {
 276                 /* free parent and writer lock */
 277                 cache_return_entry_w( &li->li_cache, p );
 278         }
 279
 280         if ( rootlock ) {
 281                 /* release root lock */
 282                 ldap_pvt_thread_mutex_unlock(&li->li_root_mutex);
 283         }
 284
 285         if ( rc ) {
 286                 /* free entry and writer lock */
 287                 cache_return_entry_w( &li->li_cache, e );
 288         }
 289
 290         return( rc );
 291 }