1 /* add.c - ldap ldbm back-end add routine */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2004 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
21 #include <ac/socket.h>
22 #include <ac/string.h>
25 #include "back-ldbm.h"
26 #include "proto-back-ldbm.h"
33 struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
37 AttributeDescription *children = slap_schema.si_ad_children;
38 AttributeDescription *entry = slap_schema.si_ad_entry;
39 char textbuf[SLAP_TEXT_BUFLEN];
40 size_t textlen = sizeof textbuf;
41 #ifdef LDBM_SUBENTRIES
45 Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_add: %s\n",
46 op->o_req_dn.bv_val, 0, 0);
48 rs->sr_err = entry_schema_check( op->o_bd, op->oq_add.rs_e, NULL,
49 &rs->sr_text, textbuf, textlen );
51 if ( rs->sr_err != LDAP_SUCCESS ) {
52 Debug( LDAP_DEBUG_TRACE, "entry failed schema check: %s\n",
55 send_ldap_result( op, rs );
59 #ifdef LDBM_SUBENTRIES
60 subentry = is_entry_subentry( op->oq_add.rs_e );
63 if ( !access_allowed( op, op->oq_add.rs_e,
64 entry, NULL, ACL_WRITE, NULL ) )
66 Debug( LDAP_DEBUG_TRACE, "no write access to entry\n", 0,
69 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
70 "no write access to entry" );
72 return LDAP_INSUFFICIENT_ACCESS;
75 /* grab giant lock for writing */
76 ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
78 rs->sr_err = dn2id( op->o_bd, &op->o_req_ndn, &id );
79 if ( rs->sr_err || id != NOID ) {
80 /* if (rs->sr_err) something bad happened to ldbm cache */
81 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
82 rs->sr_err = rs->sr_err ? LDAP_OTHER : LDAP_ALREADY_EXISTS;
83 send_ldap_result( op, rs );
88 * Get the parent dn and see if the corresponding entry exists.
89 * If the parent does not exist, only allow the "root" user to
93 if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) {
96 dnParent( &op->o_req_ndn, &pdn );
100 Entry *matched = NULL;
102 /* get parent with writer lock */
103 if ( (p = dn2entry_w( op->o_bd, &pdn, &matched )) == NULL ) {
104 if ( matched != NULL ) {
105 rs->sr_matched = ch_strdup( matched->e_dn );
106 rs->sr_ref = is_entry_referral( matched )
107 ? get_entry_referrals( op, matched )
109 cache_return_entry_r( &li->li_cache, matched );
112 rs->sr_ref = referral_rewrite( SLAPD_GLOBAL(default_referral),
113 NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
116 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
118 Debug( LDAP_DEBUG_TRACE, "parent does not exist\n",
121 rs->sr_text = rs->sr_ref
122 ? "parent is referral" : "parent does not exist";
123 rs->sr_err = LDAP_REFERRAL;
124 send_ldap_result( op, rs );
126 ber_bvarray_free( rs->sr_ref );
127 free( (char *)rs->sr_matched );
129 rs->sr_matched = NULL;
133 if ( ! access_allowed( op, p, children, NULL, ACL_WRITE, NULL ) ) {
134 /* free parent and writer lock */
135 cache_return_entry_w( &li->li_cache, p );
136 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
138 Debug( LDAP_DEBUG_TRACE, "no write access to parent\n", 0,
141 send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
142 "no write access to parent" );
144 return LDAP_INSUFFICIENT_ACCESS;
147 #ifdef LDBM_SUBENTRIES
148 if ( is_entry_subentry( p )) {
149 Debug( LDAP_DEBUG_TRACE, "bdb_add: parent is subentry\n",
151 rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION;
152 rs->sr_text = "parent is a subentry";
157 if ( is_entry_alias( p ) ) {
158 /* parent is an alias, don't allow add */
160 /* free parent and writer lock */
161 cache_return_entry_w( &li->li_cache, p );
162 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
164 Debug( LDAP_DEBUG_TRACE, "parent is alias\n", 0,
167 send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
168 "parent is an alias" );
170 return LDAP_ALIAS_PROBLEM;
173 if ( is_entry_referral( p ) ) {
174 /* parent is a referral, don't allow add */
175 rs->sr_matched = ch_strdup( p->e_dn );
176 rs->sr_ref = is_entry_referral( p )
177 ? get_entry_referrals( op, p )
180 /* free parent and writer lock */
181 cache_return_entry_w( &li->li_cache, p );
182 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
184 Debug( LDAP_DEBUG_TRACE, "parent is referral\n", 0,
186 rs->sr_err = LDAP_REFERRAL;
187 send_ldap_result( op, rs );
189 ber_bvarray_free( rs->sr_ref );
190 free( (char *)rs->sr_matched );
192 rs->sr_matched = NULL;
196 #ifdef LDBM_SUBENTRIES
199 /* parent must be an administrative point of the required kind */
204 assert( pdn.bv_val == NULL || *pdn.bv_val == '\0' );
206 if (( !be_isroot(op) && !be_shadow_update(op) )
207 && !is_entry_glue( op->oq_add.rs_e ))
209 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
211 Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
212 pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
214 send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
215 return LDAP_NO_SUCH_OBJECT;
219 if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {
221 /* free parent and writer lock */
222 cache_return_entry_w( &li->li_cache, p );
225 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
227 Debug( LDAP_DEBUG_ANY, "ldbm_add: next_id failed\n",
230 send_ldap_error( op, rs, LDAP_OTHER,
231 "next_id add failed" );
237 * Try to add the entry to the cache, assign it a new dnid.
239 rs->sr_err = cache_add_entry_rw( &li->li_cache, op->oq_add.rs_e,
242 if ( rs->sr_err != 0 ) {
244 /* free parent and writer lock */
245 cache_return_entry_w( &li->li_cache, p );
248 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
250 Debug( LDAP_DEBUG_ANY, "cache_add_entry_lock failed\n", 0, 0,
253 rs->sr_text = rs->sr_err > 0 ? NULL : "cache add failed";
254 rs->sr_err = rs->sr_err > 0 ? LDAP_ALREADY_EXISTS : LDAP_OTHER;
255 send_ldap_result( op, rs );
262 /* attribute indexes */
263 if ( index_entry_add( op, op->oq_add.rs_e ) != LDAP_SUCCESS ) {
264 Debug( LDAP_DEBUG_TRACE, "index_entry_add failed\n", 0,
267 send_ldap_error( op, rs, LDAP_OTHER,
268 "index generation failed" );
274 if ( dn2id_add( op->o_bd, &op->oq_add.rs_e->e_nname,
275 op->oq_add.rs_e->e_id ) != 0 )
277 Debug( LDAP_DEBUG_TRACE, "dn2id_add failed\n", 0,
279 /* FIXME: delete attr indices? */
281 send_ldap_error( op, rs, LDAP_OTHER,
282 "DN index generation failed" );
288 if ( id2entry_add( op->o_bd, op->oq_add.rs_e ) != 0 ) {
289 Debug( LDAP_DEBUG_TRACE, "id2entry_add failed\n", 0,
292 /* FIXME: delete attr indices? */
293 (void) dn2id_delete( op->o_bd, &op->oq_add.rs_e->e_nname,
294 op->oq_add.rs_e->e_id );
296 send_ldap_error( op, rs, LDAP_OTHER,
297 "entry store failed" );
302 rs->sr_err = LDAP_SUCCESS;
304 send_ldap_result( op, rs );
306 /* marks the entry as committed, so it is added to the cache;
307 * otherwise it is removed from the cache, but not destroyed;
308 * it will be destroyed by the caller */
309 cache_entry_commit( op->oq_add.rs_e );
313 /* free parent and writer lock */
314 cache_return_entry_w( &li->li_cache, p );
319 * in case of error, writer lock is freed
320 * and entry's private data is destroyed.
321 * otherwise, this is done when entry is released
323 cache_return_entry_w( &li->li_cache, op->oq_add.rs_e );
324 ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
327 return( rs->sr_err );