1 /* attribute.c - ldbm backend acl attribute routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/socket.h>
13 #include <ac/string.h>
16 #include "back-ldbm.h"
17 #include "proto-back-ldbm.h"
20 /* return LDAP_SUCCESS IFF we can retrieve the attributes
30 AttributeDescription *entry_at,
34 struct ldbminfo *li = (struct ldbminfo *) be->be_private;
40 const char *entry_at_name = entry_at->ad_cname->bv_val;
42 Debug( LDAP_DEBUG_ARGS,
43 "=> ldbm_back_attribute: gr dn: \"%s\"\n",
45 Debug( LDAP_DEBUG_ARGS,
46 "=> ldbm_back_attribute: at: \"%s\"\n",
47 entry_at_name, 0, 0 );
49 Debug( LDAP_DEBUG_ARGS,
50 "=> ldbm_back_attribute: tr dn: \"%s\"\n",
51 target ? target->e_ndn : "", 0, 0 );
53 if (target != NULL && strcmp(target->e_ndn, e_ndn) == 0) {
54 /* we already have a LOCKED copy of the entry */
56 Debug( LDAP_DEBUG_ARGS,
57 "=> ldbm_back_attribute: target is entry: \"%s\"\n",
61 /* can we find entry with reader lock */
62 if ((e = dn2entry_r(be, e_ndn, NULL )) == NULL) {
63 Debug( LDAP_DEBUG_ACL,
64 "=> ldbm_back_attribute: cannot find entry: \"%s\"\n",
66 return LDAP_NO_SUCH_OBJECT;
69 Debug( LDAP_DEBUG_ACL,
70 "=> ldbm_back_attribute: found entry: \"%s\"\n",
74 /* find attribute values */
76 if( is_entry_alias( e ) ) {
77 Debug( LDAP_DEBUG_ACL,
78 "<= ldbm_back_attribute: entry is an alias\n", 0, 0, 0 );
79 rc = LDAP_ALIAS_PROBLEM;
83 if( is_entry_referral( e ) ) {
84 Debug( LDAP_DEBUG_ACL,
85 "<= ldbm_back_attribute: entry is an referral\n", 0, 0, 0 );
90 if (conn != NULL && op != NULL
91 && access_allowed(be, conn, op, e, slap_schema.si_ad_entry,
94 rc = LDAP_INSUFFICIENT_ACCESS;
98 if ((attr = attr_find(e->e_attrs, entry_at)) == NULL) {
99 Debug( LDAP_DEBUG_ACL,
100 "<= ldbm_back_attribute: failed to find %s\n",
101 entry_at_name, 0, 0 );
102 rc = LDAP_NO_SUCH_ATTRIBUTE;
106 if (conn != NULL && op != NULL
107 && access_allowed(be, conn, op, e, entry_at, NULL, ACL_READ) == 0)
109 rc = LDAP_INSUFFICIENT_ACCESS;
113 for ( i = 0; attr->a_vals[i] != NULL; i++ ) {
117 v = (struct berval **) ch_malloc( sizeof(struct berval *) * (i+1) );
119 for ( i=0, j=0; attr->a_vals[i] != NULL; i++ ) {
120 if( access_allowed(be, conn, op, e, entry_at,
121 attr->a_vals[i], ACL_READ) == 0)
125 v[j] = ber_bvdup( attr->a_vals[i] );
127 if( v[j] != NULL ) j++;
133 rc = LDAP_INSUFFICIENT_ACCESS;
142 /* free entry and reader lock */
143 cache_return_entry_r( &li->li_cache, e );
146 Debug( LDAP_DEBUG_TRACE,
147 "ldbm_back_attribute: rc=%d nvals=%d\n",