git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/delete.c

   1 /* delete.c - ldbm backend delete routine */
   2 /* $OpenLDAP$ */
   3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
   4  *
   5  * Copyright 1998-2006 The OpenLDAP Foundation.
   6  * All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted only as authorized by the OpenLDAP
  10  * Public License.
  11  *
  12  * A copy of this license is available in the file LICENSE in the
  13  * top-level directory of the distribution or, alternatively, at
  14  * <http://www.OpenLDAP.org/license.html>.
  15  */
  16
  17 #include "portable.h"
  18
  19 #include <stdio.h>
  20
  21 #include <ac/string.h>
  22 #include <ac/socket.h>
  23
  24 #include "slap.h"
  25 #include "back-ldbm.h"
  26 #include "proto-back-ldbm.h"
  27 #include "lutil.h"
  28
  29 int
  30 ldbm_back_delete(
  31     Operation   *op,
  32     SlapReply   *rs )
  33 {
  34         struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
  35         Entry   *matched;
  36         struct berval   pdn;
  37         Entry   *e, *p = NULL;
  38         int     rc = -1;
  39         int             manageDSAit = get_manageDSAit( op );
  40         AttributeDescription *children = slap_schema.si_ad_children;
  41         AttributeDescription *entry = slap_schema.si_ad_entry;
  42
  43         Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0);
  44
  45         /* grab giant lock for writing */
  46         ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
  47
  48         /* allocate CSN */
  49         if ( BER_BVISEMPTY( &op->o_csn )) {
  50                 struct berval csn;
  51                 char csnbuf[LDAP_LUTIL_CSNSTR_BUFSIZE];
  52
  53                 csn.bv_val = csnbuf;
  54                 csn.bv_len = sizeof(csnbuf);
  55                 slap_get_csn( op, &csn, 1 );
  56         }
  57
  58         /* get entry with writer lock */
  59         e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched );
  60
  61         /* FIXME : dn2entry() should return non-glue entry */
  62         if ( e == NULL || ( !manageDSAit && is_entry_glue( e ))) {
  63                 Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: no such object %s\n",
  64                         op->o_req_dn.bv_val, 0, 0);
  65
  66                 if ( matched != NULL ) {
  67                         rs->sr_matched = ch_strdup( matched->e_dn );
  68                         rs->sr_ref = is_entry_referral( matched )
  69                                 ? get_entry_referrals( op, matched )
  70                                 : NULL;
  71                         cache_return_entry_r( &li->li_cache, matched );
  72
  73                 } else {
  74                         rs->sr_ref = referral_rewrite( default_referral, NULL,
  75                                                         &op->o_req_dn, LDAP_SCOPE_DEFAULT );
  76                 }
  77
  78                 rs->sr_err = LDAP_REFERRAL;
  79                 rs->sr_flags |= REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
  80                 goto return_results;
  81         }
  82
  83         /* check entry for "entry" acl */
  84         if ( ! access_allowed( op, e, entry, NULL, ACL_WDEL, NULL ) )
  85         {
  86                 Debug( LDAP_DEBUG_TRACE,
  87                         "<=- ldbm_back_delete: no write access to entry\n", 0,
  88                         0, 0 );
  89
  90                 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
  91                 rs->sr_text = "no write access to entry";
  92                 goto return_results;
  93         }
  94
  95         if ( !manageDSAit && is_entry_referral( e ) ) {
  96                 /* parent is a referral, don't allow add */
  97                 /* parent is an alias, don't allow add */
  98                 rs->sr_ref = get_entry_referrals( op, e );
  99
 100                 Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
 101                     0, 0 );
 102
 103                 rs->sr_err = LDAP_REFERRAL;
 104                 rs->sr_matched = ch_strdup( e->e_name.bv_val );
 105                 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED;
 106                 goto return_results;
 107         }
 108
 109         if ( has_children( op->o_bd, e ) ) {
 110                 Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: non leaf %s\n",
 111                         op->o_req_dn.bv_val, 0, 0);
 112
 113                 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
 114                 rs->sr_text = "subordinate objects must be deleted first";
 115                 goto return_results;
 116         }
 117
 118         /* delete from parent's id2children entry */
 119         if( !be_issuffix( op->o_bd, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ),
 120                 pdn.bv_len) ) {
 121                 if( (p = dn2entry_w( op->o_bd, &pdn, NULL )) == NULL) {
 122                         Debug( LDAP_DEBUG_TRACE,
 123                                 "<=- ldbm_back_delete: parent does not exist\n",
 124                                 0, 0, 0);
 125
 126                         rs->sr_err = LDAP_OTHER;
 127                         rs->sr_text = "could not locate parent of entry";
 128                         goto return_results;
 129                 }
 130
 131                 /* check parent for "children" acl */
 132                 if ( ! access_allowed( op, p,
 133                         children, NULL, ACL_WDEL, NULL ) )
 134                 {
 135                         Debug( LDAP_DEBUG_TRACE,
 136                                 "<=- ldbm_back_delete: no access to parent\n", 0,
 137                                 0, 0 );
 138
 139                         rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
 140                         rs->sr_text = "no write access to parent";
 141                         goto return_results;
 142                 }
 143
 144         } else {
 145                 /* no parent, must be root to delete */
 146                 if( ! be_isroot( op ) ) {
 147                         if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
 148                                 || be_shadow_update( op ) ) {
 149                                 p = (Entry *)&slap_entry_root;
 150
 151                                 rc = access_allowed( op, p,
 152                                         children, NULL, ACL_WDEL, NULL );
 153                                 p = NULL;
 154
 155                                 /* check parent for "children" acl */
 156                                 if ( ! rc ) {
 157                                         Debug( LDAP_DEBUG_TRACE,
 158                                                 "<=- ldbm_back_delete: no "
 159                                                 "access to parent\n", 0, 0, 0 );
 160
 161                                         rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
 162                                         rs->sr_text = "no write access to parent";
 163                                         goto return_results;
 164                                 }
 165
 166                         } else {
 167                                 Debug( LDAP_DEBUG_TRACE,
 168                                         "<=- ldbm_back_delete: no parent & "
 169                                         "not root\n", 0, 0, 0);
 170
 171                                 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
 172                                 goto return_results;
 173                         }
 174                 }
 175         }
 176
 177         /* delete from dn2id mapping */
 178         if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) {
 179                 Debug(LDAP_DEBUG_ARGS,
 180                         "<=- ldbm_back_delete: operations error %s\n",
 181                         op->o_req_dn.bv_val, 0, 0);
 182
 183                 rs->sr_err = LDAP_OTHER;
 184                 rs->sr_text = "DN index delete failed";
 185                 goto return_results;
 186         }
 187
 188         /* delete from disk and cache */
 189         if ( id2entry_delete( op->o_bd, e ) != 0 ) {
 190                 Debug(LDAP_DEBUG_ARGS,
 191                         "<=- ldbm_back_delete: operations error %s\n",
 192                         op->o_req_dn.bv_val, 0, 0);
 193
 194                 rs->sr_err = LDAP_OTHER;
 195                 rs->sr_text = "entry delete failed";
 196                 goto return_results;
 197         }
 198
 199         /* delete attribute indices */
 200         (void) index_entry_del( op, e );
 201
 202         rs->sr_err = LDAP_SUCCESS;
 203
 204 return_results:;
 205         rc = rs->sr_err;
 206
 207         if( p != NULL ) {
 208                 /* free parent and writer lock */
 209                 cache_return_entry_w( &li->li_cache, p );
 210         }
 211
 212         if ( e != NULL ) {
 213                 /* free entry and writer lock */
 214                 cache_return_entry_w( &li->li_cache, e );
 215         }
 216
 217         ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 218
 219         send_ldap_result( op, rs );
 220         slap_graduate_commit_csn( op );
 221
 222         return rc;
 223 }