1 /* modify.c - ldbm backend modify routine */
4 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/string.h>
13 #include <ac/socket.h>
17 #include "back-ldbm.h"
18 #include "proto-back-ldbm.h"
20 static int add_values LDAP_P(( Entry *e, Modification *mod, char *dn ));
21 static int delete_values LDAP_P(( Entry *e, Modification *mod, char *dn ));
22 static int replace_values LDAP_P(( Entry *e, Modification *mod, char *dn ));
24 /* We need this function because of LDAP modrdn. If we do not
25 * add this there would be a bunch of code replication here
26 * and there and of course the likelihood of bugs increases.
27 * Juan C. Gomez (gomez@engr.sgi.com) 05/18/99
30 int ldbm_modify_internal(
35 Modifications *modlist,
45 Attribute *save_attrs;
47 Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal:\n", 0, 0, 0);
49 if ( !acl_check_modlist( be, conn, op, e, modlist )) {
50 return LDAP_INSUFFICIENT_ACCESS;
53 save_attrs = e->e_attrs;
54 e->e_attrs = attrs_dup( e->e_attrs );
56 for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
59 switch ( mod->sm_op ) {
61 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0);
62 err = add_values( e, mod, op->o_ndn );
64 if( err != LDAP_SUCCESS ) {
65 *text = "modify: add values failed";
66 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
72 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0);
73 err = delete_values( e, mod, op->o_ndn );
74 assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
75 if( err != LDAP_SUCCESS ) {
76 *text = "modify: delete values failed";
77 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
82 case LDAP_MOD_REPLACE:
83 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0);
84 err = replace_values( e, mod, op->o_ndn );
85 assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
86 if( err != LDAP_SUCCESS ) {
87 *text = "modify: replace values failed";
88 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
93 case SLAP_MOD_SOFTADD:
94 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: softadd\n", 0, 0, 0);
95 /* Avoid problems in index_add_mods()
96 * We need to add index if necessary.
98 mod->sm_op = LDAP_MOD_ADD;
99 err = add_values( e, mod, op->o_ndn );
101 if ( err == LDAP_TYPE_OR_VALUE_EXISTS ) {
105 if( err != LDAP_SUCCESS ) {
106 *text = "modify: (soft)add values failed";
107 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
113 Debug(LDAP_DEBUG_ANY, "ldbm_modify_internal: invalid op %d\n",
115 *text = "Invalid modify operation";
117 Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
121 if ( err != LDAP_SUCCESS ) {
122 attrs_free( e->e_attrs );
123 e->e_attrs = save_attrs;
124 /* unlock entry, delete from cache */
129 /* check for abandon */
130 ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
131 if ( op->o_abandon ) {
132 attrs_free( e->e_attrs );
133 e->e_attrs = save_attrs;
134 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
135 return SLAPD_ABANDON;
137 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
139 /* check that the entry still obeys the schema */
140 rc = entry_schema_check( e, save_attrs, text, textbuf, textlen );
141 if ( rc != LDAP_SUCCESS ) {
142 attrs_free( e->e_attrs );
143 e->e_attrs = save_attrs;
144 Debug( LDAP_DEBUG_ANY, "entry failed schema check: %s\n",
149 /* check for abandon */
150 ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
151 if ( op->o_abandon ) {
152 attrs_free( e->e_attrs );
153 e->e_attrs = save_attrs;
154 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
155 return SLAPD_ABANDON;
157 ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
159 /* delete indices for old attributes */
160 index_entry_del( be, e, save_attrs);
162 /* add indices for new attributes */
163 index_entry_add( be, e, e->e_attrs);
165 attrs_free( save_attrs );
178 Modifications *modlist
182 struct ldbminfo *li = (struct ldbminfo *) be->be_private;
185 int manageDSAit = get_manageDSAit( op );
186 const char *text = NULL;
187 char textbuf[SLAP_TEXT_BUFLEN];
188 size_t textlen = sizeof textbuf;
190 Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0);
192 /* acquire and lock entry */
193 if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
194 char* matched_dn = NULL;
195 struct berval **refs = NULL;
197 if ( matched != NULL ) {
198 matched_dn = ch_strdup( matched->e_dn );
199 refs = is_entry_referral( matched )
200 ? get_entry_referrals( be, conn, op, matched )
202 cache_return_entry_r( &li->li_cache, matched );
204 refs = default_referral;
207 send_ldap_result( conn, op, LDAP_REFERRAL,
208 matched_dn, NULL, refs, NULL );
210 if ( matched != NULL ) {
211 ber_bvecfree( refs );
218 if ( !manageDSAit && is_entry_referral( e ) ) {
219 /* parent is a referral, don't allow add */
220 /* parent is an alias, don't allow add */
221 struct berval **refs = get_entry_referrals( be,
224 Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
227 send_ldap_result( conn, op, LDAP_REFERRAL,
228 e->e_dn, NULL, refs, NULL );
230 ber_bvecfree( refs );
235 /* Modify the entry */
236 rc = ldbm_modify_internal( be, conn, op, ndn, modlist, e,
237 &text, textbuf, textlen );
239 if( rc != LDAP_SUCCESS ) {
240 if( rc != SLAPD_ABANDON ) {
241 send_ldap_result( conn, op, rc,
242 NULL, text, NULL, NULL );
248 /* change the entry itself */
249 if ( id2entry_add( be, e ) != 0 ) {
250 send_ldap_result( conn, op, LDAP_OTHER,
251 NULL, "id2entry failure", NULL, NULL );
255 send_ldap_result( conn, op, LDAP_SUCCESS,
256 NULL, NULL, NULL, NULL );
258 cache_return_entry_w( &li->li_cache, e );
262 cache_return_entry_w( &li->li_cache, e );
276 /* char *desc = mod->sm_desc->ad_cname->bv_val; */
277 MatchingRule *mr = mod->sm_desc->ad_type->sat_equality;
279 a = attr_find( e->e_attrs, mod->sm_desc );
281 /* check if the values we're adding already exist */
283 if( mr == NULL || !mr->smr_match ) {
284 /* do not allow add of additional attribute
285 if no equality rule exists */
286 return LDAP_INAPPROPRIATE_MATCHING;
289 for ( i = 0; mod->sm_bvalues[i] != NULL; i++ ) {
292 const char *text = NULL;
293 struct berval *asserted;
295 rc = value_normalize( mod->sm_desc,
301 if( rc != LDAP_SUCCESS ) return rc;
303 for ( j = 0; a->a_vals[j] != NULL; j++ ) {
305 int rc = value_match( &match, mod->sm_desc, mr,
306 SLAP_MR_MODIFY_MATCHING,
307 a->a_vals[j], asserted, &text );
309 if( rc == LDAP_SUCCESS && match == 0 ) {
310 ber_bvfree( asserted );
311 return LDAP_TYPE_OR_VALUE_EXISTS;
315 ber_bvfree( asserted );
320 if( attr_merge( e, mod->sm_desc, mod->sm_bvalues ) != 0 ) {
321 /* this should return result return of attr_merge */
337 char *desc = mod->sm_desc->ad_cname->bv_val;
338 MatchingRule *mr = mod->sm_desc->ad_type->sat_equality;
340 /* delete the entire attribute */
341 if ( mod->sm_bvalues == NULL ) {
342 Debug( LDAP_DEBUG_ARGS, "removing entire attribute %s\n",
344 return( attr_delete( &e->e_attrs, mod->sm_desc ) ?
345 LDAP_NO_SUCH_ATTRIBUTE : LDAP_SUCCESS );
348 if( mr == NULL || !mr->smr_match ) {
349 /* disallow specific attributes from being deleted if
351 return LDAP_INAPPROPRIATE_MATCHING;
354 /* delete specific values - find the attribute first */
355 if ( (a = attr_find( e->e_attrs, mod->sm_desc )) == NULL ) {
356 Debug( LDAP_DEBUG_ARGS, "ldap_modify_delete: "
357 "could not find attribute %s\n",
359 return( LDAP_NO_SUCH_ATTRIBUTE );
362 /* find each value to delete */
363 for ( i = 0; mod->sm_bvalues[i] != NULL; i++ ) {
365 const char *text = NULL;
367 struct berval *asserted;
369 rc = value_normalize( mod->sm_desc,
375 if( rc != LDAP_SUCCESS ) return rc;
378 for ( j = 0; a->a_vals[j] != NULL; j++ ) {
380 int rc = value_match( &match, mod->sm_desc, mr,
381 SLAP_MR_MODIFY_MATCHING,
382 a->a_vals[j], asserted, &text );
384 if( rc == LDAP_SUCCESS && match != 0 ) {
388 /* found a matching value */
392 ber_bvfree( a->a_vals[j] );
393 for ( k = j + 1; a->a_vals[k] != NULL; k++ ) {
394 a->a_vals[k - 1] = a->a_vals[k];
396 a->a_vals[k - 1] = NULL;
401 ber_bvfree( asserted );
403 /* looked through them all w/o finding it */
405 Debug( LDAP_DEBUG_ARGS,
406 "ldbm_modify_delete: could not find value for attr %s\n",
408 return LDAP_NO_SUCH_ATTRIBUTE;
412 /* if no values remain, delete the entire attribute */
413 if ( a->a_vals[0] == NULL ) {
414 Debug( LDAP_DEBUG_ARGS,
415 "removing entire attribute %s\n",
417 if ( attr_delete( &e->e_attrs, mod->sm_desc ) ) {
418 return LDAP_NO_SUCH_ATTRIBUTE;
432 int rc = attr_delete( &e->e_attrs, mod->sm_desc );
434 if( rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_ATTRIBUTE ) {
438 if ( mod->sm_bvalues != NULL &&
439 attr_merge( e, mod->sm_desc, mod->sm_bvalues ) != 0 )