2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
31 #include "proto-sql.h"
34 backsql_modrdn( Operation *op, SlapReply *rs )
36 backsql_info *bi = (backsql_info*)op->o_bd->be_private;
40 backsql_entryID e_id, pe_id, new_pid;
41 backsql_oc_map_rec *oc = NULL;
42 struct berval p_dn, p_ndn,
43 *new_pdn = NULL, *new_npdn = NULL,
45 LDAPRDN new_rdn = NULL;
46 LDAPRDN old_rdn = NULL;
49 struct berval *newSuperior = op->oq_modrdn.rs_newSup;
51 Debug( LDAP_DEBUG_TRACE, "==>backsql_modrdn() renaming entry \"%s\", "
52 "newrdn=\"%s\", newSuperior=\"%s\"\n",
53 op->o_req_dn.bv_val, op->oq_modrdn.rs_newrdn.bv_val,
54 newSuperior ? newSuperior->bv_val : "(NULL)" );
55 rs->sr_err = backsql_get_db_conn( op, &dbh );
56 if ( rs->sr_err != LDAP_SUCCESS ) {
57 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
58 "could not get connection handle - exiting\n",
60 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
61 ? "SQL-backend error" : NULL;
62 send_ldap_result( op, rs );
66 rs->sr_err = backsql_dn2id( bi, &e_id, dbh, &op->o_req_ndn );
67 if ( rs->sr_err != LDAP_SUCCESS ) {
68 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
69 "could not lookup entry id\n", 0, 0, 0 );
70 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
71 ? "SQL-backend error" : NULL;
72 send_ldap_result( op, rs );
76 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): entry id=%ld\n",
79 if ( backsql_has_children( bi, dbh, &op->o_req_ndn ) == LDAP_COMPARE_TRUE ) {
80 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
81 "entry \"%s\" has children\n",
82 op->o_req_dn.bv_val, 0, 0 );
83 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
84 rs->sr_text = "subtree rename not supported";
85 send_ldap_result( op, rs );
89 dnParent( &op->o_req_dn, &p_dn );
90 dnParent( &op->o_req_ndn, &p_ndn );
93 * namingContext "" is not supported
95 if ( p_dn.bv_len == 0 ) {
96 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
97 "parent is \"\" - aborting\n", 0, 0, 0 );
98 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
99 rs->sr_text = "not allowed within namingContext";
100 send_ldap_result( op, rs );
105 * Check for children access to parent
110 if ( !access_allowed( op, &e, slap_schema.si_ad_children,
111 NULL, ACL_WRITE, NULL ) ) {
112 Debug( LDAP_DEBUG_TRACE, " no access to parent\n", 0, 0, 0 );
113 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
119 * namingContext "" is not supported
121 if ( newSuperior->bv_len == 0 ) {
122 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
123 "newSuperior is \"\" - aborting\n", 0, 0, 0 );
124 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
125 rs->sr_text = "not allowed within namingContext";
126 send_ldap_result( op, rs );
130 new_pdn = newSuperior;
131 new_npdn = op->oq_modrdn.rs_nnewSup;
134 e.e_nname = *new_npdn;
137 * Check for children access to new parent
139 if ( !access_allowed( op, &e, slap_schema.si_ad_children,
140 NULL, ACL_WRITE, NULL ) ) {
141 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
142 "no access to new parent \"%s\"\n",
143 new_pdn->bv_val, 0, 0 );
144 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
153 if ( newSuperior && dn_match( &p_ndn, new_npdn ) ) {
154 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
155 "newSuperior is equal to old parent - ignored\n",
160 if ( newSuperior && dn_match( &op->o_req_ndn, new_npdn ) ) {
161 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
162 "newSuperior is equal to entry being moved "
163 "- aborting\n", 0, 0, 0 );
164 rs->sr_err = LDAP_OTHER;
165 rs->sr_text = "newSuperior is equal to old DN";
166 send_ldap_result( op, rs );
170 build_new_dn( &new_dn, new_pdn, &op->oq_modrdn.rs_newrdn, NULL );
171 rs->sr_err = dnNormalize( 0, NULL, NULL, &new_dn, &new_ndn,
173 if ( rs->sr_err != LDAP_SUCCESS ) {
174 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
175 "new dn is invalid (\"%s\") - aborting\n",
176 new_dn.bv_val, 0, 0 );
177 rs->sr_text = "unable to build new DN";
178 send_ldap_result( op, rs );
182 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): new entry dn is \"%s\"\n",
183 new_dn.bv_val, 0, 0 );
185 rs->sr_err = backsql_dn2id( bi, &pe_id, dbh, &p_ndn );
186 if ( rs->sr_err != LDAP_SUCCESS ) {
187 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
188 "could not lookup old parent entry id\n", 0, 0, 0 );
189 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
190 ? "SQL-backend error" : NULL;
191 send_ldap_result( op, rs );
195 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
196 "old parent entry id is %ld\n", pe_id.id, 0, 0 );
198 rs->sr_err = backsql_dn2id( bi, &new_pid, dbh, new_npdn );
199 if ( rs->sr_err != LDAP_SUCCESS ) {
200 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
201 "could not lookup new parent entry id\n", 0, 0, 0 );
202 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
203 ? "SQL-backend error" : NULL;
204 send_ldap_result( op, rs );
208 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
209 "new parent entry id=%ld\n", new_pid.id, 0, 0 );
212 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
213 "executing delentry_query\n", 0, 0, 0 );
214 SQLAllocStmt( dbh, &sth );
215 SQLBindParameter( sth, 1, SQL_PARAM_INPUT, SQL_C_ULONG, SQL_INTEGER,
216 0, 0, &e_id.id, 0, 0 );
217 rc = SQLExecDirect( sth, bi->delentry_query, SQL_NTS );
218 if ( rc != SQL_SUCCESS ) {
219 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
220 "failed to delete record from ldap_entries\n",
222 backsql_PrintErrors( bi->db_env, dbh, sth, rc );
223 rs->sr_err = LDAP_OTHER;
224 rs->sr_text = "SQL-backend error";
225 send_ldap_result( op, rs );
229 SQLFreeStmt( sth, SQL_RESET_PARAMS );
231 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
232 "executing insentry_query\n", 0, 0, 0 );
233 backsql_BindParamStr( sth, 1, new_dn.bv_val, BACKSQL_MAX_DN_LEN );
234 SQLBindParameter( sth, 2, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
235 0, 0, &e_id.oc_id, 0, 0 );
236 SQLBindParameter( sth, 3, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
237 0, 0, &new_pid.id, 0, 0 );
238 SQLBindParameter( sth, 4, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
239 0, 0, &e_id.keyval, 0, 0 );
240 rc = SQLExecDirect( sth, bi->insentry_query, SQL_NTS );
241 if ( rc != SQL_SUCCESS ) {
242 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
243 "could not insert ldap_entries record\n", 0, 0, 0 );
244 backsql_PrintErrors( bi->db_env, dbh, sth, rc );
245 rs->sr_err = LDAP_OTHER;
246 rs->sr_text = "SQL-backend error";
247 send_ldap_result( op, rs );
252 * Get attribute type and attribute value of our new rdn,
253 * we will need to add that to our new entry
255 if ( ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn,
256 (char **)&rs->sr_text,
257 LDAP_DN_FORMAT_LDAP ) ) {
259 LDAP_LOG ( OPERATION, ERR,
260 " backsql_modrdn: can't figure out "
261 "type(s)/values(s) of newrdn\n",
264 Debug( LDAP_DEBUG_TRACE,
265 " backsql_modrdn: can't figure out "
266 "type(s)/values(s) of newrdn\n",
269 rs->sr_err = LDAP_INVALID_DN_SYNTAX;
274 LDAP_LOG ( OPERATION, RESULTS,
275 " backsql_modrdn: new_rdn_type=\"%s\", "
276 "new_rdn_val=\"%s\"\n",
277 new_rdn[ 0 ]->la_attr.bv_val,
278 new_rdn[ 0 ]->la_value.bv_val, 0 );
280 Debug( LDAP_DEBUG_TRACE,
281 " backsql_modrdn: new_rdn_type=\"%s\", "
282 "new_rdn_val=\"%s\"\n",
283 new_rdn[ 0 ]->la_attr.bv_val,
284 new_rdn[ 0 ]->la_value.bv_val, 0 );
287 if ( op->oq_modrdn.rs_deleteoldrdn ) {
288 if ( ldap_bv2rdn( &op->o_req_dn, &old_rdn,
289 (char **)&rs->sr_text,
290 LDAP_DN_FORMAT_LDAP ) ) {
292 LDAP_LOG ( OPERATION, ERR,
293 " backsql_modrdn: can't figure out "
294 "type(s)/values(s) of old_rdn\n",
297 Debug( LDAP_DEBUG_TRACE,
298 " backsql_modrdn: can't figure out "
299 "the old_rdn type(s)/value(s)\n",
302 rs->sr_err = LDAP_OTHER;
309 rs->sr_err = slap_modrdn2mods( op, rs, &e, old_rdn, new_rdn, &mod );
310 if ( rs->sr_err != LDAP_SUCCESS ) {
314 if ( !acl_check_modlist( op, &e, mod )) {
315 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
319 oc = backsql_id2oc( bi, e_id.oc_id );
320 rs->sr_err = backsql_modify_internal( op, rs, dbh, oc, &e_id, mod );
322 if ( rs->sr_err == LDAP_SUCCESS ) {
325 * Commit only if all operations succeed
327 SQLTransact( SQL_NULL_HENV, dbh,
328 op->o_noop ? SQL_ROLLBACK : SQL_COMMIT );
332 SQLFreeStmt( sth, SQL_DROP );
334 if ( new_dn.bv_val ) {
335 ch_free( new_dn.bv_val );
338 if ( new_ndn.bv_val ) {
339 ch_free( new_ndn.bv_val );
342 /* LDAP v2 supporting correct attribute handling. */
343 if ( new_rdn != NULL ) {
344 ldap_rdnfree( new_rdn );
346 if ( old_rdn != NULL ) {
347 ldap_rdnfree( old_rdn );
351 for (; mod; mod=tmp ) {
357 send_ldap_result( op, rs );
359 Debug( LDAP_DEBUG_TRACE, "<==backsql_modrdn()\n", 0, 0, 0 );
363 #endif /* SLAPD_SQL */