2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
26 #include <sys/types.h>
27 #include "ac/string.h"
30 #include "proto-sql.h"
33 backsql_modrdn( Operation *op, SlapReply *rs )
35 backsql_info *bi = (backsql_info*)op->o_bd->be_private;
39 backsql_entryID e_id = BACKSQL_ENTRYID_INIT,
40 pe_id = BACKSQL_ENTRYID_INIT,
41 new_pe_id = BACKSQL_ENTRYID_INIT;
42 backsql_oc_map_rec *oc = NULL;
43 struct berval p_dn = BER_BVNULL, p_ndn = BER_BVNULL,
44 *new_pdn = NULL, *new_npdn = NULL,
45 new_dn = BER_BVNULL, new_ndn = BER_BVNULL;
46 LDAPRDN new_rdn = NULL;
47 LDAPRDN old_rdn = NULL;
49 Modifications *mod = NULL;
50 struct berval *newSuperior = op->oq_modrdn.rs_newSup;
53 Debug( LDAP_DEBUG_TRACE, "==>backsql_modrdn() renaming entry \"%s\", "
54 "newrdn=\"%s\", newSuperior=\"%s\"\n",
55 op->o_req_dn.bv_val, op->oq_modrdn.rs_newrdn.bv_val,
56 newSuperior ? newSuperior->bv_val : "(NULL)" );
57 rs->sr_err = backsql_get_db_conn( op, &dbh );
58 if ( rs->sr_err != LDAP_SUCCESS ) {
59 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
60 "could not get connection handle - exiting\n",
62 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
63 ? "SQL-backend error" : NULL;
64 send_ldap_result( op, rs );
69 rs->sr_err = backsql_dn2id( bi, &e_id, dbh, &op->o_req_ndn );
70 if ( rs->sr_err != LDAP_SUCCESS ) {
71 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
72 "could not lookup entry id (%d)\n",
74 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
75 ? "SQL-backend error" : NULL;
76 send_ldap_result( op, rs );
80 #ifdef BACKSQL_ARBITRARY_KEY
81 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): entry id=%s\n",
82 e_id.eid_id.bv_val, 0, 0 );
83 #else /* ! BACKSQL_ARBITRARY_KEY */
84 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): entry id=%ld\n",
86 #endif /* ! BACKSQL_ARBITRARY_KEY */
88 if ( backsql_has_children( bi, dbh, &op->o_req_ndn ) == LDAP_COMPARE_TRUE ) {
89 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
90 "entry \"%s\" has children\n",
91 op->o_req_dn.bv_val, 0, 0 );
92 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
93 rs->sr_text = "subtree rename not supported";
94 send_ldap_result( op, rs );
98 dnParent( &op->o_req_dn, &p_dn );
99 dnParent( &op->o_req_ndn, &p_ndn );
102 * namingContext "" is not supported
104 if ( p_dn.bv_len == 0 ) {
105 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
106 "parent is \"\" - aborting\n", 0, 0, 0 );
107 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
108 rs->sr_text = "not allowed within namingContext";
109 send_ldap_result( op, rs );
114 * Check for children access to parent
119 if ( !access_allowed( op, &e, slap_schema.si_ad_children,
120 NULL, ACL_WRITE, NULL ) ) {
121 Debug( LDAP_DEBUG_TRACE, " no access to parent\n", 0, 0, 0 );
122 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
128 * namingContext "" is not supported
130 if ( newSuperior->bv_len == 0 ) {
131 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
132 "newSuperior is \"\" - aborting\n", 0, 0, 0 );
133 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
134 rs->sr_text = "not allowed within namingContext";
135 send_ldap_result( op, rs );
139 new_pdn = newSuperior;
140 new_npdn = op->oq_modrdn.rs_nnewSup;
143 e.e_nname = *new_npdn;
146 * Check for children access to new parent
148 if ( !access_allowed( op, &e, slap_schema.si_ad_children,
149 NULL, ACL_WRITE, NULL ) ) {
150 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
151 "no access to new parent \"%s\"\n",
152 new_pdn->bv_val, 0, 0 );
153 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
162 if ( newSuperior && dn_match( &p_ndn, new_npdn ) ) {
163 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
164 "newSuperior is equal to old parent - ignored\n",
169 if ( newSuperior && dn_match( &op->o_req_ndn, new_npdn ) ) {
170 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
171 "newSuperior is equal to entry being moved "
172 "- aborting\n", 0, 0, 0 );
173 rs->sr_err = LDAP_OTHER;
174 rs->sr_text = "newSuperior is equal to old DN";
175 send_ldap_result( op, rs );
179 build_new_dn( &new_dn, new_pdn, &op->oq_modrdn.rs_newrdn,
181 rs->sr_err = dnNormalize( 0, NULL, NULL, &new_dn, &new_ndn,
183 if ( rs->sr_err != LDAP_SUCCESS ) {
184 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
185 "new dn is invalid (\"%s\") - aborting\n",
186 new_dn.bv_val, 0, 0 );
187 rs->sr_text = "unable to build new DN";
188 send_ldap_result( op, rs );
192 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): new entry dn is \"%s\"\n",
193 new_dn.bv_val, 0, 0 );
196 rs->sr_err = backsql_dn2id( bi, &pe_id, dbh, &p_ndn );
197 if ( rs->sr_err != LDAP_SUCCESS ) {
198 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
199 "could not lookup old parent entry id\n", 0, 0, 0 );
200 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
201 ? "SQL-backend error" : NULL;
202 send_ldap_result( op, rs );
206 #ifdef BACKSQL_ARBITRARY_KEY
207 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
208 "old parent entry id is %s\n", pe_id.eid_id.bv_val, 0, 0 );
209 #else /* ! BACKSQL_ARBITRARY_KEY */
210 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
211 "old parent entry id is %ld\n", pe_id.eid_id, 0, 0 );
212 #endif /* ! BACKSQL_ARBITRARY_KEY */
214 (void)backsql_free_entryID( &pe_id, 0 );
217 rs->sr_err = backsql_dn2id( bi, &new_pe_id, dbh, new_npdn );
218 if ( rs->sr_err != LDAP_SUCCESS ) {
219 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
220 "could not lookup new parent entry id\n", 0, 0, 0 );
221 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
222 ? "SQL-backend error" : NULL;
223 send_ldap_result( op, rs );
227 #ifdef BACKSQL_ARBITRARY_KEY
228 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
229 "new parent entry id=%s\n", new_pe_id.eid_id.bv_val, 0, 0 );
230 #else /* ! BACKSQL_ARBITRARY_KEY */
231 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
232 "new parent entry id=%ld\n", new_pe_id.eid_id, 0, 0 );
233 #endif /* ! BACKSQL_ARBITRARY_KEY */
236 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
237 "executing delentry_query\n", 0, 0, 0 );
239 rc = backsql_Prepare( dbh, &sth, bi->sql_delentry_query, 0 );
240 if ( rc != SQL_SUCCESS ) {
241 Debug( LDAP_DEBUG_TRACE,
242 " backsql_modrdn(): "
243 "error preparing delentry_query\n", 0, 0, 0 );
244 backsql_PrintErrors( bi->sql_db_env, dbh,
247 rs->sr_text = "SQL-backend error";
248 rs->sr_err = LDAP_OTHER;
252 rc = backsql_BindParamID( sth, 1, SQL_PARAM_INPUT, &e_id.eid_id );
253 if ( rc != SQL_SUCCESS ) {
254 Debug( LDAP_DEBUG_TRACE,
255 " backsql_delete(): "
256 "error binding entry ID parameter "
257 "for objectClass %s\n",
258 oc->bom_oc->soc_cname.bv_val, 0, 0 );
259 backsql_PrintErrors( bi->sql_db_env, dbh,
261 SQLFreeStmt( sth, SQL_DROP );
263 rs->sr_text = "SQL-backend error";
264 rs->sr_err = LDAP_OTHER;
268 rc = SQLExecute( sth );
269 if ( rc != SQL_SUCCESS ) {
270 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
271 "failed to delete record from ldap_entries\n",
273 backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc );
274 SQLFreeStmt( sth, SQL_DROP );
275 rs->sr_err = LDAP_OTHER;
276 rs->sr_text = "SQL-backend error";
277 send_ldap_result( op, rs );
281 SQLFreeStmt( sth, SQL_DROP );
283 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
284 "executing insentry_query\n", 0, 0, 0 );
286 rc = backsql_Prepare( dbh, &sth, bi->sql_insentry_query, 0 );
287 if ( rc != SQL_SUCCESS ) {
288 Debug( LDAP_DEBUG_TRACE,
289 " backsql_modrdn(): "
290 "error preparing insentry_query\n", 0, 0, 0 );
291 backsql_PrintErrors( bi->sql_db_env, dbh,
294 rs->sr_text = "SQL-backend error";
295 rs->sr_err = LDAP_OTHER;
299 rc = backsql_BindParamBerVal( sth, 1, SQL_PARAM_INPUT, &new_dn );
300 if ( rc != SQL_SUCCESS ) {
301 Debug( LDAP_DEBUG_TRACE,
302 " backsql_add_attr(): "
303 "error binding DN parameter for objectClass %s\n",
304 oc->bom_oc->soc_cname.bv_val, 0, 0 );
305 backsql_PrintErrors( bi->sql_db_env, dbh,
307 SQLFreeStmt( sth, SQL_DROP );
309 rs->sr_text = "SQL-backend error";
310 rs->sr_err = LDAP_OTHER;
314 rc = backsql_BindParamInt( sth, 2, SQL_PARAM_INPUT, &e_id.eid_oc_id );
315 if ( rc != SQL_SUCCESS ) {
316 Debug( LDAP_DEBUG_TRACE,
317 " backsql_add_attr(): "
318 "error binding objectClass ID parameter for objectClass %s\n",
319 oc->bom_oc->soc_cname.bv_val, 0, 0 );
320 backsql_PrintErrors( bi->sql_db_env, dbh,
322 SQLFreeStmt( sth, SQL_DROP );
324 rs->sr_text = "SQL-backend error";
325 rs->sr_err = LDAP_OTHER;
329 rc = backsql_BindParamID( sth, 3, SQL_PARAM_INPUT, &new_pe_id.eid_id );
330 if ( rc != SQL_SUCCESS ) {
331 Debug( LDAP_DEBUG_TRACE,
332 " backsql_add_attr(): "
333 "error binding parent ID parameter for objectClass %s\n",
334 oc->bom_oc->soc_cname.bv_val, 0, 0 );
335 backsql_PrintErrors( bi->sql_db_env, dbh,
337 SQLFreeStmt( sth, SQL_DROP );
339 rs->sr_text = "SQL-backend error";
340 rs->sr_err = LDAP_OTHER;
344 rc = backsql_BindParamID( sth, 4, SQL_PARAM_INPUT, &e_id.eid_keyval );
345 if ( rc != SQL_SUCCESS ) {
346 Debug( LDAP_DEBUG_TRACE,
347 " backsql_add_attr(): "
348 "error binding entry ID parameter for objectClass %s\n",
349 oc->bom_oc->soc_cname.bv_val, 0, 0 );
350 backsql_PrintErrors( bi->sql_db_env, dbh,
352 SQLFreeStmt( sth, SQL_DROP );
354 rs->sr_text = "SQL-backend error";
355 rs->sr_err = LDAP_OTHER;
359 rc = SQLExecute( sth );
360 if ( rc != SQL_SUCCESS ) {
361 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
362 "could not insert ldap_entries record\n", 0, 0, 0 );
363 backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc );
364 SQLFreeStmt( sth, SQL_DROP );
365 rs->sr_err = LDAP_OTHER;
366 rs->sr_text = "SQL-backend error";
367 send_ldap_result( op, rs );
370 SQLFreeStmt( sth, SQL_DROP );
373 * Get attribute type and attribute value of our new rdn,
374 * we will need to add that to our new entry
376 if ( ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, &next,
377 LDAP_DN_FORMAT_LDAP ) )
379 Debug( LDAP_DEBUG_TRACE,
380 " backsql_modrdn: can't figure out "
381 "type(s)/values(s) of newrdn\n",
383 rs->sr_err = LDAP_INVALID_DN_SYNTAX;
387 Debug( LDAP_DEBUG_TRACE,
388 " backsql_modrdn: new_rdn_type=\"%s\", "
389 "new_rdn_val=\"%s\"\n",
390 new_rdn[ 0 ]->la_attr.bv_val,
391 new_rdn[ 0 ]->la_value.bv_val, 0 );
393 if ( op->oq_modrdn.rs_deleteoldrdn ) {
394 if ( ldap_bv2rdn( &op->o_req_dn, &old_rdn, &next,
395 LDAP_DN_FORMAT_LDAP ) )
397 Debug( LDAP_DEBUG_TRACE,
398 " backsql_modrdn: can't figure out "
399 "the old_rdn type(s)/value(s)\n",
401 rs->sr_err = LDAP_OTHER;
408 rs->sr_err = slap_modrdn2mods( op, rs, &e, old_rdn, new_rdn, &mod );
409 if ( rs->sr_err != LDAP_SUCCESS ) {
413 if ( !acl_check_modlist( op, &e, mod )) {
414 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
418 oc = backsql_id2oc( bi, e_id.eid_oc_id );
419 rs->sr_err = backsql_modify_internal( op, rs, dbh, oc, &e_id, mod );
423 * Commit only if all operations succeed
425 if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
426 SQLTransact( SQL_NULL_HENV, dbh, SQL_COMMIT );
429 SQLTransact( SQL_NULL_HENV, dbh, SQL_ROLLBACK );
433 if ( !BER_BVISNULL( &new_dn ) ) {
434 slap_sl_free( new_dn.bv_val, op->o_tmpmemctx );
437 if ( !BER_BVISNULL( &new_ndn ) ) {
438 slap_sl_free( new_ndn.bv_val, op->o_tmpmemctx );
441 /* LDAP v2 supporting correct attribute handling. */
442 if ( new_rdn != NULL ) {
443 ldap_rdnfree( new_rdn );
445 if ( old_rdn != NULL ) {
446 ldap_rdnfree( old_rdn );
450 for (; mod; mod = tmp ) {
456 if ( !BER_BVISNULL( &new_pe_id.eid_ndn ) ) {
457 (void)backsql_free_entryID( &new_pe_id, 0 );
460 send_ldap_result( op, rs );
462 Debug( LDAP_DEBUG_TRACE, "<==backsql_modrdn()\n", 0, 0, 0 );
466 #endif /* SLAPD_SQL */