2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2004 The OpenLDAP Foundation.
5 * Portions Copyright 1999 Dmitry Kovalev.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
17 * This work was initially developed by Dmitry Kovalev for inclusion
18 * by OpenLDAP Software.
24 #include <sys/types.h>
25 #include "ac/string.h"
28 #include "proto-sql.h"
31 backsql_modrdn( Operation *op, SlapReply *rs )
33 backsql_info *bi = (backsql_info*)op->o_bd->be_private;
37 backsql_entryID e_id = BACKSQL_ENTRYID_INIT,
38 pe_id = BACKSQL_ENTRYID_INIT,
39 new_pe_id = BACKSQL_ENTRYID_INIT;
40 backsql_oc_map_rec *oc = NULL;
41 struct berval p_dn = BER_BVNULL, p_ndn = BER_BVNULL,
42 *new_pdn = NULL, *new_npdn = NULL,
43 new_dn = BER_BVNULL, new_ndn = BER_BVNULL;
44 LDAPRDN new_rdn = NULL;
45 LDAPRDN old_rdn = NULL;
47 Modifications *mod = NULL;
48 struct berval *newSuperior = op->oq_modrdn.rs_newSup;
51 Debug( LDAP_DEBUG_TRACE, "==>backsql_modrdn() renaming entry \"%s\", "
52 "newrdn=\"%s\", newSuperior=\"%s\"\n",
53 op->o_req_dn.bv_val, op->oq_modrdn.rs_newrdn.bv_val,
54 newSuperior ? newSuperior->bv_val : "(NULL)" );
55 rs->sr_err = backsql_get_db_conn( op, &dbh );
56 if ( rs->sr_err != LDAP_SUCCESS ) {
57 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
58 "could not get connection handle - exiting\n",
60 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
61 ? "SQL-backend error" : NULL;
62 send_ldap_result( op, rs );
67 rs->sr_err = backsql_dn2id( op, rs, &e_id, dbh, &op->o_req_ndn );
68 if ( rs->sr_err != LDAP_SUCCESS ) {
69 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
70 "could not lookup entry id (%d)\n",
72 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
73 ? "SQL-backend error" : NULL;
74 send_ldap_result( op, rs );
78 #ifdef BACKSQL_ARBITRARY_KEY
79 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): entry id=%s\n",
80 e_id.eid_id.bv_val, 0, 0 );
81 #else /* ! BACKSQL_ARBITRARY_KEY */
82 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): entry id=%ld\n",
84 #endif /* ! BACKSQL_ARBITRARY_KEY */
86 if ( backsql_has_children( bi, dbh, &op->o_req_ndn ) == LDAP_COMPARE_TRUE ) {
87 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
88 "entry \"%s\" has children\n",
89 op->o_req_dn.bv_val, 0, 0 );
90 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
91 rs->sr_text = "subtree rename not supported";
92 send_ldap_result( op, rs );
96 dnParent( &op->o_req_dn, &p_dn );
97 dnParent( &op->o_req_ndn, &p_ndn );
100 * namingContext "" is not supported
102 if ( p_dn.bv_len == 0 ) {
103 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
104 "parent is \"\" - aborting\n", 0, 0, 0 );
105 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
106 rs->sr_text = "not allowed within namingContext";
107 send_ldap_result( op, rs );
112 * Check for children access to parent
117 if ( !access_allowed( op, &e, slap_schema.si_ad_children,
118 NULL, ACL_WRITE, NULL ) ) {
119 Debug( LDAP_DEBUG_TRACE, " no access to parent\n", 0, 0, 0 );
120 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
126 * namingContext "" is not supported
128 if ( newSuperior->bv_len == 0 ) {
129 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
130 "newSuperior is \"\" - aborting\n", 0, 0, 0 );
131 rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
132 rs->sr_text = "not allowed within namingContext";
133 send_ldap_result( op, rs );
137 new_pdn = newSuperior;
138 new_npdn = op->oq_modrdn.rs_nnewSup;
141 e.e_nname = *new_npdn;
144 * Check for children access to new parent
146 if ( !access_allowed( op, &e, slap_schema.si_ad_children,
147 NULL, ACL_WRITE, NULL ) ) {
148 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
149 "no access to new parent \"%s\"\n",
150 new_pdn->bv_val, 0, 0 );
151 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
160 if ( newSuperior && dn_match( &p_ndn, new_npdn ) ) {
161 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
162 "newSuperior is equal to old parent - ignored\n",
167 if ( newSuperior && dn_match( &op->o_req_ndn, new_npdn ) ) {
168 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
169 "newSuperior is equal to entry being moved "
170 "- aborting\n", 0, 0, 0 );
171 rs->sr_err = LDAP_OTHER;
172 rs->sr_text = "newSuperior is equal to old DN";
173 send_ldap_result( op, rs );
177 build_new_dn( &new_dn, new_pdn, &op->oq_modrdn.rs_newrdn,
179 rs->sr_err = dnNormalize( 0, NULL, NULL, &new_dn, &new_ndn,
181 if ( rs->sr_err != LDAP_SUCCESS ) {
182 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
183 "new dn is invalid (\"%s\") - aborting\n",
184 new_dn.bv_val, 0, 0 );
185 rs->sr_text = "unable to build new DN";
186 send_ldap_result( op, rs );
190 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): new entry dn is \"%s\"\n",
191 new_dn.bv_val, 0, 0 );
194 rs->sr_err = backsql_dn2id( op, rs, &pe_id, dbh, &p_ndn );
195 if ( rs->sr_err != LDAP_SUCCESS ) {
196 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
197 "could not lookup old parent entry id\n", 0, 0, 0 );
198 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
199 ? "SQL-backend error" : NULL;
200 send_ldap_result( op, rs );
204 #ifdef BACKSQL_ARBITRARY_KEY
205 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
206 "old parent entry id is %s\n", pe_id.eid_id.bv_val, 0, 0 );
207 #else /* ! BACKSQL_ARBITRARY_KEY */
208 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
209 "old parent entry id is %ld\n", pe_id.eid_id, 0, 0 );
210 #endif /* ! BACKSQL_ARBITRARY_KEY */
212 (void)backsql_free_entryID( &pe_id, 0 );
215 rs->sr_err = backsql_dn2id( op, rs, &new_pe_id, dbh, new_npdn );
216 if ( rs->sr_err != LDAP_SUCCESS ) {
217 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
218 "could not lookup new parent entry id\n", 0, 0, 0 );
219 rs->sr_text = ( rs->sr_err == LDAP_OTHER )
220 ? "SQL-backend error" : NULL;
221 send_ldap_result( op, rs );
225 #ifdef BACKSQL_ARBITRARY_KEY
226 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
227 "new parent entry id=%s\n", new_pe_id.eid_id.bv_val, 0, 0 );
228 #else /* ! BACKSQL_ARBITRARY_KEY */
229 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
230 "new parent entry id=%ld\n", new_pe_id.eid_id, 0, 0 );
231 #endif /* ! BACKSQL_ARBITRARY_KEY */
234 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
235 "executing delentry_query\n", 0, 0, 0 );
237 rc = backsql_Prepare( dbh, &sth, bi->sql_delentry_query, 0 );
238 if ( rc != SQL_SUCCESS ) {
239 Debug( LDAP_DEBUG_TRACE,
240 " backsql_modrdn(): "
241 "error preparing delentry_query\n", 0, 0, 0 );
242 backsql_PrintErrors( bi->sql_db_env, dbh,
245 rs->sr_text = "SQL-backend error";
246 rs->sr_err = LDAP_OTHER;
250 rc = backsql_BindParamID( sth, 1, SQL_PARAM_INPUT, &e_id.eid_id );
251 if ( rc != SQL_SUCCESS ) {
252 Debug( LDAP_DEBUG_TRACE,
253 " backsql_delete(): "
254 "error binding entry ID parameter "
255 "for objectClass %s\n",
256 oc->bom_oc->soc_cname.bv_val, 0, 0 );
257 backsql_PrintErrors( bi->sql_db_env, dbh,
259 SQLFreeStmt( sth, SQL_DROP );
261 rs->sr_text = "SQL-backend error";
262 rs->sr_err = LDAP_OTHER;
266 rc = SQLExecute( sth );
267 if ( rc != SQL_SUCCESS ) {
268 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
269 "failed to delete record from ldap_entries\n",
271 backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc );
272 SQLFreeStmt( sth, SQL_DROP );
273 rs->sr_err = LDAP_OTHER;
274 rs->sr_text = "SQL-backend error";
275 send_ldap_result( op, rs );
279 SQLFreeStmt( sth, SQL_DROP );
281 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
282 "executing insentry_query\n", 0, 0, 0 );
284 rc = backsql_Prepare( dbh, &sth, bi->sql_insentry_query, 0 );
285 if ( rc != SQL_SUCCESS ) {
286 Debug( LDAP_DEBUG_TRACE,
287 " backsql_modrdn(): "
288 "error preparing insentry_query\n", 0, 0, 0 );
289 backsql_PrintErrors( bi->sql_db_env, dbh,
292 rs->sr_text = "SQL-backend error";
293 rs->sr_err = LDAP_OTHER;
297 rc = backsql_BindParamBerVal( sth, 1, SQL_PARAM_INPUT, &new_dn );
298 if ( rc != SQL_SUCCESS ) {
299 Debug( LDAP_DEBUG_TRACE,
300 " backsql_add_attr(): "
301 "error binding DN parameter for objectClass %s\n",
302 oc->bom_oc->soc_cname.bv_val, 0, 0 );
303 backsql_PrintErrors( bi->sql_db_env, dbh,
305 SQLFreeStmt( sth, SQL_DROP );
307 rs->sr_text = "SQL-backend error";
308 rs->sr_err = LDAP_OTHER;
312 rc = backsql_BindParamInt( sth, 2, SQL_PARAM_INPUT, &e_id.eid_oc_id );
313 if ( rc != SQL_SUCCESS ) {
314 Debug( LDAP_DEBUG_TRACE,
315 " backsql_add_attr(): "
316 "error binding objectClass ID parameter for objectClass %s\n",
317 oc->bom_oc->soc_cname.bv_val, 0, 0 );
318 backsql_PrintErrors( bi->sql_db_env, dbh,
320 SQLFreeStmt( sth, SQL_DROP );
322 rs->sr_text = "SQL-backend error";
323 rs->sr_err = LDAP_OTHER;
327 rc = backsql_BindParamID( sth, 3, SQL_PARAM_INPUT, &new_pe_id.eid_id );
328 if ( rc != SQL_SUCCESS ) {
329 Debug( LDAP_DEBUG_TRACE,
330 " backsql_add_attr(): "
331 "error binding parent ID parameter for objectClass %s\n",
332 oc->bom_oc->soc_cname.bv_val, 0, 0 );
333 backsql_PrintErrors( bi->sql_db_env, dbh,
335 SQLFreeStmt( sth, SQL_DROP );
337 rs->sr_text = "SQL-backend error";
338 rs->sr_err = LDAP_OTHER;
342 rc = backsql_BindParamID( sth, 4, SQL_PARAM_INPUT, &e_id.eid_keyval );
343 if ( rc != SQL_SUCCESS ) {
344 Debug( LDAP_DEBUG_TRACE,
345 " backsql_add_attr(): "
346 "error binding entry ID parameter for objectClass %s\n",
347 oc->bom_oc->soc_cname.bv_val, 0, 0 );
348 backsql_PrintErrors( bi->sql_db_env, dbh,
350 SQLFreeStmt( sth, SQL_DROP );
352 rs->sr_text = "SQL-backend error";
353 rs->sr_err = LDAP_OTHER;
357 rc = SQLExecute( sth );
358 if ( rc != SQL_SUCCESS ) {
359 Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): "
360 "could not insert ldap_entries record\n", 0, 0, 0 );
361 backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc );
362 SQLFreeStmt( sth, SQL_DROP );
363 rs->sr_err = LDAP_OTHER;
364 rs->sr_text = "SQL-backend error";
365 send_ldap_result( op, rs );
368 SQLFreeStmt( sth, SQL_DROP );
371 * Get attribute type and attribute value of our new rdn,
372 * we will need to add that to our new entry
374 if ( ldap_bv2rdn( &op->oq_modrdn.rs_newrdn, &new_rdn, &next,
375 LDAP_DN_FORMAT_LDAP ) )
377 Debug( LDAP_DEBUG_TRACE,
378 " backsql_modrdn: can't figure out "
379 "type(s)/values(s) of newrdn\n",
381 rs->sr_err = LDAP_INVALID_DN_SYNTAX;
385 Debug( LDAP_DEBUG_TRACE,
386 " backsql_modrdn: new_rdn_type=\"%s\", "
387 "new_rdn_val=\"%s\"\n",
388 new_rdn[ 0 ]->la_attr.bv_val,
389 new_rdn[ 0 ]->la_value.bv_val, 0 );
391 if ( op->oq_modrdn.rs_deleteoldrdn ) {
392 if ( ldap_bv2rdn( &op->o_req_dn, &old_rdn, &next,
393 LDAP_DN_FORMAT_LDAP ) )
395 Debug( LDAP_DEBUG_TRACE,
396 " backsql_modrdn: can't figure out "
397 "the old_rdn type(s)/value(s)\n",
399 rs->sr_err = LDAP_OTHER;
406 rs->sr_err = slap_modrdn2mods( op, rs, &e, old_rdn, new_rdn, &mod );
407 if ( rs->sr_err != LDAP_SUCCESS ) {
411 if ( !acl_check_modlist( op, &e, mod )) {
412 rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
416 oc = backsql_id2oc( bi, e_id.eid_oc_id );
417 rs->sr_err = backsql_modify_internal( op, rs, dbh, oc, &e_id, mod );
421 * Commit only if all operations succeed
423 if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
424 SQLTransact( SQL_NULL_HENV, dbh, SQL_COMMIT );
427 SQLTransact( SQL_NULL_HENV, dbh, SQL_ROLLBACK );
431 if ( !BER_BVISNULL( &new_dn ) ) {
432 slap_sl_free( new_dn.bv_val, op->o_tmpmemctx );
435 if ( !BER_BVISNULL( &new_ndn ) ) {
436 slap_sl_free( new_ndn.bv_val, op->o_tmpmemctx );
439 /* LDAP v2 supporting correct attribute handling. */
440 if ( new_rdn != NULL ) {
441 ldap_rdnfree( new_rdn );
443 if ( old_rdn != NULL ) {
444 ldap_rdnfree( old_rdn );
448 for (; mod; mod = tmp ) {
454 if ( !BER_BVISNULL( &new_pe_id.eid_ndn ) ) {
455 (void)backsql_free_entryID( &new_pe_id, 0 );
458 send_ldap_result( op, rs );
460 Debug( LDAP_DEBUG_TRACE, "<==backsql_modrdn()\n", 0, 0, 0 );
projects / openldap / blob