+ /* delete from parent's id2children entry */
+ if( !be_issuffix( be, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ),
+ pdn.bv_len) ) {
+ if( (p = dn2entry_w( be, &pdn, NULL )) == NULL) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_back_delete: parent of (%s) does not exist\n", dn, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "<=- ldbm_back_delete: parent does not exist\n",
+ 0, 0, 0);
+#endif
+
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "could not locate parent of entry", NULL, NULL );
+ goto return_results;
+ }
+
+ /* check parent for "children" acl */
+ if ( ! access_allowed( be, conn, op, p,
+ children, NULL, ACL_WRITE, NULL ) )
+ {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_back_delete: no access to parent of (%s)\n",
+ dn->bv_val, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "<=- ldbm_back_delete: no access to parent\n", 0,
+ 0, 0 );
+#endif
+
+ send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
+ NULL, NULL, NULL, NULL );
+ goto return_results;
+ }
+
+ } else {
+ /* no parent, must be root to delete */
+ if( ! be_isroot( be, &op->o_ndn ) ) {
+ if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) {
+ p = (Entry *)&slap_entry_root;
+
+ rc = access_allowed( be, conn, op, p,
+ children, NULL, ACL_WRITE, NULL );
+ p = NULL;
+
+ /* check parent for "children" acl */
+ if ( ! rc ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_back_delete: no access "
+ "to parent of ("")\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "<=- ldbm_back_delete: no "
+ "access to parent\n", 0, 0, 0 );
+#endif
+
+ send_ldap_result( conn, op,
+ LDAP_INSUFFICIENT_ACCESS,
+ NULL, NULL, NULL, NULL );
+ goto return_results;
+ }
+
+ } else {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_back_delete: (%s) has no "
+ "parent & not a root.\n", dn, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "<=- ldbm_back_delete: no parent & "
+ "not root\n", 0, 0, 0);
+#endif
+
+ send_ldap_result( conn, op,
+ LDAP_INSUFFICIENT_ACCESS,
+ NULL, NULL, NULL, NULL );
+ goto return_results;
+ }
+ }
+ }