/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2005 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
AttributeDescription *children = slap_schema.si_ad_children;
AttributeDescription *entry = slap_schema.si_ad_entry;
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0 );
-#else
Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", op->o_req_dn.bv_val, 0, 0);
-#endif
/* grab giant lock for writing */
ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
/* FIXME : dn2entry() should return non-glue entry */
if ( e == NULL || ( !manageDSAit && is_entry_glue( e ))) {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, INFO,
- "ldbm_back_delete: no such object %s\n", op->o_req_dn.bv_val, 0, 0 );
-#else
Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: no such object %s\n",
op->o_req_dn.bv_val, 0, 0);
-#endif
if ( matched != NULL ) {
rs->sr_matched = ch_strdup( matched->e_dn );
cache_return_entry_r( &li->li_cache, matched );
} else {
- BerVarray deref = NULL;
- if ( !LDAP_STAILQ_EMPTY( &op->o_bd->be_syncinfo )) {
- syncinfo_t *si;
- LDAP_STAILQ_FOREACH( si, &op->o_bd->be_syncinfo, si_next ) {
- struct berval tmpbv;
- ber_dupbv( &tmpbv, &si->si_provideruri_bv[0] );
- ber_bvarray_add( &deref, &tmpbv );
- }
- } else {
- deref = default_referral;
- }
- rs->sr_ref = referral_rewrite( deref, NULL, &op->o_req_dn,
- LDAP_SCOPE_DEFAULT );
+ rs->sr_ref = referral_rewrite( default_referral, NULL,
+ &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
}
/* check entry for "entry" acl */
- if ( ! access_allowed( op, e,
- entry, NULL, ACL_WRITE, NULL ) )
+ if ( ! access_allowed( op, e, entry, NULL, ACL_WDEL, NULL ) )
{
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: no write access to entry of (%s)\n",
- op->o_req_dn.bv_val, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: no write access to entry\n", 0,
0, 0 );
-#endif
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
"no write access to entry" );
/* parent is an alias, don't allow add */
rs->sr_ref = get_entry_referrals( op, e );
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, INFO,
- "ldbm_back_delete: entry (%s) is a referral.\n", e->e_dn, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
0, 0 );
-#endif
rs->sr_err = LDAP_REFERRAL;
rs->sr_matched = e->e_name.bv_val;
}
if ( has_children( op->o_bd, e ) ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) is a non-leaf node.\n", op->o_req_dn.bv_val, 0,0);
-#else
Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: non leaf %s\n",
op->o_req_dn.bv_val, 0, 0);
-#endif
send_ldap_error( op, rs, LDAP_NOT_ALLOWED_ON_NONLEAF,
- "subtree delete not supported" );
+ "subordinate objects must be deleted first");
goto return_results;
}
if( !be_issuffix( op->o_bd, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ),
pdn.bv_len) ) {
if( (p = dn2entry_w( op->o_bd, &pdn, NULL )) == NULL) {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: parent of (%s) does not exist\n", op->o_req_dn, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: parent does not exist\n",
0, 0, 0);
-#endif
send_ldap_error( op, rs, LDAP_OTHER,
"could not locate parent of entry" );
/* check parent for "children" acl */
if ( ! access_allowed( op, p,
- children, NULL, ACL_WRITE, NULL ) )
+ children, NULL, ACL_WDEL, NULL ) )
{
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: no access to parent of (%s)\n",
- op->o_req_dn.bv_val, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: no access to parent\n", 0,
0, 0 );
-#endif
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
"no write access to parent" );
} else {
/* no parent, must be root to delete */
- if( ! be_isroot_dn( op ) ) {
- if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
+ if( ! be_isroot( op ) ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+ || be_shadow_update( op ) ) {
p = (Entry *)&slap_entry_root;
rc = access_allowed( op, p,
- children, NULL, ACL_WRITE, NULL );
+ children, NULL, ACL_WDEL, NULL );
p = NULL;
/* check parent for "children" acl */
if ( ! rc ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: no access "
- "to parent of ("")\n", 0, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: no "
"access to parent\n", 0, 0, 0 );
-#endif
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
"no write access to parent" );
}
} else {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) has no "
- "parent & not a root.\n", op->o_ndn, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_delete: no parent & "
"not root\n", 0, 0, 0);
-#endif
send_ldap_error( op, rs,
LDAP_INSUFFICIENT_ACCESS,
/* delete from dn2id mapping */
if ( dn2id_delete( op->o_bd, &e->e_nname, e->e_id ) != 0 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) operations error\n", op->o_req_dn.bv_val, 0, 0 );
-#else
Debug(LDAP_DEBUG_ARGS,
"<=- ldbm_back_delete: operations error %s\n",
op->o_req_dn.bv_val, 0, 0);
-#endif
send_ldap_error( op, rs, LDAP_OTHER,
"DN index delete failed" );
/* delete from disk and cache */
if ( id2entry_delete( op->o_bd, e ) != 0 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( BACK_LDBM, ERR,
- "ldbm_back_delete: (%s) operations error\n", op->o_req_dn.bv_val, 0, 0 );
-#else
Debug(LDAP_DEBUG_ARGS,
"<=- ldbm_back_delete: operations error %s\n",
op->o_req_dn.bv_val, 0, 0);
-#endif
send_ldap_error( op, rs, LDAP_OTHER,
"entry delete failed" );
projects / openldap / blobdiff