/* modify.c - ldbm backend modify routine */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
#include "portable.h"
#include <ac/string.h>
#include <ac/socket.h>
+#include <ac/time.h>
#include "slap.h"
#include "back-ldbm.h"
#include "proto-back-ldbm.h"
-static int add_values(Entry *e, LDAPMod *mod, char *dn);
-static int delete_values(Entry *e, LDAPMod *mod, char *dn);
-static int replace_values(Entry *e, LDAPMod *mod, char *dn);
-
-int
-ldbm_back_modify(
- Backend *be,
- Connection *conn,
+/* We need this function because of LDAP modrdn. If we do not
+ * add this there would be a bunch of code replication here
+ * and there and of course the likelihood of bugs increases.
+ * Juan C. Gomez (gomez@engr.sgi.com) 05/18/99
+ */
+int ldbm_modify_internal(
Operation *op,
- char *dn,
- LDAPMod *mods
+ Modifications *modlist,
+ Entry *e,
+ const char **text,
+ char *textbuf,
+ size_t textlen
)
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- char *matched;
- Entry *e;
- int i, err;
- LDAPMod *mod;
+ int rc = LDAP_SUCCESS;
+ Modification *mod;
+ Modifications *ml;
+ Attribute *save_attrs;
+ Attribute *ap;
- Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0);
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0 );
+#else
+ Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0);
+#endif
- if ( (e = dn2entry_w( be, dn, &matched )) == NULL ) {
- send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched,
- NULL );
- if ( matched != NULL ) {
- free( matched );
- }
- return( -1 );
- }
- /* check for deleted */
+ if ( !acl_check_modlist( op, e, modlist )) {
+ return LDAP_INSUFFICIENT_ACCESS;
+ }
- /* lock entry */
+ save_attrs = e->e_attrs;
+ e->e_attrs = attrs_dup( e->e_attrs );
- if ( (err = acl_check_mods( be, conn, op, e, mods )) != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, err, NULL, NULL );
- goto error_return;
- }
+ for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
+ mod = &ml->sml_mod;
- for ( mod = mods; mod != NULL; mod = mod->mod_next ) {
- switch ( mod->mod_op & ~LDAP_MOD_BVALUES ) {
+ switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
- err = add_values( e, mod, op->o_dn );
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_modify_internal: add\n", 0, 0, 0);
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0);
+#endif
+
+ rc = modify_add_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 );
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
break;
case LDAP_MOD_DELETE:
- err = delete_values( e, mod, op->o_dn );
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_modify_internal: delete\n", 0,0,0);
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0);
+#endif
+
+ rc = modify_delete_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ assert( rc != LDAP_TYPE_OR_VALUE_EXISTS );
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 );
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
break;
case LDAP_MOD_REPLACE:
- err = replace_values( e, mod, op->o_dn );
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_modify_internal: replace\n",0,0,0);
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0);
+#endif
+
+ rc = modify_replace_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 );
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
break;
+
+ case SLAP_MOD_SOFTADD:
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, DETAIL1,
+ "ldbm_modify_internal: softadd\n", 0, 0, 0 );
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: softadd\n", 0, 0, 0);
+#endif
+
+ /* Avoid problems in index_add_mods()
+ * We need to add index if necessary.
+ */
+ mod->sm_op = LDAP_MOD_ADD;
+
+ rc = modify_add_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) {
+ rc = LDAP_SUCCESS;
+ }
+
+ if( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 );
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
+ }
+ break;
+
+ default:
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_modify_internal: invalid op %d\n", mod->sm_op, 0, 0 );
+#else
+ Debug(LDAP_DEBUG_ANY, "ldbm_modify_internal: invalid op %d\n",
+ mod->sm_op, 0, 0);
+#endif
+
+ rc = LDAP_OTHER;
+ *text = "Invalid modify operation";
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_modify_internal: %d (%s)\n", rc, *text, 0 );
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+#endif
}
- if ( err != LDAP_SUCCESS ) {
- /* unlock entry, delete from cache */
- send_ldap_result( conn, op, err, NULL, NULL );
- goto error_return;
+ if ( rc != LDAP_SUCCESS ) {
+ goto exit;
}
- }
- /* check that the entry still obeys the schema */
- if ( global_schemacheck && oc_schema_check( e ) != 0 ) {
- Debug( LDAP_DEBUG_ANY, "entry failed schema check\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION, NULL, NULL );
- goto error_return;
- }
+ /* If objectClass was modified, reset the flags */
+ if ( mod->sm_desc == slap_schema.si_ad_objectClass ) {
+ e->e_ocflags = 0;
+ }
- /* check for abandon */
- pthread_mutex_lock( &op->o_abandonmutex );
- if ( op->o_abandon ) {
- pthread_mutex_unlock( &op->o_abandonmutex );
- goto error_return;
+ /* check if modified attribute was indexed */
+ rc = index_is_indexed( op->o_bd, mod->sm_desc );
+ if ( rc == LDAP_SUCCESS ) {
+ ap = attr_find( save_attrs, mod->sm_desc );
+ if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
+
+ ap = attr_find( e->e_attrs, mod->sm_desc );
+ if ( ap ) ap->a_flags |= SLAP_ATTR_IXADD;
+ }
}
- pthread_mutex_unlock( &op->o_abandonmutex );
- /* modify indexes */
- if ( index_add_mods( be, mods, e->e_id ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
- goto error_return;
+ /* check that the entry still obeys the schema */
+#ifndef LDAP_CACHING
+ rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen );
+#else /* LDAP_CACHING */
+ if ( !op->o_caching_on ) {
+ rc = entry_schema_check( op->o_bd, e, save_attrs,
+ text, textbuf, textlen );
+ } else {
+ rc = LDAP_SUCCESS;
+ }
+#endif /* LDAP_CACHING */
+
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_modify_internal: entry failed schema check: %s\n",
+ *text, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY, "entry failed schema check: %s\n",
+ *text, 0, 0 );
+#endif
+
+ goto exit;
}
/* check for abandon */
- pthread_mutex_lock( &op->o_abandonmutex );
if ( op->o_abandon ) {
- pthread_mutex_unlock( &op->o_abandonmutex );
- goto error_return;
+ rc = SLAPD_ABANDON;
+ goto exit;
}
- pthread_mutex_unlock( &op->o_abandonmutex );
- /* change the entry itself */
- if ( id2entry_add( be, e ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL );
- goto error_return;
+ /* update the indices of the modified attributes */
+
+ /* start with deleting the old index entries */
+ for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) {
+ if ( ap->a_flags & SLAP_ATTR_IXDEL ) {
+ rc = index_values( op->o_bd, ap->a_desc,
+ ap->a_nvals,
+ e->e_id, SLAP_INDEX_DELETE_OP );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_modify_internal: Attribute index delete failure\n",
+ 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "Attribute index delete failure",
+ 0, 0, 0 );
+#endif
+ goto exit;
+ }
+ ap->a_flags &= ~SLAP_ATTR_IXDEL;
+ }
}
- send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );
- cache_return_entry_w( &li->li_cache, e );
- return( 0 );
-
-error_return:;
- cache_return_entry_w( &li->li_cache, e );
- return( -1 );
-}
-
-static int
-add_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- int i;
- Attribute *a;
-
- /* check if the values we're adding already exist */
- if ( (a = attr_find( e->e_attrs, mod->mod_type )) != NULL ) {
- for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
- if ( value_find( a->a_vals, mod->mod_bvalues[i],
- a->a_syntax, 3 ) == 0 ) {
- return( LDAP_TYPE_OR_VALUE_EXISTS );
+ /* add the new index entries */
+ for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) {
+ if ( ap->a_flags & SLAP_ATTR_IXADD ) {
+ rc = index_values( op->o_bd, ap->a_desc,
+ ap->a_nvals,
+ e->e_id, SLAP_INDEX_ADD_OP );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ERR,
+ "ldbm_modify_internal: Attribute index add failure\n",
+ 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "Attribute index add failure",
+ 0, 0, 0 );
+#endif
+ goto exit;
}
+ ap->a_flags &= ~SLAP_ATTR_IXADD;
}
}
- /* no - add them */
- if( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) {
- return( LDAP_CONSTRAINT_VIOLATION );
+exit:
+ if ( rc == LDAP_SUCCESS ) {
+ attrs_free( save_attrs );
+ } else {
+ for ( ap = save_attrs; ap; ap = ap->a_next ) {
+ ap->a_flags = 0;
+ }
+ attrs_free( e->e_attrs );
+ e->e_attrs = save_attrs;
}
- return( LDAP_SUCCESS );
+ return rc;
}
-static int
-delete_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
+int
+ldbm_back_modify(
+ Operation *op,
+ SlapReply *rs )
{
- int i, j, k, found;
- Attribute *a;
-
- /* delete the entire attribute */
- if ( mod->mod_bvalues == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "removing entire attribute %s\n",
- mod->mod_type, 0, 0 );
- return( attr_delete( &e->e_attrs, mod->mod_type ) ?
- LDAP_NO_SUCH_ATTRIBUTE : LDAP_SUCCESS );
- }
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
+ Entry *matched;
+ Entry *e;
+ int manageDSAit = get_manageDSAit( op );
+ char textbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof textbuf;
- /* delete specific values - find the attribute first */
- if ( (a = attr_find( e->e_attrs, mod->mod_type )) == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "could not find attribute %s\n",
- mod->mod_type, 0, 0 );
- return( LDAP_NO_SUCH_ATTRIBUTE );
- }
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_modify: enter\n", 0, 0, 0);
+#else
+ Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0);
+#endif
- /* find each value to delete */
- for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
- found = 0;
- for ( j = 0; a->a_vals[j] != NULL; j++ ) {
- if ( value_cmp( mod->mod_bvalues[i], a->a_vals[j],
- a->a_syntax, 3 ) != 0 ) {
- continue;
- }
- found = 1;
+ /* grab giant lock for writing */
+ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
- /* found a matching value - delete it */
- ber_bvfree( a->a_vals[j] );
- for ( k = j + 1; a->a_vals[k] != NULL; k++ ) {
- a->a_vals[k - 1] = a->a_vals[k];
- }
- a->a_vals[k - 1] = NULL;
- break;
+ /* acquire and lock entry */
+ if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
+ if ( matched != NULL ) {
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
+ : NULL;
+ cache_return_entry_r( &li->li_cache, matched );
+ } else {
+ rs->sr_ref = referral_rewrite( default_referral,
+ NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- /* looked through them all w/o finding it */
- if ( ! found ) {
- Debug( LDAP_DEBUG_ARGS,
- "could not find value for attr %s\n",
- mod->mod_type, 0, 0 );
- return( LDAP_NO_SUCH_ATTRIBUTE );
- }
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
+
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
+
+ return( -1 );
}
- return( LDAP_SUCCESS );
-}
+#ifndef LDAP_CACHING
+ if ( !manageDSAit && is_entry_referral( e ) )
+#else /* LDAP_CACHING */
+ if ( !op->o_caching_on && !manageDSAit && is_entry_referral( e ) )
+#endif /* LDAP_CACHING */
+ {
+ /* parent is a referral, don't allow add */
+ /* parent is an alias, don't allow add */
+ rs->sr_ref = get_entry_referrals( op, e );
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( BACK_LDBM, INFO,
+ "ldbm_back_modify: entry (%s) is referral\n", op->o_req_ndn.bv_val, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
+ 0, 0 );
+#endif
+
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
+
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
-static int
-replace_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- (void) attr_delete( &e->e_attrs, mod->mod_type );
+ goto error_return;
+ }
+
+ /* Modify the entry */
+ rs->sr_err = ldbm_modify_internal( op, op->oq_modify.rs_modlist, e,
+ &rs->sr_text, textbuf, textlen );
+
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ if( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
+ }
+
+ goto error_return;
+ }
- if ( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) {
- return( LDAP_CONSTRAINT_VIOLATION );
+ /* change the entry itself */
+ if ( id2entry_add( op->o_bd, e ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "id2entry failure" );
+ goto error_return;
}
- return( LDAP_SUCCESS );
+ send_ldap_error( op, rs, LDAP_SUCCESS,
+ NULL );
+
+ cache_return_entry_w( &li->li_cache, e );
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+ return( 0 );
+
+error_return:;
+ cache_return_entry_w( &li->li_cache, e );
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+ return( -1 );
}