/* modify.c - ldbm backend modify routine */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
*/
#include "portable.h"
* and there and of course the likelihood of bugs increases.
* Juan C. Gomez (gomez@engr.sgi.com) 05/18/99
*/
-
int ldbm_modify_internal(
- Backend *be,
- Connection *conn,
Operation *op,
- char *dn,
- LDAPModList *modlist,
- Entry *e
-)
+ Modifications *modlist,
+ Entry *e,
+ const char **text,
+ char *textbuf,
+ size_t textlen )
{
- int err;
- LDAPMod *mod;
- LDAPModList *ml;
- Attribute *a;
+ int rc = LDAP_SUCCESS;
+ Modification *mod;
+ Modifications *ml;
Attribute *save_attrs;
+ Attribute *ap;
- if ( (err = acl_check_modlist( be, conn, op, e, modlist ))
- != LDAP_SUCCESS )
- {
- send_ldap_result( conn, op, err,
- NULL, NULL, NULL, NULL );
- return -1;
+ Debug(LDAP_DEBUG_TRACE,
+ "ldbm_modify_internal: %s\n",
+ e->e_name.bv_val,
+ get_permissiveModify(op) ? " (permissive)" : "",
+ 0 );
+
+ if ( !acl_check_modlist( op, e, modlist )) {
+ return LDAP_INSUFFICIENT_ACCESS;
}
save_attrs = e->e_attrs;
e->e_attrs = attrs_dup( e->e_attrs );
- for ( ml = modlist; ml != NULL; ml = ml->ml_next ) {
- mod = &ml->ml_mod;
+ for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
+ mod = &ml->sml_mod;
- switch ( mod->mod_op & ~LDAP_MOD_BVALUES ) {
+ switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
- err = add_values( e, mod, op->o_ndn );
+ Debug(LDAP_DEBUG_ARGS,
+ "ldbm_modify_internal: add\n", 0, 0, 0);
+
+ rc = modify_add_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+ }
break;
case LDAP_MOD_DELETE:
- err = delete_values( e, mod, op->o_ndn );
+ Debug(LDAP_DEBUG_ARGS,
+ "ldbm_modify_internal: delete\n", 0, 0, 0);
+
+ rc = modify_delete_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ assert( rc != LDAP_TYPE_OR_VALUE_EXISTS );
+ if( rc != LDAP_SUCCESS ) {
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+ }
break;
case LDAP_MOD_REPLACE:
- err = replace_values( e, mod, op->o_ndn );
+ Debug(LDAP_DEBUG_ARGS,
+ "ldbm_modify_internal: replace\n", 0, 0, 0);
+
+ rc = modify_replace_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+ }
+ break;
+
+ case LDAP_MOD_INCREMENT:
+ Debug(LDAP_DEBUG_ARGS,
+ "ldbm_modify_internal: increment\n",0,0,0);
+
+ rc = modify_increment_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ if( rc != LDAP_SUCCESS ) {
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+ }
+ break;
+
+ case SLAP_MOD_SOFTADD:
+ Debug(LDAP_DEBUG_ARGS,
+ "ldbm_modify_internal: softadd\n", 0, 0, 0);
+
+ /* Avoid problems in index_add_mods()
+ * We need to add index if necessary.
+ */
+ mod->sm_op = LDAP_MOD_ADD;
+
+ rc = modify_add_values( e, mod, get_permissiveModify( op ),
+ text, textbuf, textlen );
+ mod->sm_op = SLAP_MOD_SOFTADD;
+ if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) {
+ rc = LDAP_SUCCESS;
+ }
+
+ if( rc != LDAP_SUCCESS ) {
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
+ }
break;
- case LDAP_MOD_SOFTADD:
- /* Avoid problems in index_add_mods()
- * We need to add index if necessary.
- */
- mod->mod_op = LDAP_MOD_ADD;
- if ( (err = add_values( e, mod, op->o_ndn ))
- == LDAP_TYPE_OR_VALUE_EXISTS ) {
-
- err = LDAP_SUCCESS;
- mod->mod_op = LDAP_MOD_SOFTADD;
-
- }
- break;
+ default:
+ Debug(LDAP_DEBUG_ANY, "ldbm_modify_internal: invalid op %d\n",
+ mod->sm_op, 0, 0);
+
+ rc = LDAP_OTHER;
+ *text = "Invalid modify operation";
+ Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n",
+ rc, *text, 0);
}
- if ( err != LDAP_SUCCESS ) {
- attrs_free( e->e_attrs );
- e->e_attrs = save_attrs;
- /* unlock entry, delete from cache */
- send_ldap_result( conn, op, err,
- NULL, NULL, NULL, NULL );
- return -1;
+ if ( rc != LDAP_SUCCESS ) {
+ goto exit;
}
- }
- /* check for abandon */
- ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
- if ( op->o_abandon ) {
- attrs_free( e->e_attrs );
- e->e_attrs = save_attrs;
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- return -1;
+ /* If objectClass was modified, reset the flags */
+ if ( mod->sm_desc == slap_schema.si_ad_objectClass ) {
+ e->e_ocflags = 0;
+ }
+
+ /* check if modified attribute was indexed */
+ rc = index_is_indexed( op->o_bd, mod->sm_desc );
+ if ( rc == LDAP_SUCCESS ) {
+ ap = attr_find( save_attrs, mod->sm_desc );
+ if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
+
+ ap = attr_find( e->e_attrs, mod->sm_desc );
+ if ( ap ) ap->a_flags |= SLAP_ATTR_IXADD;
+ }
}
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
/* check that the entry still obeys the schema */
- if ( global_schemacheck && oc_schema_check( e ) != 0 ) {
- attrs_free( e->e_attrs );
- e->e_attrs = save_attrs;
- Debug( LDAP_DEBUG_ANY, "entry failed schema check\n", 0, 0, 0 );
- send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION,
- NULL, NULL, NULL, NULL );
- return -1;
+ rc = entry_schema_check( op->o_bd, e, save_attrs, get_manageDIT(op),
+ text, textbuf, textlen );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_ANY, "entry failed schema check: %s\n",
+ *text, 0, 0 );
+
+ goto exit;
}
/* check for abandon */
- ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
if ( op->o_abandon ) {
- attrs_free( e->e_attrs );
- e->e_attrs = save_attrs;
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- return -1;
+ rc = SLAPD_ABANDON;
+ goto exit;
}
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
-
- /* remove old indices */
- if( save_attrs != NULL ) {
- for ( ml = modlist; ml != NULL; ml = ml->ml_next ) {
- mod = &ml->ml_mod;
- if( ( mod->mod_op & ~LDAP_MOD_BVALUES )
- == LDAP_MOD_REPLACE )
- {
- /* Need to remove all values from indexes */
- a = attr_find( save_attrs, mod->mod_type );
-
- if( a != NULL ) {
- (void) index_change_values( be,
- mod->mod_type,
- a->a_vals,
- e->e_id,
- SLAP_INDEX_DELETE_OP);
- }
+
+ /* update the indices of the modified attributes */
+
+ /* start with deleting the old index entries */
+ for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) {
+ if ( ap->a_flags & SLAP_ATTR_IXDEL ) {
+ rc = index_values( op, ap->a_desc,
+ ap->a_nvals,
+ e->e_id, SLAP_INDEX_DELETE_OP );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_ANY,
+ "ldbm_modify_internal: Attribute index delete failure\n",
+ 0, 0, 0 );
+ goto exit;
}
+ ap->a_flags &= ~SLAP_ATTR_IXDEL;
}
- attrs_free( save_attrs );
}
- /* modify indexes */
- if ( index_add_mods( be, modlist, e->e_id ) != 0 ) {
- /* our indices are likely hosed */
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, NULL, NULL, NULL );
- return -1;
+ /* add the new index entries */
+ for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) {
+ if ( ap->a_flags & SLAP_ATTR_IXADD ) {
+ rc = index_values( op, ap->a_desc,
+ ap->a_nvals,
+ e->e_id, SLAP_INDEX_ADD_OP );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_ANY,
+ "ldbm_modify_internal: Attribute index add failure\n",
+ 0, 0, 0 );
+ goto exit;
+ }
+ ap->a_flags &= ~SLAP_ATTR_IXADD;
+ }
}
- /* check for abandon */
- ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
- if ( op->o_abandon ) {
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- return -1;
+exit:
+ if ( rc == LDAP_SUCCESS ) {
+ attrs_free( save_attrs );
+ } else {
+ for ( ap = save_attrs; ap; ap = ap->a_next ) {
+ ap->a_flags = 0;
+ }
+ attrs_free( e->e_attrs );
+ e->e_attrs = save_attrs;
}
- ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
- return 0;
+ return rc;
}
-
int
ldbm_back_modify(
- Backend *be,
- Connection *conn,
Operation *op,
- char *dn,
- char *ndn,
- LDAPModList *modlist
-)
+ SlapReply *rs )
{
- struct ldbminfo *li = (struct ldbminfo *) be->be_private;
+ struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private;
Entry *matched;
Entry *e;
int manageDSAit = get_manageDSAit( op );
+ char textbuf[SLAP_TEXT_BUFLEN];
+ size_t textlen = sizeof textbuf;
Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0);
+ /* grab giant lock for writing */
+ ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock);
+
/* acquire and lock entry */
- if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) {
- char* matched_dn = NULL;
- struct berval **refs = NULL;
+ e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched );
+ /* FIXME: dn2entry() should return non-glue entry */
+ if (( e == NULL ) || ( !manageDSAit && e && is_entry_glue( e ))) {
if ( matched != NULL ) {
- matched_dn = ch_strdup( matched->e_dn );
- refs = is_entry_referral( matched )
- ? get_entry_referrals( be, conn, op, matched )
+ rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_ref = is_entry_referral( matched )
+ ? get_entry_referrals( op, matched )
: NULL;
cache_return_entry_r( &li->li_cache, matched );
} else {
- refs = default_referral;
+ rs->sr_ref = referral_rewrite( default_referral, NULL,
+ &op->o_req_dn, LDAP_SCOPE_DEFAULT );
}
- send_ldap_result( conn, op, LDAP_REFERRAL,
- matched_dn, NULL, refs, NULL );
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+ rs->sr_err = LDAP_REFERRAL;
+ send_ldap_result( op, rs );
- if ( matched != NULL ) {
- ber_bvecfree( refs );
- free( matched_dn );
- }
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ free( (char *)rs->sr_matched );
- return( -1 );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
+ return rs->sr_err;
}
- if ( !manageDSAit && is_entry_referral( e ) ) {
+ if ( !manageDSAit && is_entry_referral( e ) )
+ {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
- struct berval **refs = get_entry_referrals( be,
- conn, op, e );
+ rs->sr_ref = get_entry_referrals( op, e );
Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
0, 0 );
- send_ldap_result( conn, op, LDAP_REFERRAL,
- e->e_dn, NULL, refs, NULL );
-
- ber_bvecfree( refs );
+ rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = e->e_name.bv_val;
+ send_ldap_result( op, rs );
+ if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ rs->sr_matched = NULL;
goto error_return;
}
/* Modify the entry */
- if ( ldbm_modify_internal( be, conn, op, ndn, modlist, e ) != 0 ) {
+ rs->sr_err = ldbm_modify_internal( op, op->oq_modify.rs_modlist, e,
+ &rs->sr_text, textbuf, textlen );
+
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ if( rs->sr_err != SLAPD_ABANDON ) {
+ send_ldap_result( op, rs );
+ }
+
goto error_return;
}
/* change the entry itself */
- if ( id2entry_add( be, e ) != 0 ) {
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
- NULL, NULL, NULL, NULL );
+ if ( id2entry_add( op->o_bd, e ) != 0 ) {
+ send_ldap_error( op, rs, LDAP_OTHER,
+ "id2entry failure" );
+ rs->sr_err = LDAP_OTHER;
goto error_return;
}
- send_ldap_result( conn, op, LDAP_SUCCESS,
- NULL, NULL, NULL, NULL );
- cache_return_entry_w( &li->li_cache, e );
- return( 0 );
+ rs->sr_text = NULL;
+ send_ldap_error( op, rs, LDAP_SUCCESS,
+ NULL );
-error_return:;
cache_return_entry_w( &li->li_cache, e );
- return( -1 );
-}
-
-int
-add_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- int i;
- Attribute *a;
-
- /* check if the values we're adding already exist */
- if ( (a = attr_find( e->e_attrs, mod->mod_type )) != NULL ) {
- for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
- if ( value_find( a->a_vals, mod->mod_bvalues[i],
- a->a_syntax, 3 ) == 0 ) {
- return( LDAP_TYPE_OR_VALUE_EXISTS );
- }
- }
- }
-
- /* no - add them */
- if( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) {
- return( LDAP_CONSTRAINT_VIOLATION );
- }
-
- return( LDAP_SUCCESS );
-}
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
-int
-delete_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- int i, j, k, found;
- Attribute *a;
-
- /* delete the entire attribute */
- if ( mod->mod_bvalues == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "removing entire attribute %s\n",
- mod->mod_type, 0, 0 );
- return( attr_delete( &e->e_attrs, mod->mod_type ) ?
- LDAP_NO_SUCH_ATTRIBUTE : LDAP_SUCCESS );
- }
+ return LDAP_SUCCESS;
- /* delete specific values - find the attribute first */
- if ( (a = attr_find( e->e_attrs, mod->mod_type )) == NULL ) {
- Debug( LDAP_DEBUG_ARGS, "could not find attribute %s\n",
- mod->mod_type, 0, 0 );
- return( LDAP_NO_SUCH_ATTRIBUTE );
- }
-
- /* find each value to delete */
- for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) {
- found = 0;
- for ( j = 0; a->a_vals[j] != NULL; j++ ) {
- if ( value_cmp( mod->mod_bvalues[i], a->a_vals[j],
- a->a_syntax, 3 ) != 0 ) {
- continue;
- }
- found = 1;
-
- /* found a matching value - delete it */
- ber_bvfree( a->a_vals[j] );
- for ( k = j + 1; a->a_vals[k] != NULL; k++ ) {
- a->a_vals[k - 1] = a->a_vals[k];
- }
- a->a_vals[k - 1] = NULL;
-
- /* delete the entire attribute, if no values remain */
- if ( a->a_vals[0] == NULL) {
- Debug( LDAP_DEBUG_ARGS,
- "removing entire attribute %s\n",
- mod->mod_type, 0, 0 );
- if ( attr_delete( &e->e_attrs, mod->mod_type ) ) {
- return LDAP_NO_SUCH_ATTRIBUTE;
- }
- }
-
- break;
- }
-
- /* looked through them all w/o finding it */
- if ( ! found ) {
- Debug( LDAP_DEBUG_ARGS,
- "could not find value for attr %s\n",
- mod->mod_type, 0, 0 );
- return( LDAP_NO_SUCH_ATTRIBUTE );
- }
- }
-
- return( LDAP_SUCCESS );
-}
-
-int
-replace_values(
- Entry *e,
- LDAPMod *mod,
- char *dn
-)
-{
- (void) attr_delete( &e->e_attrs, mod->mod_type );
-
- if ( mod->mod_bvalues != NULL &&
- attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 )
- {
- return( LDAP_CONSTRAINT_VIOLATION );
- }
-
- return( LDAP_SUCCESS );
+error_return:;
+ cache_return_entry_w( &li->li_cache, e );
+ ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
+ rs->sr_text = NULL;
+ return rs->sr_err;
}