Added bdb_attribute and bdb_group ACL support routines

[openldap] / servers / slapd / backend.c

diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index 105e95b75cdf803408475df0b23cc30d9c4a2504..f1216f410a3f9bc576d55482cc892a566cd7c3c9 100644 (file)
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -127,12 +127,12 @@ int backend_init(void)
                if(rc != 0) {
 #ifdef NEW_LOGGING
                        LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
-                                  "backend_init:  initialized for type \"%s\"\n",
-                                  binfo[nBackendInfo].bi_type ));
+                               "backend_init:  initialized for type \"%s\"\n",
+                               binfo[nBackendInfo].bi_type ));
 #else
                        Debug( LDAP_DEBUG_ANY,
                                "backend_init: initialized for type \"%s\"\n",
-                                       binfo[nBackendInfo].bi_type, 0, 0 );
+                               binfo[nBackendInfo].bi_type, 0, 0 );
 #endif
                        /* destroy those we've already inited */
                        for( nBackendInfo--;
@@ -158,10 +158,10 @@ int backend_init(void)
 #else
 
 #ifdef NEW_LOGGING
-        LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
-                   "backend_init: failed\n" ));
+       LDAP_LOG(( "backend", LDAP_LEVEL_ERR,
+               "backend_init: failed\n" ));
 #else
-        Debug( LDAP_DEBUG_ANY,
+       Debug( LDAP_DEBUG_ANY,
                "backend_init: failed\n",
                0, 0, 0 );
 #endif
@@ -953,6 +953,28 @@ backend_group(
        AttributeDescription *group_at
 )
 {
+       GroupAssertion *g;
+       int len = strlen(gr_ndn);
+       int i;
+
+       ldap_pvt_thread_mutex_lock( &op->o_abandonmutex );
+       i = op->o_abandon;
+       ldap_pvt_thread_mutex_unlock( &op->o_abandonmutex );
+       if (i)
+               return SLAPD_ABANDON;
+
+       ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+       for (g = conn->c_groups; g; g=g->next) {
+               if (g->be != be || g->oc != group_oc || g->at != group_at ||
+                   g->len != len)
+                       continue;
+               if (strcmp( g->ndn, gr_ndn ) == 0)
+                       break;
+       }
+       ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+       if (g)
+               return g->res;
+
        if( strcmp( target->e_ndn, gr_ndn ) != 0 ) {
                /* we won't attempt to send it to a different backend */
                
@@ -964,9 +986,25 @@ backend_group(
        } 
 
        if( be->be_group ) {
-               return be->be_group( be, conn, op,
+               int res = be->be_group( be, conn, op,
                        target, gr_ndn, op_ndn,
                        group_oc, group_at );
+               
+               if (op->o_tag != LDAP_REQ_BIND) {
+                       g = ch_malloc(sizeof(GroupAssertion) + len);
+                       g->be = be;
+                       g->oc = group_oc;
+                       g->at = group_at;
+                       g->res = res;
+                       g->len = len;
+                       strcpy(g->ndn, gr_ndn);
+                       ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+                       g->next = conn->c_groups;
+                       conn->c_groups = g;
+                       ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+               }
+
+               return res;
        }
 
        return LDAP_UNWILLING_TO_PERFORM;
@@ -1011,7 +1049,7 @@ Attribute *backend_operational(
 
 #ifdef SLAPD_SCHEMA_DN
        a = ch_malloc( sizeof( Attribute ) );
-       a->a_desc = ad_dup( slap_schema.si_ad_subschemaSubentry );
+       a->a_desc = slap_schema.si_ad_subschemaSubentry;
 
        /* Should be backend specific */
        a->a_vals = ch_malloc( 2 * sizeof( struct berval * ) );