#include "slap.h"
#include "ldap_pvt.h"
+int is_object_subclass(
+ ObjectClass *sub,
+ ObjectClass *sup )
+{
+ int i;
+
+ if( sub == NULL || sup == NULL ) return 0;
+
+#if 0
+ Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n",
+ sub->soc_oid, sup->soc_oid, sup == sub );
+#endif
+
+ if( sup == sub ) {
+ return 1;
+ }
+
+ if( sup->soc_sups == NULL ) {
+ return 0;
+ }
+
+ for( i=0; sup->soc_sups[i] != NULL; i++ ) {
+ if( is_object_subclass( sub, sup->soc_sups[i] ) ) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
int is_entry_objectclass(
Entry* e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- ObjectClass *oc
-#else
- const char* oc
-#endif
-)
+ ObjectClass *oc )
{
Attribute *attr;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
int i;
AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
assert(!( e == NULL || oc == NULL ));
-#else
- struct berval bv;
- static const char *objectClass = "objectclass";
- assert(!( e == NULL || oc == NULL || *oc == '\0' ));
-#endif
- if( e == NULL || oc == NULL
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- || *oc == '\0'
-#endif
- ) {
+ if( e == NULL || oc == NULL ) {
return 0;
}
if( attr == NULL ) {
/* no objectClass attribute */
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR, "is_entry_objectclass: "
+ "dn(%s), oid (%s), no objectClass attribute.\n",
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid ));
+#else
Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") "
"no objectClass attribute\n",
- e->e_dn == NULL ? "" : e->e_dn, oc, 0 );
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid, 0 );
+#endif
return 0;
}
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
for( i=0; attr->a_vals[i]; i++ ) {
ObjectClass *objectClass = oc_find( attr->a_vals[i]->bv_val );
return 0;
-#else
- bv.bv_val = (char *) oc;
- bv.bv_len = strlen( bv.bv_val );
-
- if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
- /* entry is not of this objectclass */
- return 0;
- }
-
- return 1;
-#endif
}
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- /* these shouldn't be hardcoded */
-
-static char *oc_op_usermod_attrs[] = {
- /*
- * these are operational attributes which are
- * not defined as NO-USER_MODIFICATION and
- * which slapd supports modification of.
- *
- * Currently none.
- * Likely candidate, "aci"
- */
- NULL
-};
-
-static char *oc_op_attrs[] = {
- /*
- * these are operational attributes
- * most could be user modifiable
- */
- "objectClasses",
- "attributeTypes",
- "matchingRules",
- "matchingRuleUse",
- "dITStructureRules",
- "dITContentRules",
- "nameForms",
- "ldapSyntaxes",
- "namingContexts",
- "supportedExtension",
- "supportedControl",
- "supportedSASLMechanisms",
- "supportedLDAPversion",
- "supportedACIMechanisms",
- "subschemaSubentry", /* NO USER MOD */
- NULL
-
-};
-
-/* this list should be extensible */
-static char *oc_op_no_usermod_attrs[] = {
- /*
- * Operational and 'no user modification' attributes
- * which are STORED in the directory server.
- */
-
- /* RFC2252, 3.2.1 */
- "creatorsName",
- "createTimestamp",
- "modifiersName",
- "modifyTimestamp",
-
- NULL
-};
-
-
-/*
- * check to see if attribute is 'operational' or not.
- */
-int
-oc_check_op_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_attrs, type )
- || charray_inlist( oc_op_usermod_attrs, type )
- || charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS;
-#endif
-}
-
-/*
- * check to see if attribute can be user modified or not.
- */
-int
-oc_check_op_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_usermod_attrs, type );
-#else
- /* not (yet) in schema */
- return 0;
-#endif
-}
-
-/*
- * check to see if attribute is 'no user modification' or not.
- */
-int
-oc_check_op_no_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_no_user_mod;
-#endif
-}
-#endif
-
-
struct oindexrec {
char *oir_name;
ObjectClass *oir_oc;
static int
oc_index_cmp(
struct oindexrec *oir1,
- struct oindexrec *oir2
-)
+ struct oindexrec *oir2 )
{
assert( oir1->oir_name );
assert( oir1->oir_oc );
assert( oir2->oir_name );
assert( oir2->oir_oc );
- return (strcasecmp( oir1->oir_name, oir2->oir_name ));
+ return strcasecmp( oir1->oir_name, oir2->oir_name );
}
static int
oc_index_name_cmp(
char *name,
- struct oindexrec *oir
-)
+ struct oindexrec *oir )
{
assert( oir->oir_name );
assert( oir->oir_oc );
oc_create_required(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ const char **err )
{
char **attrs1;
AttributeType *sat;
oc_create_allowed(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ const char **err )
{
char **attrs1;
AttributeType *sat;
static int
oc_add_sups(
ObjectClass *soc,
- char **sups,
- const char **err
-)
+ char **sups,
+ const char **err )
{
int code;
ObjectClass *soc1;
int nsups;
- char **sups1;
+ char **sups1;
int add_sups = 0;
if ( sups ) {
if ( !soc->soc_sups ) {
/* We are at the first recursive level */
add_sups = 1;
- nsups = 0;
+ nsups = 1;
sups1 = sups;
while ( *sups1 ) {
nsups++;
sups1++;
}
- nsups++;
soc->soc_sups = (ObjectClass **)ch_calloc(nsups,
sizeof(ObjectClass *));
}
+
nsups = 0;
sups1 = sups;
while ( *sups1 ) {
return SLAP_SCHERR_CLASS_NOT_FOUND;
}
+ /* check object class usage
+ * abstract classes can only sup abstract classes
+ * structural classes can not sup auxiliary classes
+ * auxiliary classes can not sup structural classes
+ */
+ if( soc->soc_kind != soc1->soc_kind
+ && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT )
+ {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_USAGE;
+ }
+
if ( add_sups )
soc->soc_sups[nsups] = soc1;
- code = oc_add_sups(soc,soc1->soc_sup_oids, err);
- if ( code )
- return code;
+ code = oc_add_sups( soc, soc1->soc_sup_oids, err );
+ if ( code ) return code;
+
+ code = oc_create_required( soc, soc1->soc_at_oids_must, err );
+ if ( code ) return code;
- code = oc_create_required(soc,soc1->soc_at_oids_must,err);
- if ( code )
- return code;
- code = oc_create_allowed(soc,soc1->soc_at_oids_may,err);
- if ( code )
- return code;
+ code = oc_create_allowed( soc, soc1->soc_at_oids_may, err );
+ if ( code ) return code;
nsups++;
sups1++;
}
}
+
return 0;
}
int
oc_add(
- LDAP_OBJECT_CLASS *oc,
+ LDAPObjectClass *oc,
const char **err
)
{
ObjectClass *soc;
int code;
+ if ( oc->oc_names != NULL ) {
+ int i;
+
+ for( i=0; oc->oc_names[i]; i++ ) {
+ if( !slap_valid_descr( oc->oc_names[i] ) ) {
+ return SLAP_SCHERR_BAD_DESCR;
+ }
+ }
+ }
+
soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
- memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS));
- if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 )
- return code;
- if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 )
- return code;
- if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 )
- return code;
+ AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) );
+
+ if( soc->soc_sup_oids == NULL &&
+ soc->soc_kind == LDAP_SCHEMA_STRUCTURAL )
+ {
+ /* structural object classes implicitly inherit from 'top' */
+ static char *top_oids[] = { SLAPD_TOP_OID, NULL };
+ code = oc_add_sups( soc, top_oids, err );
+ } else {
+ code = oc_add_sups( soc, soc->soc_sup_oids, err );
+ }
+
+ if ( code != 0 ) return code;
+
+ code = oc_create_required( soc, soc->soc_at_oids_must, err );
+ if ( code != 0 ) return code;
+
+ code = oc_create_allowed( soc, soc->soc_at_oids_may, err );
+ if ( code != 0 ) return code;
+
code = oc_insert(soc,err);
return code;
}
struct berval *vals[2];
ObjectClass *oc;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses;
-#else
- char *ad_objectClasses = "objectClasses";
-#endif
vals[0] = &val;
vals[1] = NULL;
projects / openldap / blobdiff