/* oc.c - object class routines */
/* $OpenLDAP$ */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
#include "slap.h"
#include "ldap_pvt.h"
-int is_entry_objectclass(
- Entry* e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- ObjectClass *oc
-#else
- const char* oc
-#endif
-)
+int is_object_subclass(
+ ObjectClass *sup,
+ ObjectClass *sub )
{
- Attribute *attr;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
int i;
- AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
- assert(!( e == NULL || oc == NULL ));
-#else
- struct berval bv;
- static const char *objectClass = "objectclass";
- assert(!( e == NULL || oc == NULL || *oc == '\0' ));
-#endif
- if( e == NULL || oc == NULL
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- || *oc == '\0'
-#endif
- ) {
- return 0;
- }
+ if( sub == NULL || sup == NULL ) return 0;
- /*
- * find objectClass attribute
- */
- attr = attr_find(e->e_attrs, objectClass);
+#if 1
+ Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n",
+ sup->soc_oid, sub->soc_oid, sup == sub );
+#endif
- if( attr == NULL ) {
- /* no objectClass attribute */
- Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") "
- "no objectClass attribute\n",
- e->e_dn == NULL ? "" : e->e_dn, oc, 0 );
+ if( sup == sub ) {
+ return 1;
+ }
+ if( sub->soc_sups == NULL ) {
return 0;
}
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- for( i=0; attr->a_vals[i]; i++ ) {
- ObjectClass *objectClass = oc_find( attr->a_vals[i]->bv_val );
-
- if( objectClass == oc ) {
+ for( i=0; sub->soc_sups[i] != NULL; i++ ) {
+ if( is_object_subclass( sup, sub->soc_sups[i] ) ) {
return 1;
}
}
return 0;
+}
-#else
- bv.bv_val = (char *) oc;
- bv.bv_len = strlen( bv.bv_val );
+int is_entry_objectclass(
+ Entry* e,
+ ObjectClass *oc,
+ int set_flags )
+{
+ Attribute *attr;
+ struct berval *bv;
+ AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
+ assert(!( e == NULL || oc == NULL ));
- if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
- /* entry is not of this objectclass */
+ if( e == NULL || oc == NULL ) {
return 0;
}
- return 1;
-#endif
-}
-
-
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- /* these shouldn't be hardcoded */
-
-static char *oc_op_usermod_attrs[] = {
- /*
- * these are operational attributes which are
- * not defined as NO-USER_MODIFICATION and
- * which slapd supports modification of.
- *
- * Currently none.
- * Likely candidate, "aci"
- */
- NULL
-};
-
-static char *oc_op_attrs[] = {
- /*
- * these are operational attributes
- * most could be user modifiable
- */
- "objectClasses",
- "attributeTypes",
- "matchingRules",
- "matchingRuleUse",
- "dITStructureRules",
- "dITContentRules",
- "nameForms",
- "ldapSyntaxes",
- "namingContexts",
- "supportedExtension",
- "supportedControl",
- "supportedSASLMechanisms",
- "supportedLDAPversion",
- "supportedACIMechanisms",
- "subschemaSubentry", /* NO USER MOD */
- NULL
-
-};
+ if( set_flags && ( e->e_ocflags & SLAP_OC__END )) {
+ return (e->e_ocflags & oc->soc_flags);
+ }
-/* this list should be extensible */
-static char *oc_op_no_usermod_attrs[] = {
/*
- * Operational and 'no user modification' attributes
- * which are STORED in the directory server.
+ * find objectClass attribute
*/
+ attr = attr_find(e->e_attrs, objectClass);
- /* RFC2252, 3.2.1 */
- "creatorsName",
- "createTimestamp",
- "modifiersName",
- "modifyTimestamp",
-
- NULL
-};
-
-
-/*
- * check to see if attribute is 'operational' or not.
- */
-int
-oc_check_op_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_attrs, type )
- || charray_inlist( oc_op_usermod_attrs, type )
- || charray_inlist( oc_op_no_usermod_attrs, type );
+ if( attr == NULL ) {
+ /* no objectClass attribute */
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR, "is_entry_objectclass: "
+ "dn(%s), oid (%s), no objectClass attribute.\n",
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid ));
#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS;
+ Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") "
+ "no objectClass attribute\n",
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid, 0 );
#endif
-}
-/*
- * check to see if attribute can be user modified or not.
- */
-int
-oc_check_op_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_usermod_attrs, type );
-#else
- /* not (yet) in schema */
- return 0;
-#endif
-}
+ return 0;
+ }
-/*
- * check to see if attribute is 'no user modification' or not.
- */
-int
-oc_check_op_no_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
+ for( bv=attr->a_vals; bv->bv_val; bv++ ) {
+ ObjectClass *objectClass = oc_bvfind( bv );
- if( at == NULL ) return 0;
+ if ( objectClass == oc && !set_flags ) {
+ return 1;
+ }
+
+ if ( objectClass != NULL ) {
+ e->e_ocflags |= objectClass->soc_flags;
+ }
+ }
+ e->e_ocflags |= SLAP_OC__END; /* We've finished this */
- return at->sat_no_user_mod;
-#endif
+ return (e->e_ocflags & oc->soc_flags);
}
-#endif
struct oindexrec {
- char *oir_name;
+ struct berval oir_name;
ObjectClass *oir_oc;
};
static int
oc_index_cmp(
struct oindexrec *oir1,
- struct oindexrec *oir2
-)
+ struct oindexrec *oir2 )
{
- return (strcasecmp( oir1->oir_name, oir2->oir_name ));
+ int i = oir1->oir_name.bv_len - oir2->oir_name.bv_len;
+ if (i)
+ return i;
+ return strcasecmp( oir1->oir_name.bv_val, oir2->oir_name.bv_val );
}
static int
oc_index_name_cmp(
- char *name,
- struct oindexrec *oir
-)
+ struct berval *name,
+ struct oindexrec *oir )
{
- return (strcasecmp( name, oir->oir_name ));
+ int i = name->bv_len - oir->oir_name.bv_len;
+ if (i)
+ return i;
+ return strncasecmp( name->bv_val, oir->oir_name.bv_val, name->bv_len );
}
ObjectClass *
oc_find( const char *ocname )
{
- struct oindexrec *oir = NULL;
+ struct berval bv;
- if ( (oir = (struct oindexrec *) avl_find( oc_index, ocname,
- (AVL_CMP) oc_index_name_cmp )) != NULL ) {
+ bv.bv_val = (char *)ocname;
+ bv.bv_len = strlen( ocname );
+
+ return( oc_bvfind( &bv ) );
+}
+
+ObjectClass *
+oc_bvfind( struct berval *ocname )
+{
+ struct oindexrec *oir;
+
+ oir = (struct oindexrec *) avl_find( oc_index, ocname,
+ (AVL_CMP) oc_index_name_cmp );
+
+ if ( oir != NULL ) {
return( oir->oir_oc );
}
+
return( NULL );
}
oc_create_required(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ const char **err )
{
char **attrs1;
AttributeType *sat;
oc_create_allowed(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ const char **err )
{
char **attrs1;
AttributeType *sat;
static int
oc_add_sups(
ObjectClass *soc,
- char **sups,
- const char **err
-)
+ char **sups,
+ const char **err )
{
int code;
ObjectClass *soc1;
int nsups;
- char **sups1;
+ char **sups1;
int add_sups = 0;
if ( sups ) {
if ( !soc->soc_sups ) {
/* We are at the first recursive level */
add_sups = 1;
- nsups = 0;
+ nsups = 1;
sups1 = sups;
while ( *sups1 ) {
nsups++;
sups1++;
}
- nsups++;
soc->soc_sups = (ObjectClass **)ch_calloc(nsups,
sizeof(ObjectClass *));
}
+
nsups = 0;
sups1 = sups;
while ( *sups1 ) {
return SLAP_SCHERR_CLASS_NOT_FOUND;
}
+ /* check object class usage
+ * abstract classes can only sup abstract classes
+ * structural classes can not sup auxiliary classes
+ * auxiliary classes can not sup structural classes
+ */
+ if( soc->soc_kind != soc1->soc_kind
+ && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT )
+ {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_USAGE;
+ }
+
if ( add_sups )
soc->soc_sups[nsups] = soc1;
- code = oc_add_sups(soc,soc1->soc_sup_oids, err);
- if ( code )
- return code;
+ code = oc_add_sups( soc, soc1->soc_sup_oids, err );
+ if ( code ) return code;
- code = oc_create_required(soc,soc1->soc_at_oids_must,err);
- if ( code )
- return code;
- code = oc_create_allowed(soc,soc1->soc_at_oids_may,err);
- if ( code )
- return code;
+ code = oc_create_required( soc, soc1->soc_at_oids_must, err );
+ if ( code ) return code;
+
+ code = oc_create_allowed( soc, soc1->soc_at_oids_may, err );
+ if ( code ) return code;
nsups++;
sups1++;
}
}
+
return 0;
}
+void
+oc_destroy( void )
+{
+ ObjectClass *o, *n;
+
+ avl_free(oc_index, ldap_memfree);
+ for (o=oc_list; o; o=n)
+ {
+ n = o->soc_next;
+ if (o->soc_sups) ldap_memfree(o->soc_sups);
+ if (o->soc_required) ldap_memfree(o->soc_required);
+ if (o->soc_allowed) ldap_memfree(o->soc_allowed);
+ ldap_objectclass_free((LDAPObjectClass *)o);
+ }
+}
+
static int
oc_insert(
ObjectClass *soc,
if ( soc->soc_oid ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
- oir->oir_name = soc->soc_oid;
+ oir->oir_name.bv_val = soc->soc_oid;
+ oir->oir_name.bv_len = strlen( soc->soc_oid );
oir->oir_oc = soc;
+
+ assert( oir->oir_name.bv_val );
+ assert( oir->oir_oc );
+
if ( avl_insert( &oc_index, (caddr_t) oir,
(AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) ) {
+ (AVL_DUP) avl_dup_error ) )
+ {
*err = soc->soc_oid;
ldap_memfree(oir);
return SLAP_SCHERR_DUP_CLASS;
}
+
/* FIX: temporal consistency check */
- oc_find(oir->oir_name);
+ assert( oc_bvfind(&oir->oir_name) != NULL );
}
+
if ( (names = soc->soc_names) ) {
while ( *names ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
- oir->oir_name = ch_strdup(*names);
+ oir->oir_name.bv_val = *names;
+ oir->oir_name.bv_len = strlen( *names );
oir->oir_oc = soc;
+
+ assert( oir->oir_name.bv_val );
+ assert( oir->oir_oc );
+
if ( avl_insert( &oc_index, (caddr_t) oir,
(AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) ) {
+ (AVL_DUP) avl_dup_error ) )
+ {
*err = *names;
ldap_memfree(oir);
return SLAP_SCHERR_DUP_CLASS;
}
+
/* FIX: temporal consistency check */
- oc_find(oir->oir_name);
+ assert( oc_bvfind(&oir->oir_name) != NULL );
+
names++;
}
}
+
return 0;
}
int
oc_add(
- LDAP_OBJECT_CLASS *oc,
+ LDAPObjectClass *oc,
const char **err
)
{
ObjectClass *soc;
int code;
+ if ( oc->oc_names != NULL ) {
+ int i;
+
+ for( i=0; oc->oc_names[i]; i++ ) {
+ if( !slap_valid_descr( oc->oc_names[i] ) ) {
+ return SLAP_SCHERR_BAD_DESCR;
+ }
+ }
+ }
+
+ if ( !OID_LEADCHAR( oc->oc_oid[0] )) {
+ /* Expand OID macros */
+ char *oid = oidm_find( oc->oc_oid );
+ if ( !oid ) {
+ *err = oc->oc_oid;
+ return SLAP_SCHERR_OIDM;
+ }
+ if ( oid != oc->oc_oid ) {
+ ldap_memfree( oc->oc_oid );
+ oc->oc_oid = oid;
+ }
+ }
+
soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
- memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS));
- if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 )
- return code;
- if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 )
- return code;
- if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 )
- return code;
+ AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) );
+
+ if( soc->soc_sup_oids == NULL &&
+ soc->soc_kind == LDAP_SCHEMA_STRUCTURAL )
+ {
+ /* structural object classes implicitly inherit from 'top' */
+ static char *top_oids[] = { SLAPD_TOP_OID, NULL };
+ code = oc_add_sups( soc, top_oids, err );
+ } else {
+ code = oc_add_sups( soc, soc->soc_sup_oids, err );
+ }
+
+ if ( code != 0 ) return code;
+
+ code = oc_create_required( soc, soc->soc_at_oids_must, err );
+ if ( code != 0 ) return code;
+
+ code = oc_create_allowed( soc, soc->soc_at_oids_may, err );
+ if ( code != 0 ) return code;
+
code = oc_insert(soc,err);
return code;
}
int
oc_schema_info( Entry *e )
{
- struct berval val;
- struct berval *vals[2];
+ struct berval vals[2];
ObjectClass *oc;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses;
-#else
- char *ad_objectClasses = "objectClasses";
-#endif
- vals[0] = &val;
- vals[1] = NULL;
+ vals[1].bv_val = NULL;
for ( oc = oc_list; oc; oc = oc->soc_next ) {
- val.bv_val = ldap_objectclass2str( &oc->soc_oclass );
- if ( val.bv_val == NULL ) {
+ if ( ldap_objectclass2bv( &oc->soc_oclass, vals ) == NULL ) {
return -1;
}
- val.bv_len = strlen( val.bv_val );
+#if 0
Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n",
- (long) val.bv_len, val.bv_val, 0 );
+ (long) vals[0].bv_len, vals[0].bv_val, 0 );
+#endif
attr_merge( e, ad_objectClasses, vals );
- ldap_memfree( val.bv_val );
+ ldap_memfree( vals[0].bv_val );
}
return 0;
}