#include "slap.h"
#include "ldap_pvt.h"
+int is_object_subclass(
+ ObjectClass *sub,
+ ObjectClass *sup )
+{
+ int i;
+
+ if( sub == NULL || sup == NULL ) return 0;
+
+#if 0
+ Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n",
+ sub->soc_oid, sup->soc_oid, sup == sub );
+#endif
+
+ if( sup == sub ) {
+ return 1;
+ }
+
+ if( sup->soc_sups == NULL ) {
+ return 0;
+ }
+
+ for( i=0; sup->soc_sups[i] != NULL; i++ ) {
+ if( is_object_subclass( sub, sup->soc_sups[i] ) ) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
int is_entry_objectclass(
Entry* e,
- const char* oc)
+ ObjectClass *oc )
{
Attribute *attr;
- struct berval bv;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
+ int i;
AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
-#else
- static const char *objectClass = "objectclass";
-#endif
-
- assert(!( e == NULL || oc == NULL || *oc == '\0' ));
+ assert(!( e == NULL || oc == NULL ));
- if( e == NULL || oc == NULL || *oc == '\0' ) {
+ if( e == NULL || oc == NULL ) {
return 0;
}
if( attr == NULL ) {
/* no objectClass attribute */
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "is_entry_objectclass: dn(%s), oid (%s), no objectlcass attribute.\n",
+ e->e_dn == NULL ? "" : e->e_dn, oc->soc_oclass.oc_oid ));
+#else
Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") "
"no objectClass attribute\n",
- e->e_dn == NULL ? "" : e->e_dn, oc, 0 );
-
- return 0;
- }
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid, 0 );
+#endif
- bv.bv_val = (char *) oc;
- bv.bv_len = strlen( bv.bv_val );
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- /* not yet implemented */
-#else
- if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
- /* entry is not of this objectclass */
return 0;
}
-#endif
-
- return 1;
-}
-
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- /* these shouldn't be hardcoded */
+ for( i=0; attr->a_vals[i]; i++ ) {
+ ObjectClass *objectClass = oc_find( attr->a_vals[i]->bv_val );
-static char *oc_op_usermod_attrs[] = {
- /*
- * these are operational attributes which are
- * not defined as NO-USER_MODIFICATION and
- * which slapd supports modification of.
- *
- * Currently none.
- * Likely candidate, "aci"
- */
- NULL
-};
-
-static char *oc_op_attrs[] = {
- /*
- * these are operational attributes
- * most could be user modifiable
- */
- "objectClasses",
- "attributeTypes",
- "matchingRules",
- "matchingRuleUse",
- "dITStructureRules",
- "dITContentRules",
- "nameForms",
- "ldapSyntaxes",
- "namingContexts",
- "supportedExtension",
- "supportedControl",
- "supportedSASLMechanisms",
- "supportedLDAPversion",
- "supportedACIMechanisms",
- "subschemaSubentry", /* NO USER MOD */
- NULL
-
-};
-
-/* this list should be extensible */
-static char *oc_op_no_usermod_attrs[] = {
- /*
- * Operational and 'no user modification' attributes
- * which are STORED in the directory server.
- */
-
- /* RFC2252, 3.2.1 */
- "creatorsName",
- "createTimestamp",
- "modifiersName",
- "modifyTimestamp",
-
- NULL
-};
-#endif
-
-
-/*
- * check to see if attribute is 'operational' or not.
- */
-int
-oc_check_op_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_attrs, type )
- || charray_inlist( oc_op_usermod_attrs, type )
- || charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS;
-#endif
-}
+ if( objectClass == oc ) {
+ return 1;
+ }
+ }
-/*
- * check to see if attribute can be user modified or not.
- */
-int
-oc_check_op_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_usermod_attrs, type );
-#else
- /* not (yet) in schema */
return 0;
-#endif
-}
-/*
- * check to see if attribute is 'no user modification' or not.
- */
-int
-oc_check_op_no_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_no_user_mod;
-#endif
}
static int
oc_index_cmp(
struct oindexrec *oir1,
- struct oindexrec *oir2
-)
+ struct oindexrec *oir2 )
{
+ assert( oir1->oir_name );
+ assert( oir1->oir_oc );
+ assert( oir2->oir_name );
+ assert( oir2->oir_oc );
+
return (strcasecmp( oir1->oir_name, oir2->oir_name ));
}
static int
oc_index_name_cmp(
char *name,
- struct oindexrec *oir
-)
+ struct oindexrec *oir )
{
+ assert( oir->oir_name );
+ assert( oir->oir_oc );
+
return (strcasecmp( name, oir->oir_name ));
}
ObjectClass *
oc_find( const char *ocname )
{
- struct oindexrec *oir = NULL;
+ struct oindexrec *oir;
+
+ oir = (struct oindexrec *) avl_find( oc_index, ocname,
+ (AVL_CMP) oc_index_name_cmp );
+
+ if ( oir != NULL ) {
+ assert( oir->oir_name );
+ assert( oir->oir_oc );
- if ( (oir = (struct oindexrec *) avl_find( oc_index, ocname,
- (AVL_CMP) oc_index_name_cmp )) != NULL ) {
return( oir->oir_oc );
}
+
return( NULL );
}
oc_create_required(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ const char **err )
{
char **attrs1;
AttributeType *sat;
oc_create_allowed(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ const char **err )
{
char **attrs1;
AttributeType *sat;
static int
oc_add_sups(
ObjectClass *soc,
- char **sups,
- const char **err
-)
+ char **sups,
+ const char **err )
{
int code;
ObjectClass *soc1;
int nsups;
- char **sups1;
+ char **sups1;
int add_sups = 0;
if ( sups ) {
if ( !soc->soc_sups ) {
/* We are at the first recursive level */
add_sups = 1;
- nsups = 0;
+ nsups = 1;
sups1 = sups;
while ( *sups1 ) {
nsups++;
sups1++;
}
- nsups++;
soc->soc_sups = (ObjectClass **)ch_calloc(nsups,
sizeof(ObjectClass *));
}
+
nsups = 0;
sups1 = sups;
while ( *sups1 ) {
return SLAP_SCHERR_CLASS_NOT_FOUND;
}
+ /* check object class usage
+ * abstract classes can only sup abstract classes
+ * structural classes can not sup auxiliary classes
+ * auxiliary classes can not sup structural classes
+ */
+ if( soc->soc_kind != soc1->soc_kind
+ && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT )
+ {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_USAGE;
+ }
+
if ( add_sups )
soc->soc_sups[nsups] = soc1;
- code = oc_add_sups(soc,soc1->soc_sup_oids, err);
- if ( code )
- return code;
+ code = oc_add_sups( soc, soc1->soc_sup_oids, err );
+ if ( code ) return code;
- code = oc_create_required(soc,soc1->soc_at_oids_must,err);
- if ( code )
- return code;
- code = oc_create_allowed(soc,soc1->soc_at_oids_may,err);
- if ( code )
- return code;
+ code = oc_create_required( soc, soc1->soc_at_oids_must, err );
+ if ( code ) return code;
+
+ code = oc_create_allowed( soc, soc1->soc_at_oids_may, err );
+ if ( code ) return code;
nsups++;
sups1++;
}
}
+
return 0;
}
ch_calloc( 1, sizeof(struct oindexrec) );
oir->oir_name = soc->soc_oid;
oir->oir_oc = soc;
+
+ assert( oir->oir_name );
+ assert( oir->oir_oc );
+
if ( avl_insert( &oc_index, (caddr_t) oir,
(AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) ) {
+ (AVL_DUP) avl_dup_error ) )
+ {
*err = soc->soc_oid;
+ ldap_memfree(oir->oir_name);
ldap_memfree(oir);
return SLAP_SCHERR_DUP_CLASS;
}
+
/* FIX: temporal consistency check */
- oc_find(oir->oir_name);
+ assert( oc_find(oir->oir_name) != NULL );
}
+
if ( (names = soc->soc_names) ) {
while ( *names ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
oir->oir_name = ch_strdup(*names);
oir->oir_oc = soc;
+
+ assert( oir->oir_name );
+ assert( oir->oir_oc );
+
if ( avl_insert( &oc_index, (caddr_t) oir,
(AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) ) {
+ (AVL_DUP) avl_dup_error ) )
+ {
*err = *names;
+ ldap_memfree(oir->oir_name);
ldap_memfree(oir);
return SLAP_SCHERR_DUP_CLASS;
}
+
/* FIX: temporal consistency check */
- oc_find(oir->oir_name);
+ assert( oc_find(oir->oir_name) != NULL );
+
names++;
}
}
+
return 0;
}
int
oc_add(
- LDAP_OBJECT_CLASS *oc,
+ LDAPObjectClass *oc,
const char **err
)
{
ObjectClass *soc;
int code;
+ if ( oc->oc_names != NULL ) {
+ int i;
+
+ for( i=0; oc->oc_names[i]; i++ ) {
+ if( !slap_valid_descr( oc->oc_names[i] ) ) {
+ return SLAP_SCHERR_BAD_DESCR;
+ }
+ }
+ }
+
soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
- memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS));
- if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 )
- return code;
- if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 )
- return code;
- if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 )
- return code;
+ AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) );
+
+ if( soc->soc_sup_oids == NULL &&
+ soc->soc_kind == LDAP_SCHEMA_STRUCTURAL )
+ {
+ /* structural object classes implicitly inherit from 'top' */
+ static char *top_oids[] = { SLAPD_TOP_OID, NULL };
+ code = oc_add_sups( soc, top_oids, err );
+ } else {
+ code = oc_add_sups( soc, soc->soc_sup_oids, err );
+ }
+
+ if ( code != 0 ) return code;
+
+ code = oc_create_required( soc, soc->soc_at_oids_must, err );
+ if ( code != 0 ) return code;
+
+ code = oc_create_allowed( soc, soc->soc_at_oids_may, err );
+ if ( code != 0 ) return code;
+
code = oc_insert(soc,err);
return code;
}
struct berval *vals[2];
ObjectClass *oc;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses;
-#else
- char *ad_objectClasses = "objectClasses";
-#endif
vals[0] = &val;
vals[1] = NULL;
return -1;
}
val.bv_len = strlen( val.bv_val );
+#if 0
Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n",
(long) val.bv_len, val.bv_val, 0 );
+#endif
attr_merge( e, ad_objectClasses, vals );
ldap_memfree( val.bv_val );
}