X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-ldbm%2Fdelete.c;h=d33e957f678f6dd3d1457399c586200fe8060e6a;hb=9fc4a749dcecda7176cea4859fa8f51bbc91feff;hp=19437912faca486fc4bbd07b8dc10cdb98c0ecee;hpb=f991ef04e62e2036bf90341f8cf9028622c90c60;p=openldap diff --git a/servers/slapd/back-ldbm/delete.c b/servers/slapd/back-ldbm/delete.c index 19437912fa..d33e957f67 100644 --- a/servers/slapd/back-ldbm/delete.c +++ b/servers/slapd/back-ldbm/delete.c @@ -1,7 +1,7 @@ /* delete.c - ldbm backend delete routine */ /* $OpenLDAP$ */ /* - * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -21,27 +21,39 @@ ldbm_back_delete( Backend *be, Connection *conn, Operation *op, - char *dn, - char *ndn + struct berval *dn, + struct berval *ndn ) { struct ldbminfo *li = (struct ldbminfo *) be->be_private; Entry *matched; - char *pdn = NULL; + struct berval pdn; Entry *e, *p = NULL; - int rootlock = 0; int rc = -1; int manageDSAit = get_manageDSAit( op ); + AttributeDescription *children = slap_schema.si_ad_children; - Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", dn, 0, 0); +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_delete: %s\n", dn->bv_val, 0, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_delete: %s\n", dn->bv_val, 0, 0); +#endif + + /* grab giant lock for writing */ + ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); /* get entry with writer lock */ if ( (e = dn2entry_w( be, ndn, &matched )) == NULL ) { char *matched_dn = NULL; - struct berval **refs = NULL; + BerVarray refs; +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_delete: no such object %s\n", dn->bv_val, 0, 0 ); +#else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: no such object %s\n", - dn, 0, 0); + dn->bv_val, 0, 0); +#endif if ( matched != NULL ) { matched_dn = ch_strdup( matched->e_dn ); @@ -49,47 +61,41 @@ ldbm_back_delete( ? get_entry_referrals( be, conn, op, matched ) : NULL; cache_return_entry_r( &li->li_cache, matched ); + } else { - refs = default_referral; + refs = referral_rewrite( default_referral, + NULL, dn, LDAP_SCOPE_DEFAULT ); } + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + send_ldap_result( conn, op, LDAP_REFERRAL, matched_dn, NULL, refs, NULL ); - if ( matched != NULL ) { - ber_bvecfree( refs ); - free( matched_dn ); - } + if ( refs ) ber_bvarray_free( refs ); + free( matched_dn ); return( -1 ); } -#ifdef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL - if ( ! access_allowed( be, conn, op, e, - "entry", NULL, ACL_WRITE ) ) - { - Debug(LDAP_DEBUG_ARGS, - "<=- ldbm_back_delete: insufficient access %s\n", - dn, 0, 0); - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); - goto return_results; - } -#endif - if ( !manageDSAit && is_entry_referral( e ) ) { /* parent is a referral, don't allow add */ /* parent is an alias, don't allow add */ - struct berval **refs = get_entry_referrals( be, + BerVarray refs = get_entry_referrals( be, conn, op, e ); +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_delete: entry (%s) is a referral.\n", e->e_dn, 0, 0 ); +#else Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, 0, 0 ); +#endif send_ldap_result( conn, op, LDAP_REFERRAL, e->e_dn, NULL, refs, NULL ); - ber_bvecfree( refs ); + if ( refs ) ber_bvarray_free( refs ); rc = 1; goto return_results; @@ -97,31 +103,51 @@ ldbm_back_delete( if ( has_children( be, e ) ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: (%s) is a non-leaf node.\n", dn->bv_val, 0,0); +#else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: non leaf %s\n", - dn, 0, 0); + dn->bv_val, 0, 0); +#endif + send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF, - NULL, NULL, NULL, NULL ); + NULL, "subtree delete not supported", NULL, NULL ); goto return_results; } /* delete from parent's id2children entry */ - if( (pdn = dn_parent( be, e->e_ndn )) != NULL ) { - if( (p = dn2entry_w( be, pdn, NULL )) == NULL) { + if( !be_issuffix( be, &e->e_nname ) && (dnParent( &e->e_nname, &pdn ), + pdn.bv_len) ) { + if( (p = dn2entry_w( be, &pdn, NULL )) == NULL) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: parent of (%s) does not exist\n", dn, 0, 0 ); +#else Debug( LDAP_DEBUG_TRACE, "<=- ldbm_back_delete: parent does not exist\n", 0, 0, 0); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, - NULL, NULL, NULL, NULL ); +#endif + + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "could not locate parent of entry", NULL, NULL ); goto return_results; } /* check parent for "children" acl */ if ( ! access_allowed( be, conn, op, p, - "children", NULL, ACL_WRITE ) ) + children, NULL, ACL_WRITE, NULL ) ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: no access to parent of (%s)\n", + dn->bv_val, 0, 0 ); +#else Debug( LDAP_DEBUG_TRACE, "<=- ldbm_back_delete: no access to parent\n", 0, 0, 0 ); +#endif + send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, NULL, NULL, NULL, NULL ); goto return_results; @@ -129,58 +155,100 @@ ldbm_back_delete( } else { /* no parent, must be root to delete */ - if( ! be_isroot( be, op->o_ndn ) ) { - Debug( LDAP_DEBUG_TRACE, - "<=- ldbm_back_delete: no parent & not root\n", - 0, 0, 0); - send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); - goto return_results; - } + if( ! be_isroot( be, &op->o_ndn ) ) { + if ( be_issuffix( be, (struct berval *)&slap_empty_bv ) || be_isupdate( be, &op->o_ndn ) ) { + p = (Entry *)&slap_entry_root; + + rc = access_allowed( be, conn, op, p, + children, NULL, ACL_WRITE, NULL ); + p = NULL; + + /* check parent for "children" acl */ + if ( ! rc ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: no access " + "to parent of ("")\n", 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_delete: no " + "access to parent\n", 0, 0, 0 ); +#endif - ldap_pvt_thread_mutex_lock(&li->li_root_mutex); - rootlock = 1; + send_ldap_result( conn, op, + LDAP_INSUFFICIENT_ACCESS, + NULL, NULL, NULL, NULL ); + goto return_results; + } + + } else { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: (%s) has no " + "parent & not a root.\n", dn, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "<=- ldbm_back_delete: no parent & " + "not root\n", 0, 0, 0); +#endif + + send_ldap_result( conn, op, + LDAP_INSUFFICIENT_ACCESS, + NULL, NULL, NULL, NULL ); + goto return_results; + } + } } /* delete from dn2id mapping */ - if ( dn2id_delete( be, e->e_ndn, e->e_id ) != 0 ) { + if ( dn2id_delete( be, &e->e_nname, e->e_id ) != 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: (%s) operations error\n", dn->bv_val, 0, 0 ); +#else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: operations error %s\n", - dn, 0, 0); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, - NULL, NULL, NULL, NULL ); + dn->bv_val, 0, 0); +#endif + + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "DN index delete failed", NULL, NULL ); goto return_results; } /* delete from disk and cache */ if ( id2entry_delete( be, e ) != 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_back_delete: (%s) operations error\n", dn->bv_val, 0, 0 ); +#else Debug(LDAP_DEBUG_ARGS, "<=- ldbm_back_delete: operations error %s\n", - dn, 0, 0); - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, - NULL, NULL, NULL, NULL ); + dn->bv_val, 0, 0); +#endif + + send_ldap_result( conn, op, LDAP_OTHER, + NULL, "entry delete failed", NULL, NULL ); goto return_results; } + /* delete attribute indices */ + (void) index_entry_del( be, e, e->e_attrs ); + send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL, NULL, NULL ); rc = 0; return_results:; - if ( pdn != NULL ) free(pdn); - if( p != NULL ) { /* free parent and writer lock */ cache_return_entry_w( &li->li_cache, p ); } - if ( rootlock ) { - /* release root lock */ - ldap_pvt_thread_mutex_unlock(&li->li_root_mutex); - } - /* free entry and writer lock */ cache_return_entry_w( &li->li_cache, e ); + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + return rc; }