X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-ldbm%2Fmodify.c;h=46ca1025a9471f132ae9b6db966aba937af53af5;hb=426ca14a868b6edb638b48e14593542a365fcc4b;hp=df9414673648bb609383319d89d8c3ae97c2dfee;hpb=76ed17f7942d4e3810fa90b46143e615af311167;p=openldap diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c index df94146736..46ca1025a9 100644 --- a/servers/slapd/back-ldbm/modify.c +++ b/servers/slapd/back-ldbm/modify.c @@ -1,217 +1,381 @@ /* modify.c - ldbm backend modify routine */ +/* $OpenLDAP$ */ +/* + * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +#include "portable.h" #include -#include -#include -#include + +#include +#include +#include + #include "slap.h" #include "back-ldbm.h" #include "proto-back-ldbm.h" -extern int global_schemacheck; -extern Attribute *attr_find(); - -static int add_values(); -static int delete_values(); -static int replace_values(); - -int -ldbm_back_modify( - Backend *be, - Connection *conn, +/* We need this function because of LDAP modrdn. If we do not + * add this there would be a bunch of code replication here + * and there and of course the likelihood of bugs increases. + * Juan C. Gomez (gomez@engr.sgi.com) 05/18/99 + */ +int ldbm_modify_internal( Operation *op, - char *dn, - LDAPMod *mods + Modifications *modlist, + Entry *e, + const char **text, + char *textbuf, + size_t textlen ) { - struct ldbminfo *li = (struct ldbminfo *) be->be_private; - char *matched = NULL; - Entry *e; - int i, err, modtype; - LDAPMod *mod; + int rc = LDAP_SUCCESS; + Modification *mod; + Modifications *ml; + Attribute *save_attrs; + Attribute *ap; - Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0); +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0 ); +#else + Debug(LDAP_DEBUG_TRACE, "ldbm_modify_internal: %s\n", e->e_name.bv_val, 0, 0); +#endif - if ( (e = dn2entry_w( be, dn, &matched )) == NULL ) { - send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, - NULL ); - if ( matched != NULL ) { - free( matched ); - } - return( -1 ); - } - /* check for deleted */ + if ( !acl_check_modlist( op, e, modlist )) { + return LDAP_INSUFFICIENT_ACCESS; + } - /* lock entry */ + save_attrs = e->e_attrs; + e->e_attrs = attrs_dup( e->e_attrs ); - if ( (err = acl_check_mods( be, conn, op, e, mods )) != LDAP_SUCCESS ) { - send_ldap_result( conn, op, err, NULL, NULL ); - goto error_return; - } + for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { + mod = &ml->sml_mod; - for ( mod = mods; mod != NULL; mod = mod->mod_next ) { - switch ( mod->mod_op & ~LDAP_MOD_BVALUES ) { + switch ( mod->sm_op ) { case LDAP_MOD_ADD: - err = add_values( e, mod, op->o_dn ); +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_modify_internal: add\n", 0, 0, 0); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0); +#endif + + rc = modify_add_values( e, mod, get_permissiveModify( op ), + text, textbuf, textlen ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n", + rc, *text, 0); +#endif + } break; case LDAP_MOD_DELETE: - err = delete_values( e, mod, op->o_dn ); +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_modify_internal: delete\n", 0,0,0); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0); +#endif + + rc = modify_delete_values( e, mod, get_permissiveModify( op ), + text, textbuf, textlen ); + assert( rc != LDAP_TYPE_OR_VALUE_EXISTS ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n", + rc, *text, 0); +#endif + } break; case LDAP_MOD_REPLACE: - err = replace_values( e, mod, op->o_dn ); +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_modify_internal: replace\n",0,0,0); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0); +#endif + + rc = modify_replace_values( e, mod, get_permissiveModify( op ), + text, textbuf, textlen ); + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n", + rc, *text, 0); +#endif + } + break; + + case SLAP_MOD_SOFTADD: +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, DETAIL1, + "ldbm_modify_internal: softadd\n", 0, 0, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: softadd\n", 0, 0, 0); +#endif + + /* Avoid problems in index_add_mods() + * We need to add index if necessary. + */ + mod->sm_op = LDAP_MOD_ADD; + + rc = modify_add_values( e, mod, get_permissiveModify( op ), + text, textbuf, textlen ); + if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) { + rc = LDAP_SUCCESS; + } + + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_modify_internal: failed %d (%s)\n", rc, *text, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n", + rc, *text, 0); +#endif + } break; + + default: +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_modify_internal: invalid op %d\n", mod->sm_op, 0, 0 ); +#else + Debug(LDAP_DEBUG_ANY, "ldbm_modify_internal: invalid op %d\n", + mod->sm_op, 0, 0); +#endif + + rc = LDAP_OTHER; + *text = "Invalid modify operation"; +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_modify_internal: %d (%s)\n", rc, *text, 0 ); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: %d %s\n", + rc, *text, 0); +#endif } - if ( err != LDAP_SUCCESS ) { - /* unlock entry, delete from cache */ - send_ldap_result( conn, op, err, NULL, NULL ); - goto error_return; + if ( rc != LDAP_SUCCESS ) { + goto exit; } - } - /* check that the entry still obeys the schema */ - if ( global_schemacheck && oc_schema_check( e ) != 0 ) { - Debug( LDAP_DEBUG_ANY, "entry failed schema check\n", 0, 0, 0 ); - send_ldap_result( conn, op, LDAP_OBJECT_CLASS_VIOLATION, NULL, NULL ); - goto error_return; - } + /* If objectClass was modified, reset the flags */ + if ( mod->sm_desc == slap_schema.si_ad_objectClass ) { + e->e_ocflags = 0; + } - /* check for abandon */ - pthread_mutex_lock( &op->o_abandonmutex ); - if ( op->o_abandon ) { - pthread_mutex_unlock( &op->o_abandonmutex ); - goto error_return; + /* check if modified attribute was indexed */ + rc = index_is_indexed( op->o_bd, mod->sm_desc ); + if ( rc == LDAP_SUCCESS ) { + ap = attr_find( save_attrs, mod->sm_desc ); + if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL; + + ap = attr_find( e->e_attrs, mod->sm_desc ); + if ( ap ) ap->a_flags |= SLAP_ATTR_IXADD; + } } - pthread_mutex_unlock( &op->o_abandonmutex ); - /* modify indexes */ - if ( index_add_mods( be, mods, e->e_id ) != 0 ) { - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL ); - goto error_return; + /* check that the entry still obeys the schema */ +#ifndef LDAP_CACHING + rc = entry_schema_check( op->o_bd, e, save_attrs, text, textbuf, textlen ); +#else /* LDAP_CACHING */ + if ( !op->o_caching_on ) { + rc = entry_schema_check( op->o_bd, e, save_attrs, + text, textbuf, textlen ); + } else { + rc = LDAP_SUCCESS; + } +#endif /* LDAP_CACHING */ + + if ( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_modify_internal: entry failed schema check: %s\n", + *text, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, "entry failed schema check: %s\n", + *text, 0, 0 ); +#endif + + goto exit; } /* check for abandon */ - pthread_mutex_lock( &op->o_abandonmutex ); if ( op->o_abandon ) { - pthread_mutex_unlock( &op->o_abandonmutex ); - goto error_return; + rc = SLAPD_ABANDON; + goto exit; } - pthread_mutex_unlock( &op->o_abandonmutex ); - /* change the entry itself */ - if ( id2entry_add( be, e ) != 0 ) { - send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL, NULL ); - goto error_return; + /* update the indices of the modified attributes */ + + /* start with deleting the old index entries */ + for ( ap = save_attrs; ap != NULL; ap = ap->a_next ) { + if ( ap->a_flags & SLAP_ATTR_IXDEL ) { + rc = index_values( op->o_bd, ap->a_desc, + ap->a_nvals, + e->e_id, SLAP_INDEX_DELETE_OP ); + if ( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_modify_internal: Attribute index delete failure\n", + 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "Attribute index delete failure", + 0, 0, 0 ); +#endif + goto exit; + } + ap->a_flags &= ~SLAP_ATTR_IXDEL; + } } - send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL ); - cache_return_entry_w( &li->li_cache, e ); - return( 0 ); - -error_return:; - cache_return_entry_w( &li->li_cache, e ); - return( -1 ); -} - -static int -add_values( - Entry *e, - LDAPMod *mod, - char *dn -) -{ - int i; - Attribute *a; - - /* check if the values we're adding already exist */ - if ( (a = attr_find( e->e_attrs, mod->mod_type )) != NULL ) { - for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) { - if ( value_find( a->a_vals, mod->mod_bvalues[i], - a->a_syntax, 3 ) == 0 ) { - return( LDAP_TYPE_OR_VALUE_EXISTS ); + /* add the new index entries */ + for ( ap = e->e_attrs; ap != NULL; ap = ap->a_next ) { + if ( ap->a_flags & SLAP_ATTR_IXADD ) { + rc = index_values( op->o_bd, ap->a_desc, + ap->a_nvals, + e->e_id, SLAP_INDEX_ADD_OP ); + if ( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ERR, + "ldbm_modify_internal: Attribute index add failure\n", + 0, 0, 0 ); +#else + Debug( LDAP_DEBUG_ANY, + "Attribute index add failure", + 0, 0, 0 ); +#endif + goto exit; } + ap->a_flags &= ~SLAP_ATTR_IXADD; } } - /* no - add them */ - if( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) { - return( LDAP_CONSTRAINT_VIOLATION ); +exit: + if ( rc == LDAP_SUCCESS ) { + attrs_free( save_attrs ); + } else { + for ( ap = save_attrs; ap; ap = ap->a_next ) { + ap->a_flags = 0; + } + attrs_free( e->e_attrs ); + e->e_attrs = save_attrs; } - return( LDAP_SUCCESS ); + return rc; } -static int -delete_values( - Entry *e, - LDAPMod *mod, - char *dn -) +int +ldbm_back_modify( + Operation *op, + SlapReply *rs ) { - int i, j, k, found; - Attribute *a; - - /* delete the entire attribute */ - if ( mod->mod_bvalues == NULL ) { - Debug( LDAP_DEBUG_ARGS, "removing entire attribute %s\n", - mod->mod_type, 0, 0 ); - return( attr_delete( &e->e_attrs, mod->mod_type ) ? - LDAP_NO_SUCH_ATTRIBUTE : LDAP_SUCCESS ); - } + struct ldbminfo *li = (struct ldbminfo *) op->o_bd->be_private; + Entry *matched; + Entry *e; + int manageDSAit = get_manageDSAit( op ); + char textbuf[SLAP_TEXT_BUFLEN]; + size_t textlen = sizeof textbuf; - /* delete specific values - find the attribute first */ - if ( (a = attr_find( e->e_attrs, mod->mod_type )) == NULL ) { - Debug( LDAP_DEBUG_ARGS, "could not find attribute %s\n", - mod->mod_type, 0, 0 ); - return( LDAP_NO_SUCH_ATTRIBUTE ); - } +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, ENTRY, "ldbm_back_modify: enter\n", 0, 0, 0); +#else + Debug(LDAP_DEBUG_ARGS, "ldbm_back_modify:\n", 0, 0, 0); +#endif - /* find each value to delete */ - for ( i = 0; mod->mod_bvalues[i] != NULL; i++ ) { - found = 0; - for ( j = 0; a->a_vals[j] != NULL; j++ ) { - if ( value_cmp( mod->mod_bvalues[i], a->a_vals[j], - a->a_syntax, 3 ) != 0 ) { - continue; - } - found = 1; + /* grab giant lock for writing */ + ldap_pvt_thread_rdwr_wlock(&li->li_giant_rwlock); - /* found a matching value - delete it */ - ber_bvfree( a->a_vals[j] ); - for ( k = j + 1; a->a_vals[k] != NULL; k++ ) { - a->a_vals[k - 1] = a->a_vals[k]; - } - a->a_vals[k - 1] = NULL; - break; + /* acquire and lock entry */ + if ( (e = dn2entry_w( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) { + if ( matched != NULL ) { + rs->sr_matched = ch_strdup( matched->e_dn ); + rs->sr_ref = is_entry_referral( matched ) + ? get_entry_referrals( op, matched ) + : NULL; + cache_return_entry_r( &li->li_cache, matched ); + } else { + rs->sr_ref = referral_rewrite( default_referral, + NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT ); } - /* looked through them all w/o finding it */ - if ( ! found ) { - Debug( LDAP_DEBUG_ARGS, - "could not find value for attr %s\n", - mod->mod_type, 0, 0 ); - return( LDAP_NO_SUCH_ATTRIBUTE ); - } + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + rs->sr_err = LDAP_REFERRAL; + send_ldap_result( op, rs ); + + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); + free( (char *)rs->sr_matched ); + + return( -1 ); } - return( LDAP_SUCCESS ); -} +#ifndef LDAP_CACHING + if ( !manageDSAit && is_entry_referral( e ) ) +#else /* LDAP_CACHING */ + if ( !op->o_caching_on && !manageDSAit && is_entry_referral( e ) ) +#endif /* LDAP_CACHING */ + { + /* parent is a referral, don't allow add */ + /* parent is an alias, don't allow add */ + rs->sr_ref = get_entry_referrals( op, e ); + +#ifdef NEW_LOGGING + LDAP_LOG( BACK_LDBM, INFO, + "ldbm_back_modify: entry (%s) is referral\n", op->o_req_ndn.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0, + 0, 0 ); +#endif + + rs->sr_err = LDAP_REFERRAL; + rs->sr_matched = e->e_name.bv_val; + send_ldap_result( op, rs ); + + if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref ); -static int -replace_values( - Entry *e, - LDAPMod *mod, - char *dn -) -{ - (void) attr_delete( &e->e_attrs, mod->mod_type ); + goto error_return; + } + + /* Modify the entry */ + rs->sr_err = ldbm_modify_internal( op, op->oq_modify.rs_modlist, e, + &rs->sr_text, textbuf, textlen ); + + if( rs->sr_err != LDAP_SUCCESS ) { + if( rs->sr_err != SLAPD_ABANDON ) { + send_ldap_result( op, rs ); + } - if ( attr_merge( e, mod->mod_type, mod->mod_bvalues ) != 0 ) { - return( LDAP_CONSTRAINT_VIOLATION ); + goto error_return; } - return( LDAP_SUCCESS ); + /* change the entry itself */ + if ( id2entry_add( op->o_bd, e ) != 0 ) { + send_ldap_error( op, rs, LDAP_OTHER, + "id2entry failure" ); + goto error_return; + } + + send_ldap_error( op, rs, LDAP_SUCCESS, + NULL ); + + cache_return_entry_w( &li->li_cache, e ); + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + return( 0 ); + +error_return:; + cache_return_entry_w( &li->li_cache, e ); + ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock); + return( -1 ); }