X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-sql%2Fmodify.c;h=c9060f98eb4a62bb3cc81526517627dbeb8e7a34;hb=40cac2e37a45cbe2ce5fb69e902ad602baf65284;hp=ac9a197155cc3f25fbcbcd373244654c509b6ce9;hpb=b4e37e518fa20227509b9bf464e1b6049ba82b0a;p=openldap

diff --git a/servers/slapd/back-sql/modify.c b/servers/slapd/back-sql/modify.c
index ac9a197155..c9060f98eb 100644
--- a/servers/slapd/back-sql/modify.c
+++ b/servers/slapd/back-sql/modify.c
@@ -65,7 +65,6 @@ backsql_modify( Operation *op, SlapReply *rs )
 	bsi.bsi_e = &m;
 	rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn,
 			LDAP_SCOPE_BASE, 
-			SLAP_NO_LIMIT, SLAP_NO_LIMIT,
 			(time_t)(-1), NULL, dbh, op, rs,
 			slap_anlist_all_attributes,
 			( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) );
@@ -74,9 +73,8 @@ backsql_modify( Operation *op, SlapReply *rs )
 		break;
 
 	case LDAP_REFERRAL:
-		if ( !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
-				dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname )
-				&& manageDSAit )
+		if ( manageDSAit && !BER_BVISNULL( &bsi.bsi_e->e_nname ) &&
+				dn_match( &op->o_req_ndn, &bsi.bsi_e->e_nname ) )
 		{
 			rs->sr_err = LDAP_SUCCESS;
 			rs->sr_text = NULL;
@@ -125,25 +123,8 @@ backsql_modify( Operation *op, SlapReply *rs )
 	}
 
 	oc = backsql_id2oc( bi, bsi.bsi_base_id.eid_oc_id );
-	if ( oc == NULL ) {
-		Debug( LDAP_DEBUG_TRACE, "   backsql_modify(): "
-			"cannot determine objectclass of entry -- aborting\n",
-			0, 0, 0 );
-		/*
-		 * FIXME: should never occur, since the entry was built!!!
-		 */
-
-		/*
-		 * FIXME: we don't want to send back 
-		 * excessively detailed messages
-		 */
-		rs->sr_err = LDAP_OTHER;
-		rs->sr_text = "SQL-backend error";
-		e = NULL;
-		goto done;
-	}
+	assert( oc != NULL );
 
-	/* FIXME: need the whole entry (ITS#3480) */
 	if ( !acl_check_modlist( op, &m, op->oq_modify.rs_modlist ) ) {
 		rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
 		e = &m;
@@ -151,9 +132,36 @@ backsql_modify( Operation *op, SlapReply *rs )
 	}
 
 	rs->sr_err = backsql_modify_internal( op, rs, dbh, oc,
-			&bsi.bsi_base_id,
-			op->oq_modify.rs_modlist );
+			&bsi.bsi_base_id, op->oq_modify.rs_modlist );
+	if ( rs->sr_err != LDAP_SUCCESS ) {
+		e = &m;
+		goto do_transact;
+	}
+
+	if ( BACKSQL_CHECK_SCHEMA( bi ) ) {
+		char		textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' };
+
+		backsql_entry_clean( op, &m );
+
+		bsi.bsi_e = &m;
+		rs->sr_err = backsql_id2entry( &bsi, &bsi.bsi_base_id );
+		if ( rs->sr_err != LDAP_SUCCESS ) {
+			e = &m;
+			goto do_transact;
+		}
+
+		rs->sr_err = entry_schema_check( op, &m, NULL, 0,
+			&rs->sr_text, textbuf, sizeof( textbuf ) );
+		if ( rs->sr_err != LDAP_SUCCESS ) {
+			Debug( LDAP_DEBUG_TRACE, "   backsql_add(\"%s\"): "
+				"entry failed schema check -- aborting\n",
+				m.e_name.bv_val, 0, 0 );
+			e = NULL;
+			goto do_transact;
+		}
+	}
 
+do_transact:;
 	/*
 	 * Commit only if all operations succeed
 	 */
@@ -182,10 +190,12 @@ done:;
 
 	send_ldap_result( op, rs );
 
-	(void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+	if ( !BER_BVISNULL( &bsi.bsi_base_id.eid_ndn ) ) {
+		(void)backsql_free_entryID( op, &bsi.bsi_base_id, 0 );
+	}
 
-	if ( bsi.bsi_e != NULL ) {
-		entry_clean( bsi.bsi_e );
+	if ( !BER_BVISNULL( &m.e_nname ) ) {
+		backsql_entry_clean( op, &m );
 	}
 
 	if ( bsi.bsi_attrs != NULL ) {