X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foc.c;h=2d7c6ce097274af7dd4b5327a207e25eab7ddd23;hb=d6449b1d57964b189259f7388f03418fb09e3000;hp=a8997bc7792c064062da1c6d3e7d989a9e926272;hpb=000c1ca40b08f768afe8af767cc5892ab41ef483;p=openldap diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c index a8997bc779..2d7c6ce097 100644 --- a/servers/slapd/oc.c +++ b/servers/slapd/oc.c @@ -1,7 +1,7 @@ /* oc.c - object class routines */ /* $OpenLDAP$ */ /* - * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -16,157 +16,101 @@ #include "slap.h" #include "ldap_pvt.h" -int is_entry_objectclass( - Entry* e, - const char* oc) +int is_object_subclass( + ObjectClass *sup, + ObjectClass *sub ) { - Attribute *attr; - struct berval bv; -#ifdef SLAPD_SCHEMA_NOT_COMPAT - static AttributeDescription *objectClass = NULL; + int i; + + if( sub == NULL || sup == NULL ) return 0; + +#if 1 +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ARGS, + "is_object_subclass(%s,%s) %d\n", + sup->soc_oid, sub->soc_oid, sup == sub ); #else - static const char *objectClass = "objectclass"; + Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n", + sup->soc_oid, sub->soc_oid, sup == sub ); +#endif #endif - if( e == NULL || oc == NULL || *oc == '\0' ) - return 0; - - /* - * find objectClass attribute - */ - attr = attr_find(e->e_attrs, objectClass); + if( sup == sub ) { + return 1; + } - if( attr == NULL ) { - /* no objectClass attribute */ + if( sub->soc_sups == NULL ) { return 0; } - bv.bv_val = (char *) oc; - bv.bv_len = strlen( bv.bv_val ); - -#ifdef SLAPD_SCHEMA_NOT_COMPAT - /* not yet implemented */ -#else - if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) { - /* entry is not of this objectclass */ - return 0; + for( i=0; sub->soc_sups[i] != NULL; i++ ) { + if( is_object_subclass( sup, sub->soc_sups[i] ) ) { + return 1; + } } -#endif - return 1; + return 0; } +int is_entry_objectclass( + Entry* e, + ObjectClass *oc, + int set_flags ) +{ + Attribute *attr; + struct berval *bv; + AttributeDescription *objectClass = slap_schema.si_ad_objectClass; + assert(!( e == NULL || oc == NULL )); -#ifndef SLAPD_SCHEMA_NOT_COMPAT - /* these shouldn't be hardcoded */ - -static char *oc_op_usermod_attrs[] = { - /* - * these are operational attributes which are - * not defined as NO-USER_MODIFICATION and - * which slapd supports modification of. - * - * Currently none. - * Likely candidate, "aci" - */ - NULL -}; - -static char *oc_op_attrs[] = { - /* - * these are operational attributes - * most could be user modifiable - */ - "objectClasses", - "attributeTypes", - "matchingRules", - "matchingRuleUse", - "dITStructureRules", - "dITContentRules", - "nameForms", - "ldapSyntaxes", - "namingContexts", - "supportedExtension", - "supportedControl", - "supportedSASLMechanisms", - "supportedLDAPversion", - "supportedACIMechanisms", - "subschemaSubentry", /* NO USER MOD */ - NULL + if( e == NULL || oc == NULL ) { + return 0; + } -}; + if( set_flags && ( e->e_ocflags & SLAP_OC__END )) { + return (e->e_ocflags & oc->soc_flags) ? 1 : 0; + } -/* this list should be extensible */ -static char *oc_op_no_usermod_attrs[] = { /* - * Operational and 'no user modification' attributes - * which are STORED in the directory server. + * find objectClass attribute */ + attr = attr_find(e->e_attrs, objectClass); - /* RFC2252, 3.2.1 */ - "creatorsName", - "createTimestamp", - "modifiersName", - "modifyTimestamp", - - NULL -}; -#endif - - -/* - * check to see if attribute is 'operational' or not. - */ -int -oc_check_op_attr( const char *type ) -{ -#ifndef SLAPD_SCHEMA_NOT_COMPAT - return charray_inlist( oc_op_attrs, type ) - || charray_inlist( oc_op_usermod_attrs, type ) - || charray_inlist( oc_op_no_usermod_attrs, type ); + if( attr == NULL ) { + /* no objectClass attribute */ +#ifdef NEW_LOGGING + LDAP_LOG( OPERATION, ERR, + "is_entry_objectclass: dn(%s), oid (%s), no objectClass " + "attribute.\n", e->e_dn == NULL ? "" : e->e_dn, + oc->soc_oclass.oc_oid, 0 ); #else - AttributeType *at = at_find( type ); - - if( at == NULL ) return 0; - - return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS; + Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") " + "no objectClass attribute\n", + e->e_dn == NULL ? "" : e->e_dn, + oc->soc_oclass.oc_oid, 0 ); #endif -} -/* - * check to see if attribute can be user modified or not. - */ -int -oc_check_op_usermod_attr( const char *type ) -{ -#ifndef SLAPD_SCHEMA_NOT_COMPAT - return charray_inlist( oc_op_usermod_attrs, type ); -#else - /* not (yet) in schema */ - return 0; -#endif -} + return 0; + } -/* - * check to see if attribute is 'no user modification' or not. - */ -int -oc_check_op_no_usermod_attr( const char *type ) -{ -#ifndef SLAPD_SCHEMA_NOT_COMPAT - return charray_inlist( oc_op_no_usermod_attrs, type ); -#else - AttributeType *at = at_find( type ); + for( bv=attr->a_vals; bv->bv_val; bv++ ) { + ObjectClass *objectClass = oc_bvfind( bv ); - if( at == NULL ) return 0; + if ( objectClass == oc && !set_flags ) { + return 1; + } + + if ( objectClass != NULL ) { + e->e_ocflags |= objectClass->soc_flags; + } + } + e->e_ocflags |= SLAP_OC__END; /* We've finished this */ - return at->sat_no_user_mod; -#endif + return (e->e_ocflags & oc->soc_flags); } struct oindexrec { - char *oir_name; + struct berval oir_name; ObjectClass *oir_oc; }; @@ -176,30 +120,48 @@ static ObjectClass *oc_list = NULL; static int oc_index_cmp( struct oindexrec *oir1, - struct oindexrec *oir2 -) + struct oindexrec *oir2 ) { - return (strcasecmp( oir1->oir_name, oir2->oir_name )); + int i = oir1->oir_name.bv_len - oir2->oir_name.bv_len; + if (i) + return i; + return strcasecmp( oir1->oir_name.bv_val, oir2->oir_name.bv_val ); } static int oc_index_name_cmp( - char *name, - struct oindexrec *oir -) + struct berval *name, + struct oindexrec *oir ) { - return (strcasecmp( name, oir->oir_name )); + int i = name->bv_len - oir->oir_name.bv_len; + if (i) + return i; + return strncasecmp( name->bv_val, oir->oir_name.bv_val, name->bv_len ); } ObjectClass * oc_find( const char *ocname ) { - struct oindexrec *oir = NULL; + struct berval bv; - if ( (oir = (struct oindexrec *) avl_find( oc_index, ocname, - (AVL_CMP) oc_index_name_cmp )) != NULL ) { + bv.bv_val = (char *)ocname; + bv.bv_len = strlen( ocname ); + + return( oc_bvfind( &bv ) ); +} + +ObjectClass * +oc_bvfind( struct berval *ocname ) +{ + struct oindexrec *oir; + + oir = (struct oindexrec *) avl_find( oc_index, ocname, + (AVL_CMP) oc_index_name_cmp ); + + if ( oir != NULL ) { return( oir->oir_oc ); } + return( NULL ); } @@ -207,8 +169,8 @@ static int oc_create_required( ObjectClass *soc, char **attrs, - const char **err -) + int *op, + const char **err ) { char **attrs1; AttributeType *sat; @@ -223,6 +185,9 @@ oc_create_required( *err = *attrs1; return SLAP_SCHERR_ATTR_NOT_FOUND; } + + if( is_at_operational( sat )) (*op)++; + if ( at_find_in_list(sat, soc->soc_required) < 0) { if ( at_append_to_list(sat, &soc->soc_required) ) { *err = *attrs1; @@ -246,8 +211,8 @@ static int oc_create_allowed( ObjectClass *soc, char **attrs, - const char **err -) + int *op, + const char **err ) { char **attrs1; AttributeType *sat; @@ -260,6 +225,9 @@ oc_create_allowed( *err = *attrs1; return SLAP_SCHERR_ATTR_NOT_FOUND; } + + if( is_at_operational( sat )) (*op)++; + if ( at_find_in_list(sat, soc->soc_required) < 0 && at_find_in_list(sat, soc->soc_allowed) < 0 ) { if ( at_append_to_list(sat, &soc->soc_allowed) ) { @@ -276,30 +244,30 @@ oc_create_allowed( static int oc_add_sups( ObjectClass *soc, - char **sups, - const char **err -) + char **sups, + int *op, + const char **err ) { int code; ObjectClass *soc1; int nsups; - char **sups1; + char **sups1; int add_sups = 0; if ( sups ) { if ( !soc->soc_sups ) { /* We are at the first recursive level */ add_sups = 1; - nsups = 0; + nsups = 1; sups1 = sups; while ( *sups1 ) { nsups++; sups1++; } - nsups++; soc->soc_sups = (ObjectClass **)ch_calloc(nsups, sizeof(ObjectClass *)); } + nsups = 0; sups1 = sups; while ( *sups1 ) { @@ -309,27 +277,57 @@ oc_add_sups( return SLAP_SCHERR_CLASS_NOT_FOUND; } - if ( add_sups ) + /* check object class usage + * abstract classes can only sup abstract classes + * structural classes can not sup auxiliary classes + * auxiliary classes can not sup structural classes + */ + if( soc->soc_kind != soc1->soc_kind + && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT ) + { + *err = *sups1; + return SLAP_SCHERR_CLASS_BAD_USAGE; + } + + if( soc->soc_flags & SLAP_OC_OPERATIONAL ) (*op)++; + + if ( add_sups ) { soc->soc_sups[nsups] = soc1; + } + + code = oc_add_sups( soc, soc1->soc_sup_oids, op, err ); + if ( code ) return code; - code = oc_add_sups(soc,soc1->soc_sup_oids, err); - if ( code ) - return code; + code = oc_create_required( soc, soc1->soc_at_oids_must, op, err ); + if ( code ) return code; - code = oc_create_required(soc,soc1->soc_at_oids_must,err); - if ( code ) - return code; - code = oc_create_allowed(soc,soc1->soc_at_oids_may,err); - if ( code ) - return code; + code = oc_create_allowed( soc, soc1->soc_at_oids_may, op, err ); + if ( code ) return code; nsups++; sups1++; } } + return 0; } +void +oc_destroy( void ) +{ + ObjectClass *o, *n; + + avl_free(oc_index, ldap_memfree); + for (o=oc_list; o; o=n) + { + n = o->soc_next; + if (o->soc_sups) ldap_memfree(o->soc_sups); + if (o->soc_required) ldap_memfree(o->soc_required); + if (o->soc_allowed) ldap_memfree(o->soc_allowed); + ldap_objectclass_free((LDAPObjectClass *)o); + } +} + static int oc_insert( ObjectClass *soc, @@ -349,56 +347,113 @@ oc_insert( if ( soc->soc_oid ) { oir = (struct oindexrec *) ch_calloc( 1, sizeof(struct oindexrec) ); - oir->oir_name = soc->soc_oid; + oir->oir_name.bv_val = soc->soc_oid; + oir->oir_name.bv_len = strlen( soc->soc_oid ); oir->oir_oc = soc; + + assert( oir->oir_name.bv_val ); + assert( oir->oir_oc ); + if ( avl_insert( &oc_index, (caddr_t) oir, (AVL_CMP) oc_index_cmp, - (AVL_DUP) avl_dup_error ) ) { + (AVL_DUP) avl_dup_error ) ) + { *err = soc->soc_oid; ldap_memfree(oir); - return SLAP_SCHERR_DUP_CLASS; + return SLAP_SCHERR_CLASS_DUP; } + /* FIX: temporal consistency check */ - oc_find(oir->oir_name); + assert( oc_bvfind(&oir->oir_name) != NULL ); } + if ( (names = soc->soc_names) ) { while ( *names ) { oir = (struct oindexrec *) ch_calloc( 1, sizeof(struct oindexrec) ); - oir->oir_name = ch_strdup(*names); + oir->oir_name.bv_val = *names; + oir->oir_name.bv_len = strlen( *names ); oir->oir_oc = soc; + + assert( oir->oir_name.bv_val ); + assert( oir->oir_oc ); + if ( avl_insert( &oc_index, (caddr_t) oir, (AVL_CMP) oc_index_cmp, - (AVL_DUP) avl_dup_error ) ) { + (AVL_DUP) avl_dup_error ) ) + { *err = *names; ldap_memfree(oir); - return SLAP_SCHERR_DUP_CLASS; + return SLAP_SCHERR_CLASS_DUP; } + /* FIX: temporal consistency check */ - oc_find(oir->oir_name); + assert( oc_bvfind(&oir->oir_name) != NULL ); + names++; } } + return 0; } int oc_add( - LDAP_OBJECT_CLASS *oc, + LDAPObjectClass *oc, + int user, const char **err ) { ObjectClass *soc; int code; + int op = 0; + + if ( oc->oc_names != NULL ) { + int i; + + for( i=0; oc->oc_names[i]; i++ ) { + if( !slap_valid_descr( oc->oc_names[i] ) ) { + return SLAP_SCHERR_BAD_DESCR; + } + } + } + + if ( !OID_LEADCHAR( oc->oc_oid[0] )) { + /* Expand OID macros */ + char *oid = oidm_find( oc->oc_oid ); + if ( !oid ) { + *err = oc->oc_oid; + return SLAP_SCHERR_OIDM; + } + if ( oid != oc->oc_oid ) { + ldap_memfree( oc->oc_oid ); + oc->oc_oid = oid; + } + } soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) ); - memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS)); - if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 ) - return code; - if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 ) - return code; - if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 ) - return code; + AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) ); + + if( soc->soc_sup_oids == NULL && + soc->soc_kind == LDAP_SCHEMA_STRUCTURAL ) + { + /* structural object classes implicitly inherit from 'top' */ + static char *top_oids[] = { SLAPD_TOP_OID, NULL }; + code = oc_add_sups( soc, top_oids, &op, err ); + } else { + code = oc_add_sups( soc, soc->soc_sup_oids, &op, err ); + } + + if ( code != 0 ) return code; + + code = oc_create_required( soc, soc->soc_at_oids_must, &op, err ); + if ( code != 0 ) return code; + + code = oc_create_allowed( soc, soc->soc_at_oids_may, &op, err ); + if ( code != 0 ) return code; + + if( user && op ) return SLAP_SCHERR_CLASS_BAD_SUP; + code = oc_insert(soc,err); return code; } @@ -436,24 +491,26 @@ oc_print( ObjectClass *oc ) int oc_schema_info( Entry *e ) { - struct berval val; - struct berval *vals[2]; + struct berval vals[2]; ObjectClass *oc; - vals[0] = &val; - vals[1] = NULL; + AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses; + + vals[1].bv_val = NULL; for ( oc = oc_list; oc; oc = oc->soc_next ) { - val.bv_val = ldap_objectclass2str( &oc->soc_oclass ); - if ( val.bv_val ) { - val.bv_len = strlen( val.bv_val ); - Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n", - (long) val.bv_len, val.bv_val, 0 ); - attr_merge( e, "objectClasses", vals ); - ldap_memfree( val.bv_val ); - } else { + if ( ldap_objectclass2bv( &oc->soc_oclass, vals ) == NULL ) { return -1; } + + if( oc->soc_flags & SLAP_OC_HIDE ) continue; + +#if 0 + Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n", + (long) vals[0].bv_len, vals[0].bv_val, 0 ); +#endif + attr_merge( e, ad_objectClasses, vals ); + ldap_memfree( vals[0].bv_val ); } return 0; }