X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foc.c;h=5897b7c39e95f142e54d039794ee36fa69f6eaba;hb=21fee6a7f1291cafa1468473a1924751d594d667;hp=88e180983f1687a0080d3d1e30c2a31cd7cc328c;hpb=f9195f9b6f9fc995fe120a9ff0fcd01d51fd0cc8;p=openldap
diff --git a/servers/slapd/oc.c b/servers/slapd/oc.c
index 88e180983f..5897b7c39e 100644
--- a/servers/slapd/oc.c
+++ b/servers/slapd/oc.c
@@ -1,8 +1,17 @@
/* oc.c - object class routines */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software .
+ *
+ * Copyright 1998-2005 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
*/
#include "portable.h"
@@ -16,185 +25,162 @@
#include "slap.h"
#include "ldap_pvt.h"
-int is_entry_objectclass(
- Entry* e,
- const char* oc)
+int is_object_subclass(
+ ObjectClass *sup,
+ ObjectClass *sub )
{
- Attribute *attr;
- struct berval bv;
+ int i;
- if( e == NULL || oc == NULL || *oc == '\0' )
- return 0;
+ if( sub == NULL || sup == NULL ) return 0;
- /*
- * find objectClass attribute
- */
- attr = attr_find(e->e_attrs, "objectclass");
+#if 0
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, ARGS,
+ "is_object_subclass(%s,%s) %d\n",
+ sup->soc_oid, sub->soc_oid, sup == sub );
+#else
+ Debug( LDAP_DEBUG_TRACE, "is_object_subclass(%s,%s) %d\n",
+ sup->soc_oid, sub->soc_oid, sup == sub );
+#endif
+#endif
- if( attr == NULL ) {
- /* no objectClass attribute */
- return 0;
+ if( sup == sub ) {
+ return 1;
}
- bv.bv_val = (char *) oc;
- bv.bv_len = strlen( bv.bv_val );
-
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
- /* not yet implemented */
-#else
- if( value_find(attr->a_vals, &bv, attr->a_syntax, 1) != 0) {
- /* entry is not of this objectclass */
+ if( sub->soc_sups == NULL ) {
return 0;
}
-#endif
-
- return 1;
-}
-
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- /* these shouldn't be hardcoded */
+ for( i=0; sub->soc_sups[i] != NULL; i++ ) {
+ if( is_object_subclass( sup, sub->soc_sups[i] ) ) {
+ return 1;
+ }
+ }
-static char *oc_op_usermod_attrs[] = {
- /*
- * these are operational attributes which are
- * not defined as NO-USER_MODIFICATION and
- * which slapd supports modification of.
- *
- * Currently none.
- * Likely candidate, "aci"
- */
- NULL
-};
+ return 0;
+}
-static char *oc_op_attrs[] = {
+int is_entry_objectclass(
+ Entry* e,
+ ObjectClass *oc,
+ int set_flags )
+{
/*
- * these are operational attributes
- * most could be user modifiable
+ * set_flags should only be true if oc is one of operational
+ * object classes which we support objectClass flags for
+ * (e.g., referral, alias, ...). See .
*/
- "objectClasses",
- "attributeTypes",
- "matchingRules",
- "matchingRuleUse",
- "dITStructureRules",
- "dITContentRules",
- "nameForms",
- "ldapSyntaxes",
- "namingContexts",
- "supportedExtension",
- "supportedControl",
- "supportedSASLMechanisms",
- "supportedLDAPversion",
- "supportedACIMechanisms",
- "subschemaSubentry", /* NO USER MOD */
- NULL
-
-};
-/* this list should be extensible */
-static char *oc_op_no_usermod_attrs[] = {
- /*
- * Operational and 'no user modification' attributes
- * which are STORED in the directory server.
- */
+ Attribute *attr;
+ struct berval *bv;
+ AttributeDescription *objectClass = slap_schema.si_ad_objectClass;
- /* RFC2252, 3.2.1 */
- "creatorsName",
- "createTimestamp",
- "modifiersName",
- "modifyTimestamp",
+ assert(!( e == NULL || oc == NULL ));
- NULL
-};
-#endif
+ if( e == NULL || oc == NULL ) {
+ return 0;
+ }
+ if( set_flags && ( e->e_ocflags & SLAP_OC__END )) {
+ /* flags are set, use them */
+ return (e->e_ocflags & oc->soc_flags & SLAP_OC__MASK) != 0;
+ }
-/*
- * check to see if attribute is 'operational' or not.
- */
-int
-oc_check_op_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_attrs, type )
- || charray_inlist( oc_op_usermod_attrs, type )
- || charray_inlist( oc_op_no_usermod_attrs, type );
+ /*
+ * find objectClass attribute
+ */
+ attr = attr_find(e->e_attrs, objectClass);
+ if( attr == NULL ) {
+ /* no objectClass attribute */
+#ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, ERR,
+ "is_entry_objectclass: dn(%s), oid (%s), no objectClass "
+ "attribute.\n", e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid, 0 );
#else
- AttributeType *at = at_find( type );
-
- if( at == NULL ) return 0;
-
- return at->sat_usage != LDAP_SCHEMA_USER_APPLICATIONS;
+ Debug( LDAP_DEBUG_ANY, "is_entry_objectclass(\"%s\", \"%s\") "
+ "no objectClass attribute\n",
+ e->e_dn == NULL ? "" : e->e_dn,
+ oc->soc_oclass.oc_oid, 0 );
#endif
-}
-/*
- * check to see if attribute can be user modified or not.
- */
-int
-oc_check_op_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_usermod_attrs, type );
-#else
- /* not (yet) in schema */
- return 0;
-#endif
-}
+ return 0;
+ }
-/*
- * check to see if attribute is 'no user modification' or not.
- */
-int
-oc_check_op_no_usermod_attr( const char *type )
-{
-#ifndef SLAPD_SCHEMA_NOT_COMPAT
- return charray_inlist( oc_op_no_usermod_attrs, type );
-#else
- AttributeType *at = at_find( type );
+ for( bv=attr->a_vals; bv->bv_val; bv++ ) {
+ ObjectClass *objectClass = oc_bvfind( bv );
- if( at == NULL ) return 0;
+ if ( !set_flags && objectClass == oc ) {
+ return 1;
+ }
+
+ if ( objectClass != NULL ) {
+ e->e_ocflags |= objectClass->soc_flags;
+ }
+ }
- return at->sat_no_user_mod;
-#endif
+ /* mark flags as set */
+ e->e_ocflags |= SLAP_OC__END;
+
+ return (e->e_ocflags & oc->soc_flags & SLAP_OC__MASK) != 0;
}
struct oindexrec {
- char *oir_name;
+ struct berval oir_name;
ObjectClass *oir_oc;
};
static Avlnode *oc_index = NULL;
-static ObjectClass *oc_list = NULL;
+static LDAP_SLIST_HEAD(OCList, slap_object_class) oc_list
+ = LDAP_SLIST_HEAD_INITIALIZER(&oc_list);
static int
oc_index_cmp(
- struct oindexrec *oir1,
- struct oindexrec *oir2
-)
+ const void *v_oir1,
+ const void *v_oir2 )
{
- return (strcasecmp( oir1->oir_name, oir2->oir_name ));
+ const struct oindexrec *oir1 = v_oir1, *oir2 = v_oir2;
+ int i = oir1->oir_name.bv_len - oir2->oir_name.bv_len;
+ if (i) return i;
+ return strcasecmp( oir1->oir_name.bv_val, oir2->oir_name.bv_val );
}
static int
oc_index_name_cmp(
- char *name,
- struct oindexrec *oir
-)
+ const void *v_name,
+ const void *v_oir )
{
- return (strcasecmp( name, oir->oir_name ));
+ const struct berval *name = v_name;
+ const struct oindexrec *oir = v_oir;
+ int i = name->bv_len - oir->oir_name.bv_len;
+ if (i) return i;
+ return strncasecmp( name->bv_val, oir->oir_name.bv_val, name->bv_len );
}
ObjectClass *
oc_find( const char *ocname )
{
- struct oindexrec *oir = NULL;
+ struct berval bv;
- if ( (oir = (struct oindexrec *) avl_find( oc_index, ocname,
- (AVL_CMP) oc_index_name_cmp )) != NULL ) {
+ bv.bv_val = (char *)ocname;
+ bv.bv_len = strlen( ocname );
+
+ return( oc_bvfind( &bv ) );
+}
+
+ObjectClass *
+oc_bvfind( struct berval *ocname )
+{
+ struct oindexrec *oir;
+
+ oir = avl_find( oc_index, ocname, oc_index_name_cmp );
+
+ if ( oir != NULL ) {
return( oir->oir_oc );
}
+
return( NULL );
}
@@ -202,8 +188,8 @@ static int
oc_create_required(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ int *op,
+ const char **err )
{
char **attrs1;
AttributeType *sat;
@@ -218,6 +204,9 @@ oc_create_required(
*err = *attrs1;
return SLAP_SCHERR_ATTR_NOT_FOUND;
}
+
+ if( is_at_operational( sat )) (*op)++;
+
if ( at_find_in_list(sat, soc->soc_required) < 0) {
if ( at_append_to_list(sat, &soc->soc_required) ) {
*err = *attrs1;
@@ -241,8 +230,8 @@ static int
oc_create_allowed(
ObjectClass *soc,
char **attrs,
- const char **err
-)
+ int *op,
+ const char **err )
{
char **attrs1;
AttributeType *sat;
@@ -255,6 +244,9 @@ oc_create_allowed(
*err = *attrs1;
return SLAP_SCHERR_ATTR_NOT_FOUND;
}
+
+ if( is_at_operational( sat )) (*op)++;
+
if ( at_find_in_list(sat, soc->soc_required) < 0 &&
at_find_in_list(sat, soc->soc_allowed) < 0 ) {
if ( at_append_to_list(sat, &soc->soc_allowed) ) {
@@ -271,30 +263,30 @@ oc_create_allowed(
static int
oc_add_sups(
ObjectClass *soc,
- char **sups,
- const char **err
-)
+ char **sups,
+ int *op,
+ const char **err )
{
int code;
ObjectClass *soc1;
int nsups;
- char **sups1;
+ char **sups1;
int add_sups = 0;
if ( sups ) {
if ( !soc->soc_sups ) {
/* We are at the first recursive level */
add_sups = 1;
- nsups = 0;
+ nsups = 1;
sups1 = sups;
while ( *sups1 ) {
nsups++;
sups1++;
}
- nsups++;
- soc->soc_sups = (ObjectClass **)ch_calloc(1,
- nsups*sizeof(ObjectClass *));
+ soc->soc_sups = (ObjectClass **)ch_calloc(nsups,
+ sizeof(ObjectClass *));
}
+
nsups = 0;
sups1 = sups;
while ( *sups1 ) {
@@ -304,153 +296,219 @@ oc_add_sups(
return SLAP_SCHERR_CLASS_NOT_FOUND;
}
- if ( add_sups )
+ /* check object class usage
+ * abstract classes can only sup abstract classes
+ * structural classes can not sup auxiliary classes
+ * auxiliary classes can not sup structural classes
+ */
+ if( soc->soc_kind != soc1->soc_kind
+ && soc1->soc_kind != LDAP_SCHEMA_ABSTRACT )
+ {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_SUP;
+ }
+
+ if( soc1->soc_obsolete && !soc->soc_obsolete ) {
+ *err = *sups1;
+ return SLAP_SCHERR_CLASS_BAD_SUP;
+ }
+
+ if( soc->soc_flags & SLAP_OC_OPERATIONAL ) (*op)++;
+
+ if ( add_sups ) {
soc->soc_sups[nsups] = soc1;
+ }
- code = oc_add_sups(soc,soc1->soc_sup_oids, err);
- if ( code )
- return code;
+ code = oc_add_sups( soc, soc1->soc_sup_oids, op, err );
+ if ( code ) return code;
- code = oc_create_required(soc,soc1->soc_at_oids_must,err);
- if ( code )
- return code;
- code = oc_create_allowed(soc,soc1->soc_at_oids_may,err);
- if ( code )
- return code;
+ code = oc_create_required( soc, soc1->soc_at_oids_must, op, err );
+ if ( code ) return code;
+
+ code = oc_create_allowed( soc, soc1->soc_at_oids_may, op, err );
+ if ( code ) return code;
nsups++;
sups1++;
}
}
+
return 0;
}
+void
+oc_destroy( void )
+{
+ ObjectClass *o;
+
+ avl_free(oc_index, ldap_memfree);
+ while( !LDAP_SLIST_EMPTY(&oc_list) ) {
+ o = LDAP_SLIST_FIRST(&oc_list);
+ LDAP_SLIST_REMOVE_HEAD(&oc_list, soc_next);
+
+ if (o->soc_sups) ldap_memfree(o->soc_sups);
+ if (o->soc_required) ldap_memfree(o->soc_required);
+ if (o->soc_allowed) ldap_memfree(o->soc_allowed);
+ ldap_objectclass_free((LDAPObjectClass *)o);
+ }
+}
+
static int
oc_insert(
ObjectClass *soc,
- const char **err
-)
+ const char **err )
{
- ObjectClass **ocp;
struct oindexrec *oir;
char **names;
- ocp = &oc_list;
- while ( *ocp != NULL ) {
- ocp = &(*ocp)->soc_next;
- }
- *ocp = soc;
+ LDAP_SLIST_NEXT( soc, soc_next ) = NULL;
+ LDAP_SLIST_INSERT_HEAD( &oc_list, soc, soc_next );
if ( soc->soc_oid ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
- oir->oir_name = soc->soc_oid;
+ oir->oir_name.bv_val = soc->soc_oid;
+ oir->oir_name.bv_len = strlen( soc->soc_oid );
oir->oir_oc = soc;
+
+ assert( oir->oir_name.bv_val );
+ assert( oir->oir_oc );
+
if ( avl_insert( &oc_index, (caddr_t) oir,
- (AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) ) {
+ oc_index_cmp, avl_dup_error ) )
+ {
*err = soc->soc_oid;
ldap_memfree(oir);
- return SLAP_SCHERR_DUP_CLASS;
+ return SLAP_SCHERR_CLASS_DUP;
}
+
/* FIX: temporal consistency check */
- oc_find(oir->oir_name);
+ assert( oc_bvfind(&oir->oir_name) != NULL );
}
+
if ( (names = soc->soc_names) ) {
while ( *names ) {
oir = (struct oindexrec *)
ch_calloc( 1, sizeof(struct oindexrec) );
- oir->oir_name = ch_strdup(*names);
+ oir->oir_name.bv_val = *names;
+ oir->oir_name.bv_len = strlen( *names );
oir->oir_oc = soc;
+
+ assert( oir->oir_name.bv_val );
+ assert( oir->oir_oc );
+
if ( avl_insert( &oc_index, (caddr_t) oir,
- (AVL_CMP) oc_index_cmp,
- (AVL_DUP) avl_dup_error ) ) {
+ oc_index_cmp, avl_dup_error ) )
+ {
*err = *names;
ldap_memfree(oir);
- return SLAP_SCHERR_DUP_CLASS;
+ return SLAP_SCHERR_CLASS_DUP;
}
+
/* FIX: temporal consistency check */
- oc_find(oir->oir_name);
+ assert( oc_bvfind(&oir->oir_name) != NULL );
+
names++;
}
}
+
return 0;
}
int
oc_add(
- LDAP_OBJECT_CLASS *oc,
- const char **err
-)
+ LDAPObjectClass *oc,
+ int user,
+ const char **err )
{
ObjectClass *soc;
int code;
+ int op = 0;
- soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
- memcpy( &soc->soc_oclass, oc, sizeof(LDAP_OBJECT_CLASS));
- if ( (code = oc_add_sups(soc,soc->soc_sup_oids,err)) != 0 )
- return code;
- if ( (code = oc_create_required(soc,soc->soc_at_oids_must,err)) != 0 )
- return code;
- if ( (code = oc_create_allowed(soc,soc->soc_at_oids_may,err)) != 0 )
- return code;
- code = oc_insert(soc,err);
- return code;
-}
+ if ( oc->oc_names != NULL ) {
+ int i;
+
+ for( i=0; oc->oc_names[i]; i++ ) {
+ if( !slap_valid_descr( oc->oc_names[i] ) ) {
+ return SLAP_SCHERR_BAD_DESCR;
+ }
+ }
+ }
-#ifdef LDAP_DEBUG
+ if ( !OID_LEADCHAR( oc->oc_oid[0] )) {
+ /* Expand OID macros */
+ char *oid = oidm_find( oc->oc_oid );
+ if ( !oid ) {
+ *err = oc->oc_oid;
+ return SLAP_SCHERR_OIDM;
+ }
+ if ( oid != oc->oc_oid ) {
+ ldap_memfree( oc->oc_oid );
+ oc->oc_oid = oid;
+ }
+ }
-static void
-oc_print( ObjectClass *oc )
-{
- int i;
- const char *mid;
-
- printf( "objectclass %s\n", ldap_objectclass2name( &oc->soc_oclass ) );
- if ( oc->soc_required != NULL ) {
- mid = "\trequires ";
- for ( i = 0; oc->soc_required[i] != NULL; i++, mid = "," )
- printf( "%s%s", mid,
- ldap_attributetype2name( &oc->soc_required[i]->sat_atype ) );
- printf( "\n" );
+ soc = (ObjectClass *) ch_calloc( 1, sizeof(ObjectClass) );
+ AC_MEMCPY( &soc->soc_oclass, oc, sizeof(LDAPObjectClass) );
+
+ if( oc->oc_names != NULL ) {
+ soc->soc_cname.bv_val = soc->soc_names[0];
+ } else {
+ soc->soc_cname.bv_val = soc->soc_oid;
}
- if ( oc->soc_allowed != NULL ) {
- mid = "\tallows ";
- for ( i = 0; oc->soc_allowed[i] != NULL; i++, mid = "," )
- printf( "%s%s", mid,
- ldap_attributetype2name( &oc->soc_allowed[i]->sat_atype ) );
- printf( "\n" );
+ soc->soc_cname.bv_len = strlen( soc->soc_cname.bv_val );
+
+ if( soc->soc_sup_oids == NULL &&
+ soc->soc_kind == LDAP_SCHEMA_STRUCTURAL )
+ {
+ /* structural object classes implicitly inherit from 'top' */
+ static char *top_oids[] = { SLAPD_TOP_OID, NULL };
+ code = oc_add_sups( soc, top_oids, &op, err );
+ } else {
+ code = oc_add_sups( soc, soc->soc_sup_oids, &op, err );
}
-}
-#endif
+ if ( code != 0 ) return code;
+ if( user && op ) return SLAP_SCHERR_CLASS_BAD_SUP;
+
+ code = oc_create_required( soc, soc->soc_at_oids_must, &op, err );
+ if ( code != 0 ) return code;
+ code = oc_create_allowed( soc, soc->soc_at_oids_may, &op, err );
+ if ( code != 0 ) return code;
-#if defined( SLAPD_SCHEMA_DN )
+ if( user && op ) return SLAP_SCHERR_CLASS_BAD_USAGE;
+
+ code = oc_insert(soc,err);
+ return code;
+}
int
oc_schema_info( Entry *e )
{
- struct berval val;
- struct berval *vals[2];
+ AttributeDescription *ad_objectClasses = slap_schema.si_ad_objectClasses;
ObjectClass *oc;
+ struct berval val;
+ struct berval nval;
+
+ LDAP_SLIST_FOREACH( oc, &oc_list, soc_next ) {
+ if( oc->soc_flags & SLAP_OC_HIDE ) continue;
- vals[0] = &val;
- vals[1] = NULL;
-
- for ( oc = oc_list; oc; oc = oc->soc_next ) {
- val.bv_val = ldap_objectclass2str( &oc->soc_oclass );
- if ( val.bv_val ) {
- val.bv_len = strlen( val.bv_val );
- Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s\n",
- (long) val.bv_len, val.bv_val, 0 );
- attr_merge( e, "objectClasses", vals );
- ldap_memfree( val.bv_val );
- } else {
+ if ( ldap_objectclass2bv( &oc->soc_oclass, &val ) == NULL ) {
return -1;
}
+
+ nval = oc->soc_cname;
+
+#if 0
+ Debug( LDAP_DEBUG_TRACE, "Merging oc [%ld] %s (%s)\n",
+ (long) val.bv_len, val.bv_val, nval.bv_val );
+#endif
+
+ if( attr_merge_one( e, ad_objectClasses, &val, &nval ) ) {
+ return -1;
+ }
+ ldap_memfree( val.bv_val );
}
return 0;
}
-
-#endif