X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fschema_check.c;h=5d5aaa82b113824f835dcce47b6a773f78082466;hb=f8fb4aca7668c722f41941be719203aa8c298e12;hp=b72517903a4baf0e43d6039ea72caee6c98f6e8a;hpb=f52cc9bab51e427afa3ed5d28be012d8da27a7a8;p=openldap diff --git a/servers/slapd/schema_check.c b/servers/slapd/schema_check.c index b72517903a..5d5aaa82b1 100644 --- a/servers/slapd/schema_check.c +++ b/servers/slapd/schema_check.c @@ -1,7 +1,7 @@ /* schema_check.c - routines to enforce schema definitions */ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -30,7 +30,9 @@ static char * oc_check_required( int entry_schema_check( - Entry *e, Attribute *oldattrs, + Backend *be, + Entry *e, + Attribute *oldattrs, const char** text, char *textbuf, size_t textlen ) { @@ -43,21 +45,40 @@ entry_schema_check( AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass; int extensible = 0; + int subentry = is_entry_subentry( e ); + int collective = 0; + + if( subentry) collective = is_entry_collectiveAttributes( e ); *text = textbuf; - /* check single-valued attrs for multiple values */ + /* misc attribute checks */ for ( a = e->e_attrs; a != NULL; a = a->a_next ) { + const char *type = a->a_desc->ad_cname.bv_val; + /* there should be at least one value */ assert( a->a_vals ); assert( a->a_vals[0].bv_val != NULL ); + if( a->a_desc->ad_type->sat_check ) { + int rc = (a->a_desc->ad_type->sat_check)( + be, e, a, text, textbuf, textlen ); + if( rc != LDAP_SUCCESS ) { + return rc; + } + } + + if( !collective && is_at_collective( a->a_desc->ad_type ) ) { + snprintf( textbuf, textlen, "attribute '%s' " + "may only appear in collectiveAttributes subentry", + type ); + return LDAP_OBJECT_CLASS_VIOLATION; + } + /* if single value type, check for multiple values */ if( is_at_single_value( a->a_desc->ad_type ) && a->a_vals[1].bv_val != NULL ) { - char *type = a->a_desc->ad_cname.bv_val; - snprintf( textbuf, textlen, "attribute '%s' cannot have multiple values", type ); @@ -104,7 +125,7 @@ entry_schema_check( if( sc == NULL ) { snprintf( textbuf, textlen, "unrecognized structuralObjectClass '%s'", - aoc->a_vals[0].bv_val ); + asc->a_vals[0].bv_val ); #ifdef NEW_LOGGING LDAP_LOG(( "schema", LDAP_LEVEL_INFO, @@ -122,7 +143,7 @@ entry_schema_check( if( sc->soc_kind != LDAP_SCHEMA_STRUCTURAL ) { snprintf( textbuf, textlen, "structuralObjectClass '%s' is not STRUCTURAL", - aoc->a_vals[0].bv_val ); + asc->a_vals[0].bv_val ); #ifdef NEW_LOGGING LDAP_LOG(( "schema", LDAP_LEVEL_INFO, @@ -156,7 +177,7 @@ entry_schema_check( assert( aoc->a_vals != NULL ); assert( aoc->a_vals[0].bv_val != NULL ); - rc = structural_class( aoc->a_vals, &nsc, text, textbuf, textlen ); + rc = structural_class( aoc->a_vals, &nsc, &oc, text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { return rc; } else if ( nsc.bv_len == 0 ) { @@ -165,11 +186,10 @@ entry_schema_check( *text = textbuf; - oc = oc_bvfind( &nsc ); if ( oc == NULL ) { snprintf( textbuf, textlen, "unrecognized objectClass '%s'", - aoc->a_vals[i].bv_val ); + aoc->a_vals[0].bv_val ); return LDAP_OBJECT_CLASS_VIOLATION; } else if ( sc != oc ) { @@ -197,8 +217,16 @@ entry_schema_check( #endif return LDAP_OBJECT_CLASS_VIOLATION; + } - } else if ( oc->soc_kind == LDAP_SCHEMA_ABSTRACT ) { + if ( oc->sco_check ) { + int rc = (oc->sco_check)( be, e, oc, + text, textbuf, textlen ); + if( rc != LDAP_SUCCESS ) { + return rc; + } + } + if ( oc->soc_kind == LDAP_SCHEMA_ABSTRACT ) { /* object class is abstract */ if ( oc != slap_schema.si_oc_top && !is_object_subclass( oc, sc )) @@ -448,6 +476,7 @@ int oc_check_allowed( int structural_class( BVarray ocs, struct berval *scbv, + ObjectClass **scp, const char **text, char *textbuf, size_t textlen ) { @@ -518,6 +547,9 @@ int structural_class( } } + if( scp ) + *scp = sc; + if( sc == NULL ) { *text = "no structural object classes provided"; return LDAP_OBJECT_CLASS_VIOLATION; @@ -558,6 +590,6 @@ int mods_structural_class( return LDAP_OBJECT_CLASS_VIOLATION; } - return structural_class( ocmod->sml_bvalues, sc, + return structural_class( ocmod->sml_bvalues, sc, NULL, text, textbuf, textlen ); }