Need to implement filter support (for entryDN and subschemaSubentry).
Fixed hasSubordinate assert() bug in entry filters
* add them to the attribute list
*/
if ( SLAP_OPATTRS( rs->sr_attr_flags ) || ( op->ors_attrs &&
- ad_inlist( slap_schema.si_ad_subschemaSubentry, op->ors_attrs )) ) {
- *ap = slap_operational_subschemaSubentry( op->o_bd );
+ ad_inlist( slap_schema.si_ad_entryDN, op->ors_attrs )))
+ {
+ *ap = slap_operational_entryDN( rs->sr_entry );
+ ap = &(*ap)->a_next;
+ }
+ if ( SLAP_OPATTRS( rs->sr_attr_flags ) || ( op->ors_attrs &&
+ ad_inlist( slap_schema.si_ad_subschemaSubentry, op->ors_attrs )))
+ {
+ *ap = slap_operational_subschemaSubentry( op->o_bd );
ap = &(*ap)->a_next;
}
- if ( ( SLAP_OPATTRS( rs->sr_attr_flags ) || op->ors_attrs ) && op->o_bd &&
- op->o_bd->be_operational != NULL )
+ if (( SLAP_OPATTRS( rs->sr_attr_flags ) || op->ors_attrs ) &&
+ op->o_bd && op->o_bd->be_operational != NULL )
{
Attribute *a;
Entry *e, struct berval *op_ndn, AttributeDescription *group_at )
{
slapi_int_pblock_set_operation( op->o_pb, op );
- slapi_pblock_set( op->o_pb, SLAPI_X_GROUP_ENTRY, (void *)e );
- slapi_pblock_set( op->o_pb, SLAPI_X_GROUP_OPERATION_DN, (void *)op_ndn->bv_val );
- slapi_pblock_set( op->o_pb, SLAPI_X_GROUP_ATTRIBUTE, (void *)group_at->ad_cname.bv_val );
- slapi_pblock_set( op->o_pb, SLAPI_X_GROUP_TARGET_ENTRY, (void *)target );
+
+ slapi_pblock_set( op->o_pb,
+ SLAPI_X_GROUP_ENTRY, (void *)e );
+ slapi_pblock_set( op->o_pb,
+ SLAPI_X_GROUP_OPERATION_DN, (void *)op_ndn->bv_val );
+ slapi_pblock_set( op->o_pb,
+ SLAPI_X_GROUP_ATTRIBUTE, (void *)group_at->ad_cname.bv_val );
+ slapi_pblock_set( op->o_pb,
+ SLAPI_X_GROUP_TARGET_ENTRY, (void *)target );
}
static int call_group_preop_plugins( Operation *op )
{
int rc;
- rc = slapi_int_call_plugins( op->o_bd, SLAPI_X_PLUGIN_PRE_GROUP_FN, op->o_pb );
+ rc = slapi_int_call_plugins( op->o_bd,
+ SLAPI_X_PLUGIN_PRE_GROUP_FN, op->o_pb );
if ( rc < 0 ) {
if (( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE,
(void *)&rc ) != 0 ) || rc == LDAP_SUCCESS )
#endif /* defined( LDAP_SLAPI ) */
op->orc_ava = &ava;
- if ( ava.aa_desc == slap_schema.si_ad_hasSubordinates
- && op->o_bd->be_has_subordinates )
+ if ( ava.aa_desc == slap_schema.si_ad_entryDN ) {
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "entryDN compare not supported" );
+
+ } else if ( ava.aa_desc == slap_schema.si_ad_subschemaSubentry ) {
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "subschemaSubentry compare not supported" );
+
+ } else if ( ava.aa_desc == slap_schema.si_ad_hasSubordinates
+ && op->o_bd->be_has_subordinates )
{
int rc, hasSubordinates = LDAP_SUCCESS;
- rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL,
- 0, &entry );
+ rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &entry );
if ( rc == 0 && entry ) {
rc = op->o_bd->be_has_subordinates( op, entry,
- &hasSubordinates );
+ &hasSubordinates );
be_entry_release_r( op, entry );
}
send_ldap_result( op, rs );
if ( rs->sr_err == LDAP_COMPARE_TRUE ||
- rs->sr_err == LDAP_COMPARE_FALSE )
+ rs->sr_err == LDAP_COMPARE_FALSE )
{
rs->sr_err = LDAP_SUCCESS;
}
-
+
} else if ( op->o_bd->be_compare ) {
op->o_bd->be_compare( op, rs );
return LDAP_INSUFFICIENT_ACCESS;
}
+ if ( ava->aa_desc == slap_schema.si_ad_hasSubordinates
+ && op && op->o_bd && op->o_bd->be_has_subordinates )
+ {
+ int hasSubordinates;
+ struct berval hs;
+
+ /* No other match is allowed */
+ if( type != LDAP_FILTER_EQUALITY ) return LDAP_OTHER;
+
+ if ( op->o_bd->be_has_subordinates( op, e, &hasSubordinates ) !=
+ LDAP_SUCCESS )
+ {
+ return LDAP_OTHER;
+ }
+
+ if ( hasSubordinates == LDAP_COMPARE_TRUE ) {
+ hs = slap_true_bv;
+
+ } else if ( hasSubordinates == LDAP_COMPARE_FALSE ) {
+ hs = slap_false_bv;
+
+ } else {
+ return LDAP_OTHER;
+ }
+
+ if ( bvmatch( &ava->aa_value, &hs ) ) return LDAP_COMPARE_TRUE;
+ return LDAP_COMPARE_FALSE;
+ }
+
+
for(a = attrs_find( e->e_attrs, ava->aa_desc );
a != NULL;
a = attrs_find( a->a_next, ava->aa_desc ) )
mr = NULL;
}
- if( mr == NULL ) {
- continue;
- }
+ if( mr == NULL ) continue;
for ( bv = a->a_nvals; bv->bv_val != NULL; bv++ ) {
int ret;
}
}
- if ( ava->aa_desc == slap_schema.si_ad_hasSubordinates
- && op && op->o_bd && op->o_bd->be_has_subordinates )
- {
- int hasSubordinates;
- struct berval hs;
-
- /*
- * No other match should be allowed ...
- */
- assert( type == LDAP_FILTER_EQUALITY );
-
- if ( op->o_bd->be_has_subordinates( op, e, &hasSubordinates ) !=
- LDAP_SUCCESS )
- {
- return LDAP_OTHER;
- }
-
- if ( hasSubordinates == LDAP_COMPARE_TRUE ) {
- hs = slap_true_bv;
-
- } else if ( hasSubordinates == LDAP_COMPARE_FALSE ) {
- hs = slap_false_bv;
-
- } else {
- return LDAP_OTHER;
- }
-
- if ( bvmatch( &ava->aa_value, &hs ) ) return LDAP_COMPARE_TRUE;
- return LDAP_COMPARE_FALSE;
- }
-
- return( LDAP_COMPARE_FALSE );
+ return LDAP_COMPARE_FALSE;
}
return a;
}
+Attribute *
+slap_operational_entryDN( Entry *e )
+{
+ Attribute *a;
+
+ a = ch_malloc( sizeof( Attribute ) );
+ a->a_desc = slap_schema.si_ad_entryDN;
+
+ a->a_vals = ch_malloc( 2 * sizeof( struct berval ) );
+ ber_dupbv( a->a_vals, &e->e_name );
+ a->a_vals[1].bv_len = 0;
+ a->a_vals[1].bv_val = NULL;
+
+ a->a_nvals = ch_malloc( 2 * sizeof( struct berval ) );
+ ber_dupbv( a->a_nvals, &e->e_nname );
+ a->a_nvals[1].bv_len = 0;
+ a->a_nvals[1].bv_val = NULL;
+
+ a->a_next = NULL;
+ a->a_flags = 0;
+
+ return a;
+}
+
Attribute *
slap_operational_hasSubordinate( int hs )
{
Attribute *a;
struct berval val;
- if ( hs ) {
- val = slap_true_bv;
-
- } else {
- val = slap_false_bv;
- }
+ val = hs ? slap_true_bv : slap_false_bv;
a = ch_malloc( sizeof( Attribute ) );
a->a_desc = slap_schema.si_ad_hasSubordinates;
* operational.c
*/
LDAP_SLAPD_F (Attribute *) slap_operational_subschemaSubentry( Backend *be );
+LDAP_SLAPD_F (Attribute *) slap_operational_entryDN( Entry *e );
LDAP_SLAPD_F (Attribute *) slap_operational_hasSubordinate( int has );
/*
rs->sr_type = REP_SEARCH;
- /* eventually will loop through generated operational attributes */
- /* only subschemaSubentry and numSubordinates are implemented */
+ /* eventually will loop through generated operational attribute types
+ * currently implemented types include:
+ * entryDN, subschemaSubentry, and hasSubordinates */
/* NOTE: moved before overlays callback circling because
* they may modify entry and other stuff in rs */
/* check for special all operational attributes ("+") type */
offsetof(struct slap_internal_schema, si_ad_collectiveExclusions) },
#endif
+ { "entryDN", "( 1.3.6.1.4.1.4203.666.1.33 NAME 'entryDN' "
+ "DESC 'DN of the entry' "
+ "EQUALITY distinguishedNameMatch "
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 "
+ "SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )",
+ NULL, SLAP_AT_HIDE,
+ NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL,
+ offsetof(struct slap_internal_schema, si_ad_entryDN) },
{ "entryUUID", "( 1.3.6.1.4.1.4203.666.1.6 NAME 'entryUUID' "
"DESC 'UUID of the entry' "
"EQUALITY UUIDMatch "
NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_namingCSN) },
+#if 0
{ "superiorUUID", "( 1.3.6.1.4.1.4203.666.1.11 NAME 'superiorUUID' "
"DESC 'UUID of the superior entry' "
"EQUALITY octetStringMatch "
NULL, NULL,
NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_superiorUUID) },
+#endif
{ "syncreplCookie", "( 1.3.6.1.4.1.4203.666.1.23 "
"NAME 'syncreplCookie' "
AttributeDescription *si_ad_subschemaSubentry;
AttributeDescription *si_ad_collectiveSubentries;
AttributeDescription *si_ad_collectiveExclusions;
+ AttributeDescription *si_ad_entryDN;
AttributeDescription *si_ad_entryUUID;
AttributeDescription *si_ad_entryCSN;
AttributeDescription *si_ad_namingCSN;
- AttributeDescription *si_ad_superiorUUID;
AttributeDescription *si_ad_dseType;
AttributeDescription *si_ad_syncreplCookie;
projects / openldap / commitdiff