mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
c981ebcb61
openldap/servers/slapd/back-sql/modify.c

1577 lines
40 KiB
C
Raw Normal View History

added back-sql files
2000-03-17 03:08:22 +08:00
/*
Summary of changes: - filter -> SQL translation bugfixes - several memory leaks fixups - improved configurability: - allows definition of uppercasing function to support CIS matching on databases that do case sensitive compares (this fixes up Oracle issues, example updated) - allows more flexibility in stored procedures interface (different parameter order, optional return codes - see samples, and comments in backsql.h) - synchronize function interfaces to recent changes in prototypes ("const" clauses etc.) made for all backends (those changes led to compile-time errors)
2000-05-27 00:03:32 +08:00
* Copyright 1999, Dmitry Kovalev <mit@openldap.org>, All rights reserved.
added back-sql files
2000-03-17 03:08:22 +08:00
*
* Redistribution and use in source and binary forms are permitted only
* as authorized by the OpenLDAP Public License. A copy of this
* license is available at http://www.OpenLDAP.org/license.html or
* in file LICENSE in the top-level directory of the distribution.
*/
#include "portable.h"
wrap sql *.c files with #ifdef SLAPD_SQL to facilate NT builds without -DSLAPD_SQL
2000-03-19 14:18:27 +08:00
#ifdef SLAPD_SQL
added back-sql files
2000-03-17 03:08:22 +08:00
#include <stdio.h>
#include <sys/types.h>
Add checks for SQL headers in configure.in (need to rerun autoheader and autoconf); #include "ac/string.h" instead of <string.h>
2002-11-10 01:03:07 +08:00
#include "ac/string.h"
added back-sql files
2000-03-17 03:08:22 +08:00
#include "slap.h"
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#include "ldap_pvt.h"
added back-sql files
2000-03-17 03:08:22 +08:00
#include "back-sql.h"
#include "sql-wrap.h"
#include "schema-map.h"
#include "entry-id.h"
#include "util.h"
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
/*
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
* PostgreSQL 7.0 doesn't work without :(
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
*/
#define BACKSQL_REALLOC_STMT
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
/*
* Skip:
* - the first occurrence of objectClass, which is used
* to determine how to bulid the SQL entry (FIXME ?!?)
* - operational attributes
* empty attributes (FIXME ?!?)
*/
#define backsql_attr_skip(ad,vals) \
( \
( (ad) == slap_schema.si_ad_objectClass \
&& (vals)[ 1 ].bv_val == NULL ) \
|| is_at_operational( (ad)->ad_type ) \
|| ( (vals)[ 0 ].bv_val == NULL ) \
)
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
static int
backsql_modify_internal(
various fixes and improvements
2002-09-03 03:39:31 +08:00
BackendDB *be,
Connection *conn,
Operation *op,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
SQLHDBC dbh,
backsql_oc_map_rec *oc,
backsql_entryID *e_id,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Modifications *modlist,
const char **text )
added back-sql files
2000-03-17 03:08:22 +08:00
{
various fixes and improvements
2002-09-03 03:39:31 +08:00
backsql_info *bi = (backsql_info*)be->be_private;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
RETCODE rc;
SQLHSTMT sth;
Modifications *ml;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
int res = LDAP_SUCCESS;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"traversing modifications list\n", 0, 0, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
*text = NULL;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifndef BACKSQL_REALLOC_STMT
SQLAllocStmt( dbh, &sth );
#endif /* BACKSQL_REALLOC_STMT */
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
AttributeDescription *ad;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
backsql_at_map_rec *at = NULL;
struct berval *at_val;
Modification *c_mod;
int i;
/* first parameter no, parameter order */
SQLUSMALLINT pno, po;
/* procedure return code */
int prc;
#ifdef BACKSQL_REALLOC_STMT
SQLAllocStmt( dbh, &sth );
#endif /* BACKSQL_REALLOC_STMT */
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
c_mod = &ml->sml_mod;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
ad = c_mod->sm_desc;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modify_internal(): "
"modifying attribute '%s'\n",
ad->ad_cname.bv_val, 0, 0 );
if ( backsql_attr_skip( ad, c_mod->sm_bvalues ) ) {
continue;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
at = backsql_ad2at( oc, ad );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( at == NULL ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"attribute provided is not registered "
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"in objectClass '%s'\n",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
ad->ad_cname.bv_val, 0, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_UNWILLING_TO_PERFORM;
*text = "operation not permitted "
"within namingContext";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
continue;
}
Summary of changes: - filter -> SQL translation bugfixes - several memory leaks fixups - improved configurability: - allows definition of uppercasing function to support CIS matching on databases that do case sensitive compares (this fixes up Oracle issues, example updated) - allows more flexibility in stored procedures interface (different parameter order, optional return codes - see samples, and comments in backsql.h) - synchronize function interfaces to recent changes in prototypes ("const" clauses etc.) made for all backends (those changes led to compile-time errors)
2000-05-27 00:03:32 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
switch( c_mod->sm_op ) {
case LDAP_MOD_REPLACE: {
SQLHSTMT asth;
BACKSQL_ROW_NTS row;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"replacing values for attribute '%s'\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( at->add_proc == NULL ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"add procedure is not defined "
"for attribute '%s' "
"- unable to perform replacements\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_UNWILLING_TO_PERFORM;
*text = "operation not permitted "
"within namingContext";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
break;
}
if ( at->delete_proc == NULL ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"delete procedure is not defined "
"for attribute '%s' "
"- adding only\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_UNWILLING_TO_PERFORM;
*text = "operation not permitted "
"within namingContext";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto add_only;
}
added back-sql files
2000-03-17 03:08:22 +08:00
del_all:
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
rc = backsql_Prepare( dbh, &asth, at->query, 0 );
if ( rc != SQL_SUCCESS ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"error preparing query\n", 0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh,
asth, rc );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_OTHER;
*text = "SQL-backend error";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
break;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
rc = backsql_BindParamID( asth, 1, &e_id->keyval );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( rc != SQL_SUCCESS ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"error binding key value parameter\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh,
asth, rc );
SQLFreeStmt( asth, SQL_DROP );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_OTHER;
*text = "SQL-backend error";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
break;
}
rc = SQLExecute( asth );
if ( !BACKSQL_SUCCESS( rc ) ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"error executing attribute query\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh,
asth, rc );
SQLFreeStmt( asth, SQL_DROP );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_OTHER;
*text = "SQL-backend error";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
break;
}
backsql_BindRowAsStrings( asth, &row );
rc = SQLFetch( asth );
for ( ; BACKSQL_SUCCESS( rc ); rc = SQLFetch( asth ) ) {
for ( i = 0; i < row.ncols; i++ ) {
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( BACKSQL_IS_DEL( at->expect_return ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
pno = 1;
SQLBindParameter(sth, 1,
SQL_PARAM_OUTPUT,
SQL_C_ULONG,
SQL_INTEGER,
0, 0, &prc, 0, 0 );
} else {
pno = 0;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
po = ( BACKSQL_IS_DEL( at->param_order ) ) > 0;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLBindParameter( sth, pno + 1 + po,
SQL_PARAM_INPUT,
SQL_C_ULONG, SQL_INTEGER,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
0, 0, &e_id->keyval, 0, 0 );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
/*
* check for syntax needed here
* maybe need binary bind?
*/
SQLBindParameter(sth, pno + 2 - po,
SQL_PARAM_INPUT,
SQL_C_CHAR, SQL_CHAR,
0, 0, row.cols[ i ],
strlen( row.cols[ i ] ), 0 );
Summary of changes: - filter -> SQL translation bugfixes - several memory leaks fixups - improved configurability: - allows definition of uppercasing function to support CIS matching on databases that do case sensitive compares (this fixes up Oracle issues, example updated) - allows more flexibility in stored procedures interface (different parameter order, optional return codes - see samples, and comments in backsql.h) - synchronize function interfaces to recent changes in prototypes ("const" clauses etc.) made for all backends (those changes led to compile-time errors)
2000-05-27 00:03:32 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"executing '%s'\n",
at->delete_proc, 0, 0 );
rc = SQLExecDirect( sth,
at->delete_proc, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"delete_proc "
"execution failed\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env,
dbh, sth, rc );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_OTHER;
*text = "SQL-backend error";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifdef BACKSQL_REALLOC_STMT
SQLFreeStmt( sth, SQL_DROP );
SQLAllocStmt( dbh, &sth );
#endif /* BACKSQL_REALLOC_STMT */
added back-sql files
2000-03-17 03:08:22 +08:00
}
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
backsql_FreeRow( &row );
SQLFreeStmt( asth, SQL_DROP );
}
/*
* PASSTHROUGH - to add new attributes -- do NOT add break
*/
case LDAP_MOD_ADD:
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
case SLAP_MOD_SOFTADD:
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
add_only:;
if ( at->add_proc == NULL ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"add procedure is not defined "
"for attribute '%s'\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_UNWILLING_TO_PERFORM;
*text = "operation not permitted "
"within namingContext";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
break;
added back-sql files
2000-03-17 03:08:22 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"adding new values for attribute '%s'\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
for ( i = 0, at_val = c_mod->sm_bvalues;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
at_val->bv_val != NULL;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
i++, at_val++ ) {
if ( BACKSQL_IS_ADD( at->expect_return ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
pno = 1;
SQLBindParameter( sth, 1,
SQL_PARAM_OUTPUT,
SQL_C_ULONG, SQL_INTEGER,
0, 0, &prc, 0, 0);
} else {
pno = 0;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
po = ( BACKSQL_IS_ADD( at->param_order ) ) > 0;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLBindParameter( sth, pno + 1 + po,
SQL_PARAM_INPUT,
SQL_C_ULONG, SQL_INTEGER,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
0, 0, &e_id->keyval, 0, 0 );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
/*
* check for syntax needed here
* maybe need binary bind?
*/
SQLBindParameter( sth, pno + 2 - po,
SQL_PARAM_INPUT,
SQL_C_CHAR, SQL_CHAR,
0, 0, at_val->bv_val,
at_val->bv_len, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"executing '%s'\n",
at->add_proc, 0, 0 );
rc = SQLExecDirect( sth, at->add_proc,
SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"add_proc execution failed\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env,
dbh, sth, rc );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_OTHER;
*text = "SQL-backend error";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifdef BACKSQL_REALLOC_STMT
SQLFreeStmt( sth, SQL_DROP );
SQLAllocStmt( dbh, &sth );
#endif /* BACKSQL_REALLOC_STMT */
added back-sql files
2000-03-17 03:08:22 +08:00
}
break;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
case LDAP_MOD_DELETE:
if ( at->delete_proc == NULL ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"delete procedure is not defined "
"for attribute '%s'\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_UNWILLING_TO_PERFORM;
*text = "operation not permitted "
"within namingContext";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
break;
added back-sql files
2000-03-17 03:08:22 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( c_mod->sm_bvalues == NULL ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"no values given to delete "
"for attribute '%s' "
"-- deleting all values\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto del_all;
added back-sql files
2000-03-17 03:08:22 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"deleting values for attribute '%s'\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
at->ad->ad_cname.bv_val, 0, 0 );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
for ( i = 0, at_val = c_mod->sm_bvalues;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
at_val->bv_val != NULL;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
i++, at_val++ ) {
if ( BACKSQL_IS_DEL( at->expect_return ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
pno = 1;
SQLBindParameter( sth, 1,
SQL_PARAM_OUTPUT,
SQL_C_ULONG, SQL_INTEGER,
0, 0, &prc, 0, 0 );
} else {
pno = 0;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
po = ( BACKSQL_IS_DEL( at->param_order ) ) > 0;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLBindParameter( sth, pno + 1 + po,
SQL_PARAM_INPUT,
SQL_C_ULONG, SQL_INTEGER,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
0, 0, &e_id->keyval, 0, 0 );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
/*
* check for syntax needed here
* maybe need binary bind?
*/
SQLBindParameter( sth, pno + 2 - po,
SQL_PARAM_INPUT, SQL_C_CHAR, SQL_CHAR,
0, 0, at_val->bv_val,
at_val->bv_len, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE,
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"executing '%s'\n",
at->delete_proc, 0, 0 );
rc = SQLExecDirect( sth, at->delete_proc,
SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"backsql_modify_internal(): "
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
"delete_proc execution "
"failed\n", 0, 0, 0 );
backsql_PrintErrors( bi->db_env,
dbh, sth, rc );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
res = LDAP_OTHER;
*text = "SQL-backend error";
goto done;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifdef BACKSQL_REALLOC_STMT
SQLFreeStmt( sth, SQL_DROP );
SQLAllocStmt( dbh, &sth );
#endif /* BACKSQL_REALLOC_STMT */
added back-sql files
2000-03-17 03:08:22 +08:00
}
break;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifndef BACKSQL_REALLOC_STMT
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLFreeStmt( sth, SQL_RESET_PARAMS );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#else /* BACKSQL_REALLOC_STMT */
SQLFreeStmt( sth, SQL_DROP );
#endif /* BACKSQL_REALLOC_STMT */
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
done:;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifndef BACKSQL_REALLOC_STMT
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLFreeStmt( sth, SQL_DROP );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#endif /* BACKSQL_REALLOC_STMT */
/*
* FIXME: should fail in case one change fails?
*/
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
return res;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
}
int
backsql_modify(
BackendDB *be,
Connection *conn,
Operation *op,
struct berval *dn,
struct berval *ndn,
Modifications *modlist )
{
backsql_info *bi = (backsql_info*)be->be_private;
SQLHDBC dbh;
backsql_oc_map_rec *oc = NULL;
backsql_entryID e_id;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Entry e;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
int res;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
const char *text = NULL;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/*
* FIXME: in case part of the operation cannot be performed
* (missing mapping, SQL write fails or so) the entire operation
* should be rolled-back
*/
Debug( LDAP_DEBUG_TRACE, "==>backsql_modify(): changing entry '%s'\n",
ndn->bv_val, 0, 0 );
res = backsql_get_db_conn( be, conn, &dbh );
if ( res != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modify(): "
"could not get connection handle - exiting\n",
0, 0, 0 );
/*
* FIXME: we don't want to send back
* excessively detailed messages
*/
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL,
res == LDAP_OTHER ? "SQL-backend error" : "",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
NULL, NULL );
return 1;
}
res = backsql_dn2id( bi, &e_id, dbh, ndn );
if ( res != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modify(): "
"could not lookup entry id\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res , NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
return 1;
}
Debug( LDAP_DEBUG_TRACE, "backsql_modify(): "
"modifying entry '%s' (id=%ld)\n",
e_id.dn.bv_val, e_id.id, 0 );
oc = backsql_id2oc( bi, e_id.oc_id );
if ( oc == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modify(): "
"cannot determine objectclass of entry -- aborting\n",
0, 0, 0 );
/*
* FIXME: should never occur, since the entry was built!!!
*/
/*
* FIXME: we don't want to send back
* excessively detailed messages
*/
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
"SQL-backend error", NULL, NULL );
return 1;
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
e.e_attrs = NULL;
e.e_name = *dn;
e.e_nname = *ndn;
if ( !acl_check_modlist( be, conn, op, &e, modlist )) {
res = LDAP_INSUFFICIENT_ACCESS;
} else {
various fixes and improvements
2002-09-03 03:39:31 +08:00
res = backsql_modify_internal( be, conn, op,
dbh, oc, &e_id, modlist, &text );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( res == LDAP_SUCCESS ) {
/*
* Commit only if all operations succeed
*/
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
SQLTransact( SQL_NULL_HENV, dbh,
op->o_noop ? SQL_ROLLBACK : SQL_COMMIT );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
}
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
send_ldap_result( conn, op, res, NULL, text, NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "<==backsql_modify()\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
return op->o_noop;
added back-sql files
2000-03-17 03:08:22 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
int
backsql_modrdn(
BackendDB *be,
Connection *conn,
Operation *op,
struct berval *dn,
struct berval *ndn,
struct berval *newrdn,
struct berval *nnewrdn,
int deleteoldrdn,
struct berval *newSuperior,
struct berval *nnewSuperior )
added back-sql files
2000-03-17 03:08:22 +08:00
{
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
backsql_info *bi = (backsql_info*)be->be_private;
SQLHDBC dbh;
SQLHSTMT sth;
RETCODE rc;
backsql_entryID e_id, pe_id, new_pid;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
backsql_oc_map_rec *oc = NULL;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
int res;
struct berval p_dn, p_ndn,
*new_pdn = NULL, *new_npdn = NULL,
new_dn, new_ndn;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
const char *text = NULL;
LDAPRDN *new_rdn = NULL;
LDAPRDN *old_rdn = NULL;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Entry e;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
Modifications *mod;
changes for 2.0-beta including: - fixes according to new API changes - closing db connection in connection_destroy callback, not unbind - support of new schema code, samples changed accordingly - support for multiple objectclasses (to distinguish from unique objectclass-to-tables mapping) - auto 'ref' attribute support - samples now include illustrations of using these 2 features to make named referrals as described in ldapext-namedref draft more to come: - documentation update - different improvements to be more close to native directory (after beta?)
2000-06-30 05:14:43 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "==>backsql_modrdn() renaming entry '%s', "
"newrdn='%s', newSuperior='%s'\n",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
dn->bv_val, newrdn->bv_val,
newSuperior ? newSuperior->bv_val : "(NULL)" );
res = backsql_get_db_conn( be, conn, &dbh );
if ( res != LDAP_SUCCESS ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"could not get connection handle - exiting\n",
0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
res = backsql_dn2id( bi, &e_id, dbh, ndn );
if ( res != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"could not lookup entry id\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/*
* FIXME: check whether entry has children
*/
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): entry id is %ld\n",
e_id.id, 0, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( backsql_has_children( bi, dbh, ndn ) == LDAP_COMPARE_TRUE ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"entry \"%s\" has children\n", dn->bv_val, 0, 0 );
send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF,
NULL, "subtree delete not supported",
NULL, NULL );
return 1;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
dnParent( dn, &p_dn );
dnParent( ndn, &p_ndn );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
/*
* namingContext "" is not supported
*/
if ( p_dn.bv_len == 0 ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"parent is \"\" - aborting\n", 0, 0, 0 );
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
various fixes and improvements
2002-09-03 03:39:31 +08:00
NULL, "not allowed within namingContext",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
NULL, NULL );
goto modrdn_return;
}
/*
* Check for children access to parent
*/
e.e_attrs = NULL;
e.e_name = p_dn;
e.e_nname = p_ndn;
if ( !access_allowed( be, conn, op, &e, slap_schema.si_ad_children,
NULL, ACL_WRITE, NULL ) ) {
Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0, 0, 0 );
res = LDAP_INSUFFICIENT_ACCESS;
goto modrdn_return;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( newSuperior ) {
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/*
* namingContext "" is not supported
*/
if ( newSuperior->bv_len == 0 ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"newSuperior is \"\" - aborting\n", 0, 0, 0 );
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
various fixes and improvements
2002-09-03 03:39:31 +08:00
NULL,
"not allowed within namingContext",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
NULL, NULL );
goto modrdn_return;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
new_pdn = newSuperior;
new_npdn = nnewSuperior;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
e.e_name = *new_pdn;
e.e_nname = *new_npdn;
/*
* Check for children access to new parent
*/
if ( !access_allowed( be, conn, op, &e,
slap_schema.si_ad_children,
NULL, ACL_WRITE, NULL ) ) {
Debug( LDAP_DEBUG_TRACE, "no access to new parent\n",
0, 0, 0 );
res = LDAP_INSUFFICIENT_ACCESS;
goto modrdn_return;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
} else {
new_pdn = &p_dn;
new_npdn = &p_ndn;
}
if ( newSuperior && dn_match( &p_ndn, new_npdn ) ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
"newSuperior is equal to old parent - ignored\n",
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
0, 0, 0 );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
newSuperior = NULL;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
if ( newSuperior && dn_match( ndn, new_npdn ) ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"newSuperior is equal to entry being moved "
"- aborting\n", 0, 0, 0 );
Don't return LDAP_OPERATIONS_ERROR for internal errors
2003-03-02 04:17:52 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
various fixes and improvements
2002-09-03 03:39:31 +08:00
NULL, "newSuperior is equal to old DN",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto modrdn_return;
}
build_new_dn( &new_dn, new_pdn, newrdn );
if ( dnNormalize2( NULL, &new_dn, &new_ndn ) != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"new dn is invalid ('%s') - aborting\n",
new_dn.bv_val, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_INVALID_DN_SYNTAX,
NULL, "new DN is invalid", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto modrdn_return;
}
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): new entry dn is '%s'\n",
new_dn.bv_val, 0, 0 );
res = backsql_dn2id( bi, &pe_id, dbh, &p_ndn );
if ( res != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"could not lookup old parent entry id\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto modrdn_return;
}
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"old parent entry id is %ld\n", pe_id.id, 0, 0 );
res = backsql_dn2id( bi, &new_pid, dbh, new_npdn );
if ( res != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"could not lookup new parent entry id\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto modrdn_return;
}
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"new parent entry id is %ld\n", new_pid.id, 0, 0 );
changes for 2.0-beta including: - fixes according to new API changes - closing db connection in connection_destroy callback, not unbind - support of new schema code, samples changed accordingly - support for multiple objectclasses (to distinguish from unique objectclass-to-tables mapping) - auto 'ref' attribute support - samples now include illustrations of using these 2 features to make named referrals as described in ldapext-namedref draft more to come: - documentation update - different improvements to be more close to native directory (after beta?)
2000-06-30 05:14:43 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"executing delentry_query\n", 0, 0, 0 );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
SQLAllocStmt( dbh, &sth );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLBindParameter( sth, 1, SQL_PARAM_INPUT, SQL_C_ULONG, SQL_INTEGER,
0, 0, &e_id.id, 0, 0 );
rc = SQLExecDirect( sth, bi->delentry_query, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"failed to delete record from ldap_entries\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto modrdn_return;
}
SQLFreeStmt( sth, SQL_RESET_PARAMS );
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"executing insentry_query\n", 0, 0, 0 );
backsql_BindParamStr( sth, 1, new_dn.bv_val, BACKSQL_MAX_DN_LEN );
SQLBindParameter( sth, 2, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
0, 0, &e_id.oc_id, 0, 0 );
SQLBindParameter( sth, 3, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
0, 0, &new_pid.id, 0, 0 );
SQLBindParameter( sth, 4, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
0, 0, &e_id.keyval, 0, 0 );
rc = SQLExecDirect( sth, bi->insentry_query, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_modrdn(): "
"could not insert ldap_entries record\n", 0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
goto modrdn_return;
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
/*
* Get attribute type and attribute value of our new rdn,
* we will need to add that to our new entry
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
*/
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( ldap_bv2rdn( newrdn, &new_rdn, (char **)&text,
LDAP_DN_FORMAT_LDAP ) ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"backsql_modrdn: can't figure out "
"type(s)/values(s) of newrdn\n",
0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"backsql_modrdn: can't figure out "
"type(s)/values(s) of newrdn\n",
0, 0, 0 );
#endif
rc = LDAP_INVALID_DN_SYNTAX;
goto modrdn_return;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, RESULTS,
"backsql_modrdn: new_rdn_type=\"%s\", "
"new_rdn_val=\"%s\"\n",
new_rdn[ 0 ][ 0 ]->la_attr.bv_val,
new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"backsql_modrdn: new_rdn_type=\"%s\", "
"new_rdn_val=\"%s\"\n",
new_rdn[ 0 ][ 0 ]->la_attr.bv_val,
new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 );
#endif
if ( deleteoldrdn ) {
if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text,
LDAP_DN_FORMAT_LDAP ) ) {
#ifdef NEW_LOGGING
LDAP_LOG ( OPERATION, ERR,
"backsql_modrdn: can't figure out "
"type(s)/values(s) of old_rdn\n",
0, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE,
"backsql_modrdn: can't figure out "
"the old_rdn type(s)/value(s)\n",
0, 0, 0 );
#endif
rc = LDAP_OTHER;
goto modrdn_return;
}
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
e.e_name = new_dn;
e.e_nname = new_ndn;
res = slap_modrdn2mods( be, conn, op, &e, old_rdn, new_rdn,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
deleteoldrdn, &mod );
if ( res != LDAP_SUCCESS ) {
goto modrdn_return;
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( !acl_check_modlist( be, conn, op, &e, mod )) {
res = LDAP_INSUFFICIENT_ACCESS;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
goto modrdn_return;
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
oc = backsql_id2oc( bi, e_id.oc_id );
various fixes and improvements
2002-09-03 03:39:31 +08:00
res = backsql_modify_internal( be, conn, op,
dbh, oc, &e_id, mod, &text );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( res == LDAP_SUCCESS ) {
/*
* Commit only if all operations succeed
*/
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
SQLTransact( SQL_NULL_HENV, dbh,
op->o_noop ? SQL_ROLLBACK : SQL_COMMIT );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
changes for 2.0-beta including: - fixes according to new API changes - closing db connection in connection_destroy callback, not unbind - support of new schema code, samples changed accordingly - support for multiple objectclasses (to distinguish from unique objectclass-to-tables mapping) - auto 'ref' attribute support - samples now include illustrations of using these 2 features to make named referrals as described in ldapext-namedref draft more to come: - documentation update - different improvements to be more close to native directory (after beta?)
2000-06-30 05:14:43 +08:00
modrdn_return:
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLFreeStmt( sth, SQL_DROP );
if ( new_dn.bv_val ) {
ch_free( new_dn.bv_val );
}
if ( new_ndn.bv_val ) {
ch_free( new_ndn.bv_val );
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/* LDAP v2 supporting correct attribute handling. */
if ( new_rdn != NULL ) {
ldap_rdnfree( new_rdn );
}
if ( old_rdn != NULL ) {
ldap_rdnfree( old_rdn );
}
if( mod != NULL ) {
Modifications *tmp;
for (; mod; mod=tmp ) {
tmp = mod->sml_next;
free( mod );
}
}
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL, text, NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "<==backsql_modrdn()\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
return op->o_noop;
added back-sql files
2000-03-17 03:08:22 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
int
backsql_add(
BackendDB *be,
Connection *conn,
Operation *op,
Entry *e )
added back-sql files
2000-03-17 03:08:22 +08:00
{
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
backsql_info *bi = (backsql_info*)be->be_private;
SQLHDBC dbh;
SQLHSTMT sth;
unsigned long new_keyval = 0;
long i;
RETCODE rc;
backsql_oc_map_rec *oc = NULL;
backsql_at_map_rec *at_rec = NULL;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
backsql_entryID e_id, parent_id;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Entry p;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
int res;
Attribute *at;
struct berval *at_val;
struct berval pdn;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
/* first parameter #, parameter order */
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLUSMALLINT pno, po;
/* procedure return code */
int prc;
Debug( LDAP_DEBUG_TRACE, "==>backsql_add(): adding entry '%s'\n",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
e->e_name.bv_val, 0, 0 );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
various fixes and improvements
2002-09-03 03:39:31 +08:00
/* check schema */
if ( global_schemacheck ) {
const char *text = NULL;
char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' };
int rc;
rc = entry_schema_check( be, e, NULL,
&text, textbuf, sizeof( textbuf ) );
if ( rc != LDAP_SUCCESS ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
various fixes and improvements
2002-09-03 03:39:31 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"entry failed schema check -- aborting\n",
0, 0, 0 );
send_ldap_result( conn, op, rc, NULL,
"operation not permitted "
"within namingContext",
NULL, NULL );
return 1;
}
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
various fixes and improvements
2002-09-03 03:39:31 +08:00
/* search structural objectClass */
for ( at = e->e_attrs; at != NULL; at = at->a_next ) {
if ( at->a_desc == slap_schema.si_ad_structuralObjectClass ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
break;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
}
various fixes and improvements
2002-09-03 03:39:31 +08:00
/* there must exist */
assert( at != NULL );
/* I guess we should play with sub/supertypes to find a suitable oc */
oc = backsql_name2oc( bi, &at->a_vals[0] );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( oc == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"cannot determine objectclass of entry -- aborting\n",
0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
"operation not permitted within namingContext",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
if ( oc->create_proc == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"create procedure is not defined for this objectclass "
"- aborting\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
"operation not permitted within namingContext",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
} else if ( BACKSQL_CREATE_NEEDS_SELECT( bi )
&& oc->create_keyval == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
various fixes and improvements
2002-09-03 03:39:31 +08:00
"create procedure needs select procedure, "
"but none is defined - aborting\n", 0, 0, 0 );
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"operation not permitted within namingContext",
NULL, NULL );
return 1;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
prc = backsql_get_db_conn( be, conn, &dbh );
if ( prc != LDAP_SUCCESS ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"could not get connection handle - exiting\n",
0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, prc, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
prc == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/*
* Check if entry exists
*/
res = backsql_dn2id( bi, &e_id, dbh, &e->e_name );
if ( res == LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"entry '%s' exists\n",
e->e_name.bv_val, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_ALREADY_EXISTS,
NULL, NULL, NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
return 1;
}
/*
* Check if parent exists
*/
dnParent( &e->e_name, &pdn );
res = backsql_dn2id( bi, &parent_id, dbh, &pdn );
if ( res != LDAP_SUCCESS ) {
/*
* NO SUCH OBJECT seems more appropriate
*/
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"could not lookup parent entry for new record '%s'\n",
pdn.bv_val, 0, 0 );
if ( res != LDAP_NO_SUCH_OBJECT ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res,
NULL, NULL, NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
return 1;
}
/*
* Look for matched
*/
while ( 1 ) {
struct berval dn;
various fixes and improvements
2002-09-03 03:39:31 +08:00
char *matched = NULL;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
dn = pdn;
dnParent( &dn, &pdn );
/*
* Empty DN ("") defaults to LDAP_SUCCESS
*/
res = backsql_dn2id( bi, &parent_id, dbh, &pdn );
switch ( res ) {
case LDAP_NO_SUCH_OBJECT:
if ( pdn.bv_len > 0 ) {
break;
}
/* fail over to next case */
case LDAP_SUCCESS:
matched = pdn.bv_val;
/* fail over to next case */
default:
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res,
matched, NULL, NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
return 1;
}
}
}
/*
* create_proc is executed; if expect_return is set, then
* an output parameter is bound, which should contain
* the id of the added row; otherwise the procedure
* is expected to return the id as the first column of a select
*/
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
p.e_attrs = NULL;
p.e_name = pdn;
dnParent( &e->e_nname, &p.e_nname );
if ( !access_allowed( be, conn, op, &p, slap_schema.si_ad_children,
NULL, ACL_WRITE, NULL ) ) {
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
NULL, NULL, NULL, NULL );
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
rc = SQLAllocStmt( dbh, &sth );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( rc != SQL_SUCCESS ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( BACKSQL_IS_ADD( oc->expect_return ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLBindParameter( sth, 1, SQL_PARAM_OUTPUT, SQL_C_ULONG,
SQL_INTEGER, 0, 0, &new_keyval, 0, 0 );
}
Debug( LDAP_DEBUG_TRACE, "backsql_add(): executing '%s'\n",
oc->create_proc, 0, 0 );
rc = SQLExecDirect( sth, oc->create_proc, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"create_proc execution failed\n", 0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc);
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
various fixes and improvements
2002-09-03 03:39:31 +08:00
if ( op->o_noop ) {
SQLTransact( SQL_NULL_HENV, dbh, SQL_ROLLBACK );
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( !BACKSQL_IS_ADD( oc->expect_return ) ) {
SWORD ncols;
various fixes and improvements
2002-09-03 03:39:31 +08:00
SQLINTEGER value_len;
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_CREATE_NEEDS_SELECT( bi ) ) {
#ifndef BACKSQL_REALLOC_STMT
SQLFreeStmt( sth, SQL_RESET_PARAMS );
#else /* BACKSQL_REALLOC_STMT */
SQLFreeStmt( sth, SQL_DROP );
rc = SQLAllocStmt( dbh, &sth );
if ( rc != SQL_SUCCESS ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error",
NULL, NULL );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
return 1;
}
#endif /* BACKSQL_REALLOC_STMT */
rc = SQLExecDirect( sth, oc->create_keyval, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error",
NULL, NULL );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
return 1;
}
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
/*
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
* the query to know the id of the inserted entry
* must be embedded in the create procedure
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
*/
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
rc = SQLNumResultCols( sth, &ncols );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"create_proc result evaluation failed\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc);
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
return 1;
} else if ( ncols != 1 ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"create_proc result is bogus (ncols=%d)\n",
ncols, 0, 0 );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
backsql_PrintErrors( bi->db_env, dbh, sth, rc);
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
return 1;
}
#if 0
{
SQLCHAR colname[ 64 ];
SQLSMALLINT name_len, col_type, col_scale, col_null;
UDWORD col_prec;
/*
* FIXME: check whether col_type is compatible,
* if it can be null and so on ...
*/
rc = SQLDescribeCol( sth, (SQLUSMALLINT)1,
&colname[ 0 ],
(SQLUINTEGER)( sizeof( colname ) - 1 ),
&name_len, &col_type,
&col_prec, &col_scale, &col_null );
}
#endif
rc = SQLBindCol( sth, (SQLUSMALLINT)1, SQL_C_ULONG,
(SQLPOINTER)&new_keyval,
(SQLINTEGER)sizeof( new_keyval ),
various fixes and improvements
2002-09-03 03:39:31 +08:00
&value_len );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
rc = SQLFetch( sth );
various fixes and improvements
2002-09-03 03:39:31 +08:00
if ( value_len <= 0 ) {
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
various fixes and improvements
2002-09-03 03:39:31 +08:00
"create_proc result is empty?\n",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc);
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
return 1;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
#ifndef BACKSQL_REALLOC_STMT
SQLFreeStmt( sth, SQL_RESET_PARAMS );
#else /* BACKSQL_REALLOC_STMT */
SQLFreeStmt( sth, SQL_DROP );
#endif /* BACKSQL_REALLOC_STMT */
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"create_proc returned keyval=%ld\n", new_keyval, 0, 0 );
for ( at = e->e_attrs; at != NULL; at = at->a_next ) {
SQLUSMALLINT currpos;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"adding attribute '%s'\n",
at->a_desc->ad_cname.bv_val, 0, 0 );
/*
* Skip:
* - the first occurrence of objectClass, which is used
* to determine how to bulid the SQL entry (FIXME ?!?)
* - operational attributes
* empty attributes (FIXME ?!?)
*/
if ( backsql_attr_skip( at->a_desc, at->a_vals ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
continue;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
at_rec = backsql_ad2at( oc, at->a_desc );
Summary of changes: - filter -> SQL translation bugfixes - several memory leaks fixups - improved configurability: - allows definition of uppercasing function to support CIS matching on databases that do case sensitive compares (this fixes up Oracle issues, example updated) - allows more flexibility in stored procedures interface (different parameter order, optional return codes - see samples, and comments in backsql.h) - synchronize function interfaces to recent changes in prototypes ("const" clauses etc.) made for all backends (those changes led to compile-time errors)
2000-05-27 00:03:32 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( at_rec == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"attribute '%s' is not registered "
"in objectclass '%s'\n",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
at->a_desc->ad_cname.bv_val,
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
BACKSQL_OC_NAME( oc ), 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
send_ldap_result( conn, op,
various fixes and improvements
2002-09-03 03:39:31 +08:00
LDAP_UNWILLING_TO_PERFORM, NULL,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"operation not permitted "
"within namingContext",
NULL, NULL );
return 1;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
continue;
}
if ( at_rec->add_proc == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"add procedure is not defined "
"for attribute '%s'\n",
at->a_desc->ad_cname.bv_val, 0, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
send_ldap_result( conn, op,
various fixes and improvements
2002-09-03 03:39:31 +08:00
LDAP_UNWILLING_TO_PERFORM, NULL,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"operation not permitted "
"within namingContext",
NULL, NULL );
return 1;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
continue;
}
#ifdef BACKSQL_REALLOC_STMT
rc = backsql_Prepare( dbh, &sth, at_rec->add_proc, 0 );
if ( rc != SQL_SUCCESS ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error",
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
NULL, NULL );
return 1;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
continue;
}
#endif /* BACKSQL_REALLOC_STMT */
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( BACKSQL_IS_ADD( at_rec->expect_return ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
pno = 1;
SQLBindParameter( sth, 1, SQL_PARAM_OUTPUT,
SQL_C_ULONG, SQL_INTEGER,
0, 0, &prc, 0, 0 );
} else {
pno = 0;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
po = ( BACKSQL_IS_ADD( at_rec->param_order ) ) > 0;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
currpos = pno + 1 + po;
SQLBindParameter( sth, currpos,
SQL_PARAM_INPUT, SQL_C_ULONG,
SQL_INTEGER, 0, 0, &new_keyval, 0, 0 );
currpos = pno + 2 - po;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
for ( i = 0, at_val = &at->a_vals[ i ];
at_val->bv_val != NULL;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
i++, at_val = &at->a_vals[ i ] ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
/*
* Do not deal with the objectClass that is used
* to build the entry
*/
if ( at->a_desc == slap_schema.si_ad_objectClass ) {
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
if ( bvmatch( at_val, &oc->oc->soc_cname ) ) {
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
continue;
}
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
/*
* check for syntax needed here
* maybe need binary bind?
*/
backsql_BindParamStr( sth, currpos,
at_val->bv_val, at_val->bv_len + 1 );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifdef SECURITY_PARANOID
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"executing '%s', id=%ld\n",
at_rec->add_proc, new_keyval, 0 );
#else
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"executing '%s' with val='%s', id=%ld\n",
at_rec->add_proc, at_val->bv_val, new_keyval );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#endif
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
#ifndef BACKSQL_REALLOC_STMT
rc = SQLExecDirect( sth, at_rec->add_proc, SQL_NTS );
#else /* BACKSQL_REALLOC_STMT */
rc = SQLExecute( sth );
#endif /* BACKSQL_REALLOC_STMT */
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"add_proc execution failed\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
if ( BACKSQL_FAIL_IF_NO_MAPPING( bi ) ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"SQL-backend error",
NULL, NULL );
return 1;
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
}
}
#ifndef BACKSQL_REALLOC_STMT
SQLFreeStmt( sth, SQL_RESET_PARAMS );
#else /* BACKSQL_REALLOC_STMT */
SQLFreeStmt( sth, SQL_DROP );
#endif /* BACKSQL_REALLOC_STMT */
}
#ifdef BACKSQL_REALLOC_STMT
rc = backsql_Prepare( dbh, &sth, bi->insentry_query, 0 );
if ( rc != SQL_SUCCESS ) {
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
#endif /* BACKSQL_REALLOC_STMT */
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
backsql_BindParamStr( sth, 1, e->e_name.bv_val, BACKSQL_MAX_DN_LEN );
SQLBindParameter( sth, 2, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
0, 0, &oc->id, 0, 0 );
SQLBindParameter( sth, 3, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
0, 0, &parent_id.id, 0, 0 );
SQLBindParameter( sth, 4, SQL_PARAM_INPUT, SQL_C_LONG, SQL_INTEGER,
0, 0, &new_keyval, 0, 0 );
Debug( LDAP_DEBUG_TRACE, "backsql_add(): executing '%s' for dn '%s'\n",
bi->insentry_query, e->e_name.bv_val, 0 );
Debug( LDAP_DEBUG_TRACE, " for oc_map_id=%ld, parent_id=%ld, "
"keyval=%ld\n", oc->id, parent_id.id, new_keyval );
#ifndef BACKSQL_REALLOC_STMT
rc = SQLExecDirect( sth, bi->insentry_query, SQL_NTS );
#else /* BACKSQL_REALLOC_STMT */
rc = SQLExecute( sth );
#endif /* BACKSQL_REALLOC_STMT */
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_add(): "
"could not insert ldap_entries record\n", 0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc );
/*
* execute delete_proc to delete data added !!!
*/
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
SQLFreeStmt( sth, SQL_DROP );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/*
* Commit only if all operations succeed
*/
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
SQLTransact( SQL_NULL_HENV, dbh,
various fixes and improvements
2002-09-03 03:39:31 +08:00
op->o_noop ? SQL_ROLLBACK : SQL_COMMIT );
/*
* FIXME: NOOP does not work for add -- it works for all
* the other operations, and I don't get the reason :(
*/
send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL, NULL, NULL );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
various fixes and improvements
2002-09-03 03:39:31 +08:00
return op->o_noop;
added back-sql files
2000-03-17 03:08:22 +08:00
}
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
int
backsql_delete(
BackendDB *be,
Connection *conn,
Operation *op,
struct berval *dn,
struct berval *ndn )
added back-sql files
2000-03-17 03:08:22 +08:00
{
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
backsql_info *bi = (backsql_info*)be->be_private;
SQLHDBC dbh;
SQLHSTMT sth;
RETCODE rc;
backsql_oc_map_rec *oc = NULL;
backsql_entryID e_id;
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
Entry e;
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
int res;
/* first parameter no */
SQLUSMALLINT pno;
Debug( LDAP_DEBUG_TRACE, "==>backsql_delete(): deleting entry '%s'\n",
ndn->bv_val, 0, 0 );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
dnParent( dn, &e.e_name );
dnParent( ndn, &e.e_nname );
e.e_attrs = NULL;
/* check parent for "children" acl */
if ( !access_allowed( be, conn, op, &e, slap_schema.si_ad_children,
NULL, ACL_WRITE, NULL ) ) {
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"no write access to parent\n",
0, 0, 0 );
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
various fixes and improvements
2002-09-03 03:39:31 +08:00
NULL, NULL, NULL, NULL );
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res = backsql_get_db_conn( be, conn, &dbh );
if ( res != LDAP_SUCCESS ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"could not get connection handle - exiting\n",
0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL,
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
res == LDAP_OTHER ? "SQL-backend error" : "",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
res = backsql_dn2id( bi, &e_id, dbh, ndn );
if ( res != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"could not lookup entry id\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, res, NULL, NULL, NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
res = backsql_has_children( bi, dbh, ndn );
switch ( res ) {
case LDAP_COMPARE_TRUE:
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"entry \"%s\" has children\n", dn->bv_val, 0, 0 );
send_ldap_result( conn, op, LDAP_NOT_ALLOWED_ON_NONLEAF,
NULL, "subtree delete not supported",
NULL, NULL );
return 1;
case LDAP_COMPARE_FALSE:
break;
default:
send_ldap_result( conn, op, res, NULL, NULL, NULL, NULL );
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
oc = backsql_id2oc( bi, e_id.oc_id );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
if ( oc == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
various fixes and improvements
2002-09-03 03:39:31 +08:00
"cannot determine objectclass of entry -- aborting\n",
0, 0, 0 );
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"operation not permitted within namingContext",
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
if ( oc->delete_proc == NULL ) {
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"delete procedure is not defined "
"for this objectclass - aborting\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
Final run of changes to back-sql; IBM db2 support has been tested. Now related ITSes need be audited and possibly closed. Enhancements: - re-styled code for better readability - upgraded backend API to reflect recent changes - LDAP schema is checked when loading SQL/LDAP mapping - AttributeDescription/ObjectClass pointers used for more efficient mapping lookup - bervals used where string length is required often - atomized write operations by committing at the end of each operation and defaulting connection closure to rollback - added LDAP access control to write operations - fully implemented modrdn (with rdn attrs change, deleteoldrdn, access check, parent/children check and more) - added parent access control, children control to delete operation - added structuralObjectClass operational attribute check and value return on search - added hasSubordinate operational attribute on demand - search limits are appropriately enforced - function backsql_strcat() has been made more efficient - concat function has been made configurable by means of a pattern - added config switches: - fail_if_no_mapping write operations fail if there is no mapping - has_ldapinfo_dn_ru overrides autodetect - concat_pattern a string containing two '?' is used (note that "?||?" should be more portable than builtin function "CONCAT(?,?)") - strcast_func cast of string constants in "SELECT DISTINCT statements (needed by PostgreSQL) - upper_needs_cast cast the argument of upper when required (basically when building dn substring queries) Todo: - add security checks for SQL statements that can be injected (?) - re-test with previously supported RDBMs - replace dn_ru and so with normalized dn (no need for upper() and so in dn match) - implement a backsql_normalize() function to replace the upper() conversion routines - note that subtree deletion, subtree renaming and so could be easily implemented (rollback and consistency checks are available :) - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 16:54:08 +08:00
"operation not permitted within namingContext",
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
SQLAllocStmt( dbh, &sth );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
if ( BACKSQL_IS_DEL( oc->expect_return ) ) {
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
pno = 1;
SQLBindParameter( sth, 1, SQL_PARAM_OUTPUT, SQL_C_ULONG,
SQL_INTEGER, 0, 0, &rc, 0, 0 );
} else {
pno = 0;
}
SQLBindParameter( sth, pno + 1, SQL_PARAM_INPUT,
SQL_C_ULONG, SQL_INTEGER, 0, 0, &e_id.keyval, 0, 0 );
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): executing '%s'\n",
oc->delete_proc, 0, 0 );
rc = SQLExecDirect( sth, oc->delete_proc, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"delete_proc execution failed\n", 0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc );
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#ifndef BACKSQL_REALLOC_STMT
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLFreeStmt( sth, SQL_RESET_PARAMS );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
#else /* BACKSQL_REALLOC_STMT */
SQLFreeStmt( sth, SQL_DROP );
SQLAllocStmt( dbh, &sth );
#endif /* BACKSQL_REALLOC_STMT */
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
SQLBindParameter( sth, 1, SQL_PARAM_INPUT, SQL_C_ULONG, SQL_INTEGER,
0, 0, &e_id.id, 0, 0 );
rc = SQLExecDirect( sth, bi->delentry_query, SQL_NTS );
if ( rc != SQL_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, "backsql_delete(): "
"failed to delete record from ldap_entries\n",
0, 0, 0 );
backsql_PrintErrors( bi->db_env, dbh, sth, rc );
SQLFreeStmt( sth, SQL_DROP );
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "SQL-backend error", NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
return 1;
}
SQLFreeStmt( sth, SQL_DROP );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
/*
* Commit only if all operations succeed
*
* FIXME: backsql_add() does not fail if add operations
* are not available for some attributes, or if
* a multiple value add actually results in a replace,
* or if a single operation on an attribute fails
* for any reason
*/
- added the capability to filter based on hasSubordinate attribute to back-bdb, back-ldbm and back-sql (the latter with limitations); - added handling of ":dn" attributes to extended rfc2254 filters and to matched value filter - altered the behavior of get_mra() when a matching rule is given: now it checks whether it is compatible with the attribute syntax and, in case it is, the given mr is used. In case of no type, the check is delayed when filtering
2002-08-29 18:55:48 +08:00
SQLTransact( SQL_NULL_HENV, dbh,
various fixes and improvements
2002-09-03 03:39:31 +08:00
op->o_noop ? SQL_ROLLBACK : SQL_COMMIT );
CHANGES: - now all write operations appear to work correctly with PostgeSQL 7.0 - all write operations have been made transactional (atomic writes to entries are committed separately only in case of complete^1 success while all other operations are rolled-back by default) - more cleanup and handling of exceptional conditions TODO: - deen to check with different databases and more up to date versions of both unixODBC and PostgreSQL. ^1: attribute add/modify/delete operations silently succeed if the appropriate add/delete proc does not exist for each attribute; this may be correct to hide undesired/unimplemented correspondence between LDAP and SQL databases; however, a more appropriate LDAP behavior would be a failure with LDAP_UNAVAILABLE if a single write operation cannot be executed for such reason
2002-08-17 00:45:24 +08:00
various fixes and improvements
2002-09-03 03:39:31 +08:00
send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL, NULL, NULL );
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Debug( LDAP_DEBUG_TRACE, "<==backsql_delete()\n", 0, 0, 0 );
various fixes and improvements
2002-09-03 03:39:31 +08:00
return op->o_noop;
added back-sql files
2000-03-17 03:08:22 +08:00
}
wrap sql *.c files with #ifdef SLAPD_SQL to facilate NT builds without -DSLAPD_SQL
2000-03-19 14:18:27 +08:00
Summary of changes: - filter -> SQL translation bugfixes - several memory leaks fixups - improved configurability: - allows definition of uppercasing function to support CIS matching on databases that do case sensitive compares (this fixes up Oracle issues, example updated) - allows more flexibility in stored procedures interface (different parameter order, optional return codes - see samples, and comments in backsql.h) - synchronize function interfaces to recent changes in prototypes ("const" clauses etc.) made for all backends (those changes led to compile-time errors)
2000-05-27 00:03:32 +08:00
#endif /* SLAPD_SQL */
changes: - re-style according to the style giudelines for better readability - updated to recent frontend/backend API changes - fixed a few quirks about normalization - "optimized" a few memory allocation/string handling functions - fixed a few quirks about add/modify (still have to look ad modrdn) todo: - there is still something broken (at least with PostgreSQL and IBM db2, the two RDBMS O have at hand) when adding - move everything to struct bervals and try to save a few strlen - try some LDAP/SQL syntax relation to use appropriate value bind if possible - ...
2002-08-14 01:12:27 +08:00
Reference in New Issue Copy Permalink