allow slapo-memberof to be used as global overlay, and thus provide cross-database integrity (ITS#5301)

This commit is contained in:
Pierangelo Masarati 2007-12-29 16:07:07 +00:00
parent cd673c2ff2
commit 22f0fa7eb8
3 changed files with 92 additions and 32 deletions
servers/slapd

View File

@ -42,6 +42,51 @@ static BackendInfo slap_frontendInfo;
static BackendDB slap_frontendDB;
BackendDB *frontendDB;
static int
fe_entry_get_rw(
Operation *op,
struct berval *ndn,
ObjectClass *oc,
AttributeDescription *at,
int rw,
Entry **e )
{
BackendDB *bd;
int rc = LDAP_NO_SUCH_OBJECT;
bd = op->o_bd;
op->o_bd = select_backend( ndn, 0 );
if ( op->o_bd != NULL ) {
if ( op->o_bd->be_fetch ) {
rc = op->o_bd->be_fetch( op, ndn, oc, at, rw, e );
}
}
op->o_bd = bd;
return rc;
}
static int
fe_entry_release_rw(
Operation *op,
Entry *e,
int rw )
{
BackendDB *bd;
int rc = LDAP_NO_SUCH_OBJECT;
bd = op->o_bd;
op->o_bd = select_backend( &e->e_nname, 0 );
if ( op->o_bd != NULL ) {
if ( op->o_bd->be_release ) {
rc = op->o_bd->be_release( op, e, rw );
}
}
op->o_bd = bd;
return rc;
}
int
frontend_init( void )
{
@ -115,10 +160,8 @@ frontend_init( void )
frontendDB->bd_info->bi_op_search = fe_op_search;
frontendDB->bd_info->bi_extended = fe_extended;
frontendDB->bd_info->bi_operational = fe_aux_operational;
#if 0
frontendDB->bd_info->bi_entry_get_rw = fe_entry_get_rw;
frontendDB->bd_info->bi_entry_release_rw = fe_entry_release_rw;
#endif
frontendDB->bd_info->bi_access_allowed = fe_access_allowed;
frontendDB->bd_info->bi_acl_group = fe_acl_group;
frontendDB->bd_info->bi_acl_attribute = fe_acl_attribute;

View File

@ -383,6 +383,10 @@ slap_mods_no_user_mod_check(
continue;
}
if ( ml->sml_flags & SLAP_MOD_INTERNAL ) {
continue;
}
if ( get_relax( op ) ) {
if ( ml->sml_desc->ad_type->sat_flags & SLAP_AT_MANAGEABLE ) {
ml->sml_flags |= SLAP_MOD_MANAGING;

View File

@ -407,6 +407,7 @@ memberof_value_modify(
slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
Modifications mod[ 2 ] = { { { 0 } } }, *ml;
struct berval values[ 4 ], nvalues[ 4 ];
int mcnt = 0;
op2.o_tag = LDAP_REQ_MODIFY;
@ -418,23 +419,28 @@ memberof_value_modify(
op2.o_callback = &cb;
op2.o_dn = op->o_bd->be_rootdn;
op2.o_ndn = op->o_bd->be_rootndn;
op2.orm_modlist = NULL;
ml = &mod[ 0 ];
ml->sml_numvals = 1;
ml->sml_values = &values[ 0 ];
ml->sml_values[ 0 ] = mo->mo_dn;
BER_BVZERO( &ml->sml_values[ 1 ] );
ml->sml_nvalues = &nvalues[ 0 ];
ml->sml_nvalues[ 0 ] = mo->mo_ndn;
BER_BVZERO( &ml->sml_nvalues[ 1 ] );
ml->sml_desc = slap_schema.si_ad_modifiersName;
ml->sml_type = ml->sml_desc->ad_cname;
ml->sml_op = LDAP_MOD_REPLACE;
ml->sml_flags = SLAP_MOD_INTERNAL;
ml->sml_next = NULL;
op2.orm_modlist = ml;
if ( !BER_BVISNULL( &mo->mo_ndn ) ) {
ml = &mod[ mcnt ];
ml->sml_numvals = 1;
ml->sml_values = &values[ 0 ];
ml->sml_values[ 0 ] = mo->mo_dn;
BER_BVZERO( &ml->sml_values[ 1 ] );
ml->sml_nvalues = &nvalues[ 0 ];
ml->sml_nvalues[ 0 ] = mo->mo_ndn;
BER_BVZERO( &ml->sml_nvalues[ 1 ] );
ml->sml_desc = slap_schema.si_ad_modifiersName;
ml->sml_type = ml->sml_desc->ad_cname;
ml->sml_op = LDAP_MOD_REPLACE;
ml->sml_flags = SLAP_MOD_INTERNAL;
ml->sml_next = op2.orm_modlist;
op2.orm_modlist = ml;
ml = &mod[ 1 ];
mcnt++;
}
ml = &mod[ mcnt ];
ml->sml_numvals = 1;
ml->sml_values = &values[ 2 ];
BER_BVZERO( &ml->sml_values[ 1 ] );
@ -443,14 +449,14 @@ memberof_value_modify(
ml->sml_desc = ad;
ml->sml_type = ml->sml_desc->ad_cname;
ml->sml_flags = SLAP_MOD_INTERNAL;
ml->sml_next = NULL;
op2.orm_modlist->sml_next = ml;
ml->sml_next = op2.orm_modlist;
op2.orm_modlist = ml;
if ( new_ndn != NULL ) {
assert( !BER_BVISNULL( new_dn ) );
assert( !BER_BVISNULL( new_ndn ) );
ml = &mod[ 1 ];
ml = &mod[ mcnt ];
ml->sml_op = LDAP_MOD_ADD;
ml->sml_values[ 0 ] = *new_dn;
@ -460,14 +466,18 @@ memberof_value_modify(
if ( rs2.sr_err != LDAP_SUCCESS ) {
char buf[ SLAP_TEXT_BUFLEN ];
snprintf( buf, sizeof( buf ),
"memberof_value_modify %s=\"%s\" failed err=%d",
ad->ad_cname.bv_val, new_dn->bv_val, rs2.sr_err );
"memberof_value_modify %s=\"%s\" failed err=%d text=%s",
ad->ad_cname.bv_val, new_dn->bv_val, rs2.sr_err, rs2.sr_text );
Debug( LDAP_DEBUG_ANY, "%s: %s\n", op->o_log_prefix, buf, 0 );
}
assert( op2.orm_modlist == &mod[ 0 ] );
assert( op2.orm_modlist->sml_next == &mod[ 1 ] );
ml = op2.orm_modlist->sml_next->sml_next;
assert( op2.orm_modlist == &mod[ mcnt ] );
assert( mcnt == 0 || op2.orm_modlist->sml_next == &mod[ 0 ] );
ml = op2.orm_modlist->sml_next;
if ( mcnt == 1 ) {
assert( ml == &mod[ 0 ] );
ml = ml->sml_next;
}
if ( ml != NULL ) {
slap_mods_free( ml, 1 );
}
@ -477,7 +487,7 @@ memberof_value_modify(
assert( !BER_BVISNULL( old_dn ) );
assert( !BER_BVISNULL( old_ndn ) );
ml = &mod[ 1 ];
ml = &mod[ mcnt ];
ml->sml_op = LDAP_MOD_DELETE;
ml->sml_values[ 0 ] = *old_dn;
@ -487,14 +497,17 @@ memberof_value_modify(
if ( rs2.sr_err != LDAP_SUCCESS ) {
char buf[ SLAP_TEXT_BUFLEN ];
snprintf( buf, sizeof( buf ),
"memberof_value_modify %s=\"%s\" failed err=%d",
ad->ad_cname.bv_val, old_dn->bv_val, rs2.sr_err );
"memberof_value_modify %s=\"%s\" failed err=%d text=%s",
ad->ad_cname.bv_val, old_dn->bv_val, rs2.sr_err, rs2.sr_text );
Debug( LDAP_DEBUG_ANY, "%s: %s\n", op->o_log_prefix, buf, 0 );
}
assert( op2.orm_modlist == &mod[ 0 ] );
assert( op2.orm_modlist->sml_next == &mod[ 1 ] );
ml = op2.orm_modlist->sml_next->sml_next;
assert( op2.orm_modlist == &mod[ mcnt ] );
ml = op2.orm_modlist->sml_next;
if ( mcnt == 1 ) {
assert( ml == &mod[ 0 ] );
ml = ml->sml_next;
}
if ( ml != NULL ) {
slap_mods_free( ml, 1 );
}
@ -1937,7 +1950,7 @@ memberof_db_open(
}
}
if ( BER_BVISNULL( &mo->mo_dn ) ) {
if ( BER_BVISNULL( &mo->mo_dn ) && !BER_BVISNULL( &be->be_rootdn ) ) {
ber_dupbv( &mo->mo_dn, &be->be_rootdn );
ber_dupbv( &mo->mo_ndn, &be->be_rootndn );
}