New backend routine: back_attribute

2025-01-18 11:05:48 +08:00 · 2000-06-21 17:41:49 +00:00 · 2000-06-21 17:41:49 +00:00 · 51bd73ce7d
commit 51bd73ce7d
parent 295f3ba0aa
8 changed files with 145 additions and 0 deletions
--- a/servers/slapd/back-dnssrv/init.c
+++ b/servers/slapd/back-dnssrv/init.c
@ -66,6 +66,7 @@ dnssrv_back_initialize(

 	bi->bi_extended = 0;
 	bi->bi_acl_group = 0;
+	bi->bi_acl_attribute = 0;

 #ifdef HAVE_CYRUS_SASL
 	bi->bi_sasl_authorize = 0;
--- a/servers/slapd/back-ldap/init.c
+++ b/servers/slapd/back-ldap/init.c
@ -75,6 +75,7 @@ ldap_back_initialize(
 	bi->bi_extended = 0;

 	bi->bi_acl_group = ldap_back_group;
+	bi->bi_acl_attribute = 0;
 	bi->bi_chk_referrals = 0;

 #ifdef HAVE_CYRUS_SASL
--- a/servers/slapd/back-ldbm/attribute.c
+++ b/servers/slapd/back-ldbm/attribute.c
@ -0,0 +1,138 @@
+/* attribute.c - ldbm backend acl attribute routine */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+
+#include "slap.h"
+#include "back-ldbm.h"
+#include "proto-back-ldbm.h"
+
+
+/* return 0 IFF we can retrieve the attributes
+ * of entry with e_ndn
+ */
+int
+ldbm_back_attribute(
+	Backend	*be,
+	Connection *conn,
+	Operation *op,
+	Entry	*target,
+	const char	*e_ndn,
+	AttributeDescription *entry_at,
+	const char ***vals
+)
+{
+	struct ldbminfo *li = (struct ldbminfo *) be->be_private;    
+	Entry        *e;
+	int          i, j, rc = 1;
+	Attribute   *attr;
+	struct berval **abv;
+	char *s, **v;
+	const char *entry_at_name = entry_at->ad_cname->bv_val;
+
+	Debug( LDAP_DEBUG_ARGS,
+		"=> ldbm_back_attribute: gr dn: \"%s\"\n",
+		e_ndn, 0, 0 ); 
+	Debug( LDAP_DEBUG_ARGS,
+		"=> ldbm_back_attribute: at: \"%s\"\n", 
+		entry_at_name, 0, 0 ); 
+
+	Debug( LDAP_DEBUG_ARGS,
+		"=> ldbm_back_attribute: tr dn: \"%s\"\n",
+		target ? target->e_ndn : "", 0, 0 ); 
+
+	if (target != NULL && strcmp(target->e_ndn, e_ndn) == 0) {
+		/* we already have a LOCKED copy of the entry */
+		e = target;
+        	Debug( LDAP_DEBUG_ARGS,
+			"=> ldbm_back_attribute: target is entry: \"%s\"\n",
+			e_ndn, 0, 0 );
+
+	} else {
+		/* can we find entry with reader lock */
+		if ((e = dn2entry_r(be, e_ndn, NULL )) == NULL) {
+			Debug( LDAP_DEBUG_ACL,
+				"=> ldbm_back_attribute: cannot find entry: \"%s\"\n",
+					e_ndn, 0, 0 ); 
+			return( 1 );
+		}
+		
+		Debug( LDAP_DEBUG_ACL,
+			"=> ldbm_back_attribute: found entry: \"%s\"\n",
+			e_ndn, 0, 0 ); 
+    }
+
+	rc = 1;
+
+	/* find attribute values
+	 */
+        
+	if( is_entry_alias( e ) ) {
+		Debug( LDAP_DEBUG_ACL,
+			"<= ldbm_back_attribute: entry is an alias\n", 0, 0, 0 );
+		goto return_results;
+	}
+
+	if( is_entry_referral( e ) ) {
+		Debug( LDAP_DEBUG_ACL,
+			"<= ldbm_back_attribute: entry is an referral\n", 0, 0, 0 );
+		goto return_results;
+	}
+
+	if (conn != NULL && op != NULL
+		&& access_allowed(be, conn, op, e, slap_schema.si_ad_entry, NULL, ACL_SEARCH) == 0)
+	{
+		goto return_results;
+	}
+
+	if ((attr = attr_find(e->e_attrs, entry_at)) == NULL) {
+		Debug( LDAP_DEBUG_ACL,
+			"<= ldbm_back_attribute: failed to find %s\n",
+			entry_at_name, 0, 0 ); 
+		goto return_results;
+	}
+
+	if (conn != NULL && op != NULL
+		&& access_allowed(be, conn, op, e, entry_at, NULL, ACL_SEARCH) == 0)
+	{
+		goto return_results;
+	}
+
+	for ( i = 0; attr->a_vals[i] != NULL; i++ ) { }
+	v = (char **) ch_calloc( (i + 1), sizeof(char *) );
+	if (v != NULL) {
+		for ( j = 0, abv = attr->a_vals; --i >= 0; abv++ ) {
+			if ( (*abv)->bv_len > 0 ) {
+				s = ch_malloc( (*abv)->bv_len + 1 );
+				if( s == NULL )
+					break;
+				memcpy(s, (*abv)->bv_val, (*abv)->bv_len);
+				s[(*abv)->bv_len] = 0;
+				v[j++] = s;
+			}
+		}
+		v[j] = NULL;
+		*vals = v;
+	}
+
+	rc = 0;
+
+return_results:
+	if( target != e ) {
+		/* free entry and reader lock */
+		cache_return_entry_r( &li->li_cache, e );                 
+	}
+
+	Debug( LDAP_DEBUG_TRACE, "ldbm_back_attribute: rc=%d\n", rc, 0, 0 ); 
+	return(rc);
+}
+
--- a/servers/slapd/back-passwd/init.c
+++ b/servers/slapd/back-passwd/init.c
@ -54,6 +54,7 @@ passwd_back_initialize(
 	bi->bi_extended = 0;

 	bi->bi_acl_group = 0;
+	bi->bi_acl_attribute = 0;
 	bi->bi_chk_referrals = 0;

 #ifdef HAVE_CYRUS_SASL
--- a/servers/slapd/back-perl/init.c
+++ b/servers/slapd/back-perl/init.c
@ -97,6 +97,7 @@ perl_back_initialize(
 	bi->bi_extended = 0;

 	bi->bi_acl_group = 0;
+	bi->bi_acl_attribute = 0;
 	bi->bi_chk_referrals = 0;

 #ifdef HAVE_CYRUS_SASL
--- a/servers/slapd/back-shell/init.c
+++ b/servers/slapd/back-shell/init.c
@ -58,6 +58,7 @@ shell_back_initialize(
 	bi->bi_extended = 0;

 	bi->bi_acl_group = 0;
+	bi->bi_acl_attribute = 0;
 	bi->bi_chk_referrals = 0;

 #ifdef HAVE_CYRUS_SASL
--- a/servers/slapd/back-sql/init.c
+++ b/servers/slapd/back-sql/init.c
@ -66,6 +66,7 @@ int sql_back_initialize(
 	bi->bi_op_delete = backsql_delete;
 	
 	bi->bi_acl_group = 0;
+	bi->bi_acl_attribute = 0;
 	bi->bi_chk_referrals = 0;
 
 	bi->bi_connection_init = 0;
--- a/servers/slapd/back-tcl/tcl_init.c
+++ b/servers/slapd/back-tcl/tcl_init.c
@ -73,6 +73,7 @@ tcl_back_initialize (
 	bi->bi_op_abandon = tcl_back_abandon;

 	bi->bi_acl_group = 0;
+	bi->bi_acl_attribute = 0;
 	bi->bi_chk_referrals = 0;

 	bi->bi_connection_init = 0;