mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-06 10:46:21 +08:00
save old values when deleting (ITS#5258; not optimal)
This commit is contained in:
parent
7a3f73efd8
commit
8958bcd60f
@ -748,102 +748,133 @@ memberof_op_modify( Operation *op, SlapReply *rs )
|
|||||||
save_dn = op->o_dn;
|
save_dn = op->o_dn;
|
||||||
save_ndn = op->o_ndn;
|
save_ndn = op->o_ndn;
|
||||||
|
|
||||||
if ( MEMBEROF_DANGLING_CHECK( mo )
|
if ( memberof_isGroupOrMember( op, &iswhat ) == LDAP_SUCCESS
|
||||||
&& !get_relax( op )
|
&& ( iswhat & MEMBEROF_IS_GROUP ) )
|
||||||
&& memberof_isGroupOrMember( op, &iswhat ) == LDAP_SUCCESS
|
|
||||||
&& ( iswhat & MEMBEROF_IS_GROUP ) )
|
|
||||||
{
|
{
|
||||||
op->o_dn = op->o_bd->be_rootdn;
|
Modifications *ml;
|
||||||
op->o_dn = op->o_bd->be_rootndn;
|
int save_member = 0;
|
||||||
op->o_bd->bd_info = (BackendInfo *)on->on_info;
|
|
||||||
|
for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
|
||||||
assert( op->orm_modlist != NULL );
|
if ( ml->sml_desc == mo->mo_ad_member ) {
|
||||||
|
switch ( ml->sml_op ) {
|
||||||
for ( mlp = &op->orm_modlist; *mlp; ) {
|
case LDAP_MOD_DELETE:
|
||||||
Modifications *ml = *mlp;
|
case LDAP_MOD_REPLACE:
|
||||||
int i;
|
save_member = 1;
|
||||||
|
break;
|
||||||
if ( !is_ad_subtype( ml->sml_desc, mo->mo_ad_member ) ) {
|
}
|
||||||
mlp = &ml->sml_next;
|
|
||||||
continue;
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
switch ( ml->sml_op ) {
|
|
||||||
case LDAP_MOD_DELETE:
|
if ( save_member ) {
|
||||||
/* we don't care about cancellations: if the value
|
BerVarray vals = NULL;
|
||||||
* exists, fine; if it doesn't, we let the underlying
|
|
||||||
* database fail as appropriate; */
|
op->o_dn = op->o_bd->be_rootdn;
|
||||||
mlp = &ml->sml_next;
|
op->o_dn = op->o_bd->be_rootndn;
|
||||||
break;
|
op->o_bd->bd_info = (BackendInfo *)on->on_info;
|
||||||
|
rc = backend_attribute( op, NULL, &op->o_req_ndn,
|
||||||
case LDAP_MOD_REPLACE:
|
mo->mo_ad_member, &vals, ACL_READ );
|
||||||
case LDAP_MOD_ADD:
|
op->o_bd->bd_info = (BackendInfo *)on;
|
||||||
/* NOTE: right now, the attributeType we use
|
if ( rc == LDAP_SUCCESS && vals != NULL ) {
|
||||||
* for member must have a normalized value */
|
memberof_saved_member_set( op, &saved_member_vals, vals );
|
||||||
assert( ml->sml_nvalues != NULL );
|
ber_bvarray_free_x( vals, op->o_tmpmemctx );
|
||||||
|
}
|
||||||
for ( i = 0; !BER_BVISNULL( &ml->sml_nvalues[ i ] ); i++ ) {
|
}
|
||||||
int rc;
|
|
||||||
Entry *e;
|
if ( MEMBEROF_DANGLING_CHECK( mo )
|
||||||
|
&& !get_relax( op ) )
|
||||||
if ( be_entry_get_rw( op, &ml->sml_nvalues[ i ],
|
{
|
||||||
NULL, NULL, 0, &e ) == LDAP_SUCCESS )
|
op->o_dn = op->o_bd->be_rootdn;
|
||||||
{
|
op->o_dn = op->o_bd->be_rootndn;
|
||||||
be_entry_release_r( op, e );
|
op->o_bd->bd_info = (BackendInfo *)on->on_info;
|
||||||
continue;
|
|
||||||
}
|
assert( op->orm_modlist != NULL );
|
||||||
|
|
||||||
if ( MEMBEROF_DANGLING_ERROR( mo ) ) {
|
for ( mlp = &op->orm_modlist; *mlp; ) {
|
||||||
rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
|
Modifications *ml = *mlp;
|
||||||
rs->sr_text = "adding non-existing object "
|
int i;
|
||||||
"as group member";
|
|
||||||
send_ldap_result( op, rs );
|
if ( !is_ad_subtype( ml->sml_desc, mo->mo_ad_member ) ) {
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( MEMBEROF_DANGLING_DROP( mo ) ) {
|
|
||||||
int j;
|
|
||||||
|
|
||||||
Debug( LDAP_DEBUG_ANY, "%s: memberof_op_modify(\"%s\"): "
|
|
||||||
"member=\"%s\" does not exist (stripping...)\n",
|
|
||||||
op->o_log_prefix, op->o_req_dn.bv_val,
|
|
||||||
ml->sml_nvalues[ i ].bv_val );
|
|
||||||
|
|
||||||
for ( j = i + 1; !BER_BVISNULL( &ml->sml_nvalues[ j ] ); j++ );
|
|
||||||
ber_memfree( ml->sml_values[ i ].bv_val );
|
|
||||||
BER_BVZERO( &ml->sml_values[ i ] );
|
|
||||||
ber_memfree( ml->sml_nvalues[ i ].bv_val );
|
|
||||||
BER_BVZERO( &ml->sml_nvalues[ i ] );
|
|
||||||
ml->sml_numvals--;
|
|
||||||
if ( j - i == 1 ) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
AC_MEMCPY( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
|
|
||||||
sizeof( struct berval ) * ( j - i ) );
|
|
||||||
AC_MEMCPY( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
|
|
||||||
sizeof( struct berval ) * ( j - i ) );
|
|
||||||
i--;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( BER_BVISNULL( &ml->sml_nvalues[ 0 ] ) ) {
|
|
||||||
*mlp = ml->sml_next;
|
|
||||||
slap_mod_free( &ml->sml_mod, 0 );
|
|
||||||
free( ml );
|
|
||||||
|
|
||||||
} else {
|
|
||||||
mlp = &ml->sml_next;
|
mlp = &ml->sml_next;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
switch ( ml->sml_op ) {
|
||||||
|
case LDAP_MOD_DELETE:
|
||||||
|
/* we don't care about cancellations: if the value
|
||||||
|
* exists, fine; if it doesn't, we let the underlying
|
||||||
|
* database fail as appropriate; */
|
||||||
|
mlp = &ml->sml_next;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case LDAP_MOD_REPLACE:
|
||||||
|
case LDAP_MOD_ADD:
|
||||||
|
/* NOTE: right now, the attributeType we use
|
||||||
|
* for member must have a normalized value */
|
||||||
|
assert( ml->sml_nvalues != NULL );
|
||||||
|
|
||||||
|
for ( i = 0; !BER_BVISNULL( &ml->sml_nvalues[ i ] ); i++ ) {
|
||||||
|
int rc;
|
||||||
|
Entry *e;
|
||||||
|
|
||||||
|
if ( be_entry_get_rw( op, &ml->sml_nvalues[ i ],
|
||||||
|
NULL, NULL, 0, &e ) == LDAP_SUCCESS )
|
||||||
|
{
|
||||||
|
be_entry_release_r( op, e );
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( MEMBEROF_DANGLING_ERROR( mo ) ) {
|
||||||
|
rc = rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
|
||||||
|
rs->sr_text = "adding non-existing object "
|
||||||
|
"as group member";
|
||||||
|
send_ldap_result( op, rs );
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( MEMBEROF_DANGLING_DROP( mo ) ) {
|
||||||
|
int j;
|
||||||
|
|
||||||
|
Debug( LDAP_DEBUG_ANY, "%s: memberof_op_modify(\"%s\"): "
|
||||||
|
"member=\"%s\" does not exist (stripping...)\n",
|
||||||
|
op->o_log_prefix, op->o_req_dn.bv_val,
|
||||||
|
ml->sml_nvalues[ i ].bv_val );
|
||||||
|
|
||||||
|
for ( j = i + 1; !BER_BVISNULL( &ml->sml_nvalues[ j ] ); j++ );
|
||||||
|
ber_memfree( ml->sml_values[ i ].bv_val );
|
||||||
|
BER_BVZERO( &ml->sml_values[ i ] );
|
||||||
|
ber_memfree( ml->sml_nvalues[ i ].bv_val );
|
||||||
|
BER_BVZERO( &ml->sml_nvalues[ i ] );
|
||||||
|
ml->sml_numvals--;
|
||||||
|
if ( j - i == 1 ) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
AC_MEMCPY( &ml->sml_values[ i ], &ml->sml_values[ i + 1 ],
|
||||||
|
sizeof( struct berval ) * ( j - i ) );
|
||||||
|
AC_MEMCPY( &ml->sml_nvalues[ i ], &ml->sml_nvalues[ i + 1 ],
|
||||||
|
sizeof( struct berval ) * ( j - i ) );
|
||||||
|
i--;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( BER_BVISNULL( &ml->sml_nvalues[ 0 ] ) ) {
|
||||||
|
*mlp = ml->sml_next;
|
||||||
|
slap_mod_free( &ml->sml_mod, 0 );
|
||||||
|
free( ml );
|
||||||
|
|
||||||
|
} else {
|
||||||
|
mlp = &ml->sml_next;
|
||||||
|
}
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
assert( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
|
||||||
|
|
||||||
default:
|
|
||||||
assert( 0 );
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( mmlp != NULL ) {
|
if ( mmlp != NULL ) {
|
||||||
Modifications *ml = *mmlp;
|
Modifications *ml = *mmlp;
|
||||||
int i;
|
int i;
|
||||||
@ -1280,12 +1311,10 @@ memberof_res_modify( Operation *op, SlapReply *rs )
|
|||||||
/* fall thru */
|
/* fall thru */
|
||||||
|
|
||||||
case LDAP_MOD_REPLACE:
|
case LDAP_MOD_REPLACE:
|
||||||
|
vals = memberof_saved_member_get( op, &saved_member_vals );
|
||||||
|
|
||||||
/* delete all ... */
|
/* delete all ... */
|
||||||
op->o_bd->bd_info = (BackendInfo *)on->on_info;
|
if ( vals != NULL ) {
|
||||||
rc = backend_attribute( op, NULL, &op->o_req_ndn,
|
|
||||||
mo->mo_ad_member, &vals, ACL_READ );
|
|
||||||
op->o_bd->bd_info = (BackendInfo *)on;
|
|
||||||
if ( rc == LDAP_SUCCESS ) {
|
|
||||||
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
|
for ( i = 0; !BER_BVISNULL( &vals[ i ] ); i++ ) {
|
||||||
(void)memberof_value_modify( op, rs,
|
(void)memberof_value_modify( op, rs,
|
||||||
&vals[ i ], mo->mo_ad_memberof,
|
&vals[ i ], mo->mo_ad_memberof,
|
||||||
|
Loading…
Reference in New Issue
Block a user