/*
we've made a modification to a dn - possibly reindex and
update sequence number
*/
static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
{
int ret = LDB_SUCCESS;
struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
/* only allow modifies inside a transaction, otherwise the
* ldb is unsafe */
if (ltdb->in_transaction == 0) {
ldb_set_errstring(ldb_module_get_ctx(module), "ltdb modify without transaction");
return LDB_ERR_OPERATIONS_ERROR;
}
if (ldb_dn_is_special(dn) &&
(ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
ret = ltdb_reindex(module);
}
/* If the modify was to a normal record, or any special except @BASEINFO, update the seq number */
if (ret == LDB_SUCCESS &&
!(ldb_dn_is_special(dn) &&
ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
ret = ltdb_increase_sequence_number(module);
}
/* If the modify was to @OPTIONS, reload the cache */
if (ret == LDB_SUCCESS &&
ldb_dn_is_special(dn) &&
(ldb_dn_check_special(dn, LTDB_OPTIONS)) ) {
ret = ltdb_cache_reload(module);
}
return ret;
}
/*
check special dn's have valid attributes
currently only @ATTRIBUTES is checked
*/
static int ltdb_check_special_dn(struct ldb_module *module,
const struct ldb_message *msg)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
unsigned int i, j;
if (! ldb_dn_is_special(msg->dn) ||
! ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
return LDB_SUCCESS;
}
/* we have @ATTRIBUTES, let's check attributes are fine */
/* should we check that we deny multivalued attributes ? */
for (i = 0; i < msg->num_elements; i++) {
if (ldb_attr_cmp(msg->elements[i].name, "distinguishedName") == 0) continue;
for (j = 0; j < msg->elements[i].num_values; j++) {
if (ltdb_check_at_attributes_values(&msg->elements[i].values[j]) != 0) {
ldb_set_errstring(ldb, "Invalid attribute value in an @ATTRIBUTES entry");
return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
}
}
}
return LDB_SUCCESS;
}
/*
we've made a modification to a dn - possibly reindex and
update sequence number
*/
static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn)
{
int ret = LDB_SUCCESS;
if (ldb_dn_is_special(dn) &&
(ldb_dn_check_special(dn, LTDB_INDEXLIST) ||
ldb_dn_check_special(dn, LTDB_ATTRIBUTES)) ) {
ret = ltdb_reindex(module);
}
if (ret == LDB_SUCCESS &&
!(ldb_dn_is_special(dn) &&
ldb_dn_check_special(dn, LTDB_BASEINFO)) ) {
ret = ltdb_increase_sequence_number(module);
}
return ret;
}
static int ltdb_add_internal(struct ldb_module *module,
const struct ldb_message *msg,
bool check_single_value)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
int ret = LDB_SUCCESS;
unsigned int i, j;
for (i=0;i<msg->num_elements;i++) {
struct ldb_message_element *el = &msg->elements[i];
const struct ldb_schema_attribute *a = ldb_schema_attribute_by_name(ldb, el->name);
if (el->num_values == 0) {
ldb_asprintf_errstring(ldb, "attribute '%s' on '%s' specified, but with 0 values (illegal)",
el->name, ldb_dn_get_linearized(msg->dn));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
if (check_single_value &&
el->num_values > 1 &&
ldb_tdb_single_valued(a, el)) {
ldb_asprintf_errstring(ldb, "SINGLE-VALUE attribute %s on %s specified more than once",
el->name, ldb_dn_get_linearized(msg->dn));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
/* Do not check "@ATTRIBUTES" for duplicated values */
if (ldb_dn_is_special(msg->dn) &&
ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
continue;
}
/* TODO: This is O(n^2) - replace with more efficient check */
for (j=0; j<el->num_values; j++) {
if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
ldb_asprintf_errstring(ldb,
"attribute '%s': value #%u on '%s' provided more than once",
el->name, j, ldb_dn_get_linearized(msg->dn));
return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
}
}
}
ret = ltdb_store(module, msg, TDB_INSERT);
if (ret != LDB_SUCCESS) {
if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
ldb_asprintf_errstring(ldb,
"Entry %s already exists",
ldb_dn_get_linearized(msg->dn));
}
return ret;
}
ret = ltdb_index_add_new(module, msg);
if (ret != LDB_SUCCESS) {
return ret;
}
ret = ltdb_modified(module, msg->dn);
return ret;
}