source4/dsdb/samdb/ldb_modules/instancetype.c

   1 /*
   2    ldb database library
   3
   4    Copyright (C) Simo Sorce  2004-2008
   5    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
   6    Copyright (C) Andrew Tridgell 2005
   7    Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22
  23 /*
  24  *  Name: ldb
  25  *
  26  *  Component: ldb instancetype module
  27  *
  28  *  Description: add an instanceType onto every new record
  29  *
  30  *  Author: Andrew Bartlett
  31  */
  32
  33 #include "includes.h"
  34 #include "ldb.h"
  35 #include "ldb_module.h"
  36 #include "librpc/gen_ndr/ndr_misc.h"
  37 #include "dsdb/samdb/samdb.h"
  38 #include "../libds/common/flags.h"
  39 #include "dsdb/samdb/ldb_modules/util.h"
  40
  41 struct it_context {
  42         struct ldb_module *module;
  43         struct ldb_request *req;
  44         struct ldb_request *add_req;
  45 };
  46
  47 static int it_add_callback(struct ldb_request *req, struct ldb_reply *ares)
  48 {
  49         struct ldb_context *ldb;
  50         struct it_context *ac;
  51
  52         ac = talloc_get_type(req->context, struct it_context);
  53         ldb = ldb_module_get_ctx(ac->module);
  54
  55         if (!ares) {
  56                 return ldb_module_done(ac->req, NULL, NULL,
  57                                         LDB_ERR_OPERATIONS_ERROR);
  58         }
  59
  60         if (ares->type == LDB_REPLY_REFERRAL) {
  61                 return ldb_module_send_referral(ac->req, ares->referral);
  62         }
  63
  64         if (ares->error != LDB_SUCCESS) {
  65                 return ldb_module_done(ac->req, ares->controls,
  66                                         ares->response, ares->error);
  67         }
  68
  69         if (ares->type != LDB_REPLY_DONE) {
  70                 ldb_set_errstring(ldb, "Invalid reply type!");
  71                 return ldb_module_done(ac->req, NULL, NULL,
  72                                         LDB_ERR_OPERATIONS_ERROR);
  73         }
  74
  75         /* Add the boilerplate entries */
  76
  77         return ldb_module_done(ac->req, ares->controls,
  78                                ares->response, ares->error);
  79 }
  80
  81 /* add_record: add instancetype attribute */
  82 static int instancetype_add(struct ldb_module *module, struct ldb_request *req)
  83 {
  84         struct ldb_context *ldb;
  85         struct ldb_request *down_req;
  86         struct ldb_message *msg;
  87         struct ldb_message_element *el;
  88         struct it_context *ac;
  89         uint32_t instanceType;
  90         int ret;
  91
  92         ldb = ldb_module_get_ctx(module);
  93
  94         ldb_debug(ldb, LDB_DEBUG_TRACE, "instancetype_add_record\n");
  95
  96         /* do not manipulate our control entries */
  97         if (ldb_dn_is_special(req->op.add.message->dn)) {
  98                 return ldb_next_request(module, req);
  99         }
 100
 101         el = ldb_msg_find_element(req->op.add.message, "instanceType");
 102         if (el != NULL) {
 103                 if (el->num_values != 1) {
 104                         ldb_set_errstring(ldb, "instancetype: the 'instanceType' attribute is single-valued!");
 105                         return LDB_ERR_UNWILLING_TO_PERFORM;
 106                 }
 107
 108                 instanceType = ldb_msg_find_attr_as_uint(req->op.add.message,
 109                                                          "instanceType", 0);
 110                 if (!(instanceType & INSTANCE_TYPE_IS_NC_HEAD)) {
 111                         /* if we have no NC add operation (no TYPE_IS_NC_HEAD)
 112                          * then "instanceType" can only be "0" or "TYPE_WRITE".
 113                          */
 114                         if ((instanceType != 0) &&
 115                             ((instanceType & INSTANCE_TYPE_WRITE) == 0)) {
 116                                 ldb_set_errstring(ldb, "instancetype: if TYPE_IS_NC_HEAD wasn't set, then only TYPE_WRITE or 0 are allowed!");
 117                                 return LDB_ERR_UNWILLING_TO_PERFORM;
 118                         }
 119
 120                         return ldb_next_request(module, req);
 121                 }
 122
 123                 /* if we have a NC add operation then we need also the
 124                  * "TYPE_WRITE" flag in order to succeed. */
 125                 if (!(instanceType & INSTANCE_TYPE_WRITE)) {
 126                         ldb_set_errstring(ldb, "instancetype: if TYPE_IS_NC_HEAD was set, then also TYPE_WRITE is requested!");
 127                         return LDB_ERR_UNWILLING_TO_PERFORM;
 128                 }
 129
 130                 /* Forward the 'add' to the modules below, but if it
 131                  * succeeds, then we might need to add the boilerplate
 132                  * entries (lost+found, deleted objects) */
 133                 ac = talloc(req, struct it_context);
 134                 if (ac == NULL) {
 135                         return ldb_oom(ldb);
 136                 }
 137                 ac->module = module;
 138                 ac->req = req;
 139
 140                 ret = ldb_build_add_req(&ac->add_req, ldb, ac,
 141                                         ac->req->op.add.message,
 142                                         ac->req->controls,
 143                                         ac, it_add_callback,
 144                                         ac->req);
 145                 LDB_REQ_SET_LOCATION(ac->add_req);
 146                 if (ret != LDB_SUCCESS) {
 147                         return ret;
 148                 }
 149
 150                 /* Do the original add */
 151                 return ldb_next_request(ac->module, ac->add_req);
 152         }
 153
 154         /* we have to copy the message as the caller might have it as a const */
 155         msg = ldb_msg_copy_shallow(req, req->op.add.message);
 156         if (msg == NULL) {
 157                 return ldb_oom(ldb);
 158         }
 159
 160         /*
 161          * TODO: calculate correct instance type
 162          */
 163         instanceType = INSTANCE_TYPE_WRITE;
 164
 165         ret = samdb_msg_add_uint(ldb, msg, msg, "instanceType", instanceType);
 166         if (ret != LDB_SUCCESS) {
 167                 return ret;
 168         }
 169
 170         ret = ldb_build_add_req(&down_req, ldb, req,
 171                                 msg,
 172                                 req->controls,
 173                                 req, dsdb_next_callback,
 174                                 req);
 175         LDB_REQ_SET_LOCATION(down_req);
 176         if (ret != LDB_SUCCESS) {
 177                 return ret;
 178         }
 179
 180         /* go on with the call chain */
 181         return ldb_next_request(module, down_req);
 182 }
 183
 184 /* deny instancetype modification */
 185 static int instancetype_mod(struct ldb_module *module, struct ldb_request *req)
 186 {
 187         struct ldb_context *ldb = ldb_module_get_ctx(module);
 188         struct ldb_message_element *el;
 189
 190         /* do not manipulate our control entries */
 191         if (ldb_dn_is_special(req->op.mod.message->dn)) {
 192                 return ldb_next_request(module, req);
 193         }
 194
 195         ldb_debug(ldb, LDB_DEBUG_TRACE, "instancetype_mod\n");
 196
 197         el = ldb_msg_find_element(req->op.mod.message, "instanceType");
 198         if (el != NULL) {
 199                 ldb_set_errstring(ldb, "instancetype: the 'instanceType' attribute can never be changed!");
 200                 return LDB_ERR_CONSTRAINT_VIOLATION;
 201         }
 202
 203         return ldb_next_request(module, req);
 204 }
 205
 206 static const struct ldb_module_ops ldb_instancetype_module_ops = {
 207         .name          = "instancetype",
 208         .add           = instancetype_add,
 209         .modify        = instancetype_mod
 210 };
 211
 212 int ldb_instancetype_module_init(const char *version)
 213 {
 214         LDB_MODULE_CHECK_VERSION(version);
 215         return ldb_register_module(&ldb_instancetype_module_ops);
 216 }