/*
ldb database library
- Copyright (C) Andrew Bartlet 2005
- Copyright (C) Simo Sorce 2006-2008
+ Copyright (C) Andrew Bartlett 2005-2009
+ Copyright (C) Simo Sorce 2006-2008
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
*/
/*
- * Name: rdb_name
+ * Name: rdn_name
*
* Component: ldb rdn name module
*
* Description: keep a consistent name attribute on objects manpulations
*
- * Author: Andrew Bartlet
+ * Author: Andrew Bartlett
*
* Modifications:
* - made the module async
#include "ldb_module.h"
struct rename_context {
-
struct ldb_module *module;
struct ldb_request *req;
int i, ret;
ldb = ldb_module_get_ctx(module);
- ldb_debug(ldb, LDB_DEBUG_TRACE, "rdn_name_add_record\n");
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "rdn_name_add_record");
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.add.message->dn)) {
rdn_name = ldb_dn_get_rdn_name(msg->dn);
if (rdn_name == NULL) {
- talloc_free(ac);
return LDB_ERR_OPERATIONS_ERROR;
}
}
if (ldb_msg_add_value(msg, "name", &rdn_val, NULL) != 0) {
- talloc_free(ac);
return LDB_ERR_OPERATIONS_ERROR;
}
if (!attribute) {
if (ldb_msg_add_value(msg, rdn_name, &rdn_val, NULL) != 0) {
- talloc_free(ac);
return LDB_ERR_OPERATIONS_ERROR;
}
} else {
}
}
if (i == attribute->num_values) {
- ldb_debug_set(ldb, LDB_DEBUG_FATAL,
- "RDN mismatch on %s: %s (%s)",
- ldb_dn_get_linearized(msg->dn), rdn_name, rdn_val.data);
- talloc_free(ac);
+ char *rdn_errstring = talloc_asprintf(ac,
+ "RDN mismatch on %s: %s (%.*s) should match one of:",
+ ldb_dn_get_linearized(msg->dn), rdn_name,
+ (int)rdn_val.length, (const char *)rdn_val.data);
+ for (i = 0; i < attribute->num_values; i++) {
+ rdn_errstring = talloc_asprintf_append(
+ rdn_errstring, " (%.*s)",
+ (int)attribute->values[i].length,
+ (const char *)attribute->values[i].data);
+ }
+ ldb_set_errstring(ldb, rdn_errstring);
/* Match AD's error here */
return LDB_ERR_INVALID_DN_SYNTAX;
}
int ret;
ldb = ldb_module_get_ctx(module);
- ldb_debug(ldb, LDB_DEBUG_TRACE, "rdn_name_rename\n");
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "rdn_name_rename");
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.rename.newdn)) {
return ldb_next_request(module, down_req);
}
+static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
+{
+ struct ldb_context *ldb;
+
+ ldb = ldb_module_get_ctx(module);
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "rdn_name_rename");
+
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(req->op.mod.message->dn)) {
+ return ldb_next_request(module, req);
+ }
+
+ if (ldb_msg_find_element(req->op.mod.message, "name")) {
+ ldb_asprintf_errstring(ldb, "Modify of 'name' on %s not permitted, must use 'rename' operation instead",
+ ldb_dn_get_linearized(req->op.mod.message->dn));
+ return LDB_ERR_NOT_ALLOWED_ON_RDN;
+ }
+
+ if (ldb_msg_find_element(req->op.mod.message, ldb_dn_get_rdn_name(req->op.mod.message->dn))) {
+ ldb_asprintf_errstring(ldb, "Modify of RDN '%s' on %s not permitted, must use 'rename' operation instead",
+ ldb_dn_get_rdn_name(req->op.mod.message->dn), ldb_dn_get_linearized(req->op.mod.message->dn));
+ return LDB_ERR_NOT_ALLOWED_ON_RDN;
+ }
+
+ /* All OK, they kept their fingers out of the special attributes */
+ return ldb_next_request(module, req);
+}
+
const struct ldb_module_ops ldb_rdn_name_module_ops = {
.name = "rdn_name",
.add = rdn_name_add,
- .rename = rdn_name_rename,
+ .modify = rdn_name_modify,
+ .rename = rdn_name_rename
};