[jira] Commented: (DIRSERVER-1308) Can't delete objectClass with mandatory attribute

Sun, 08 Feb 2009 02:51:25 -0800 

    [ 
https://issues.apache.org/jira/browse/DIRSERVER-1308?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12671570#action_12671570
 ] 

Emmanuel Lecharny commented on DIRSERVER-1308:
----------------------------------------------

The way the modify operation is implemented make it impossible to apply this 
modification in one single operation. Even if you swap both changes, as we 
check against the schema each single change, you will get an error.

I think we should do this check after having applied all the modifications and 
only then. 

In any case, the modification operation has to be reviewed entirely, the schema 
code for it is overly complex...

> Can't delete objectClass with mandatory attribute
> -------------------------------------------------
>
>                 Key: DIRSERVER-1308
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1308
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: schema
>    Affects Versions: 1.5.4
>            Reporter: Stefan Seelmann
>
> It's not possible to delete an objectClass with an mandatory attribute from 
> an entry. In my example I tried to delete object Class krb5Principal and 
> attribue krb5PrincipalName in one request:
> --------------------------------------------------
> dn: cn=test,ou=users,ou=system
> changetype: modify
> delete: krb5PrincipalName
> -
> delete: objectClass
> objectClass: krb5Principal
> -
> --------------------------------------------------
> Here is ther server's log:
> -------------------------------------------------------------
> [11:16:22] ERROR 
> [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler] - 
> OBJECT_CLASS_VIOLATION: failed for     Modify Request
>         Object : '2.5.4.3=test2,2.5.4.11=users,2.5.4.11=system'
>             Modification[0]
>                 Operation :  delete
>                 Modification
>     krb5principalname: (null)
>             Modification[1]
>                 Operation :  delete
>                 Modification
>     objectclass: krb5Principal
> : Attribute krb5PrincipalName not declared in objectClasses of entry 
> cn=test2,ou=users,ou=system
> org.apache.directory.shared.ldap.exception.LdapSchemaViolationException: 
> Attribute krb5PrincipalName not declared in objectClasses of entry 
> cn=test2,ou=users,ou=system
>       at 
> org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1861)
>       at 
> org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:1692)
>       at 
> org.apache.directory.server.core.schema.SchemaInterceptor.modify(SchemaInterceptor.java:1424)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
>       at 
> org.apache.directory.server.core.operational.OperationalAttributeInterceptor.modify(OperationalAttributeInterceptor.java:198)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
>       at 
> org.apache.directory.server.core.exception.ExceptionInterceptor.modify(ExceptionInterceptor.java:367)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
>       at 
> org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.modify(DefaultAuthorizationInterceptor.java:272)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
>       at 
> org.apache.directory.server.core.authz.AciAuthorizationInterceptor.modify(AciAuthorizationInterceptor.java:565)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
>       at 
> org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:337)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
>       at 
> org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:127)
>       at 
> org.apache.directory.server.core.interceptor.InterceptorChain.modify(InterceptorChain.java:814)
>       at 
> org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:289)
>       at 
> org.apache.directory.server.core.DefaultCoreSession.modify(DefaultCoreSession.java:419)
>       at 
> org.apache.directory.server.ldap.handlers.ModifyHandler.handleIgnoringReferrals(ModifyHandler.java:58)
>       at 
> org.apache.directory.server.ldap.handlers.ModifyHandler.handleIgnoringReferrals(ModifyHandler.java:40)
>       at 
> org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handleWithReferrals(ReferralAwareRequestHandler.java:442)
>       at 
> org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handle(ReferralAwareRequestHandler.java:150)
>       at 
> org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handle(ReferralAwareRequestHandler.java:66)
>       at 
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.messageReceived(LdapRequestHandler.java:171)
>       at 
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.messageReceived(LdapRequestHandler.java:46)
>       at 
> org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:141)
>       at 
> org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:181)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:570)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
>       at 
> org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:58)
>       at 
> org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:180)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
>       at 
> org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
>       at 
> org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
>       at 
> org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
>       at java.lang.Thread.run(Thread.java:595)
> --------------------------------------------------
> BTW: It's no problem to add a new objectClass with a mandatory attribute to 
> an entry:
> --------------------------------------------------
> dn: cn=test,ou=users,ou=system
> changetype: modify
> add: objectClass
> objectClass: krb5Principal
> -
> add: krb5PrincipalName
> krb5PrincipalName: test
> -
> --------------------------------------------------

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to