On May 18, 2008, at 11:09 AM, h.b.furuseth@usit.uio.no wrote:
Full_Name: Hallvard B Furuseth Version: HEAD OS: Linux URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard
If objectclass B is a subclass of A, and an entry contains objectclass B but not A, slapd returns attributeOrValueExists to a request to add A.
Yes, A is implicitly present (by implicit add).
OTOH it allows replace(objectClass: <A, B>), and after that it allows delete(objectClass: A). This is inconsistent.
This can be argued to be incorrect. It is improper to attempt to delete a superclass of any listed class.
If the objectClass attribute contains B, does it "really" contain A as well?
If provided by the client, yes. Otherwise A is implicitly present due to B.
When a client adds B then deletes B, its a net zero result. If A were actually added by the server, the delete of B would either leave A behind or be invalid (such as when A is abstract).
I couldn't find such a statement in the RFCs,
The RFCs are someone vague here.
so my guess is that add(objectClass: A) should be allowed.
Adding A when a subclass is present is just as invalid as deleting A when a subclass is present. Both should result in errors.
Though I haven't looked all that hard.
Example:
ldapadd -cx <<'EOF' # Create initial object dn: c=NO objectClass: friendlyCountry c: NO co: Norway
# error dn: c=NO changetype: modify add: objectClass objectClass: top
# error dn: c=NO changetype: modify add: objectClass objectClass: country
# success dn: c=NO changetype: modify replace: objectClass objectClass: top objectClass: country objectClass: friendlyCountry
# success dn: c=NO changetype: modify delete: objectClass objectClass: top
# success dn: c=NO changetype: modify delete: objectClass objectClass: country
EOF