Hello
I have been reading the docs, looking for a way to acheive referential integrity as it is done in RDBMS.
For instance, if I want to constraint the value of atribute title to a set of value, so that any modification to a value not in the list would be denied. Let's say the set of legal values could be stored in the directory, ad objects of a dedicated class;
How can it be done? slapo-refint is not about denying changes, slapo-constraint can only enforce regex matching.. Is there anything else I missed?
Emmanuel Dreyfus wrote:
Hello
I have been reading the docs, looking for a way to acheive referential integrity as it is done in RDBMS.
For instance, if I want to constraint the value of atribute title to a set of value, so that any modification to a value not in the list would be denied. Let's say the set of legal values could be stored in the directory, ad objects of a dedicated class;
How can it be done? slapo-refint is not about denying changes, slapo-constraint can only enforce regex matching.. Is there anything else I missed?
Write a new overlay to do what you want...
Howard Chu hyc@symas.com wrote:
Write a new overlay to do what you want...
Right, I just wanted confirmation that 1) nothing exists yet to do it 2) the idea is not heretic
I'll have a look at it.
On Fri, May 25, 2007 at 06:55:16PM -0700, Howard Chu wrote:
I have been reading the docs, looking for a way to acheive referential integrity as it is done in RDBMS.
Write a new overlay to do what you want...
I modified slapo-constraint to get the feature I needed: it is now able to verify that an attribute value is bound to the existing values of another attribute.
Attached is a draft patch for review. It works, but there are a few things I have been doing without really knowing if it was correct or not, so it might be working by accident :-) Is there something wrong in this code?
Then there is the UI question. For now it's configured in slapd.conf like this: database bdb suffix "dc=example,dc=net" overlay constraint constraint_attribute title key netExampleTitle
Which means that add and modify on title will fail if the new value is not an existing netExampleTitle value. I used the keyword "key" with RDBMS referential integrity in mind, but I'm not sure it's that clear in this context. Suggestions are welcome.
The update to man page is missing yet. I know.
Also, I had trouble understanding the style used in these sources. Is there an official style guide for OpenLDAP?
If the approach is okay, I'll make an updated patch based on feedback to this one and file an ITS with it.
Emmanuel Dreyfus wrote:
I modified slapo-constraint to get the feature I needed: it is now able to verify that an attribute value is bound to the existing values of another attribute.
Please provide patches thru the ITS http://www.openldap.org/its/ .
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
Pierangelo Masarati ando@sys-net.it wrote:
Please provide patches thru the ITS http://www.openldap.org/its/ .
Here it is: ITS #4987
Pierangelo Masarati ando@sys-net.it wrote:
I modified slapo-constraint to get the feature I needed: it is now able to verify that an attribute value is bound to the existing values of another attribute.
Please provide patches thru the ITS http://www.openldap.org/its/ .
My patch has been burried in ITS#4987, no feedback on it? I doubt it means it's just perfect :-)
Emmanuel Dreyfus wrote:
On Fri, May 25, 2007 at 06:55:16PM -0700, Howard Chu wrote:
I have been reading the docs, looking for a way to acheive referential integrity as it is done in RDBMS.
Write a new overlay to do what you want...
I modified slapo-constraint to get the feature I needed: it is now able to verify that an attribute value is bound to the existing values of another attribute.
Attached is a draft patch for review. It works, but there are a few things I have been doing without really knowing if it was correct or not, so it might be working by accident :-) Is there something wrong in this code?
Then there is the UI question. For now it's configured in slapd.conf like this: database bdb suffix "dc=example,dc=net" overlay constraint constraint_attribute title key netExampleTitle
Which means that add and modify on title will fail if the new value is not an existing netExampleTitle value. I used the keyword "key" with RDBMS referential integrity in mind, but I'm not sure it's that clear in this context. Suggestions are welcome.
The update to man page is missing yet. I know.
Also, I had trouble understanding the style used in these sources. Is there an official style guide for OpenLDAP?
Did you see http://www.openldap.org/devel/contributing.html
If the approach is okay, I'll make an updated patch based on feedback to this one and file an ITS with it.
openldap-software@openldap.org
-
Emmanuel Dreyfus -
Gavin Henry -
Howard Chu -
manu@netbsd.org
-
Pierangelo Masarati