New access_allowed()

contrib/slapd-modules/addpartial/addpartial-overlay.c

@@ -48,6 +48,7 @@ static int addpartial_add( Operation *op, SlapReply *rs)
     Entry *found = NULL;
     slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
     int rc;
+	AclCheck ak = { op->ora_e. slap_schema.si_ad_entry, NULL, ACL_WRITE };
 
     toAdd = op->oq_add.rs_e;
 
@@ -55,8 +56,7 @@ static int addpartial_add( Operation *op, SlapReply *rs)
           addpartial.on_bi.bi_type, toAdd->e_nname.bv_val,0);
 
     /* if the user doesn't have access, fall through to the normal ADD */
-    if(!access_allowed(op, toAdd, slap_schema.si_ad_entry,
-                       NULL, ACL_WRITE, NULL))
+    if(!access_allowed(op, &ak ))
     {
         return SLAP_CB_CONTINUE;
     }

contrib/slapd-modules/lastmod/lastmod.c

@@ -148,6 +148,7 @@ lastmod_compare( Operation *op, SlapReply *rs )
 	slap_overinst		*on = (slap_overinst *)op->o_bd->bd_info;
 	lastmod_info_t		*lmi = (lastmod_info_t *)on->on_bi.bi_private;
 	Attribute		*a;
+	AclCheck		ak;
 
 	ldap_pvt_thread_mutex_lock( &lmi->lmi_entry_mutex );
 
@@ -158,8 +159,12 @@ lastmod_compare( Operation *op, SlapReply *rs )
 		goto return_results;
 	}
 
-	rs->sr_err = access_allowed( op, lmi->lmi_e, op->oq_compare.rs_ava->aa_desc,
-		&op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
+	ak.ak_e = lmi->lmi_e;
+	ak.ak_desc = op->oq_compare.rs_ava->aa_desc;
+	ak.ak_val = &op->oq_compare.rs_ava->aa_value;
+	ak.ak_access = ACL_COMPARE;
+	ak.ak_state = NULL;
+	rs->sr_err = access_allowed( op, &ak );
 	if ( ! rs->sr_err ) {
 		rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
 		goto return_results;