Fix up last commits

2025-02-23 14:09:39 +08:00 · 2002-10-04 23:42:27 +00:00 · 2002-10-04 23:42:27 +00:00 · d19db4b7ed
commit d19db4b7ed
parent 9fbcc90bd5
3 changed files with 44 additions and 36 deletions
--- a/servers/slapd/back-bdb/add.c
+++ b/servers/slapd/back-bdb/add.c
@ -226,7 +226,6 @@ retry:	/* transaction retry */
 				0, 0, 0 );
 #endif
 			rc = LDAP_INSUFFICIENT_ACCESS;
-			text = "no write access to parent";
 			goto return_results;;
 		}

@ -327,7 +326,6 @@ retry:	/* transaction retry */
 						0, 0, 0 );
 #endif
 					rc = LDAP_INSUFFICIENT_ACCESS;
-					text = "no write access to parent";
 					goto return_results;;
 				}

@ -389,7 +387,6 @@ retry:	/* transaction retry */
 			0, 0, 0 );
 #endif
 		rc = LDAP_INSUFFICIENT_ACCESS;
-		text = "no write access to entry";
 		goto return_results;;
 	}

--- a/servers/slapd/back-bdb/delete.c
+++ b/servers/slapd/back-bdb/delete.c
@ -233,15 +233,6 @@ retry:	/* transaction retry */
 #endif
 	}

-	rc = access_allowed( be, conn, op, e,
-		entry, NULL, ACL_WRITE, NULL );
-
-	switch( opinfo.boi_err ) {
-	case DB_LOCK_DEADLOCK:
-	case DB_LOCK_NOTGRANTED:
-		goto retry;
-	}
-
 	/* get entry for read/modify/write */
 	rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock );

@ -297,6 +288,28 @@ retry:	/* transaction retry */
 		goto done;
 	}

+	rc = access_allowed( be, conn, op, e,
+		entry, NULL, ACL_WRITE, NULL );
+
+	switch( opinfo.boi_err ) {
+	case DB_LOCK_DEADLOCK:
+	case DB_LOCK_NOTGRANTED:
+		goto retry;
+	}
+
+	if ( !rc  ) {
+#ifdef NEW_LOGGING
+		LDAP_LOG ( OPERATION, DETAIL1, 
+			"<=- bdb_delete: no access to entry\n", 0, 0, 0 );
+#else
+		Debug( LDAP_DEBUG_TRACE,
+			"<=- bdb_delete: no access to entry\n",
+			0, 0, 0 );
+#endif
+		rc = LDAP_INSUFFICIENT_ACCESS;
+		goto return_results;
+	}
+
 	if ( !manageDSAit && is_entry_referral( e ) ) {
 		/* entry is a referral, don't allow delete */
 		BerVarray refs = get_entry_referrals( be,
--- a/servers/slapd/back-bdb/modrdn.c
+++ b/servers/slapd/back-bdb/modrdn.c
@ -178,6 +178,28 @@ retry:	/* transaction retry */
 		goto done;
 	}

+	/* check write on old entry */
+	rc = access_allowed( be, conn, op, e,
+		entry, NULL, ACL_WRITE, NULL );
+
+	switch( opinfo.boi_err ) {
+	case DB_LOCK_DEADLOCK:
+	case DB_LOCK_NOTGRANTED:
+		goto retry;
+	}
+
+	if ( ! rc ) {
+#ifdef NEW_LOGGING
+		LDAP_LOG ( OPERATION, ERR, 
+			"==>bdb_modrdn: no access to entry\n", 0, 0, 0 );
+#else
+		Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
+			0, 0 );
+#endif
+		rc = LDAP_INSUFFICIENT_ACCESS;
+		goto return_results;
+	}
+
 	if (!manageDSAit && is_entry_referral( e ) ) {
 		/* parent is a referral, don't allow add */
 		/* parent is an alias, don't allow add */
@ -538,30 +560,6 @@ retry:	/* transaction retry */
 		new_parent_dn = np_dn;
 	}

-	/* check write on old entry */
-	rc = access_allowed( be, conn, op, e,
-		entry, NULL, ACL_WRITE, NULL );
-
-	switch( opinfo.boi_err ) {
-	case DB_LOCK_DEADLOCK:
-	case DB_LOCK_NOTGRANTED:
-		goto retry;
-	}
-
-	if ( rc ) {
-#ifdef NEW_LOGGING
-		LDAP_LOG ( OPERATION, ERR, 
-			"==>bdb_modrdn: no access to entry\n", 0, 0, 0 );
-#else
-		Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
-			0, 0 );
-#endif
-		send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
-			NULL, NULL, NULL, NULL );
-		goto return_results;
-	}
-
-
 	/* Build target dn and make sure target entry doesn't exist already. */
 	build_new_dn( &new_dn, new_parent_dn, newrdn );