Apply ACLs to front end objects (root DSE, subschema) consistently

This commit is contained in:
Kurt Zeilenga 2001-08-28 20:28:34 +00:00
parent 0c13c5bbdd
commit f10028ba06
2 changed files with 11 additions and 5 deletions

View File

@ -103,11 +103,18 @@ access_allowed(
e->e_dn, attr );
#endif
assert( be != NULL );
assert( e != NULL );
assert( attr != NULL );
assert( access > ACL_NONE );
if ( op == NULL ) {
/* no-op call */
return 1;
}
if ( be == NULL ) be = &backends[0];
assert( be != NULL );
/* grant database root access */
if ( be != NULL && be_isroot( be, op->o_ndn ) ) {
#ifdef NEW_LOGGING

View File

@ -234,7 +234,7 @@ test_ava_filter(
int i;
Attribute *a;
if ( be != NULL && ! access_allowed( be, conn, op, e,
if ( !access_allowed( be, conn, op, e,
ava->aa_desc, ava->aa_value, ACL_SEARCH ) )
{
return LDAP_INSUFFICIENT_ACCESS;
@ -319,8 +319,7 @@ test_presence_filter(
AttributeDescription *desc
)
{
if ( be != NULL && ! access_allowed( be, conn, op, e,
desc, NULL, ACL_SEARCH ) )
if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH ) )
{
return LDAP_INSUFFICIENT_ACCESS;
}
@ -440,7 +439,7 @@ test_substrings_filter(
#endif
if ( be != NULL && ! access_allowed( be, conn, op, e,
if ( !access_allowed( be, conn, op, e,
f->f_sub_desc, NULL, ACL_SEARCH ) )
{
return LDAP_INSUFFICIENT_ACCESS;