147cfbb Ticket 47653 - Need a way to allow users to create entries assigned to themselves.

Authored and Committed by tbordaz 10 years ago
    Ticket 47653 - Need a way to allow users to create entries assigned to themselves.
    
    Bug Description:
            Users need to be able to create, edit and delete their own entries.
            An entry (i.e. cn=token1_user1234,dc=example,dc=com) has an attribute (i.e. ipatokenOwner)
            that contains the entry DN of the user (i.e. uid=user1234,dc=example,dc=com).
            Being bound as 'uid=user1234,dc=example,dc=com', we should be able to
            any ldap operation on 'user1234' entries like cn=token1_user1234.
    
    Fix Description:
            It adds a BindRule: SELFDN, implemented in DS_LASUserDnAttrEval (called by DS_LASUserAttrEval).
            The syntax in the aci is :
                    <userattr> = <attribute>#SELFDN
            If the BindDN (lasinfo.clientDn) exists in entry.<attribute>
            (lasinfo.resourceEntry[attrName]), then the aci matched
    
    https://fedorahosted.org/389/ticket/47653
    
    Reviewed by: Ludwig Krispenz, Rich Megginson
    
    Platforms tested: F17/F19(jenkins)
    
    Flag Day: no
    
    Doc impact: no