/ This function is now fully executed for internal and replicated ops. /
plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
/ newrdn: "change" is normalized but not case-ignored /
/ The acl plugin expects normalized newrdn, but no need to be case-
- ignored. /
(void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &change );
The change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl.
There may be other places in the code where there is an implicit assumption that modrdn with new superior is not supported.
set default ticket origin to Community
Added initial screened field value.
git patch file (master)
Bug Description: When modrdn operation was executed, only newrdn
change was passed to the acl plugin. Also, the change was used
only for the acl search, but not for the acl target in the items
in the acl cache.
Fix Description: This patch also passes the newsuperior update
to the acl plugin. And the modrdn updates are applied to the
acl target in the acl cache.
just get rid of the dead code instead of the #ifdef 0
you can avoid having to calloc mychange by just declaring it on the stack:
or something like that.
revised git patch file (master)
Thank you for your comments, Rich. I've updated the patch following your suggestions.
$ git merge trac340
Updating 940ac98. 5beb93d
ldap/servers/plugins/acl/acl.c | 77 ++++++++++++++++++++++------------
ldap/servers/plugins/acl/acl.h | 5 +-
ldap/servers/plugins/acl/aclgroup.c | 2 +-
ldap/servers/plugins/acl/acllist.c | 48 +++++++++++++---------
ldap/servers/slapd/dn.c | 2 +-
ldap/servers/slapd/plugin_acl.c | 30 ++++++++++----
6 files changed, 106 insertions(+), 58 deletions(-)
Pushed to master.
$ git push
Counting objects: 150, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (90/90), done.
Writing objects: 100% (90/90), 23.07 KiB, done.
Total 90 (delta 69), reused 0 (delta 0)
940ac98. 5beb93d master -> master
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=860772
Metadata Update from @rmeggins:
- Issue assigned to nhosoi
- Issue set to the milestone: 188.8.131.52
to comment on this ticket.
Security - Access Control (ACL)
Copyright © 2014-2017 Red Hat
2.90.1 — Documentation