/* acl.c - routines to parse and check acl's */
/* $OpenLDAP$ */
/*
- * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
at = attrs_find( at->a_next, b->a_dn_at ) )
{
if( value_find_ex( b->a_dn_at,
- SLAP_MR_VALUE_NORMALIZED_MATCH, at->a_vals, &bv ) == 0 ) {
+ SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
+ at->a_vals, &bv ) == 0 )
+ {
/* found it */
match = 1;
break;
*/
if ( b->a_dn_self ) {
/* check if the target is an attribute. */
- if ( val == NULL )
- continue;
+ if ( val == NULL ) continue;
+
/* target is attribute, check if the attribute value
* is the op dn.
*/
}
if ( b->a_set_pat.bv_len != 0 ) {
- if (aci_match_set( &b->a_set_pat, be, e, conn, op, 0 ) == 0) {
+ struct berval bv;
+ char buf[ACL_BUF_SIZE];
+ if( b->a_set_style == ACL_STYLE_REGEX ){
+ bv.bv_len = sizeof(buf) - 1;
+ bv.bv_val = buf;
+ string_expand( &bv, &b->a_set_pat, e->e_ndn, matches );
+ }else{
+ bv = b->a_set_pat;
+ }
+ if (aci_match_set( &bv, be, e, conn, op, 0 ) == 0) {
continue;
}
}
at != NULL;
at = attrs_find( at->a_next, ad ) )
{
- if (value_find_ex( ad, SLAP_MR_VALUE_NORMALIZED_MATCH, at->a_vals, &bv) == 0 ) {
+ if (value_find_ex( ad, SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH, at->a_vals, &bv) == 0 ) {
rc = 1;
break;
}