return ret;
}
+int
+fe_access_allowed(
+ Operation *op,
+ Entry *e,
+ AttributeDescription *desc,
+ struct berval *val,
+ slap_access_t access,
+ AccessControlState *state,
+ slap_mask_t *maskp )
+{
+ BackendDB *be_orig;
+ int rc;
+
+ /*
+ * NOTE: control gets here if FIXME
+ * if an appropriate backend cannot be selected for the operation,
+ * we assume that the frontend should handle this
+ * FIXME: should select_backend() take care of this,
+ * and return frontendDB instead of NULL? maybe for some value
+ * of the flags?
+ */
+ be_orig = op->o_bd;
+
+ op->o_bd = select_backend( &op->o_req_ndn, 0, 0 );
+ if ( op->o_bd == NULL ) {
+ op->o_bd = frontendDB;
+ }
+ rc = slap_access_allowed( op, e, desc, val, access, state, maskp );
+ op->o_bd = be_orig;
+
+ return rc;
+}
+
int
access_allowed_mask(
Operation *op,
desc, val, access, state, &mask );
} else {
-#if 0
- /* FIXME: this doesn't work because frontendDB doesn't have
- * the right rootn, ACLs and so. */
- BackendDB *be_orig;
+ BackendDB *be_orig = op->o_bd;
/* use default (but pass through frontend
* for global ACL overlays) */
- be_orig = op->o_bd;
op->o_bd = frontendDB;
ret = frontendDB->bd_info->bi_access_allowed( op, e,
desc, val, access, state, &mask );
op->o_bd = be_orig;
-#endif
- ret = slap_access_allowed( op, e,
- desc, val, access, state, &mask );
}
if ( !ret ) {
int
acl_init( void )
{
- int i, rc;
#ifdef SLAP_DYNACL
+ int i, rc;
slap_dynacl_t *known_dynacl[] = {
#ifdef SLAPD_ACI_ENABLED
&dynacl_aci,
projects / openldap / blobdiff