int isroot = -1;
int rc_id = 0;
ID id = NOID;
- const char *text = NULL;
char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf;
/* Added to support newSuperior */
}
/* check entry for "entry" acl */
- if ( ! access_allowed( op, e,
- entry, NULL, ACL_WRITE, NULL ) )
+ if ( ! access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ) )
{
Debug( LDAP_DEBUG_TRACE,
"<=- ldbm_back_modrdn: no write access to entry\n", 0,
}
/* check parent for "children" acl */
- if ( ! access_allowed( op, p,
- children, NULL, ACL_WRITE, NULL ) )
+ if ( ! access_allowed( op, p, children, NULL,
+ op->oq_modrdn.rs_newSup != NULL ?
+ ACL_WDEL : ACL_WRITE,
+ NULL ) )
{
Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
0, 0 );
p = (Entry *)&slap_entry_root;
can_access = access_allowed( op, p,
- children, NULL, ACL_WRITE, NULL );
+ children, NULL,
+ op->oq_modrdn.rs_newSup ?
+ ACL_WDEL : ACL_WRITE,
+ NULL );
p = NULL;
/* check parent for "children" acl */
/* check newSuperior for "children" acl */
if ( !access_allowed( op, np, children, NULL,
- ACL_WRITE, NULL ) )
+ ACL_WADD, NULL ) )
{
Debug( LDAP_DEBUG_TRACE,
"ldbm_back_modrdn: no wr to newSup children\n",
np = (Entry *)&slap_entry_root;
can_access = access_allowed( op, np,
- children, NULL, ACL_WRITE, NULL );
+ children, NULL, ACL_WADD, NULL );
np = NULL;
/* check parent for "children" acl */
tmp = mod->sml_next;
free( mod );
}
- slap_mods_free( mod );
+ slap_mods_free( mod, 1 );
}
/* LDAP v3 Support */