New access_allowed()

[openldap] / servers / slapd / back-shell / delete.c

diff --git a/servers/slapd/back-shell/delete.c b/servers/slapd/back-shell/delete.c
index 3daec4c898cd09201a4e6663bd336b3253b5a271..ecbb15ef80be5889bbaa316828078229728b2ff6 100644 (file)
--- a/servers/slapd/back-shell/delete.c
+++ b/servers/slapd/back-shell/delete.c
@@ -1,8 +1,31 @@
 /* delete.c - shell backend delete function */
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2009 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* Portions Copyright (c) 1995 Regents of the University of Michigan.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that this notice is preserved and that due credit is given
+ * to the University of Michigan at Ann Arbor. The name of the University
+ * may not be used to endorse or promote products derived from this
+ * software without specific prior written permission. This software
+ * is provided ``as is'' without express or implied warranty.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was originally developed by the University of Michigan
+ * (as part of U-MICH LDAP).
  */
 
 #include "portable.h"
@@ -21,9 +44,9 @@ shell_back_delete(
     SlapReply  *rs )
 {
        struct shellinfo        *si = (struct shellinfo *) op->o_bd->be_private;
-       AttributeDescription *entry = slap_schema.si_ad_entry;
        Entry e;
        FILE                    *rfp, *wfp;
+       AclCheck        ak = { &e, slap_schema.si_ad_entry, NULL, ACL_WDEL, NULL };
 
        if ( si->si_delete == NULL ) {
                send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
@@ -40,15 +63,13 @@ shell_back_delete(
        e.e_bv.bv_val = NULL;
        e.e_private = NULL;
 
-       if ( ! access_allowed( op, &e,
-               entry, NULL, ACL_WRITE, NULL ) )
+       if ( ! access_allowed( op, &ak ))
        {
                send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
                return -1;
        }
 
-       if ( (op->o_private = (void *) forkandexec( si->si_delete, &rfp, &wfp ))
-           == (void *) -1 ) {
+       if ( forkandexec( si->si_delete, &rfp, &wfp ) == (pid_t)-1 ) {
                send_ldap_error( op, rs, LDAP_OTHER,
                    "could not fork/exec" );
                return( -1 );