/* ACL check of newly added attrs */
if ( op->o_bd && !access_allowed( op, e, desc,
- &new_rdn[a_cnt]->la_value, ACL_WRITE, NULL ) ) {
+ &new_rdn[a_cnt]->la_value, ACL_WADD, NULL ) ) {
Debug( LDAP_DEBUG_TRACE,
"slap_modrdn2modlist: access to attr \"%s\" "
"(new) not allowed\n",
mod_tmp->sml_nvalues = NULL;
}
mod_tmp->sml_op = SLAP_MOD_SOFTADD;
+ mod_tmp->sml_flags = SLAP_MOD_INTERNAL;
mod_tmp->sml_next = mod;
mod = mod_tmp;
}
goto done;
}
- /* ACL check of newly added attrs */
+ /* ACL check of old rdn attrs removal */
if ( op->o_bd && !access_allowed( op, e, desc,
- &old_rdn[d_cnt]->la_value, ACL_WRITE,
+ &old_rdn[d_cnt]->la_value, ACL_WDEL,
NULL ) ) {
Debug( LDAP_DEBUG_TRACE,
"slap_modrdn2modlist: access "
mod_tmp->sml_nvalues = NULL;
}
mod_tmp->sml_op = LDAP_MOD_DELETE;
+ mod_tmp->sml_flags = SLAP_MOD_INTERNAL;
mod_tmp->sml_next = mod;
mod = mod_tmp;
}