Added a conformant sortedResults support which is unable to sort anything.

[openldap] / servers / slapd / slapacl.c

diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 6e8e5e3653dfb3f1c8f7682d996cda911aab7067..e9ce24823b10d76e6cac3ab34917e532427a29d2 100644 (file)
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -1,6 +1,6 @@
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2004 The OpenLDAP Foundation.
+ * Copyright 2004-2005 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *
@@ -39,10 +39,11 @@ slapacl( int argc, char **argv )
 {
        int                     rc = EXIT_SUCCESS;
        const char              *progname = "slapacl";
-       Connection              conn = {0};
-       char opbuf[OPERATION_BUFFER_SIZE];
+       Connection              conn = { 0 };
+       Listener                listener;
+       char                    opbuf[OPERATION_BUFFER_SIZE];
        Operation               *op;
-       Entry                   e = { 0 };
+       Entry                   e = { 0 }, *ep = &e;
        char                    *attr = NULL;
 
        slap_tool_init( progname, SLAPACL, argc, argv );
@@ -53,6 +54,16 @@ slapacl( int argc, char **argv )
        op = (Operation *)opbuf;
        connection_fake_init( &conn, op, &conn );
 
+       conn.c_listener = &listener;
+       conn.c_listener_url = listener_url;
+       conn.c_peer_domain = peer_domain;
+       conn.c_peer_name = peer_name;
+       conn.c_sock_name = sock_name;
+       op->o_ssf = ssf;
+       op->o_transport_ssf = transport_ssf;
+       op->o_tls_ssf = tls_ssf;
+       op->o_sasl_ssf = sasl_ssf;
+
        if ( !BER_BVISNULL( &authcID ) ) {
                rc = slap_sasl_getdn( &conn, op, &authcID, NULL,
                                &authcDN, SLAP_GETDN_AUTHCID );
@@ -105,11 +116,51 @@ slapacl( int argc, char **argv )
                attr = slap_schema.si_ad_entry->ad_cname.bv_val;
        }
 
+       if ( !dryrun ) {
+               ID      id;
+
+               if ( !be->be_entry_open ||
+                       !be->be_entry_close ||
+                       !be->be_dn2id_get ||
+                       !be->be_entry_get )
+               {
+                       fprintf( stderr, "%s: target database "
+                               "doesn't support necessary operations; "
+                               "you may try with \"-u\" (dry run).\n",
+                               progname );
+                       rc = 1;
+                       goto destroy;
+               }
+
+               if ( be->be_entry_open( be, 0 ) != 0 ) {
+                       fprintf( stderr, "%s: could not open database.\n",
+                               progname );
+                       rc = 1;
+                       goto destroy;
+               }
+
+               id = be->be_dn2id_get( be, &e.e_nname );
+               if ( id == NOID ) {
+                       fprintf( stderr, "%s: unable to fetch ID of DN \"%s\"\n",
+                               progname, e.e_nname.bv_val );
+                       rc = 1;
+                       goto destroy;
+               }
+               if ( be->be_id2entry_get( be, id, &ep ) != 0 ) {
+                       fprintf( stderr, "%s: unable to fetch entry \"%s\" (%lu)\n",
+                               progname, e.e_nname.bv_val, id );
+                       rc = 1;
+                       goto destroy;
+
+               }
+       }
+
        for ( ; argc--; argv++ ) {
                slap_mask_t             mask;
                AttributeDescription    *desc = NULL;
                int                     rc;
-               struct berval           val;
+               struct berval           val = BER_BVNULL,
+                                       *valp = NULL;
                const char              *text;
                char                    accessmaskbuf[ACCESSMASK_MAXLEN];
                char                    *accessstr;
@@ -124,6 +175,7 @@ slapacl( int argc, char **argv )
                        val.bv_val[0] = '\0';
                        val.bv_val++;
                        val.bv_len = strlen( val.bv_val );
+                       valp = &val;
                }
 
                accessstr = strchr( attr, '/' );
@@ -151,7 +203,7 @@ slapacl( int argc, char **argv )
                        break;
                }
 
-               rc = access_allowed_mask( op, &e, desc, &val, access,
+               rc = access_allowed_mask( op, ep, desc, valp, access,
                                NULL, &mask );
 
                if ( accessstr ) {
@@ -167,13 +219,22 @@ slapacl( int argc, char **argv )
                                        desc->ad_cname.bv_val,
                                        val.bv_val ? "=" : "",
                                        val.bv_val ? val.bv_val : "",
-                                       accessmask2str( mask, accessmaskbuf ) );
+                                       accessmask2str( mask, accessmaskbuf, 1 ) );
                }
                rc = 0;
                attr = NULL;
        }
 
 destroy:;
+       ber_memfree( e.e_name.bv_val );
+       ber_memfree( e.e_nname.bv_val );
+       if ( !dryrun ) {
+               if ( ep != &e ) {
+                       be_entry_release_r( op, ep );
+               }
+               be->be_entry_close( be );
+       }
+
        slap_tool_destroy();
 
        return rc;