filter2bv can't de-normalize UUIDs, must do it explicitly for back-ldap

[openldap] / servers / slapd / slapacl.c

diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 7d967db27a4566f0a3816663489a82ce9805c213..f0a0a0580a8e50cbbc738093a5a67d6d2654f3bb 100644 (file)
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -1,6 +1,6 @@
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2004-2005 The OpenLDAP Foundation.
+ * Copyright 2004-2006 The OpenLDAP Foundation.
  * Portions Copyright 2004 Pierangelo Masarati.
  * All rights reserved.
  *
@@ -45,7 +45,6 @@ print_access(
        int                     rc;
        slap_mask_t             mask;
        char                    accessmaskbuf[ACCESSMASK_MAXLEN];
-       slap_access_t           access = ACL_AUTH;
 
        rc = access_allowed_mask( op, e, desc, nval, ACL_AUTH, NULL, &mask );
 
@@ -66,18 +65,36 @@ slapacl( int argc, char **argv )
        const char              *progname = "slapacl";
        Connection              conn = { 0 };
        Listener                listener;
-       char                    opbuf[OPERATION_BUFFER_SIZE];
-       Operation               *op;
+       OperationBuffer opbuf;
+       Operation               *op = NULL;
        Entry                   e = { 0 }, *ep = &e;
        char                    *attr = NULL;
        int                     doclose = 0;
+       BackendDB               *bd;
 
        slap_tool_init( progname, SLAPACL, argc, argv );
 
+       if ( !dryrun ) {
+               int     i = 0;
+
+               LDAP_STAILQ_FOREACH( bd, &backendDB, be_next ) {
+                       if ( bd != be && backend_startup( bd ) ) {
+                               fprintf( stderr, "backend_startup(#%d%s%s) failed\n",
+                                               i,
+                                               bd->be_suffix ? ": " : "",
+                                               bd->be_suffix ? bd->be_suffix[0].bv_val : "" );
+                               rc = 1;
+                               goto destroy;
+                       }
+
+                       i++;
+               }
+       }
+
        argv = &argv[ optind ];
        argc -= optind;
 
-       op = (Operation *)opbuf;
+       op = (Operation *) &opbuf;
        connection_fake_init( &conn, op, &conn );
 
        conn.c_listener = &listener;
@@ -198,13 +215,29 @@ slapacl( int argc, char **argv )
        }
 
        op->o_bd = be;
-       if ( !dryrun && be ) {
+       if ( op->o_bd == NULL ) {
+               /* NOTE: if no database could be found (e.g. because
+                * accessing the rootDSE or so), use the frontendDB
+                * rules; might need work */
+               op->o_bd = frontendDB;
+       }
+
+       if ( !dryrun ) {
                ID      id;
 
+               if ( be == NULL ) {
+                       fprintf( stderr, "%s: no target database "
+                               "has been found for baseDN=\"%s\"; "
+                               "you may try with \"-u\" (dry run).\n",
+                               baseDN.bv_val, progname );
+                       rc = 1;
+                       goto destroy;
+               }
+
                if ( !be->be_entry_open ||
                        !be->be_entry_close ||
                        !be->be_dn2id_get ||
-                       !be->be_entry_get )
+                       !be->be_id2entry_get )
                {
                        fprintf( stderr, "%s: target database "
                                "doesn't support necessary operations; "
@@ -339,6 +372,12 @@ destroy:;
                if ( doclose ) {
                        be->be_entry_close( be );
                }
+
+               LDAP_STAILQ_FOREACH( bd, &backendDB, be_next ) {
+                       if ( bd != be ) {
+                               backend_shutdown( bd );
+                       }
+               }
        }
 
        slap_tool_destroy();