X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=contrib%2Fslapd-modules%2Fallowed%2Fallowed.c;h=7da0650604e87234590a3d32e383327e1f50c381;hb=55957253ccf9e9e5dfa122194a0ab10659b0624f;hp=6ee246a2180bd01e7f181625b135a6843c4bf6e4;hpb=bae86317e0e19fde4aa38fdad08de8d10e3fed6c;p=openldap

diff --git a/contrib/slapd-modules/allowed/allowed.c b/contrib/slapd-modules/allowed/allowed.c
index 6ee246a218..7da0650604 100644
--- a/contrib/slapd-modules/allowed/allowed.c
+++ b/contrib/slapd-modules/allowed/allowed.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2006-2012 The OpenLDAP Foundation.
+ * Copyright 2006-2014 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -47,11 +47,23 @@
 #include "slap.h"
 
 /*
- * Schema from
+ * NOTE: part of the schema definition reported below is taken
+ * from Microsoft schema definitions (OID, NAME, SYNTAX);
  *
+ * EQUALITY is taken from
  * <http://www.redhat.com/archives/fedora-directory-devel/2006-August/msg00007.html>
+ * (posted by Andrew Bartlett)
  *
- * posted by Andrew Bartlett
+ * The rest is guessed.  Specifically
+ *
+ * DESC briefly describes the purpose
+ *
+ * NO-USER-MODIFICATION is added to make attributes operational
+ *
+ * USAGE is set to "dSAOperation" as per ITS#7493,
+ * to prevent replication, since this information
+ * is generated (based on ACL and identity of request)
+ * and not stored.
  */
 
 #define AA_SCHEMA_AT "1.2.840.113556.1.4"
@@ -73,7 +85,7 @@ static struct {
 		/* added by me :) */
 		"DESC 'Child classes allowed for a given object' "
 		"NO-USER-MODIFICATION "
-		"USAGE directoryOperation )", &ad_allowedChildClasses },
+		"USAGE dSAOperation )", &ad_allowedChildClasses },
 	{ "( " AA_SCHEMA_AT ".912 "
 		"NAME 'allowedChildClassesEffective' "
 		"EQUALITY objectIdentifierMatch "
@@ -81,7 +93,7 @@ static struct {
 		/* added by me :) */
 		"DESC 'Child classes allowed for a given object according to ACLs' "
 		"NO-USER-MODIFICATION "
-		"USAGE directoryOperation )", &ad_allowedChildClassesEffective },
+		"USAGE dSAOperation )", &ad_allowedChildClassesEffective },
 	{ "( " AA_SCHEMA_AT ".913 "
 		"NAME 'allowedAttributes' "
 		"EQUALITY objectIdentifierMatch "
@@ -89,7 +101,7 @@ static struct {
 		/* added by me :) */
 		"DESC 'Attributes allowed for a given object' "
 		"NO-USER-MODIFICATION "
-		"USAGE directoryOperation )", &ad_allowedAttributes },
+		"USAGE dSAOperation )", &ad_allowedAttributes },
 	{ "( " AA_SCHEMA_AT ".914 "
 		"NAME 'allowedAttributesEffective' "
 		"EQUALITY objectIdentifierMatch "
@@ -97,7 +109,7 @@ static struct {
 		/* added by me :) */
 		"DESC 'Attributes allowed for a given object according to ACLs' "
 		"NO-USER-MODIFICATION "
-		"USAGE directoryOperation )", &ad_allowedAttributesEffective },
+		"USAGE dSAOperation )", &ad_allowedAttributesEffective },
 
 	/* TODO: add objectClass stuff? */