actually retrieve the target, to apply clauses like sets and so

author Pierangelo Masarati <ando@openldap.org>

Thu, 31 Mar 2005 21:21:16 +0000 (21:21 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Thu, 31 Mar 2005 21:21:16 +0000 (21:21 +0000)
author Pierangelo Masarati <ando@openldap.org>
Thu, 31 Mar 2005 21:21:16 +0000 (21:21 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Thu, 31 Mar 2005 21:21:16 +0000 (21:21 +0000)
diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c

index 4c2a8e79600a9c879ecbaea4b90f9e66a2679927..e9ce24823b10d76e6cac3ab34917e532427a29d2 100644 (file)
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -43,7 +43,7 @@ slapacl( int argc, char **argv )
         Listener                listener;
         char                    opbuf[OPERATION_BUFFER_SIZE];
         Operation               *op;
-       Entry                   e = { 0 };
+       Entry                   e = { 0 }, *ep = &e;
         char                    *attr = NULL;
  
         slap_tool_init( progname, SLAPACL, argc, argv );
@@ -116,6 +116,45 @@ slapacl( int argc, char **argv )
                 attr = slap_schema.si_ad_entry->ad_cname.bv_val;
         }
  
+       if ( !dryrun ) {
+               ID      id;
+
+               if ( !be->be_entry_open ||
+                       !be->be_entry_close ||
+                       !be->be_dn2id_get ||
+                       !be->be_entry_get )
+               {
+                       fprintf( stderr, "%s: target database "
+                               "doesn't support necessary operations; "
+                               "you may try with \"-u\" (dry run).\n",
+                               progname );
+                       rc = 1;
+                       goto destroy;
+               }
+
+               if ( be->be_entry_open( be, 0 ) != 0 ) {
+                       fprintf( stderr, "%s: could not open database.\n",
+                               progname );
+                       rc = 1;
+                       goto destroy;
+               }
+
+               id = be->be_dn2id_get( be, &e.e_nname );
+               if ( id == NOID ) {
+                       fprintf( stderr, "%s: unable to fetch ID of DN \"%s\"\n",
+                               progname, e.e_nname.bv_val );
+                       rc = 1;
+                       goto destroy;
+               }
+               if ( be->be_id2entry_get( be, id, &ep ) != 0 ) {
+                       fprintf( stderr, "%s: unable to fetch entry \"%s\" (%lu)\n",
+                               progname, e.e_nname.bv_val, id );
+                       rc = 1;
+                       goto destroy;
+
+               }
+       }
+
         for ( ; argc--; argv++ ) {
                 slap_mask_t             mask;
                 AttributeDescription    *desc = NULL;
@@ -164,7 +203,7 @@ slapacl( int argc, char **argv )
                         break;
                 }
  
-               rc = access_allowed_mask( op, &e, desc, valp, access,
+               rc = access_allowed_mask( op, ep, desc, valp, access,
                                 NULL, &mask );
  
                 if ( accessstr ) {
@@ -187,6 +226,15 @@ slapacl( int argc, char **argv )
         }
  
  destroy:;
+       ber_memfree( e.e_name.bv_val );
+       ber_memfree( e.e_nname.bv_val );
+       if ( !dryrun ) {
+               if ( ep != &e ) {
+                       be_entry_release_r( op, ep );
+               }
+               be->be_entry_close( be );
+       }
+
         slap_tool_destroy();
  
         return rc;
diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c

index 331c9b2e946dad0869c90da6581bf209e2864d80..1306b884111caaa2a7f83c72c5b5bcb60f269399 100644 (file)
--- a/servers/slapd/slapcommon.c
+++ b/servers/slapd/slapcommon.c
@@ -55,7 +55,7 @@ usage( int tool, const char *progname )
         switch( tool ) {
         case SLAPACL:
                 options = "\n\t[-U authcID | -D authcDN]"
-                       " -b DN -o <var>[=<val>]"
+                       " -b DN -o <var>[=<val>] [-u]"
                         "\n\t[attr[/access][:value]] [...]\n";
                 break;
  
@@ -214,7 +214,7 @@ slap_tool_init(
                 break;
  
         case SLAPACL:
-               options = "b:D:d:f:F:o:U:v";
+               options = "b:D:d:f:F:o:uU:v";
                 mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
                 break;
  
@@ -582,8 +582,8 @@ void slap_tool_destroy( void )
  {
         if ( !dryrun ) {
                 slap_shutdown( be );
+               slap_destroy();
         }
-       slap_destroy();
  #ifdef SLAPD_MODULES
         if ( slapMode == SLAP_SERVER_MODE ) {
         /* always false. just pulls in necessary symbol references. */
author	Pierangelo Masarati <ando@openldap.org>
	Thu, 31 Mar 2005 21:21:16 +0000 (21:21 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Thu, 31 Mar 2005 21:21:16 +0000 (21:21 +0000)
servers/slapd/slapacl.c		patch \| blob \| history
servers/slapd/slapcommon.c		patch \| blob \| history