{
sty = ACL_STYLE_REGEX;
} else if ( strcasecmp( style, "exact" ) == 0 ) {
- sty = ACL_STYLE_BASE;
+ sty = ACL_STYLE_EXACT;
} else if ( strcasecmp( style, "base" ) == 0 ) {
sty = ACL_STYLE_BASE;
} else if ( strcasecmp( style, "one" ) == 0 ) {
continue;
}
+ if ( strcasecmp( left, "set" ) == 0 ) {
+ if( b->a_set_pat != NULL ) {
+ fprintf( stderr,
+ "%s: line %d: set attribute already specified.\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ if ( right == NULL || *right == '\0' ) {
+ fprintf( stderr,
+ "%s: line %d: no set is defined\n",
+ fname, lineno );
+ acl_usage();
+ }
+
+ b->a_set_style = sty;
+ b->a_set_pat = ch_strdup(right);
+
+ continue;
+ }
+
#ifdef SLAPD_ACI_ENABLED
if ( strcasecmp( left, "aci" ) == 0 ) {
if( b->a_aci_at != NULL ) {
#define SLAPD_ACI_SYNTAX "1.3.6.1.4.1.4203.666.2.1"
#define SLAPD_ACI_ATTR "OpenLDAPaci"
+/* change this to "OpenLDAPset" */
+#define SLAPD_ACI_SET_ATTR "template"
+
#define SLAPD_TOP_OID "2.5.6.0"
LDAP_SLAPD_F (int) slap_debug;
ACL_STYLE_BASE,
ACL_STYLE_ONE,
ACL_STYLE_SUBTREE,
- ACL_STYLE_CHILDREN
+ ACL_STYLE_CHILDREN,
+ ACL_STYLE_ATTROF,
+
+ /* alternate names */
+ ACL_STYLE_EXACT = ACL_STYLE_BASE
} slap_style_t;
typedef unsigned long slap_access_mask_t;
char *a_domain_pat;
slap_style_t a_sockurl_style;
char *a_sockurl_pat;
+ slap_style_t a_set_style;
+ char *a_set_pat;
#ifdef SLAPD_ACI_ENABLED
AttributeDescription *a_aci_at;
projects / openldap / commitdiff