ITS#1530 no value replace ACL fix

author Kurt Zeilenga <kurt@openldap.org>

Mon, 14 Jan 2002 17:19:05 +0000 (17:19 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Mon, 14 Jan 2002 17:19:05 +0000 (17:19 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Mon, 14 Jan 2002 17:19:05 +0000 (17:19 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Mon, 14 Jan 2002 17:19:05 +0000 (17:19 +0000)
diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c

index 89720fcf9e0968c0d81902326f43c639f2f0ba0b..f3a51b3046c99ad8c3d2ffa8b5fb6f2945d47309 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -1091,10 +1091,20 @@ acl_check_modlist(
  
                 switch ( mlist->sml_op ) {
                 case LDAP_MOD_REPLACE:
-               case LDAP_MOD_ADD:
                         if ( mlist->sml_bvalues == NULL ) {
+                               if ( ! access_allowed( be, conn, op, e,
+                                       mlist->sml_desc, NULL, ACL_WRITE ) )
+                               {
+                                       return( 0 );
+                               }
                                 break;
                         }
+
+                       /* fall thru */
+
+               case LDAP_MOD_ADD:
+                       assert( mlist->sml_bvalues != NULL );
+
                         for ( bv = mlist->sml_bvalues; bv->bv_val != NULL; bv++ ) {
                                 if ( ! access_allowed( be, conn, op, e,
                                         mlist->sml_desc, bv, ACL_WRITE ) )
author	Kurt Zeilenga <kurt@openldap.org>
	Mon, 14 Jan 2002 17:19:05 +0000 (17:19 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Mon, 14 Jan 2002 17:19:05 +0000 (17:19 +0000)