#endif
AttributeDescription *password = slap_schema.si_ad_userPassword;
- AttributeDescription *entry = slap_schema.si_ad_entry;
Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn, 0, 0);
/* check for deleted */
- if ( ! access_allowed( be, conn, op, e,
- entry, NULL, ACL_AUTH ) )
- {
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
- rc = 1;
- goto return_results;
- }
-
if ( is_entry_alias( e ) ) {
/* entry is an alias, don't allow bind */
Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0,
return( -1 );
}
-#ifdef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL
- if ( ! access_allowed( be, conn, op, e,
- "entry", NULL, ACL_WRITE ) )
- {
- Debug(LDAP_DEBUG_ARGS,
- "<=- ldbm_back_delete: insufficient access %s\n",
- dn, 0, 0);
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
- goto return_results;
- }
-#endif
-
if ( !manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
return( -1 );
}
-#ifdef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL
- if ( ! access_allowed( be, conn, op, e,
- "entry", NULL, ACL_WRITE ) )
- {
- Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
- 0, 0 );
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
- goto return_results;
- }
-#endif
-
if (!manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
char *dn;
- AttributeDescription *entry = slap_schema.si_ad_entry;
-
assert( reqoid != NULL );
assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );
goto done;
}
- if( ! access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE ) ) {
- *text = "access to authorization entry denied";
- rc = LDAP_INSUFFICIENT_ACCESS;
- goto done;
- }
-
if( is_entry_alias( e ) ) {
/* entry is an alias, don't allow operation */
*text = "authorization entry is alias";
projects / openldap / commitdiff