#endif
}
+ if ( get_assert( op ) &&
+ ( test_filter( op, op->oq_add.rs_e, get_assertion( op ))
+ != LDAP_COMPARE_TRUE ))
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+ goto return_results;
+ }
+
rs->sr_err = access_allowed( op, op->oq_add.rs_e,
entry, NULL, ACL_WRITE, NULL );
goto done;
}
- rs->sr_err = access_allowed( op, e,
- op->oq_compare.rs_ava->aa_desc, &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
+ if ( get_assert( op ) &&
+ ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+ goto return_results;
+ }
+
+ rs->sr_err = access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
+ &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
if ( ! rs->sr_err ) {
rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
goto done;
}
+ if ( get_assert( op ) &&
+ ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+ goto return_results;
+ }
+
rs->sr_err = access_allowed( op, e,
entry, NULL, ACL_WRITE, NULL );
)
{
static char *controls[] = {
+ LDAP_CONTROL_ASSERT,
+#ifdef LDAP_CLIENT_UPDATE
+ LDAP_CONTROL_CLIENT_UPDATE,
+#endif
LDAP_CONTROL_MANAGEDSAIT,
LDAP_CONTROL_NOOP,
#ifdef LDAP_CONTROL_PAGEDRESULTS
LDAP_CONTROL_PAGEDRESULTS,
#endif
- LDAP_CONTROL_VALUESRETURNFILTER,
#ifdef LDAP_CONTROL_SUBENTRIES
LDAP_CONTROL_SUBENTRIES,
#endif
-#ifdef LDAP_CLIENT_UPDATE
- LDAP_CONTROL_CLIENT_UPDATE,
-#endif
+ LDAP_CONTROL_VALUESRETURNFILTER,
NULL
};
goto done;
}
+ if ( get_assert( op ) &&
+ ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+ goto return_results;
+ }
+
#if defined(LDAP_CLIENT_UPDATE) || defined(LDAP_SYNC)
if ( rs->sr_err == LDAP_SUCCESS && !op->o_noop ) {
LDAP_LIST_FOREACH ( ps_list, &bdb->bi_psearch_list, o_ps_link ) {
}
}
#endif
-
+
/* nested transaction */
rs->sr_err = TXN_BEGIN( bdb->bi_dbenv, ltid, <2,
bdb->bi_db_opflags );
goto done;
}
+ if ( get_assert( op ) &&
+ ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+ goto return_results;
+ }
+
/* check write on old entry */
rs->sr_err = access_allowed( op, e, entry, NULL, ACL_WRITE, NULL );
-
if ( ! rs->sr_err ) {
switch( opinfo.boi_err ) {
case DB_LOCK_DEADLOCK:
return 1;
}
+ if ( get_assert( op ) &&
+ ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
+ {
+ rs->sr_err = LDAP_ASSERTION_FAILED;
+ send_ldap_result( sop, rs );
+ return 1;
+ }
+
/* if not root, get appropriate limits */
if ( be_isroot( op->o_bd, &sop->o_ndn ) ) {
isroot = 1;
projects / openldap / commitdiff