#endif
}
- rc = access_allowed( be, conn, op, e,
- entry, NULL, ACL_WRITE, NULL );
-
- switch( opinfo.boi_err ) {
- case DB_LOCK_DEADLOCK:
- case DB_LOCK_NOTGRANTED:
- goto retry;
- }
-
/* get entry for read/modify/write */
rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock );
goto done;
}
+ rc = access_allowed( be, conn, op, e,
+ entry, NULL, ACL_WRITE, NULL );
+
+ switch( opinfo.boi_err ) {
+ case DB_LOCK_DEADLOCK:
+ case DB_LOCK_NOTGRANTED:
+ goto retry;
+ }
+
+ if ( !rc ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, DETAIL1,
+ "<=- bdb_delete: no access to entry\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "<=- bdb_delete: no access to entry\n",
+ 0, 0, 0 );
+#endif
+ rc = LDAP_INSUFFICIENT_ACCESS;
+ goto return_results;
+ }
+
if ( !manageDSAit && is_entry_referral( e ) ) {
/* entry is a referral, don't allow delete */
BerVarray refs = get_entry_referrals( be,
goto done;
}
+ /* check write on old entry */
+ rc = access_allowed( be, conn, op, e,
+ entry, NULL, ACL_WRITE, NULL );
+
+ switch( opinfo.boi_err ) {
+ case DB_LOCK_DEADLOCK:
+ case DB_LOCK_NOTGRANTED:
+ goto retry;
+ }
+
+ if ( ! rc ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, ERR,
+ "==>bdb_modrdn: no access to entry\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
+ 0, 0 );
+#endif
+ rc = LDAP_INSUFFICIENT_ACCESS;
+ goto return_results;
+ }
+
if (!manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */
new_parent_dn = np_dn;
}
- /* check write on old entry */
- rc = access_allowed( be, conn, op, e,
- entry, NULL, ACL_WRITE, NULL );
-
- switch( opinfo.boi_err ) {
- case DB_LOCK_DEADLOCK:
- case DB_LOCK_NOTGRANTED:
- goto retry;
- }
-
- if ( rc ) {
-#ifdef NEW_LOGGING
- LDAP_LOG ( OPERATION, ERR,
- "==>bdb_modrdn: no access to entry\n", 0, 0, 0 );
-#else
- Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
- 0, 0 );
-#endif
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
- goto return_results;
- }
-
-
/* Build target dn and make sure target entry doesn't exist already. */
build_new_dn( &new_dn, new_parent_dn, newrdn );