Fix up last commits

author Kurt Zeilenga <kurt@openldap.org>

Fri, 4 Oct 2002 23:42:27 +0000 (23:42 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Fri, 4 Oct 2002 23:42:27 +0000 (23:42 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Fri, 4 Oct 2002 23:42:27 +0000 (23:42 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Fri, 4 Oct 2002 23:42:27 +0000 (23:42 +0000)
diff --git a/servers/slapd/back-bdb/add.c b/servers/slapd/back-bdb/add.c

index 76fac90435e1c25ffc491cc9e73677ac2e57e064..e2e4e2afc80b0d616fe252d789e12b27efbf4cfc 100644 (file)
--- a/servers/slapd/back-bdb/add.c
+++ b/servers/slapd/back-bdb/add.c
@@ -226,7 +226,6 @@ retry:      /* transaction retry */
                                 0, 0, 0 );
  #endif
                         rc = LDAP_INSUFFICIENT_ACCESS;
-                       text = "no write access to parent";
                         goto return_results;;
                 }
  
@@ -327,7 +326,6 @@ retry:      /* transaction retry */
                                                 0, 0, 0 );
  #endif
                                         rc = LDAP_INSUFFICIENT_ACCESS;
-                                       text = "no write access to parent";
                                         goto return_results;;
                                 }
  
@@ -389,7 +387,6 @@ retry:      /* transaction retry */
                         0, 0, 0 );
  #endif
                 rc = LDAP_INSUFFICIENT_ACCESS;
-               text = "no write access to entry";
                 goto return_results;;
         }
  
diff --git a/servers/slapd/back-bdb/delete.c b/servers/slapd/back-bdb/delete.c

index ad5f1fe278e0a8037a4f7ebc4e769c0d48f7f903..045e5e28bf8f9b180b53299d71231b6faf351f34 100644 (file)
--- a/servers/slapd/back-bdb/delete.c
+++ b/servers/slapd/back-bdb/delete.c
@@ -233,15 +233,6 @@ retry:     /* transaction retry */
  #endif
         }
  
-       rc = access_allowed( be, conn, op, e,
-               entry, NULL, ACL_WRITE, NULL );
-
-       switch( opinfo.boi_err ) {
-       case DB_LOCK_DEADLOCK:
-       case DB_LOCK_NOTGRANTED:
-               goto retry;
-       }
-
         /* get entry for read/modify/write */
         rc = bdb_dn2entry_w( be, ltid, ndn, &e, &matched, DB_RMW, locker, &lock );
  
@@ -297,6 +288,28 @@ retry:     /* transaction retry */
                 goto done;
         }
  
+       rc = access_allowed( be, conn, op, e,
+               entry, NULL, ACL_WRITE, NULL );
+
+       switch( opinfo.boi_err ) {
+       case DB_LOCK_DEADLOCK:
+       case DB_LOCK_NOTGRANTED:
+               goto retry;
+       }
+
+       if ( !rc  ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG ( OPERATION, DETAIL1, 
+                       "<=- bdb_delete: no access to entry\n", 0, 0, 0 );
+#else
+               Debug( LDAP_DEBUG_TRACE,
+                       "<=- bdb_delete: no access to entry\n",
+                       0, 0, 0 );
+#endif
+               rc = LDAP_INSUFFICIENT_ACCESS;
+               goto return_results;
+       }
+
         if ( !manageDSAit && is_entry_referral( e ) ) {
                 /* entry is a referral, don't allow delete */
                 BerVarray refs = get_entry_referrals( be,
diff --git a/servers/slapd/back-bdb/modrdn.c b/servers/slapd/back-bdb/modrdn.c

index ba920bc69011f4ac98fef33797535394a5787411..60170441221449b6653c263c484f8e21329a019d 100644 (file)
--- a/servers/slapd/back-bdb/modrdn.c
+++ b/servers/slapd/back-bdb/modrdn.c
@@ -178,6 +178,28 @@ retry:     /* transaction retry */
                 goto done;
         }
  
+       /* check write on old entry */
+       rc = access_allowed( be, conn, op, e,
+               entry, NULL, ACL_WRITE, NULL );
+
+       switch( opinfo.boi_err ) {
+       case DB_LOCK_DEADLOCK:
+       case DB_LOCK_NOTGRANTED:
+               goto retry;
+       }
+
+       if ( ! rc ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG ( OPERATION, ERR, 
+                       "==>bdb_modrdn: no access to entry\n", 0, 0, 0 );
+#else
+               Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
+                       0, 0 );
+#endif
+               rc = LDAP_INSUFFICIENT_ACCESS;
+               goto return_results;
+       }
+
         if (!manageDSAit && is_entry_referral( e ) ) {
                 /* parent is a referral, don't allow add */
                 /* parent is an alias, don't allow add */
@@ -538,30 +560,6 @@ retry:     /* transaction retry */
                 new_parent_dn = np_dn;
         }
  
-       /* check write on old entry */
-       rc = access_allowed( be, conn, op, e,
-               entry, NULL, ACL_WRITE, NULL );
-
-       switch( opinfo.boi_err ) {
-       case DB_LOCK_DEADLOCK:
-       case DB_LOCK_NOTGRANTED:
-               goto retry;
-       }
-
-       if ( rc ) {
-#ifdef NEW_LOGGING
-               LDAP_LOG ( OPERATION, ERR, 
-                       "==>bdb_modrdn: no access to entry\n", 0, 0, 0 );
-#else
-               Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
-                       0, 0 );
-#endif
-               send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
-                       NULL, NULL, NULL, NULL );
-               goto return_results;
-       }
-
-
         /* Build target dn and make sure target entry doesn't exist already. */
         build_new_dn( &new_dn, new_parent_dn, newrdn );
author	Kurt Zeilenga <kurt@openldap.org>
	Fri, 4 Oct 2002 23:42:27 +0000 (23:42 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Fri, 4 Oct 2002 23:42:27 +0000 (23:42 +0000)
servers/slapd/back-bdb/add.c		patch \| blob \| history
servers/slapd/back-bdb/delete.c		patch \| blob \| history
servers/slapd/back-bdb/modrdn.c		patch \| blob \| history