From: Emmanuel Dreyfus <manu@openldap.org>
Date: Sat, 4 Oct 2008 10:12:11 +0000 (+0000)
Subject: The fix to ITS#4556 broke this test: modifying objectClass was forbidden
X-Git-Tag: ACLCHECK_0~1295
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=7f085e8b8b38bb0c5ac79f515f707b06870f6cca;p=openldap

The fix to ITS#4556 broke this test: modifying objectClass was forbidden
for anyone, and since LDAP additions now check for attribute write access,
the addition now fails.

Allowing objectClass write access for the user that performs the LDAP
addtition fixes the problem.

Approved by ando@
---

diff --git a/tests/data/slapd-acl.conf b/tests/data/slapd-acl.conf
index bfcabfc491..64cde948c7 100644
--- a/tests/data/slapd-acl.conf
+++ b/tests/data/slapd-acl.conf
@@ -55,6 +55,7 @@ rootpw		secret
 
 #access		to attrs=objectclass dn.subtree="dc=example,dc=com"
 access		to attrs=objectclass
+		by dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" add
 		by * =rsc stop
 
 #access		to filter="(objectclass=person)" attrs=userpassword dn.subtree="dc=example,dc=com"