From 3958eb9e98d145f9f54a4e73a3e45386a9eb2030 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Thu, 31 Mar 2005 21:21:16 +0000 Subject: [PATCH] actually retrieve the target, to apply clauses like sets and so --- servers/slapd/slapacl.c | 52 ++++++++++++++++++++++++++++++++++++-- servers/slapd/slapcommon.c | 6 ++--- 2 files changed, 53 insertions(+), 5 deletions(-) diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c index 4c2a8e7960..e9ce24823b 100644 --- a/servers/slapd/slapacl.c +++ b/servers/slapd/slapacl.c @@ -43,7 +43,7 @@ slapacl( int argc, char **argv ) Listener listener; char opbuf[OPERATION_BUFFER_SIZE]; Operation *op; - Entry e = { 0 }; + Entry e = { 0 }, *ep = &e; char *attr = NULL; slap_tool_init( progname, SLAPACL, argc, argv ); @@ -116,6 +116,45 @@ slapacl( int argc, char **argv ) attr = slap_schema.si_ad_entry->ad_cname.bv_val; } + if ( !dryrun ) { + ID id; + + if ( !be->be_entry_open || + !be->be_entry_close || + !be->be_dn2id_get || + !be->be_entry_get ) + { + fprintf( stderr, "%s: target database " + "doesn't support necessary operations; " + "you may try with \"-u\" (dry run).\n", + progname ); + rc = 1; + goto destroy; + } + + if ( be->be_entry_open( be, 0 ) != 0 ) { + fprintf( stderr, "%s: could not open database.\n", + progname ); + rc = 1; + goto destroy; + } + + id = be->be_dn2id_get( be, &e.e_nname ); + if ( id == NOID ) { + fprintf( stderr, "%s: unable to fetch ID of DN \"%s\"\n", + progname, e.e_nname.bv_val ); + rc = 1; + goto destroy; + } + if ( be->be_id2entry_get( be, id, &ep ) != 0 ) { + fprintf( stderr, "%s: unable to fetch entry \"%s\" (%lu)\n", + progname, e.e_nname.bv_val, id ); + rc = 1; + goto destroy; + + } + } + for ( ; argc--; argv++ ) { slap_mask_t mask; AttributeDescription *desc = NULL; @@ -164,7 +203,7 @@ slapacl( int argc, char **argv ) break; } - rc = access_allowed_mask( op, &e, desc, valp, access, + rc = access_allowed_mask( op, ep, desc, valp, access, NULL, &mask ); if ( accessstr ) { @@ -187,6 +226,15 @@ slapacl( int argc, char **argv ) } destroy:; + ber_memfree( e.e_name.bv_val ); + ber_memfree( e.e_nname.bv_val ); + if ( !dryrun ) { + if ( ep != &e ) { + be_entry_release_r( op, ep ); + } + be->be_entry_close( be ); + } + slap_tool_destroy(); return rc; diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c index 331c9b2e94..1306b88411 100644 --- a/servers/slapd/slapcommon.c +++ b/servers/slapd/slapcommon.c @@ -55,7 +55,7 @@ usage( int tool, const char *progname ) switch( tool ) { case SLAPACL: options = "\n\t[-U authcID | -D authcDN]" - " -b DN -o [=]" + " -b DN -o [=] [-u]" "\n\t[attr[/access][:value]] [...]\n"; break; @@ -214,7 +214,7 @@ slap_tool_init( break; case SLAPACL: - options = "b:D:d:f:F:o:U:v"; + options = "b:D:d:f:F:o:uU:v"; mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY; break; @@ -582,8 +582,8 @@ void slap_tool_destroy( void ) { if ( !dryrun ) { slap_shutdown( be ); + slap_destroy(); } - slap_destroy(); #ifdef SLAPD_MODULES if ( slapMode == SLAP_SERVER_MODE ) { /* always false. just pulls in necessary symbol references. */ -- 2.39.5