Allow no-user-modification attributes to be managed.

Need to fix the slap_mods_opattrs() clobber.

servers/slapd/modify.c

@@ -573,14 +573,26 @@ slap_mods_no_user_mod_check(
 	size_t textlen )
 {
 	for ( ; ml != NULL; ml = ml->sml_next ) {
-		if ( is_at_no_user_mod( ml->sml_desc->ad_type ) ) {
+		if ( !is_at_no_user_mod( ml->sml_desc->ad_type ) ) continue;
+
+		if ( ml->sml_desc->ad_type->sat_flags & SLAP_AT_MANAGEABLE ) {
+			continue;
+		}
+
+		if( get_manageDIT( op )) {
+			/* attribute not manageable */
+			snprintf( textbuf, textlen,
+				"%s: no-user-modification attribute not manageable",
+				ml->sml_type.bv_val );
+		} else {
 			/* user modification disallowed */
 			snprintf( textbuf, textlen,
 				"%s: no user modification allowed",
 				ml->sml_type.bv_val );
-			*text = textbuf;
-			return LDAP_CONSTRAINT_VIOLATION;
 		}
+
+		*text = textbuf;
+		return LDAP_CONSTRAINT_VIOLATION;
 	}
 
 	return LDAP_SUCCESS;

tests/data/manage.out

@@ -18,6 +18,8 @@ owner: cn=Manager,dc=example,dc=com
 cn: All Staff
 description: Everyone in the sample data
 objectClass: groupOfNames
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Alumni Assoc Staff,ou=Groups,dc=example,dc=com
 member: cn=Manager,dc=example,dc=com
@@ -31,10 +33,14 @@ owner: cn=Manager,dc=example,dc=com
 description: All Alumni Assoc Staff
 cn: Alumni Assoc Staff
 objectClass: groupOfNames
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: organizationalUnit
 ou: Alumni Association
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
  dc=com
@@ -57,7 +63,9 @@ homePhone: +1 313 555 2333
 pager: +1 313 555 3233
 facsimileTelephoneNumber: +1 313 555 2274
 telephoneNumber: +1 313 555 9022
+creatorsName: cn=Manager,dc=example,dc=com
 testObsolete: TRUE
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
  =com
@@ -78,6 +86,8 @@ homePhone: +1 313 555 5444
 pager: +1 313 555 4474
 facsimileTelephoneNumber: +1 313 555 2177
 telephoneNumber: +1 313 555 0355
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -95,6 +105,8 @@ facsimileTelephoneNumber: +1 313 555 3223
 telephoneNumber: +1 313 555 3664
 mail: dots@mail.alumni.example.com
 homePhone: +1 313 555 0454
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: dc=example,dc=com
 objectClass: top
@@ -111,10 +123,15 @@ description: The Example, Inc. at Anytown
 postalAddress: Example, Inc. $ 535 W. William St. $ Anytown, MI 48109 $ US
 telephoneNumber: +1 313 555 1817
 associatedDomain: example.com
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: ou=Groups,dc=example,dc=com
 objectClass: organizationalUnit
 ou: Groups
+creatorsName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=
+ example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: ou=Information Technology Division,ou=People,dc=example,dc=com
 objectClass: organizationalUnit
@@ -258,6 +275,8 @@ description:: UF7Dg8KDw4LCg8ODwoLDgsKCw4PCg8OCwoPDg8KCw4LCjMODwoPDgsKDw4PCgsOC
  i8ODwoPDgsKDw4PCgsOCwo3Dg8KDw4LCgsODwoLDgsKJw4PCg8OCwoLDg8KCw4LCtTTDg8KDw4LCg
  8ODwoLDgsKow4PCg8OCwoPDg8KCw4LCl8ODwoPDgsKDw4PCgsOCwrtWw4PCg8OCwoLDg8KCw4LCi8
  ODwoPDgsKDw4PCgsOCwo3Dg8KDw4LCg8ODwoLDgsKow4PCg8OCwoLDg8KCw4LCnw==
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=ITD Staff,ou=Groups,dc=example,dc=com
 owner: cn=Manager,dc=example,dc=com
@@ -271,6 +290,8 @@ uniqueMember: cn=James A Jones 2,ou=Information Technology Division,ou=People,
  dc=example,dc=com
 uniqueMember: cn=John Doe,ou=Information Technology Division,ou=People,dc=exam
  ple,dc=com
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -290,6 +311,8 @@ pager: +1 313 555 3923
 mail: jaj@mail.alumni.example.com
 facsimileTelephoneNumber: +1 313 555 4332
 telephoneNumber: +1 313 555 0895
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example
  ,dc=com
@@ -309,6 +332,8 @@ postalAddress: Info Tech Division $ 535 W William $ Anytown, MI 48103
 pager: +1 313 555 2833
 facsimileTelephoneNumber: +1 313 555 8688
 telephoneNumber: +1 313 555 7334
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Jane Doe,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -327,6 +352,8 @@ homePhone: +1 313 555 5445
 pager: +1 313 555 1220
 facsimileTelephoneNumber: +1 313 555 2311
 telephoneNumber: +1 313 555 4774
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -344,6 +371,8 @@ homePhone: +1 313 555 2333
 pager: +1 313 555 6442
 facsimileTelephoneNumber: +1 313 555 2756
 telephoneNumber: +1 313 555 8232
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -361,6 +390,8 @@ homePhone: +1 313 555 3774
 pager: +1 313 555 6573
 facsimileTelephoneNumber: +1 313 555 4544
 telephoneNumber: +1 313 555 9394
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Manager,dc=example,dc=com
 objectClass: person
@@ -370,6 +401,8 @@ cn: Dir Man
 sn: Manager
 description: Manager of the directory
 userPassword:: c2VjcmV0
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -387,6 +420,8 @@ mail: melliot@mail.alumni.example.com
 pager: +1 313 555 7671
 facsimileTelephoneNumber: +1 313 555 7762
 telephoneNumber: +1 313 555 4177
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: ou=People,dc=example,dc=com
 objectClass: organizationalUnit
@@ -394,6 +429,8 @@ objectClass: extensibleObject
 ou: People
 uidNumber: 0
 gidNumber: 0
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 
 dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com
 objectClass: OpenLDAPperson
@@ -409,4 +446,6 @@ homePhone: +1 313 555 8421
 pager: +1 313 555 2844
 facsimileTelephoneNumber: +1 313 555 9700
 telephoneNumber: +1 313 555 5331
+creatorsName: cn=Manager,dc=example,dc=com
+modifiersName: cn=Manager,dc=example,dc=com
 

tests/scripts/test037-manage

@@ -59,9 +59,13 @@ $LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
 	-e \!manageDIT > \
 	$TESTOUT 2>&1 << EOMODS
 version: 1
+#
 # Working Tests
+#
 
+#
 # ObjectClass tests
+#
 
 dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
  dc=com
@@ -77,6 +81,22 @@ changetype: modify
 add: testObsolete
 testObsolete: TRUE
 
+#
+# create/modify timestamp test
+#
+
+dn: ou=Groups,dc=example,dc=com
+# change creatorsName
+changetype: modify
+replace: creatorsName
+creatorsName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com
+
+dn: cn=ITD Staff,ou=Groups,dc=example,dc=com
+# change modifiersName
+changetype: modify
+replace: modifiersName
+modifiersName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com
+
 EOMODS
 
 RC=$?
@@ -95,24 +115,6 @@ version: 1
 # Non-working tests
 #
 
-#dn: cn=ITD Staff,ou=Groups,dc=example,dc=com
-# change entryUUID
-#changetype: modify
-#replace: entryUUID
-#entryUUID: B51EE239-C24A-11D9-A541-000D9342AD1E
-
-dn: ou=Groups,dc=example,dc=com
-# change creatorsName
-changetype: modify
-replace: creatorsName
-creatorsName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com
-
-dn: cn=ITD Staff,ou=Groups,dc=example,dc=com
-# change modifiersName
-changetype: modify
-replace: modifiersName
-modifiersName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com
-
 dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
  dc=com
 # update structural object class of entry via objectClass replace
@@ -157,7 +159,7 @@ fi
 
 echo "Using ldapsearch to retrieve all the entries..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-	    'objectClass=*' > $SEARCHOUT 2>&1
+    'objectClass=*' '*' creatorsName modifiersName > $SEARCHOUT 2>&1
 RC=$?
 test $KILLSERVERS != no && kill -HUP $KILLPIDS
 if test $RC != 0 ; then