upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-24 00:29:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Consistently don't require "entry" access (except on search)

Browse source
This commit is contained in:
Kurt Zeilenga 2000-09-05 21:48:12 +00:00
parent 7e71a7f63b
commit a75a024fd3
4 changed files with 0 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
servers/slapd/back-ldbm/bind.c
View file

@ -41,7 +41,6 @@ ldbm_back_bind(
#endif
AttributeDescription *password = slap_schema.si_ad_userPassword;
AttributeDescription *entry = slap_schema.si_ad_entry;
Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn, 0, 0);
@ -101,15 +100,6 @@ ldbm_back_bind(
/* check for deleted */
if ( ! access_allowed( be, conn, op, e,
entry, NULL, ACL_AUTH ) )
{
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
NULL, NULL, NULL, NULL );
rc = 1;
goto return_results;
}
if ( is_entry_alias( e ) ) {
/* entry is an alias, don't allow bind */
Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0,

13
servers/slapd/back-ldbm/delete.c
View file

@ -65,19 +65,6 @@ ldbm_back_delete(
return( -1 );
}
#ifdef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL
if ( ! access_allowed( be, conn, op, e,
"entry", NULL, ACL_WRITE ) )
{
Debug(LDAP_DEBUG_ARGS,
"<=- ldbm_back_delete: insufficient access %s\n",
dn, 0, 0);
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
NULL, NULL, NULL, NULL );
goto return_results;
}
#endif
if ( !manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */

12
servers/slapd/back-ldbm/modrdn.c
View file

@ -102,18 +102,6 @@ ldbm_back_modrdn(
return( -1 );
}
#ifdef SLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL
if ( ! access_allowed( be, conn, op, e,
"entry", NULL, ACL_WRITE ) )
{
Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0,
0, 0 );
send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
NULL, NULL, NULL, NULL );
goto return_results;
}
#endif
if (!manageDSAit && is_entry_referral( e ) ) {
/* parent is a referral, don't allow add */
/* parent is an alias, don't allow add */

8
servers/slapd/back-ldbm/passwd.c
View file

@ -40,8 +40,6 @@ ldbm_back_exop_passwd(
char *dn;
AttributeDescription *entry = slap_schema.si_ad_entry;
assert( reqoid != NULL );
assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );
@ -94,12 +92,6 @@ ldbm_back_exop_passwd(
goto done;
}
if( ! access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE ) ) {
*text = "access to authorization entry denied";
rc = LDAP_INSUFFICIENT_ACCESS;
goto done;
}
if( is_entry_alias( e ) ) {
/* entry is an alias, don't allow operation */
*text = "authorization entry is alias";