Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 75b43f1f28
Branches Tags
389-ds-base
/
ldap
/
servers
/
plugins
/
chainingdb
/
cb_acl.c

cb_acl.c 1.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 
  1. /** BEGIN COPYRIGHT BLOCK
    2. 

  2.  * Copyright 2001 Sun Microsystems, Inc.
    3. 

  3.  * Portions copyright 1999, 2001-2003 Netscape Communications Corporation.
    4. 

  4.  * All rights reserved.
    5. 

  5.  * END COPYRIGHT BLOCK **/
    6. 

  6. #include "cb.h"
    7. 

  7. 

  8. /*
    9. 

  9. ** generic function to send back results
    10. 

  10. ** Turn off acl eval on front-end when needed
    11. 

  11. */
    12. 

  12. 

  13. void cb_set_acl_policy(Slapi_PBlock *pb) {
    14. 

  14.  
    15. 

  15.         Slapi_Backend *be;
    16. 

  16.         cb_backend_instance *cb;
    17. 

  17.         int noacl;
    18. 

  18. 

  19.         slapi_pblock_get( pb, SLAPI_BACKEND, &be );
    20. 

  20.         cb = cb_get_instance(be);
    21. 

  21. 

  22. 		/* disable acl checking if the local_acl flag is not set
    23. 

  23. 		   or if the associated backend is disabled */
    24. 

  24.         noacl=!(cb->local_acl) || cb->associated_be_is_disabled;
    25. 

  25.  
    26. 

  26.         if (noacl) {
    27. 

  27.                 slapi_pblock_set(pb, SLAPI_PLUGIN_DB_NO_ACL, &noacl);
    28. 

  28. 	} else {
    29. 

  29.                 /* Be very conservative about acl evaluation */
    30. 

  30.                 slapi_pblock_set(pb, SLAPI_PLUGIN_DB_NO_ACL, &noacl);
    31. 

  31.         }
    32. 

  32. }
    33. 

  33. 

  34. int cb_access_allowed(
    35. 

  35.         Slapi_PBlock        *pb,
    36. 

  36.         Slapi_Entry         *e,                 /* The Slapi_Entry */
    37. 

  37.         char                *attr,              /* Attribute of the entry */
    38. 

  38.         struct berval       *val,               /* value of attr. NOT USED */
    39. 

  39.         int                 access,              /* access rights */
    40. 

  40. 	char 		    **errbuf
    41. 

  41.         )
    42. 

  42. 

  43. {
    44. 

  44. 

  45. switch (access) {
    46. 

  46. 

  47. 	case SLAPI_ACL_ADD:
    48. 

  48. 	case SLAPI_ACL_DELETE:
    49. 

  49. 	case SLAPI_ACL_COMPARE:
    50. 

  50. 	case SLAPI_ACL_WRITE:
    51. 

  51. 	case SLAPI_ACL_PROXY:
    52. 

  52. 

  53. 		/* Keep in mind some entries are NOT */
    54. 

  54. 		/* available for acl evaluation      */
    55. 

  55. 

  56. 		return slapi_access_allowed(pb,e,attr,val,access);
    57. 

  57. 	default:
    58. 

  58. 		return LDAP_INSUFFICIENT_ACCESS;
    59. 

  59. }
    60. 

  60. }
    61.