>From dd31da50b1c09a22727640585fab39cf95ce2aa5 Mon Sep 17 00:00:00 2001 From: Nathan Kinder Date: Thu, 30 Jul 2009 19:18:20 -0700 Subject: [PATCH] Bug 514848: Make selfwrite ACI keyword with with Name And Optional UID syntax attributes. The selfwrite ACI keyword currently only applies when writing to attributes using the Distringuished Name syntax. It needs to also work with the Name And Optional UID syntax since that is the syntax used for the uniqueMember attribute. --- ldap/servers/plugins/acl/acl.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c index d62796f..df2f4e4 100644 --- a/ldap/servers/plugins/acl/acl.c +++ b/ldap/servers/plugins/acl/acl.c @@ -351,8 +351,9 @@ acl_access_allowed( slapi_attr_get_syntax_oid_copy(sa, &oid); /* We only want to perform this check if the attribute is - * defined using the DN syntax. */ - if (oid && (strcasecmp(oid, DN_SYNTAX_OID) == 0)) { + * defined using the DN or Name And Optional UID syntaxes. */ + if (oid && ((strcasecmp(oid, DN_SYNTAX_OID) == 0) || + (strcasecmp(oid, NAMEANDOPTIONALUID_SYNTAX_OID) == 0))) { /* should use slapi_sdn_compare() but that'a an extra malloc/free */ char *dn_val_to_write = slapi_dn_normalize(slapi_ch_strdup(val->bv_val)); if ( aclpb->aclpb_authorization_sdn && -- 1.6.2.5