Provide a mechanism to disable privileges in the server if necessary. If a...

neil_a_wilson

30.42.2007 6ac3c4ea9e225c3209518be08d7d59f3f732ebea

 opendj-sdk/opends/src/server/org/opends/server/api/ClientConnection.java

@@ -960,8 +960,6 @@
  public boolean hasPrivilege(Privilege privilege,
                              Operation operation)
  {
    boolean result;

    if (privilege == Privilege.PROXIED_AUTH)
    {
      // This determination should always be made against the
@@ -970,9 +968,11 @@
      Entry authEntry = authenticationInfo.getAuthenticationEntry();
      boolean isRoot  = authenticationInfo.isRoot();
      return getPrivileges(authEntry,
                           isRoot).contains(Privilege.PROXIED_AUTH);
                           isRoot).contains(Privilege.PROXIED_AUTH) ||
             DirectoryServer.isDisabled(Privilege.PROXIED_AUTH);
    }

    boolean result;
    if (operation == null)
    {
      result = privileges.contains(privilege);
@@ -992,7 +992,8 @@
      if (operation.getAuthorizationDN().equals(
               authenticationInfo.getAuthorizationDN()))
      {
        result = privileges.contains(privilege);
        result = privileges.contains(privilege) ||
                 DirectoryServer.isDisabled(privilege);
        if (debugEnabled())
        {
          DN authDN = authenticationInfo.getAuthenticationDN();
@@ -1017,7 +1018,8 @@
          boolean isRoot =
               DirectoryServer.isRootDN(authorizationEntry.getDN());
          result = getPrivileges(authorizationEntry,
                                 isRoot).contains(privilege);
                                 isRoot).contains(privilege) ||
                   DirectoryServer.isDisabled(privilege);
        }
      }
    }