Add the new ACI keyword "targetcontrol" that can be used to enforce acces...

dugan

21.56.2007 d428f48a4cf79de5e3f7cbc38a2c1af7a0b80e4f

 opends/src/server/org/opends/server/core/ExtendedOperationBasis.java

@@ -60,6 +60,7 @@
import org.opends.server.types.DebugLogLevel;
import static org.opends.server.messages.CoreMessages.*;
import static org.opends.server.messages.MessageHandler.*;
import static org.opends.server.messages.MessageHandler.getMessage;
import static org.opends.server.util.ServerConstants.*;


@@ -487,6 +488,15 @@
      {
        for (Control c : requestControls)
        {
          if (!AccessControlConfigManager.getInstance().
                  getAccessControlHandler().
                  isAllowed(this.getAuthorizationDN(), this, c)) {
            setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
            int msgID = MSGID_CONTROL_INSUFFICIENT_ACCESS_RIGHTS;
            appendErrorMessage(getMessage(msgID, c.getOID()));
            skipPostOperation=true;
            break extendedProcessing;
          }
          if (! c.isCritical())
          {
            // The control isn't critical, so we don't care if it's supported