mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: a36cc573 | patch | commit | ignore whitespace
dugan
27.52.2007 0247636cd0990e2e18e768b5ec370660c1c4f89c 
Fix problem with targattrfilters keyword not checking for modify operation. Issue #1405
1 files modified
7 ■■■■■ changed files
opends/src/server/org/opends/server/authorization/dseecompat/TargAttrFilters.java 7 ●●●●● patch | view | raw | blame | history 
 opends/src/server/org/opends/server/authorization/dseecompat/TargAttrFilters.java


@@ -223,10 +223,11 @@


        int mask=ACI_NULL;


        //Set up the wanted mask by evaluating both the target match


        //context's rights and the mask.


        if(matchCtx.hasRights(ACI_ADD) &&


        if((matchCtx.hasRights(ACI_WRITE_ADD) || matchCtx.hasRights(ACI_ADD)) &&


                hasMask(TARGATTRFILTERS_ADD))


            mask=TARGATTRFILTERS_ADD;


        else if(matchCtx.hasRights(ACI_DELETE) &&


        else if((matchCtx.hasRights(ACI_WRITE_DELETE) ||


                 matchCtx.hasRights(ACI_DELETE)) &&


                hasMask(TARGATTRFILTERS_DELETE))


            mask=TARGATTRFILTERS_DELETE;


        //Check the first list first, it always has to be there. If it doesn't


@@ -268,7 +269,7 @@


            SearchFilter filter = filterList.get(attrType);


            attrMatched=matchFilterAttributeValue(attrType, value, filter);


            //This flag causes any targattr checks to be bypassed in AciTargets.


            if(attrMatched)


      //      if(attrMatched)


                matchCtx.setTargAttrFiltersMatch(true);


            if(op.equals(EnumTargetOperator.NOT_EQUALITY))


                attrMatched = !attrMatched;