From 10d7c1ea90c6016ab1e6cc2218c44dcb74a5fdb3 Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Tue, 10 Apr 2007 21:02:22 +0000
Subject: [PATCH] Add ACI support for proxy right. Issue #1489.

---
 opendj-sdk/opends/src/server/org/opends/server/api/AccessControlHandler.java |   29 ++++++++++++++++++++---------
 1 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/opendj-sdk/opends/src/server/org/opends/server/api/AccessControlHandler.java b/opendj-sdk/opends/src/server/org/opends/server/api/AccessControlHandler.java
index fccc56c..eec0fac 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/api/AccessControlHandler.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/api/AccessControlHandler.java
@@ -28,17 +28,10 @@
 
 
 
-import org.opends.server.core.AddOperation;
-import org.opends.server.core.BindOperation;
-import org.opends.server.core.CompareOperation;
-import org.opends.server.core.DeleteOperation;
-import org.opends.server.core.ExtendedOperation;
-import org.opends.server.core.ModifyDNOperation;
-import org.opends.server.core.ModifyOperation;
-import org.opends.server.core.SearchOperation;
+import org.opends.server.core.*;
 import org.opends.server.types.SearchResultEntry;
 import org.opends.server.types.SearchResultReference;
-
+import org.opends.server.types.Entry;
 
 
 /**
@@ -237,5 +230,23 @@
    */
   public abstract boolean maySend(SearchOperation searchOperation,
                                SearchResultReference searchReference);
+
+  /**
+   * Indicates whether a proxied authorization control is allowed
+   * based on the current operation and the new authorization
+   * entry.
+   *
+   * @param operation
+   *        The operation with which the proxied authorization
+   *        control is associated.
+   * @param newAuthorizationEntry
+   *        The new authorization entry related to the
+   *        proxied authorization control authorization ID.
+   * @return  <CODE>true</CODE> if the operation should be allowed by
+   *         the access control configuration, or <CODE>false</CODE>
+   *         if not.
+   */
+  public abstract boolean isProxiedAuthAllowed(Operation operation,
+                                        Entry newAuthorizationEntry);
 }
 

--
Gitblit v1.10.0