From 2d0aba220afc66dcb50fcd2639df306a25f639ea Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Wed, 02 May 2007 02:02:04 +0000
Subject: [PATCH] Add ACI support for Get Effective Rights control. Issue #87.

---
 opends/src/server/org/opends/server/api/AccessControlHandler.java |   25 ++++++++++++++++++++-----
 1 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/opends/src/server/org/opends/server/api/AccessControlHandler.java b/opends/src/server/org/opends/server/api/AccessControlHandler.java
index 71579e5..0639d14 100644
--- a/opends/src/server/org/opends/server/api/AccessControlHandler.java
+++ b/opends/src/server/org/opends/server/api/AccessControlHandler.java
@@ -29,11 +29,7 @@
 
 
 import org.opends.server.core.*;
-import org.opends.server.types.SearchResultEntry;
-import org.opends.server.types.SearchResultReference;
-import org.opends.server.types.Entry;
-import org.opends.server.types.Operation;
-
+import org.opends.server.types.*;
 
 
 /**
@@ -251,5 +247,24 @@
    */
   public abstract boolean isProxiedAuthAllowed(Operation operation,
                                         Entry newAuthorizationEntry);
+
+  /**
+   * Indicates whether a geteffectiverights control is allowed
+   * based on the current operation and the control contents.
+   *
+   * @param operation
+   *        The operation with which the geteffectiverights
+   *        control is associated. This is always a
+   *       SearchOperation.
+   * @param control
+   *        The control class containing the decoded
+   *        geteffectiverights control contents.
+   * @return  <CODE>true</CODE> if the operation should be allowed
+   *          by the access control configuration, or
+   *          <CODE>false</CODE> if not.
+   */
+  public abstract
+  boolean isGetEffectiveRightsAllowed(Operation operation,
+                                      Control control);
 }
 

--
Gitblit v1.10.0