From 745d3ccec1c5673231f872a7bc8d9ff6fa655279 Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Wed, 25 Jul 2007 23:12:49 +0000
Subject: [PATCH] Add new ACI keyword "extop" that can be used to enforce access based on the OID of an extended operation. For example, a new global access extended operation rule is also being added:

---
 opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java |   26 ++++++++++++++++++++++++--
 1 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java b/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java
index 54fd4dc..217b3c6 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java
@@ -237,10 +237,15 @@
     private int evalAllAttributes=0;
 
    /*
-   * String used to hold a control OID string.
-   */
+    * String used to hold a control OID string.
+    */
     private String controlOID;
 
+   /*
+    * String used to hold an extended operation OID string.
+    */
+    private String extOpOID;
+
   /**
      * This constructor is used by all currently supported LDAP operations.
      *
@@ -743,6 +748,13 @@
       return controlOID;
     }
 
+   /**
+    * {@inheritDoc}
+    */
+    public String getExtOpOID() {
+      return extOpOID;
+    }
+
     /**
      * Set the the controlOID value to the specified oid string.
      *
@@ -752,6 +764,16 @@
       this.controlOID=oid;
     }
 
+
+    /**
+     * Set the extended operation OID value to the specified oid string.
+     *
+     * @param oid  The extended operation oid string.
+     */
+    protected void setExtOpOID(String oid) {
+      this.extOpOID=oid;
+    }
+
     /**
      * {@inheritDoc}
      */

--
Gitblit v1.10.0