From d428f48a4cf79de5e3f7cbc38a2c1af7a0b80e4f Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Sat, 21 Jul 2007 00:56:42 +0000
Subject: [PATCH] Add the new ACI keyword  "targetcontrol"  that can be used to enforce access based on the OID of a control. For example, a new global access control rule is also being added: 

---
 opends/src/server/org/opends/server/authorization/dseecompat/AciLDAPOperationContainer.java |   20 +++++++++++++++-----
 1 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/AciLDAPOperationContainer.java b/opends/src/server/org/opends/server/authorization/dseecompat/AciLDAPOperationContainer.java
index b980c79..a417b61 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/AciLDAPOperationContainer.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/AciLDAPOperationContainer.java
@@ -30,10 +30,9 @@
 import java.util.List;
 
 import org.opends.server.core.*;
-import org.opends.server.types.Modification;
-import org.opends.server.types.SearchResultEntry;
-import org.opends.server.types.Entry;
+import org.opends.server.types.*;
 import org.opends.server.workflowelement.localbackend.*;
+import static org.opends.server.authorization.dseecompat.Aci.ACI_READ;
 
 /**
  * The AciLDAPOperationContainer is an AciContainer
@@ -65,6 +64,18 @@
     }
 
     /**
+     * Constructor interface for control evaluation.
+     *
+     * @param operation The operation to evaluate.
+     * @param e An entry built especially for control evaluation.
+     * @param oid The control's oid string.
+     */
+    public AciLDAPOperationContainer(Operation operation, Entry e, String oid) {
+      super(operation, (ACI_READ), e );
+      setControlOID(oid);
+    }
+
+    /**
      * Constructor interface for the add operation.
      * @param operation The add operation to evaluate.
      * @param rights  The rights of an add operation.
@@ -81,8 +92,7 @@
      * @param rights  The rights of a delete operation.
      */
     public AciLDAPOperationContainer(LocalBackendDeleteOperation operation,
-        int rights)
-    {
+                                     int rights) {
         super(operation, rights, operation.getEntryToDelete());
     }
 

--
Gitblit v1.10.0