From 777a6cd427a2cafcb5e10f2814c3cd623ebc22b6 Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Thu, 31 May 2007 16:59:31 +0000
Subject: [PATCH] Fix erroneous delete and proxy effective rights results. Issue 1620.

---
 opends/src/server/org/opends/server/authorization/dseecompat/AciTargets.java |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/AciTargets.java b/opends/src/server/org/opends/server/authorization/dseecompat/AciTargets.java
index d7d212d..dc13132 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/AciTargets.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/AciTargets.java
@@ -452,7 +452,9 @@
      * skiprights rights mask.
      */
     public static boolean skipRightsHasRights(int rights) {
-         return  ((skipRights & rights) == rights);
+      //geteffectiverights sets this flag, turn it off before evaluating.
+      int tmpRights=rights & ~ACI_SKIP_PROXY_CHECK;
+      return  ((skipRights & tmpRights) == tmpRights);
     }
 
 

--
Gitblit v1.10.0