From 09b2bb485c8939161985e4542ec791b695e88ed9 Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Fri, 15 Jun 2007 22:59:08 +0000
Subject: [PATCH] Fix userattr bind rule GROUPDN keyword when using a url search failure . Issue 1596.
---
opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java | 17 ++++++++++++-----
1 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java b/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java
index e50670c..5a10f8b 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java
@@ -323,6 +323,12 @@
int numLevels=parentInheritance.getNumLevels();
int[] levels=parentInheritance.getLevels();
AttributeType attrType=parentInheritance.getAttributeType();
+ DN baseDN=parentInheritance.getBaseDN();
+ if(baseDN != null) {
+ if (evalCtx.getResourceEntry().hasAttribute(attrType))
+ matched=GroupDN.evaluate(evalCtx.getResourceEntry(),
+ evalCtx,attrType, baseDN);
+ } else {
for(int i=0;((i < numLevels) && !stop); i++ ) {
//The ROLEDN keyword will always enter this statement. The others
//might. For the add operation, the resource itself (level 0)
@@ -332,9 +338,9 @@
undefined=true;
} else if (evalCtx.getResourceEntry().hasAttribute(attrType)) {
matched =
- evalEntryAttr(evalCtx.getResourceEntry(),
- evalCtx,attrType);
- if(matched.equals(EnumEvalResult.TRUE))
+ evalEntryAttr(evalCtx.getResourceEntry(),
+ evalCtx,attrType);
+ if(matched.equals(EnumEvalResult.TRUE))
stop=true;
}
} else {
@@ -362,7 +368,8 @@
}
}
}
- return matched.getRet(type, undefined);
+ }
+ return matched.getRet(type, undefined);
}
/**
@@ -405,7 +412,7 @@
break;
}
case GROUPDN: {
- result=GroupDN.evaluate(e, evalCtx, attributeType);
+ result=GroupDN.evaluate(e, evalCtx, attributeType, null);
break;
}
}
--
Gitblit v1.10.0