From f8fda0d8fcc71d68e644dcb21fcb282edc0fdc2c Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Fri, 18 May 2007 14:09:11 +0000
Subject: [PATCH] Remove ACI roledn bind rule keyword. Issue #1577.

---
 opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java |   19 +++++++------------
 1 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java b/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java
index 632f9c9..c3295fc 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/UserAttr.java
@@ -157,14 +157,11 @@
                     return new UserAttr (userAttrType, type, parentInheritance);
                 }
                 case ROLEDN: {
-                    //Even though parent inheritance is invalid for the ROLEDN
-                    //keyword, we are going to up a simple parent inheritance
-                    //class so that most of the evaluate methods in this class
-                    //can be re-used. The true boolean means to skip parsing,
-                    //except for a quick validation parse.
-                    ParentInheritance parentInheritance =
-                            new ParentInheritance(vals[0], true);
-                     return new UserAttr(userAttrType, type, parentInheritance);
+                  //The roledn keyword is not supported. Throw an exception with
+                  //a message if it is seen in the expression.
+                  int msgID=MSGID_ACI_SYNTAX_ROLEDN_NOT_SUPPORTED;
+                  String message = getMessage(msgID, expression);
+                  throw new AciException(msgID, message);
                 }
          }
          return new UserAttr(vals[0], vals[1], userAttrType, type);
@@ -383,7 +380,8 @@
     /**
      * This method evaluates the user attribute type and calls the correct
      * evalaution method. The three user attribute types that can be selected
-     * are ROLEDN, USERDN or GROUPDN.
+     * are USERDN or GROUPDN.
+     *
      * @param e The entry to use in the evaluation.
      * @param evalCtx The evaluation context to use in the evaluation.
      * @param attributeType The attribute type to use in the evaluation.
@@ -398,9 +396,6 @@
                                        attributeType);
                 break;
             }
-            case ROLEDN:
-                result=RoleDN.evaluate(e, evalCtx, attributeType);
-                break;
             case GROUPDN: {
                 result=GroupDN.evaluate(e, evalCtx, attributeType);
                 break;

--
Gitblit v1.10.0