From ef7472507064725f7d1ac16e6b9ccdfa2f9fadea Mon Sep 17 00:00:00 2001
From: coulbeck <coulbeck@localhost>
Date: Fri, 23 Feb 2007 20:11:10 +0000
Subject: [PATCH] This change prepares the unit tests for when the ACI handler will get enabled by default.  Most of the failing tests are fixed by adding bypass-acl privilege to the entries of the users the failing tests bind as.

---
 opends/src/server/org/opends/server/core/AddOperation.java |   40 ++++++++++++++++++++--------------------
 1 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/AddOperation.java b/opends/src/server/org/opends/server/core/AddOperation.java
index 6c79f9f..c6336d9 100644
--- a/opends/src/server/org/opends/server/core/AddOperation.java
+++ b/opends/src/server/org/opends/server/core/AddOperation.java
@@ -1659,26 +1659,6 @@
           }
         }
 
-        // Check to see if the client has permission to perform the add.
-
-        // FIXME: for now assume that this will check all permission
-        // pertinent to the operation. This includes proxy authorization
-        // and any other controls specified.
-
-        // FIXME: earlier checks to see if the entry already exists or
-        // if the parent entry does not exist may have already exposed
-        // sensitive information to the client.
-        if (AccessControlConfigManager.getInstance()
-            .getAccessControlHandler().isAllowed(this) == false) {
-          setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
-          int msgID = MSGID_ADD_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
-          appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
-          skipPostOperation = true;
-          break addProcessing;
-        }
-
         // Check to see if there are any controls in the request. If so,
         // then
         // see if there is any special processing required.
@@ -1901,6 +1881,26 @@
         }
 
 
+        // Check to see if the client has permission to perform the add.
+
+        // FIXME: for now assume that this will check all permission
+        // pertinent to the operation. This includes proxy authorization
+        // and any other controls specified.
+
+        // FIXME: earlier checks to see if the entry already exists or
+        // if the parent entry does not exist may have already exposed
+        // sensitive information to the client.
+        if (AccessControlConfigManager.getInstance()
+            .getAccessControlHandler().isAllowed(this) == false) {
+          setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+          int msgID = MSGID_ADD_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+          appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+          skipPostOperation = true;
+          break addProcessing;
+        }
+
         // Check for and handle a request to cancel this operation.
         if (cancelRequest != null)
         {

--
Gitblit v1.10.0