From ef7472507064725f7d1ac16e6b9ccdfa2f9fadea Mon Sep 17 00:00:00 2001
From: coulbeck <coulbeck@localhost>
Date: Fri, 23 Feb 2007 20:11:10 +0000
Subject: [PATCH] This change prepares the unit tests for when the ACI handler will get enabled by default.  Most of the failing tests are fixed by adding bypass-acl privilege to the entries of the users the failing tests bind as.

---
 opends/src/server/org/opends/server/core/ModifyOperation.java |   40 ++++++++++++++++++++--------------------
 1 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/ModifyOperation.java b/opends/src/server/org/opends/server/core/ModifyOperation.java
index 8292097..292e824 100644
--- a/opends/src/server/org/opends/server/core/ModifyOperation.java
+++ b/opends/src/server/org/opends/server/core/ModifyOperation.java
@@ -947,26 +947,6 @@
           break modifyProcessing;
         }
 
-        // Check to see if the client has permission to perform the
-        // modify.
-
-        // FIXME: for now assume that this will check all permission
-        // pertinent to the operation. This includes proxy authorization
-        // and any other controls specified.
-
-        // FIXME: earlier checks to see if the entry already exists may
-        // have already exposed sensitive information to the client.
-        if (AccessControlConfigManager.getInstance()
-            .getAccessControlHandler().isAllowed(this) == false) {
-          setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
-          int msgID = MSGID_MODIFY_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
-          appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
-          skipPostOperation = true;
-          break modifyProcessing;
-        }
-
         // Check to see if there are any controls in the request.  If so, then
         // see if there is any special processing required.
         boolean                    noOp            = false;
@@ -1213,6 +1193,26 @@
         }
 
 
+        // Check to see if the client has permission to perform the
+        // modify.
+
+        // FIXME: for now assume that this will check all permission
+        // pertinent to the operation. This includes proxy authorization
+        // and any other controls specified.
+
+        // FIXME: earlier checks to see if the entry already exists may
+        // have already exposed sensitive information to the client.
+        if (AccessControlConfigManager.getInstance()
+            .getAccessControlHandler().isAllowed(this) == false) {
+          setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+          int msgID = MSGID_MODIFY_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+          appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+          skipPostOperation = true;
+          break modifyProcessing;
+        }
+
         // Get the password policy state object for the entry that can be used
         // to perform any appropriate password policy processing.  Also, see if
         // the entry is being updated by the end user or an administrator.

--
Gitblit v1.10.0