From 1c1400a568940232bff55fa95094716b87fc8d9a Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Fri, 06 Dec 2013 16:13:01 +0000
Subject: [PATCH] OPENDJ-1088 (CR-2677) Wrong error message and result code when deleting branch as a user with insufficient access rights
---
opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java | 13 ++++---------
1 files changed, 4 insertions(+), 9 deletions(-)
diff --git a/opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java b/opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java
index 006b9f5..76f71eb 100644
--- a/opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java
+++ b/opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java
@@ -1139,20 +1139,16 @@
*/
private void processControls(DN parentDN) throws DirectoryException
{
+ LocalBackendWorkflowElement.removeAllDisallowedControls(parentDN, this);
+
List<Control> requestControls = getRequestControls();
- if ((requestControls != null) && (! requestControls.isEmpty()))
+ if (requestControls != null && !requestControls.isEmpty())
{
for (int i=0; i < requestControls.size(); i++)
{
Control c = requestControls.get(i);
String oid = c.getOID();
- if (!LocalBackendWorkflowElement.isControlAllowed(parentDN, this, c))
- {
- // Skip disallowed non-critical controls.
- continue;
- }
-
if (oid.equals(OID_LDAP_ASSERTION))
{
// RFC 4528 mandates support for Add operation basically
@@ -1233,8 +1229,7 @@
// The requester must have the PROXIED_AUTH privilege in order to
// be able to use this control.
- if (! getClientConnection().hasPrivilege(Privilege.PROXIED_AUTH,
- this))
+ if (!getClientConnection().hasPrivilege(Privilege.PROXIED_AUTH, this))
{
throw new DirectoryException(ResultCode.AUTHORIZATION_DENIED,
ERR_PROXYAUTH_INSUFFICIENT_PRIVILEGES.get());
--
Gitblit v1.10.0