directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1589647 - in /directory/apacheds/trunk/interceptors: admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
Date Thu, 24 Apr 2014 09:37:38 GMT
Author: kayyagari
Date: Thu Apr 24 09:37:38 2014
New Revision: 1589647

URL: http://svn.apache.org/r1589647
Log:
allow modification of operational attributes in replication mode (DIRSERVER-1971)

Modified:
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
    directory/apacheds/trunk/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java

Modified: directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java?rev=1589647&r1=1589646&r2=1589647&view=diff
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
(original)
+++ directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
Thu Apr 24 09:37:38 2014
@@ -1435,10 +1435,13 @@ public class AdministrativePointIntercep
                                 break;
 
                             case REPLACE_ATTRIBUTE:
-                                // Not supported
-                                String msg = "Cannot replace an administrative role, the
opertion is not supported";
-                                LOG.error( msg );
-                                throw new LdapUnwillingToPerformException( msg );
+                                if( ! ( modifyContext.isReplEvent() && modifyContext.getSession().isAdministrator()
) )
+                                {
+                                    // Not supported in non-replication related operations
+                                    String msg = "Cannot replace an administrative role,
the opertion is not supported";
+                                    LOG.error( msg );
+                                    throw new LdapUnwillingToPerformException( msg );
+                                }
                         }
                     }
                 }

Modified: directory/apacheds/trunk/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java?rev=1589647&r1=1589646&r2=1589647&view=diff
==============================================================================
--- directory/apacheds/trunk/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
(original)
+++ directory/apacheds/trunk/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
Thu Apr 24 09:37:38 2014
@@ -694,8 +694,12 @@ public class SchemaInterceptor extends B
     /**
      * Modify an entry, applying the given modifications, and check if it's OK
      */
-    private void checkModifyEntry( Dn dn, Entry currentEntry, List<Modification> mods
) throws LdapException
+    private void checkModifyEntry( ModifyOperationContext modifyContext ) throws LdapException
     {
+        Dn dn = modifyContext.getDn();
+        Entry currentEntry = modifyContext.getEntry();
+        List<Modification> mods = modifyContext.getModItems();
+
         // The first step is to check that the modifications are valid :
         // - the ATs are present in the schema
         // - The value is syntaxically correct
@@ -710,15 +714,21 @@ public class SchemaInterceptor extends B
             AttributeType attributeType = attribute.getAttributeType();
 
             // We don't allow modification of operational attributes
-            if ( !attributeType.isUserModifiable()
-                && ( !attributeType.equals( MODIFIERS_NAME_AT )
+            if ( !attributeType.isUserModifiable() )
+            {
+                if( modifyContext.isReplEvent() && modifyContext.getSession().isAdministrator()
)
+                {
+                    // this is a replication related modification, allow the operation
+                }
+                else if( ( !attributeType.equals( MODIFIERS_NAME_AT )
                     && ( !attributeType.equals( MODIFY_TIMESTAMP_AT ) )
                     && ( !attributeType.equals( ENTRY_CSN_AT ) )
                     && ( !PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( attributeType
) ) ) )
-            {
-                String msg = I18n.err( I18n.ERR_52, attributeType );
-                LOG.error( msg );
-                throw new LdapNoPermissionException( msg );
+                {
+                    String msg = I18n.err( I18n.ERR_52, attributeType );
+                    LOG.error( msg );
+                    throw new LdapNoPermissionException( msg );
+                }
             }
 
             switch ( mod.getOperation() )
@@ -1181,9 +1191,7 @@ public class SchemaInterceptor extends B
             return;
         }
 
-        Entry entry = modifyContext.getEntry();
-        List<Modification> modifications = modifyContext.getModItems();
-        checkModifyEntry( dn, entry, modifications );
+        checkModifyEntry( modifyContext );
 
         next( modifyContext );
     }



Mime
View raw message