directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ersin Er (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DIRSERVER-725) Access control permission Import is only meaningful for prescriptive ACI
Date Wed, 30 Aug 2006 06:35:25 GMT
    [ http://issues.apache.org/jira/browse/DIRSERVER-725?page=comments#action_12431491 ] 
            
Ersin Er commented on DIRSERVER-725:
------------------------------------

Fixed for 1.0 here:
    http://svn.apache.org/viewvc?rev=438396&view=rev

> Access control permission Import is only meaningful for prescriptive ACI
> ------------------------------------------------------------------------
>
>                 Key: DIRSERVER-725
>                 URL: http://issues.apache.org/jira/browse/DIRSERVER-725
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 1.0-RC1, 1.0-RC2, pre-1.0, 1.1.0, 1.0-RC3, 1.0-RC4
>            Reporter: Ersin Er
>         Assigned To: Ersin Er
>             Fix For: 1.1.0, 1.0-RC4
>
>
> As stated in X.501 L.4:
> "If granted, allows entries, including all subordinates, to be relocated at the designated
location in the DIT
> in a ModifyDN operation. Import is only meaningful as prescriptive ACI."
> However our current implementation considers also entry ACIs that includes Import permissions.
> Here is a code snippet from our implementation:
> Collection destTuples = new HashSet();
>         addPerscriptiveAciTuples( proxy, destTuples, oriChildName, entry );
>         addEntryAciTuples( destTuples, entry );
>         addSubentryAciTuples( proxy, destTuples, oriChildName, entry );
>         engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
oriChildName, null,
>             null, IMPORT_PERMS, tuples, entry );
> The line
> addEntryAciTuples( destTuples, entry );
> needs to be removed in from the relevant code parts.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message