[ https://issues.apache.org/jira/browse/DIRSERVER-1625?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kiran Ayyagari closed DIRSERVER-1625.
-------------------------------------
Resolution: Won't Fix
Assignee: Kiran Ayyagari
this issue has been fixed in the rev 1129732 (on 31 May), can you try with the latest trunk.
OTOH,
I have tested this with a new test given below
@Test
public void testModifyPrescriptiveAciOpAttribute() throws Exception
{
AutzIntegUtils.service = service;
String identPrefix = "{ identificationTag \"testModifyPrescriptiveAci\", ";
String restOfAci = " precedence 14, " + " authenticationLevel none, " + " itemOrUserFirst
userFirst: " + " { "
+ " userClasses { thisEntry }, " + " userPermissions " +
" { " + " { "
+ " protectedItems {entry}, " + " grantsAndDenials
{ grantModify, grantBrowse, grantRead } "
+ " }, " + " { " + " protectedItems {allAttributeValues
{userPassword}}, "
+ " grantsAndDenials { grantAdd, grantRemove } " + "
} " + " } " + " } " + "}";
createAccessControlSubentry( "testModifyPrescriptiveAci", identPrefix + restOfAci
);
CoreSession session = service.getAdminSession();
Dn subEntryDn =new Dn( service.getSchemaManager(), "cn=testModifyPrescriptiveAci,ou=system"
);
System.out.println( session.lookup( subEntryDn, "+" ) );
Attribute prescriptiveAciAt = new DefaultAttribute( SchemaConstants.PRESCRIPTIVE_ACI_AT
);
String newAci = "{ identificationTag \"dirsrvr-1625ModifyPrescriptiveAci\", " + restOfAci;
prescriptiveAciAt.add( newAci );
ModifyRequest modReq = new ModifyRequestImpl();
modReq.setName( subEntryDn );
modReq.replace( SchemaConstants.PRESCRIPTIVE_ACI_AT, newAci );
session.modify( modReq );
Entry subEntry = session.lookup( subEntryDn, "+" );
System.out.println( subEntry );
assertEquals( newAci, subEntry.get( SchemaConstants.PRESCRIPTIVE_ACI_AT ).getString()
);
}
> Cannot modify a prescriptiveAci on a subEntry
> ---------------------------------------------
>
> Key: DIRSERVER-1625
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1625
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: core
> Reporter: Mike Adamson
> Assignee: Kiran Ayyagari
>
> Attempting to replace an aci on a subEntry using a user session with the following:
> ModifyRequest modifyRequest = new ModifyRequestImpl().setName(subEntryDn).replace(aciAttribute);
> session.modify(modifyRequest);
> results in a LdapSchemaViolationException
> I have tracked this down to this block of code at the bottom of the AciAuthorizationInterceptor.modify
method:
> Entry modifiedEntry = modifyContext.lookup( dn, ByPassConstants.LOOKUP_BYPASS
);
> tupleCache.subentryModified( dn, mods, modifiedEntry );
> groupCache.groupModified( dn, mods, entry, schemaManager );
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|