summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2013-01-02 14:54:20 +1100
committerStefan Metzmacher <metze@samba.org>2013-01-21 16:12:45 +0100
commit730433984c9f3dd30ee0b07dc22af56b4d3a062f (patch)
treed2285b64ff35f32a37063818e4342e2bf68e9899
parent6d7e53aaac8c95f86e1eb8593880ae1c09d973d4 (diff)
downloadsamba-730433984c9f3dd30ee0b07dc22af56b4d3a062f.tar.gz
samba-730433984c9f3dd30ee0b07dc22af56b4d3a062f.tar.bz2
samba-730433984c9f3dd30ee0b07dc22af56b4d3a062f.zip
dsdb-acl: Use dsdb_get_structural_oc_from_msg() in acl_rename()
Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/dsdb/samdb/ldb_modules/acl.c26
1 files changed, 14 insertions, 12 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index 990089256a..629e0c8b8c 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -1303,6 +1303,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
struct ldb_dn *oldparent;
struct ldb_dn *newparent;
const struct dsdb_schema *schema;
+ const struct dsdb_class *objectclass;
struct ldb_context *ldb;
struct security_descriptor *sd = NULL;
struct dom_sid *sid = NULL;
@@ -1389,12 +1390,18 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
return ldb_operr(ldb);
}
- guid = get_oc_guid_from_message(schema, acl_res->msgs[0]);
- if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
+ objectclass = dsdb_get_structural_oc_from_msg(schema, acl_res->msgs[0]);
+ if (!objectclass) {
+ talloc_free(tmp_ctx);
+ return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
+ "acl_modify: Error retrieving object class for GUID.");
+ }
+
+ if (!insert_in_object_tree(tmp_ctx, &objectclass->schemaIDGUID, SEC_ADS_WRITE_PROP,
&root, &new_node)) {
talloc_free(tmp_ctx);
return ldb_operr(ldb);
- };
+ }
guid = attribute_schemaid_guid_by_lDAPDisplayName(schema,
"name");
@@ -1402,7 +1409,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
&new_node, &new_node)) {
talloc_free(tmp_ctx);
return ldb_operr(ldb);
- };
+ }
rdn_name = ldb_dn_get_rdn_name(req->op.rename.olddn);
if (rdn_name == NULL) {
@@ -1457,15 +1464,10 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
/* new parent should have create child */
root = NULL;
new_node = NULL;
- guid = get_oc_guid_from_message(schema, acl_res->msgs[0]);
- if (!guid) {
- ldb_asprintf_errstring(ldb_module_get_ctx(module),
- "acl:renamed object has no object class\n");
- talloc_free(tmp_ctx);
- return ldb_module_done(req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR);
- }
- ret = dsdb_module_check_access_on_dn(module, req, newparent, SEC_ADS_CREATE_CHILD, guid, req);
+ ret = dsdb_module_check_access_on_dn(module, req, newparent,
+ SEC_ADS_CREATE_CHILD,
+ &objectclass->schemaIDGUID, req);
if (ret != LDB_SUCCESS) {
ldb_asprintf_errstring(ldb_module_get_ctx(module),
"acl:access_denied renaming %s",