summaryrefslogtreecommitdiff
path: root/source4/dsdb
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-01-16 11:45:46 +0100
committerStefan Metzmacher <metze@samba.org>2013-01-21 16:12:45 +0100
commit2685a4ed6681b1a20fb26087867737ecbf8fad73 (patch)
treef541b6307eb3a9ec9376903d9b57e0103a949a86 /source4/dsdb
parentd695b8abc7a2e4f7e1853d0c61fe0c03fc786111 (diff)
downloadsamba-2685a4ed6681b1a20fb26087867737ecbf8fad73.tar.gz
samba-2685a4ed6681b1a20fb26087867737ecbf8fad73.tar.bz2
samba-2685a4ed6681b1a20fb26087867737ecbf8fad73.zip
dsdb-acl: attr is not optional to acl_check_access_on_attribute()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/acl_util.c49
1 files changed, 24 insertions, 25 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
index fc6a55a2de..13d6098a21 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -105,34 +105,33 @@ int acl_check_access_on_attribute(struct ldb_module *module,
struct object_tree *new_node = NULL;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
struct security_token *token = acl_user_token(module);
- if (attr) {
- if (!GUID_all_zero(&attr->attributeSecurityGUID)) {
- if (!insert_in_object_tree(tmp_ctx,
- &attr->attributeSecurityGUID,
- access_mask, &root,
- &new_node)) {
- DEBUG(10, ("acl_search: cannot add to object tree securityGUID\n"));
- goto fail;
- }
-
- if (!insert_in_object_tree(tmp_ctx,
- &attr->schemaIDGUID,
- access_mask, &new_node,
- &new_node)) {
- DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
- goto fail;
- }
+
+ if (!GUID_all_zero(&attr->attributeSecurityGUID)) {
+ if (!insert_in_object_tree(tmp_ctx,
+ &attr->attributeSecurityGUID,
+ access_mask, &root,
+ &new_node)) {
+ DEBUG(10, ("acl_search: cannot add to object tree securityGUID\n"));
+ goto fail;
+ }
+
+ if (!insert_in_object_tree(tmp_ctx,
+ &attr->schemaIDGUID,
+ access_mask, &new_node,
+ &new_node)) {
+ DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
+ goto fail;
}
- else {
- if (!insert_in_object_tree(tmp_ctx,
- &attr->schemaIDGUID,
- access_mask, &root,
- &new_node)) {
- DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
- goto fail;
- }
+ } else {
+ if (!insert_in_object_tree(tmp_ctx,
+ &attr->schemaIDGUID,
+ access_mask, &root,
+ &new_node)) {
+ DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n"));
+ goto fail;
}
}
+
status = sec_access_check_ds(sd, token,
access_mask,
&access_granted,