diff options
| author | Stefan Metzmacher <metze@samba.org> | 2013-01-16 11:45:46 +0100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2013-01-21 16:12:45 +0100 |
| commit | 2685a4ed6681b1a20fb26087867737ecbf8fad73 (patch) | |
| tree | f541b6307eb3a9ec9376903d9b57e0103a949a86 /source4 | |
| parent | d695b8abc7a2e4f7e1853d0c61fe0c03fc786111 (diff) | |
| download | samba-2685a4ed6681b1a20fb26087867737ecbf8fad73.tar.gz samba-2685a4ed6681b1a20fb26087867737ecbf8fad73.tar.bz2 samba-2685a4ed6681b1a20fb26087867737ecbf8fad73.zip | |
dsdb-acl: attr is not optional to acl_check_access_on_attribute()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/acl_util.c | 49 |
1 files changed, 24 insertions, 25 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c index fc6a55a2de..13d6098a21 100644 --- a/source4/dsdb/samdb/ldb_modules/acl_util.c +++ b/source4/dsdb/samdb/ldb_modules/acl_util.c @@ -105,34 +105,33 @@ int acl_check_access_on_attribute(struct ldb_module *module, struct object_tree *new_node = NULL; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); struct security_token *token = acl_user_token(module); - if (attr) { - if (!GUID_all_zero(&attr->attributeSecurityGUID)) { - if (!insert_in_object_tree(tmp_ctx, - &attr->attributeSecurityGUID, - access_mask, &root, - &new_node)) { - DEBUG(10, ("acl_search: cannot add to object tree securityGUID\n")); - goto fail; - } - - if (!insert_in_object_tree(tmp_ctx, - &attr->schemaIDGUID, - access_mask, &new_node, - &new_node)) { - DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n")); - goto fail; - } + + if (!GUID_all_zero(&attr->attributeSecurityGUID)) { + if (!insert_in_object_tree(tmp_ctx, + &attr->attributeSecurityGUID, + access_mask, &root, + &new_node)) { + DEBUG(10, ("acl_search: cannot add to object tree securityGUID\n")); + goto fail; + } + + if (!insert_in_object_tree(tmp_ctx, + &attr->schemaIDGUID, + access_mask, &new_node, + &new_node)) { + DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n")); + goto fail; } - else { - if (!insert_in_object_tree(tmp_ctx, - &attr->schemaIDGUID, - access_mask, &root, - &new_node)) { - DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n")); - goto fail; - } + } else { + if (!insert_in_object_tree(tmp_ctx, + &attr->schemaIDGUID, + access_mask, &root, + &new_node)) { + DEBUG(10, ("acl_search: cannot add to object tree attributeGUID\n")); + goto fail; } } + status = sec_access_check_ds(sd, token, access_mask, &access_granted, |