Slapi_DN *slapi_sdn_new_ndn_byval( const char *ndn )
{
Slapi_DN *sdn;
sdn = slapi_sdn_new();
return slapi_sdn_set_ndn_byval( sdn, ndn );
}
void slapi_sdn_get_parent( const Slapi_DN *sdn, Slapi_DN *sdn_parent )
{
struct berval parent_dn;
if ( !(sdn->flag & FLAG_DN) ) {
dnParent( (struct berval *)&sdn->ndn, &parent_dn );
slapi_sdn_set_ndn_byval( sdn_parent, parent_dn.bv_val );
} else {
dnParent( (struct berval *)&sdn->dn, &parent_dn );
slapi_sdn_set_dn_byval( sdn_parent, parent_dn.bv_val );
}
}
static int
_ger_new_gerpb (
Slapi_PBlock *pb,
Slapi_Entry *e,
const char *subjectndn,
Slapi_PBlock **gerpb,
void **aclcb, /* original aclcb */
char **errbuf
)
{
Connection *conn;
struct acl_cblock *geraclcb;
Acl_PBlock *geraclpb;
Operation *gerop;
int rc = LDAP_SUCCESS;
*aclcb = NULL;
*gerpb = slapi_pblock_new ();
if ( *gerpb == NULL )
{
rc = LDAP_NO_MEMORY;
goto bailout;
}
{
/* aclpb initialization needs the backend */
Slapi_Backend *be;
slapi_pblock_get ( pb, SLAPI_BACKEND, &be );
slapi_pblock_set ( *gerpb, SLAPI_BACKEND, be );
}
{
int isroot = slapi_dn_isroot ( subjectndn );
slapi_pblock_set ( *gerpb, SLAPI_REQUESTOR_ISROOT, &isroot );
}
/* Save requestor's aclcb and set subjectdn's one */
{
slapi_pblock_get ( pb, SLAPI_CONNECTION, &conn );
slapi_pblock_set ( *gerpb, SLAPI_CONNECTION, conn );
/* Can't share the conn->aclcb because of different context */
geraclcb = (struct acl_cblock *) acl_conn_ext_constructor ( NULL, NULL);
if ( geraclcb == NULL )
{
rc = LDAP_NO_MEMORY;
goto bailout;
}
slapi_sdn_set_ndn_byval ( geraclcb->aclcb_sdn, subjectndn );
*aclcb = acl_get_ext ( ACL_EXT_CONNECTION, conn );
acl_set_ext ( ACL_EXT_CONNECTION, conn, (void *) geraclcb );
}
{
gerop = operation_new ( OP_FLAG_INTERNAL );
if ( gerop == NULL )
{
rc = LDAP_NO_MEMORY;
goto bailout;
}
/*
* conn is a no-use parameter in the functions
* chained down from factory_create_extension
*/
gerop->o_extension = factory_create_extension ( get_operation_object_type(), (void *)gerop, (void *)conn );
slapi_pblock_set ( *gerpb, SLAPI_OPERATION, gerop );
slapi_sdn_set_ndn_byval ( &gerop->o_sdn, subjectndn );
geraclpb = acl_get_ext ( ACL_EXT_OPERATION, (void *)gerop);
acl_init_aclpb ( *gerpb, geraclpb, subjectndn, 0 );
geraclpb->aclpb_res_type |= ACLPB_EFFECTIVE_RIGHTS;
}
bailout:
if ( rc != LDAP_SUCCESS )
{
_ger_release_gerpb ( gerpb, aclcb, pb );
}
return rc;
}