[
https://issues.apache.org/jira/browse/DIRSERVER-1625?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kiran Ayyagari closed DIRSERVER-1625.
-------------------------------------
Resolution: Won't Fix
Assignee: Kiran Ayyagari
this issue has been fixed in the rev 1129732 (on 31 May), can you try with the
latest trunk.
OTOH,
I have tested this with a new test given below
@Test
public void testModifyPrescriptiveAciOpAttribute() throws Exception
{
AutzIntegUtils.service = service;
String identPrefix = "{ identificationTag
\"testModifyPrescriptiveAci\", ";
String restOfAci = " precedence 14, " + " authenticationLevel none, "
+ " itemOrUserFirst userFirst: " + " { "
+ " userClasses { thisEntry }, " + "
userPermissions " + " { " + " { "
+ " protectedItems {entry}, " + "
grantsAndDenials { grantModify, grantBrowse, grantRead } "
+ " }, " + " { " + "
protectedItems {allAttributeValues {userPassword}}, "
+ " grantsAndDenials { grantAdd, grantRemove
} " + " } " + " } " + " } " + "}";
createAccessControlSubentry( "testModifyPrescriptiveAci", identPrefix +
restOfAci );
CoreSession session = service.getAdminSession();
Dn subEntryDn =new Dn( service.getSchemaManager(),
"cn=testModifyPrescriptiveAci,ou=system" );
System.out.println( session.lookup( subEntryDn, "+" ) );
Attribute prescriptiveAciAt = new DefaultAttribute(
SchemaConstants.PRESCRIPTIVE_ACI_AT );
String newAci = "{ identificationTag
\"dirsrvr-1625ModifyPrescriptiveAci\", " + restOfAci;
prescriptiveAciAt.add( newAci );
ModifyRequest modReq = new ModifyRequestImpl();
modReq.setName( subEntryDn );
modReq.replace( SchemaConstants.PRESCRIPTIVE_ACI_AT, newAci );
session.modify( modReq );
Entry subEntry = session.lookup( subEntryDn, "+" );
System.out.println( subEntry );
assertEquals( newAci, subEntry.get( SchemaConstants.PRESCRIPTIVE_ACI_AT
).getString() );
}
> Cannot modify a prescriptiveAci on a subEntry
> ---------------------------------------------
>
> Key: DIRSERVER-1625
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1625
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: core
> Reporter: Mike Adamson
> Assignee: Kiran Ayyagari
>
> Attempting to replace an aci on a subEntry using a user session with the
> following:
> ModifyRequest modifyRequest = new
> ModifyRequestImpl().setName(subEntryDn).replace(aciAttribute);
> session.modify(modifyRequest);
> results in a LdapSchemaViolationException
> I have tracked this down to this block of code at the bottom of the
> AciAuthorizationInterceptor.modify method:
> Entry modifiedEntry = modifyContext.lookup( dn,
> ByPassConstants.LOOKUP_BYPASS );
> tupleCache.subentryModified( dn, mods, modifiedEntry );
> groupCache.groupModified( dn, mods, entry, schemaManager );
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
