[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3877) openldapACIValidate patch updated

Nikita Shulga wrote:

> Updated patch can be downloaded from ftp://ftp.openldap.org/incoming/ 
> nikita-shulga-050725.patch

You should provide a unified (-u) or context (-c) diff format, otherwise 
I cannot guarantee the timely application of the patch.

> 1)openldapACIValidate and openldapACIPretty are implemented in acl.c.
> 2)bertok are replaced with aci_get_part.
> 3)ACI subject are treated as DN for following ACI types: access-id,  
> subtree, onelevel, children.
>   So, dnNormalize in aci_mask are no longer necessary
> I wonder if ACIPretty should convert ACI like that
>     0#children#grant;r,r,r;[all]#children#dc=example,dc=com
> to
>     0#children#grant;r;[all]#children#dc=example,dc=com

I wouldn't go into that, since the syntax is not that frozen (actually, 
noone is working at its specification, as far as I can tell).

> Also, attribute list in permissions should be validated and prettied  
> as well.

This would be a nice feature; anything can improve their (machine) 
readability is welcome.


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497