[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slapi extended op plugin

>	1/ How can I find out who is the bound user, i.e. who's running the op?

Retrieve SLAPI_CONN_DN from the pblock, eg:

int foo_extop(Slapi_PBlock *pb)
	char *dn;
	int rc;

	rc = slapi_pblock_get(pb, SLAPI_CONN_DN, &dn);
	if (rc != 0 || dn == NULL)
		// handle error


>	2/ Can I assume that all data accesses will be done with respect to the acls 
>in force in the directory, or do plugins circumvent those controls?

You need to do your own access control checking with slapi_access_allowed().

When calling an internal plugin function it runs as the rootdn.

-- Luke