s4:dsdb Move linked attribute restrictions to objectclass_attrs

author Andrew Bartlett <abartlet@samba.org>

Mon, 14 Jun 2010 03:19:43 +0000 (13:19 +1000)

committer Andrew Bartlett <abartlet@samba.org>

Tue, 15 Jun 2010 00:54:09 +0000 (10:54 +1000)
author Andrew Bartlett <abartlet@samba.org>
Mon, 14 Jun 2010 03:19:43 +0000 (13:19 +1000)
committer Andrew Bartlett <abartlet@samba.org>
Tue, 15 Jun 2010 00:54:09 +0000 (10:54 +1000)
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c

index 5b76a0b9461f5f13857aee07390f2df21694078b..36bd86072dbd27ba39c9c3d43f1c0f1b6f52155a 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
@@ -105,6 +105,15 @@ static int attr_handler(struct oc_context *ac)
                         return LDB_ERR_NO_SUCH_ATTRIBUTE;
                 }
  
+               if ((attr->linkID & 1) == 1) {
+                       /* Odd is for the target.  Illegal to modify */
+                       ldb_asprintf_errstring(ldb, 
+                                              "objectclass_attrs: attribute '%s' on entry '%s' must not be modified directly, it is a linked attribute", 
+                                              msg->elements[i].name,
+                                              ldb_dn_get_linearized(msg->dn));
+                       return LDB_ERR_UNWILLING_TO_PERFORM;
+               }
+               
                 werr = attr->syntax->validate_ldb(ldb, ac->schema, attr,
                                                   &msg->elements[i]);
                 if (!W_ERROR_IS_OK(werr)) {
author	Andrew Bartlett <abartlet@samba.org>
	Mon, 14 Jun 2010 03:19:43 +0000 (13:19 +1000)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 15 Jun 2010 00:54:09 +0000 (10:54 +1000)