From 6d7e53aaac8c95f86e1eb8593880ae1c09d973d4 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 2 Jan 2013 14:53:02 +1100
Subject: [PATCH] dsdb-acl: Use dsdb_get_structural_oc_from_msg() in
 acl_modify()

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/dsdb/samdb/ldb_modules/acl.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index b8fab552e198..990089256aa6 100644
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -991,7 +991,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
 	struct ldb_context *ldb = ldb_module_get_ctx(module);
 	const struct dsdb_schema *schema;
 	unsigned int i;
-	const struct GUID *guid;
+	const struct dsdb_class *objectclass;
 	uint32_t access_granted;
 	NTSTATUS status;
 	struct ldb_result *acl_res;
@@ -1061,11 +1061,11 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
 		goto success;
 	}
 
-	guid = get_oc_guid_from_message(schema, acl_res->msgs[0]);
-	if (!guid) {
+	objectclass = dsdb_get_structural_oc_from_msg(schema, acl_res->msgs[0]);
+	if (!objectclass) {
 		talloc_free(tmp_ctx);
 		return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
-				 "acl_modify: Error retrieving object class GUID.");
+				 "acl_modify: Error retrieving object class for GUID.");
 	}
 	sid = samdb_result_dom_sid(req, acl_res->msgs[0], "objectSid");
 	for (i=0; i < msg->num_elements; i++) {
@@ -1129,7 +1129,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
 							req,
 							sd,
 							sid,
-							guid,
+							&objectclass->schemaIDGUID,
 							attr);
 			if (ret != LDB_SUCCESS) {
 				goto fail;
@@ -1146,7 +1146,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
 							req,
 							sd,
 							sid,
-							guid,
+							&objectclass->schemaIDGUID,
 							userPassword);
 			if (ret != LDB_SUCCESS) {
 				goto fail;
@@ -1157,7 +1157,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
 					    req,
 					    sd,
 					    sid,
-					    guid,
+					    &objectclass->schemaIDGUID,
 					    attr);
 			if (ret != LDB_SUCCESS) {
 				goto fail;
@@ -1166,7 +1166,9 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
 			struct object_tree *root = NULL;
 			struct object_tree *new_node = NULL;
 
-			if (!insert_in_object_tree(tmp_ctx, guid, SEC_ADS_WRITE_PROP,
+			if (!insert_in_object_tree(tmp_ctx,
+						   &objectclass->schemaIDGUID,
+						   SEC_ADS_WRITE_PROP,
 						   &root, &new_node)) {
 				talloc_free(tmp_ctx);
 				return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR,
-- 
2.34.1