TargetAttrTestCase.java revision 040cba63ba4af5bed76846f0edb63c853b009da9
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008-2009 Sun Microsystems, Inc.
* Portions Copyright 2012-2015 ForgeRock AS
*/
@SuppressWarnings("javadoc")
public class TargetAttrTestCase extends AciTestCase {
private static final
"(version 3.0; acl \"user attr URL example\"; " +
"allow (search,read) " +
"userattr=\"ldap:///ou=People,o=test?manager#GROUPDN\";)";
private static final
"(version 3.0; acl \"user attr1 URL example\"; " +
"allow (search,read) " +
"userattr=\"ldap:///ou=People1,o=test?manager#GROUPDN\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
private static final
"allow (search, read) " +
"userattr!=\"l#New York\";)";
private static final
"allow (search, read) " +
"userattr!=\"l#New York\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
private static final
"allow (search, read) " +
"userattr!=\"l#New York\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
private static final
"allow (search, read) " +
"userattr=\"l#Austin\";)";
public void setupClass() throws Exception {
addEntries("o=test");
}
/**
* Test targetattr behavior using userattr bind rule.
*
* @throws Exception If a test result is unexpected.
*/
@Test
public void testTargetAttrUserAttr() throws Exception {
}
/**
* Test targetattr and operational attribute behavior. See comments.
*
* @throws Exception If a test result is unexpected.
*/
@Test
public void testTargetAttrOpAttr() throws Exception {
//The aci attribute type is operational, it should not be there.
//The other two should be there.
//Add aci that allows both non-operational attributes and the operational
//All three attributes should be there.
// Only operational attribute aci should be there, the other two should not.
}
/**
* Test targetattr shorthand behavior, all attrs both user and operational.
* See comments.
*
* @throws Exception If a test result is unexpected.
*/
@Test
public void testTargetAttrAllAttr() throws Exception {
//Add aci with: (targetattr = "+ || *")
//All should be returned.
}
/**
* Test targetattr shorthand behavior, userattr and plus sign (all op attrs).
* See comments.
*
* @throws Exception If a test result is unexpected.
*/
@Test
public void testTargetAttrOpPlusAttr() throws Exception {
//Add aci with: (targetattr = "objectclass|| +")
//Only aci should be returned.
}
/**
* Test targetattr shorthand behavior, star (all user attr) or aci attr.
* See comments.
*
* @throws Exception If a test result is unexpected.
*/
@Test
public void testTargetAttrUserStarAttr() throws Exception {
//Add aci with: (targetattr = "*|| aci")
//All should be returned.
}
/**
* Test targetattr shorthand behavior using '+' in expression and an
* operational attribute in the filter. The second test is two ACIs one
* with targetattr='+' and the other with targetattr='*'.
*
* @throws Exception If test result is unexpected.
*/
@Test
public void testTargetAttrSrchShorthand() throws Exception {
//Aci: (targetattrs="sn || uid || +) and search with an
//operational attr (aci).
//All should be returned.
//Add two ACIs, one with '+' and the other with '*'.
//All should be returned.
//Add two ACIs, one with '+' and the other with '*'.
//Only non-operation should be returned.
}
/**
* Test two scenarios with userattr LDAP URL and groupdn keyword.
*
* @throws Exception Exception If test result is unexpected.
*/
@Test
public void testTargetAttrGrpDN() throws Exception {
//This search should return nothing since the URL has a bogus DN.
}
private void
}
/** New tests to really unit test the isApplicable method. */
return new Object[][] {
/*
* 4 elements:
* Operator ( = or !=),
* TartgetAttr Attributes list,
* Attribute to eval,
* Expected result
*/
{ "=", "cn", "cn", true },
{ "=", "cn || sn", "cn", true },
{ "=", "cn || sn", "sn", true },
{ "=", "cn", "sn", false },
{ "=", "*", "cn", true },
{ "=", "*", "modifytimestamp", false },
{ "=", "+", "modifytimestamp", true },
{ "=", "+", "cn", false },
{ "=", "* || +", "cn", true }, // Always true
{ "=", "* || +", "modifytimestamp", true }, // Always true
{ "=", "+ || *", "foo", true }, // Always true
{ "=", "* || +", "foo", true }, // Always true
{ "!=", "cn", "cn", false },
{ "!=", "cn || sn", "cn", false },
{ "!=", "cn || sn", "sn", false },
{ "!=", "cn", "sn", true }, // Not eq user attr
{ "!=", "cn || sn", "description", true }, // Not eq user attr
{ "!=", "cn || sn", "modifytimestamp", false }, // Not eq op attr
{ "!=", "aci", "cn", false },
{ "!=", "aci", "modifytimestamp", true },
};
}
{
}
}
}