/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008-2010 Sun Microsystems, Inc.
* Portions copyright 2011 profiq s.r.o.
* Portions Copyright 2014-2015 ForgeRock AS
*/
/**
* Unit test to test Referential Integrity plugin.
*/
@SuppressWarnings("javadoc")
/** Config DNs and attributes. */
"ds-cfg-update-interval";
"ds-cfg-check-references-filter-criteria";
/** Suffixes to use for non-public naming context tests. */
/** Dc=example,dc=com entries. */
/** Test entry to use for rename tests. */
/** Old superior, new superior and new RDN for move tree tests. */
/** DNs to verfiy that the moved tree test worked. */
/** DN to test that the rename test worked. */
"cn=new user.1, ou=People, ou=dept," + testSuffix;
/** Test DNs to add to various groups. */
/** Groups to use for member and uniquemember attributes in dc=example, dc=com suffix. */
/** DN to use for seeAlso attributes. */
/** Same as above but for o=test suffix. */
"cn=special person, ou=Special People," + testSuffix;
/**
* Test that a move to a new superior changes the correct entries under
* the correct suffixes.
*
* @throws Exception If an unexpected result is returned.
*/
@Test
//Add attributes interested in: member, uniquemember, seealso.
//Add suffixes to make referential changes under:
//o=test, and cn=group, ou=unique groups, dc=example, dc=com
//Add DNs to groups and special entries
//Perform the move.
//This group under the suffix all DNs should be moved.
//This group under a suffix all DNs should be moved.
//This group under a suffix all DNs should be moved.
//This group not under a suffix, old entries should exist.
}
/**
* Test that a delete subtree changes the correct entries
* under the correct suffixes.
*
* @throws Exception If an unexpected result is returned.
*/
@Test
// Add attributes interested in: member, uniquemember, seealso.
// Add suffixes to make referential changes under:
// o=test, and cn=group, ou=unique groups, dc=example, dc=com
// Add DNs to groups and special entries
// Check group membership before delete.
// Check values exist as before delete.
// Perform the subtree delete.
// Check that the group cache is updated.
// Check values exist as before delete.
// This entry not managed by RI.
}
/**
* Test that a rename changes the correct entries under
* the correct suffixes.
*
* @throws Exception If an unexpected result is returned.
*/
@Test
//Add attributes interested in: member, uniquemember, seealso.
//Add suffixes to make referential changes under:
//dc=example,dc=com and o=group, ou=unique groups, o=test
//Add DNs to groups and special entry
//Perform rename.
//Verify that the changes were made.
}
/**
* Test a delete using public naming contexts as base DNs.
*
* @throws Exception If an unexpected result is returned.
*/
@Test
}
/**
* Test that delete using public naming context works in both background
* processing (set interval to 1 and wait 2 seconds) and foreground.
* The changes are made without restarting the server.
*
* @throws Exception If an unexpected result happens.
*/
@Test
//Set interval to 1 second, this should start the background thread
//and put the plugin in background mode.
//Wait two seconds and then check the group.
//Change the interval to zero seconds, this should stop the background thread
//Don't wait, the changes should be there.
}
/**
* Test delete using multiple attribute types and public naming contexts.
*
* @throws Exception If an unexpected result happened.
*/
@Test
}
/**
* Check delete with multiple attribute types and multiple suffixes.
*
* @throws Exception If an unexpected result happened.
*/
@Test
}
/**
* Retrieves a set of valid configuration entries that may be used to
* initialize the plugin.
*
* @return An array of config entries.
*
* @throws Exception If an unexpected problem occurs.
*
*/
throws Exception
{
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"ds-cfg-update-interval: 300 seconds",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"ds-cfg-update-interval: 300 seconds",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"ds-cfg-update-interval: 300 seconds",
"",
// check-references, default
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-check-references: false",
"",
// check-references enabled
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"",
// check-references enabled, check-references-filter-criteria set
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"ds-cfg-check-references-filter-criteria: member:(objectclass=person)",
"",
// check-references disabled, check-references-filter-criteria set
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-check-references: false",
"ds-cfg-check-references-filter-criteria: member:(objectclass=person)"
);
{
}
return array;
}
/**
* Tests the process of initializing the server with valid configurations.
*
* @param e The configuration entry to use for the initialization.
*
* @throws Exception If an unexpected problem occurs.
*
*/
throws Exception
{
}
/**
* Retrieves a set of invalid configuration entries that may be used to
* initialize the plugin.
*
* @return An array of config entries.
*
* @throws Exception If an unexpected problem occurs.
*
*/
throws Exception
{
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: cn",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: sn",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: preOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: baddn",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"ds-cfg-update-interval: -5 seconds",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: notanattribute",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"ds-cfg-update-interval: 300 seconds",
"",
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-attribute-type: member",
"ds-cfg-attribute-type: uniqueMember",
"ds-cfg-attribute-type: seeAlso",
"ds-cfg-base-dn: ou=people, dc=example,dc=com",
"ds-cfg-base-dn: ou=dept, dc=example,dc=com",
"ds-cfg-base-dn: ou=people, o=test",
"ds-cfg-update-interval: 300 seconds",
"",
// check-references bad value
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: bad",
"ds-cfg-check-references-filter-criteria: member:(objectclass=person)",
"",
// check-references enabled, attrbute not on the list
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"ds-cfg-check-references-filter-criteria: manager:(objectclass=person)",
"",
// check-references true, bad filter
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"ds-cfg-check-references-filter-criteria: member:bad",
"",
// check-references true, attr-filt bad format
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"ds-cfg-check-references-filter-criteria: bad",
"",
// check-references true, no filter
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"ds-cfg-check-references-filter-criteria: member:",
"",
// check-references true, null:null
"dn: cn=Referential Integrity,cn=Plugins,cn=config",
"objectClass: top",
"objectClass: ds-cfg-plugin",
"objectClass: ds-cfg-referential-integrity-plugin",
"cn: Referential Integrity",
"ds-cfg-java-class: org.opends.server.plugins.ReferentialIntegrityPlugin",
"ds-cfg-enabled: true",
"ds-cfg-plugin-type: postOperationDelete",
"ds-cfg-plugin-type: postOperationModifyDN",
"ds-cfg-plugin-type: subordinateModifyDN",
"ds-cfg-plugin-type: preOperationAdd",
"ds-cfg-plugin-type: preOperationModify",
"ds-cfg-attribute-type: member",
"ds-cfg-base-dn: o=test",
"ds-cfg-base-dn: dc=example, dc=com",
"ds-cfg-check-references: true",
"ds-cfg-check-references-filter-criteria: :"
);
{
}
return array;
}
/**
* Tests the process of initializing the server with inValid configurations.
*
* @param e The configuration entry to use for the initialization.
*
* @throws Exception If an unexpected problem occurs.
*
*/
expectedExceptions = { ConfigException.class })
throws Exception
{
}
/**
* Ensures that the Directory Server is running.
*
* @throws Exception If an unexpected problem occurs.
*/
{
}
/**
* Clears configuration information before each method run and re-adds
* entries.
*
* @throws Exception If an unexpected problem occurs.
*/
//Hopefully put an attribute type there that won't impact the rest of the
//unit tests.
addTestEntries("o=test");
addTestEntries("dc=example,dc=com");
}
/**
* Clears things up after the unit test is completed.
*
* @throws Exception If an unexpected problem occurs.
*
*/
//Hopefully put an attribute type there that won't impact the rest of the
//unit tests.
}
/**
* Create entries under the specified suffix and add them to the server.
* The character argument is used to make the mail attribute unique.
*
* @param suffix The suffix to use in building the entries.
*
* @throws Exception If a problem occurs.
*
*/
"dn: ou=dept," + suffix,
"objectClass: top",
"objectClass: organizationalUnit",
"ou: dept",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: ou=moved dept," + suffix,
"objectClass: top",
"objectClass: organizationalUnit",
"ou: moved dept",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: ou=groups," + suffix,
"objectClass: top",
"objectClass: organizationalUnit",
"ou: groups",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: ou=unique Groups," + suffix,
"objectClass: top",
"objectClass: organizationalUnit",
"ou: unique Groups",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: ou=People, ou=dept," + suffix,
"objectClass: top",
"objectClass: organizationalUnit",
"ou: People",
"",
"dn: ou=Special People," + suffix,
"objectClass: top",
"objectClass: organizationalUnit",
"ou: Special People",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: cn=special person, ou=Special People," + suffix,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 1",
"givenName: User",
"sn: 1",
"cn: special person",
"userPassword: password",
"mail: user1" +"@test",
"employeeNumber: 1",
"mobile: 1-111-1234",
"pager: 1-111-5678",
"description: Use for seeAlso attribute",
"",
"dn: cn=group, ou=groups," + suffix,
"objectClass: top",
"objectClass: groupOfNames",
"cn: group",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: cn=group, ou=unique groups," + suffix,
"objectClass: top",
"objectClass: groupOfUniqueNames",
"cn: group",
"aci: (targetattr= \"*\")" +
"(version 3.0; acl \"allow all\";" +
"allow(all) userdn=\"ldap:///anyone\";)",
"",
"dn: uid=user.1, ou=People, ou=dept," + suffix,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 1",
"givenName: User",
"sn: 1",
"cn: User 1",
"userPassword: password",
"mail: user1" +"@test",
"employeeNumber: 1",
"mobile: 1-111-1234",
"pager: 1-111-5678",
"telephoneNumber: 1-111-9012",
"",
"dn: uid=user.2, ou=People, ou=dept," + suffix,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 2",
"givenName: User",
"sn: 2",
"cn: User 2",
"mail: user2" + "@test",
"userPassword: password",
"employeeNumber: 2",
"mobile: 1-222-1234",
"pager: 1-222-5678",
"telephoneNumber: 1-222-9012",
"",
"dn: uid=user.3, ou=People, ou=dept," + suffix,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 3",
"givenName: User",
"sn: 3",
"cn: User 3",
"mail: user3" + "@test",
"userPassword: password",
"employeeNumber: 3",
"mobile: 1-333-1234",
"pager: 1-333-5678",
"telephoneNumber: 1-333-9012",
"",
"dn: uid=user.4, ou=People, ou=dept," + suffix,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 4",
"givenName: User",
"sn: 4",
"cn: User 4",
"mail: user4" + "@test",
"userPassword: password",
"employeeNumber: 4",
"mobile: 1-444-1234",
"pager: 1-444-5678",
"telephoneNumber: 1-444-9012",
"",
"dn: uid=user.5, ou=People, ou=dept," + suffix,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 5",
"givenName: User",
"sn: 5",
"cn: User 5",
"mail: user5" + "@test",
"userPassword: password",
"employeeNumber: 5",
"mobile: 1-555-1234",
"pager: 1-555-5678",
"telephoneNumber: 1-555-9012"
);
}
/**
* Add specified attr type and type values to the entry specified by dn.
*
* @param dn The dn of the entry to add the attribute and values to.
* @param attrName The attribute type to add the values to.
* @param attrValStrings The values to add to the entry.
*/
private ModifyOperation
}
/**
* Replace specified attr type and type values to the entry specified by dn.
*
* @param dn The dn of the entry to replace the attribute and values to.
* @param attrName The attribute type to replace the values in.
* @param attrValStrings The values to replace in the the entry.
*/
}
/**
* Remove the attributes specified by the attribute type strings from the
* entry corresponding to the dn argument.
*
* @param dn The entry to remove the attributes from.
* @param attrTypeStrings The attribute type string list to remove from the entry.
* @throws Exception If an error occurs.
*/
private void
}
}
}
}
}
{
{
}
}
/**
* Check membership in a static group of the specified dns. The expected
* boolean is used to check if the dns are expected or not expected in the
* groups.
*
* @param group The group to check membership in.
*
* @param expected Set to <code>true</code> if the dns are expected in the
* groups.
*
* @param dns The dns to check membership for.
*
* @throws Exception If an unexpected membership occurs.
*
*/
{
}
}
throws Exception {
final SearchRequest request = newSearchRequest(entryDN, SearchScope.BASE_OBJECT, "(" + attr + "=*)");
}
}
}
/**
* Add the entries created using the specified DNs to the server.
*
* @param dns The dns to use in entry creation.
*
* @throws Exception If an unexpected result happens.
*
*/
}
}
/**
* Make a entry with the specified dn.
*
* @param dn The dn of the entry.
* @return The created entry.
* @throws Exception If the entry can't be created.
*/
return TestCaseUtils.addEntry(
"dn: " + dn,
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"uid: 1",
"givenName: test",
"sn: 1",
"cn: test"
);
}
/**
* Perform modify DN operation.
*
* @param dn The DN to rename or move.
* @param rdn RDN value.
* @param newSuperior New superior to move to.
* @throws Exception If the operation can't be performed.
*/
{
if(newSuperior != null)
{
}
else
{
false, null);
}
}
/**
* Test case:
* - integrity is enforced on the attribute 'manager'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a user 'manager' to the 'dc=example,dc=com'
* - add a user 'employee' with the attribute manager which points to the
* entry 'manager'
* - SUCCESS
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=person)");
addEntry("uid=manager,ou=people,ou=dept,o=test");
"dn: uid=employee,ou=people,ou=dept,dc=example,dc=com",
"objectclass: top",
"objectclass: person",
"objectclass: organizationalperson",
"objectclass: inetorgperson",
"uid: employee",
"cn: employee",
"sn: employee",
"givenname: employee",
"manager: uid=manager,ou=people,ou=dept,o=test");
}
/**
* Test case:
* - integrity is enforced on the attribute 'manager'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a user 'manager' to the 'dc=example,dc=com'
* - add a user 'employee' with the attribute manager which points to the
* entry 'manager'
* - SUCCESS
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=person)");
addEntry("uid=manager,ou=people,ou=dept,dc=example,dc=com");
"dn: uid=employee,ou=people,ou=dept,dc=example,dc=com",
"objectclass: top",
"objectclass: person",
"objectclass: organizationalperson",
"objectclass: inetorgperson",
"uid: employee",
"cn: employee",
"sn: employee",
"givenname: employee",
"manager: uid=manager,ou=people,ou=dept,dc=example,dc=com");
}
/**
* Test case:
* - integrity is enforced on the attribute 'manager'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a user 'employee' with the attribute manager which points to the
* entry 'manager' which doesn't exist
* - CONSTRAINT VIOLATION
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=person)");
"dn: uid=employee,ou=people,ou=dept,dc=example,dc=com",
"objectclass: top",
"objectclass: person",
"objectclass: organizationalperson",
"objectclass: inetorgperson",
"uid: employee",
"cn: employee",
"sn: employee",
"givenname: employee",
"manager: uid=bad,ou=people,ou=dept,dc=example,dc=com");
}
/**
* Test case:
* - integrity is enforced on the attribute 'manager'
* - value of the 'manager' attribute should match the filter:
* (objectclass=groupOfNames)
* - add a user 'manager' with the object class 'person' to the
* 'dc=example,dc=com'
* - add a user 'employee' with the attribute manager which points to the
* entry 'manager'
* - CONSTRAINT VIOLATION
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=gropuOfNames)");
addEntry("uid=manager,ou=people,ou=dept,dc=example,dc=com");
"dn: uid=employee,ou=people,ou=dept,dc=example,dc=com",
"objectclass: top",
"objectclass: person",
"objectclass: organizationalperson",
"objectclass: inetorgperson",
"uid: employee",
"cn: employee",
"sn: employee",
"givenname: employee",
"manager: uid=manager,ou=people,ou=dept,dc=example,dc=com");
}
/**
* Test case:
* - integrity is enforced on the attribute 'manager'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a user 'manager' to the 'o=test'
* - add a user 'employee' with the attribute manager which points to the
* entry 'manager'
* - SUCCESS
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"dc=example,dc=com",
"o=test");
"manager:(objectclass=person)");
addEntry("uid=manager,ou=people,ou=dept,o=test");
"dn: uid=employee,ou=people,ou=dept,dc=example,dc=com",
"objectclass: top",
"objectclass: person",
"objectclass: organizationalperson",
"objectclass: inetorgperson",
"uid: employee",
"cn: employee",
"sn: employee",
"givenname: employee",
"manager: uid=manager,ou=people,ou=dept,o=test");
}
/**
* Test case:
* - integrity is enforced on the attribute 'member'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a group 'referent group' to the 'dc=example,dc=com' with the
* 'member' attribute pointing to the existing user entries
* - SUCCESS
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"member:(objectclass=person)");
"dn: cn=referent group,ou=groups,dc=example,dc=com",
"objectclass: top",
"objectclass: groupofnames",
"cn: refetent group",
"member: uid=user.1,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.2,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.3,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.4,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.5,ou=people,ou=dept,dc=example,dc=com"
);
}
/**
* Test case:
* - integrity is enforced on the attribute 'member'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a group 'referent group' to the 'dc=example,dc=com' with the
* 'member' attribute pointing to the existing user entries and one missing
* - CONSTRAINT VIOLATION
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"member:(objectclass=person)");
"dn: cn=referent group,ou=groups,dc=example,dc=com",
"objectclass: top",
"objectclass: groupofnames",
"cn: refetent group",
"member: uid=user.1,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.2,ou=people,ou=dept,dc=example,dc=com",
"member: uid=bad,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.4,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.5,ou=people,ou=dept,dc=example,dc=com"
);
}
/**
* Test case:
* - integrity is enforced on the attribute 'member'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a group 'referent group' to the 'dc=example,dc=com' with the
* 'member' attribute pointing to the existing user entries and one entry
* being of object class groupOfNames
* - CONSTRAINT VIOLATION
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"member:(objectclass=person)");
"dn: cn=referent group,ou=groups,dc=example,dc=com",
"objectclass: top",
"objectclass: groupofnames",
"cn: refetent group",
"member: uid=user.1,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.2,ou=people,ou=dept,dc=example,dc=com",
"member: cn=group,ou=groups,dc=example,dc=com",
"member: uid=user.4,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.5,ou=people,ou=dept,dc=example,dc=com"
);
}
/**
* Test case:
* - integrity is enforced on the attribute 'member'
* - value of the 'manager' attribute should match the filter:
* (objectclass=person)
* - add a group 'referent group' to the 'dc=example,dc=com' with the
* 'member' attribute pointing to the existing user entries with one memeber
* belonging to 'o=test' naming context
* - SUCCESS
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"dc=example,dc=com",
"o=test");
"member:(objectclass=person)");
"dn: cn=referent group,ou=groups,dc=example,dc=com",
"objectclass: top",
"objectclass: groupofnames",
"cn: refetent group",
"member: uid=user.1,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.2,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.3,ou=people,ou=dept,o=test",
"member: uid=user.4,ou=people,ou=dept,dc=example,dc=com",
"member: uid=user.5,ou=people,ou=dept,dc=example,dc=com"
);
}
/**
* Test case:
* - employee entry exists
* - manager entry exists
* - add 'manager' attribute to the manager entry
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=person)");
addEntry("uid=manager,ou=people,ou=dept,dc=example,dc=com");
"manager", "uid=manager,ou=people,ou=dept,dc=example,dc=com");
}
/**
* Test case:
* - employee entry exists with 'manager' attribute pointing to the
* manager entry
* - manager entry exists
* - user.2 entry exists
* - modify 'manager' attribute to the 'user.2' entry
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=person)");
addEntry("uid=manager,ou=people,ou=dept,dc=example,dc=com");
"manager", "uid=manager,ou=people,ou=dept,dc=example,dc=com");
"manager", user2);
}
/**
* Test case:
* - filter is set to posixAccount
* - employee entry exists
* - manager entry exists with objectclass person
* - add 'manager' attribute to the manager entry
* - constraint violation
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=posixAccount)");
addEntry("uid=manager,ou=people,ou=dept,dc=example,dc=com");
"manager", "uid=manager,ou=people,ou=dept,dc=example,dc=com");
}
/**
* Test case:
* - employee entry exists in dc=example,dc=com
* - manager entry exists in o=other
* - add 'manager' attribute to the employee poiting to the manager
* entry
* - SUCCESS
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"dc=example,dc=com",
"o=test");
"manager:(objectclass=person)");
addEntry("uid=manager,ou=people,ou=dept,o=test");
"manager", "uid=manager,ou=people,ou=dept,o=test");
}
/**
* Test case:
* - employee entry exists
* - manager entry does not exist
* - add 'manager' attribute to the employee
* - constraint violation
* @throws Exception
*/
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"manager:(objectclass=person)");
"manager", "uid=manager,ou=people,ou=dept,dc=example,dc=com");
}
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"member:(objectclass=person)");
"member",
user1);
}
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"member:(objectclass=person)");
"member", "uid=user.100,ou=people,ou=dept,dc=example,dc=com");
}
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"member:(objectclass=posixaccount)");
"member", "uid=user.100,ou=people,ou=dept,dc=example,dc=com");
}
@Test
{
"postoperationdelete",
"postoperationmodifydn",
"subordinatemodifydn",
"subordinatedelete",
"preoperationadd",
"preoperationmodify");
"dc=example,dc=com",
"o=test");
"member:(objectclass=person)");
"member", "uid=user.1,ou=people,ou=dept,o=test");
}
}