1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.core.authz.support;
21
22
23 import java.util.ArrayList;
24 import java.util.Collection;
25 import java.util.Collections;
26 import java.util.HashSet;
27 import java.util.Set;
28
29 import javax.naming.NamingException;
30
31
32 import org.apache.directory.server.core.DefaultDirectoryService;
33 import org.apache.directory.server.core.DirectoryService;
34 import org.apache.directory.server.core.authz.support.MaxValueCountFilter;
35 import org.apache.directory.server.core.authz.support.OperationScope;
36 import org.apache.directory.server.core.entry.DefaultServerEntry;
37 import org.apache.directory.server.core.entry.ServerEntry;
38 import org.apache.directory.shared.ldap.aci.ACITuple;
39 import org.apache.directory.shared.ldap.aci.MicroOperation;
40 import org.apache.directory.shared.ldap.aci.ProtectedItem;
41 import org.apache.directory.shared.ldap.aci.UserClass;
42 import org.apache.directory.shared.ldap.aci.ProtectedItem.MaxValueCountItem;
43 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
44 import org.apache.directory.shared.ldap.name.LdapDN;
45 import org.junit.Before;
46 import org.junit.BeforeClass;
47 import org.junit.Test;
48
49 import static org.junit.Assert.assertEquals;
50
51
52
53
54
55
56
57
58 public class MaxValueCountFilterTest
59 {
60 private static final Collection<ACITuple> EMPTY_ACI_TUPLE_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ACITuple>() );
61 private static final Collection<UserClass> EMPTY_USER_CLASS_COLLECTION = Collections.unmodifiableCollection( new ArrayList<UserClass>() );
62 private static final Collection<ProtectedItem> EMPTY_PROTECTED_ITEM_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>() );
63
64 private static final Set<MicroOperation> EMPTY_MICRO_OPERATION_SET = Collections.unmodifiableSet( new HashSet<MicroOperation>() );
65
66 private static final Collection<ProtectedItem> PROTECTED_ITEMS = new ArrayList<ProtectedItem>();
67 private static ServerEntry ENTRY;
68 private static ServerEntry FULL_ENTRY;
69
70 static
71 {
72 Collection<MaxValueCountItem> mvcItems = new ArrayList<MaxValueCountItem>();
73 mvcItems.add( new MaxValueCountItem( "cn", 2 ) );
74 PROTECTED_ITEMS.add( new ProtectedItem.MaxValueCount( mvcItems ) );
75 }
76
77
78
79 private static DirectoryService service;
80
81
82 @BeforeClass public static void init() throws NamingException
83 {
84 service = new DefaultDirectoryService();
85 }
86
87 @Before public void setup() throws NamingException
88 {
89 LdapDN entryName = new LdapDN( "ou=test, ou=system" );
90 ENTRY = new DefaultServerEntry( service.getRegistries(), entryName );
91 FULL_ENTRY = new DefaultServerEntry( service.getRegistries(), entryName );
92
93 ENTRY.put( "cn", "1" );
94 FULL_ENTRY.put( "cn", "1", "2", "3" );
95 }
96
97
98 @Test public void testWrongScope() throws Exception
99 {
100 MaxValueCountFilter filter = new MaxValueCountFilter();
101 Collection<ACITuple> tuples = new ArrayList<ACITuple>();
102 tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION,
103 EMPTY_MICRO_OPERATION_SET, true, 0 ) );
104
105 tuples = Collections.unmodifiableCollection( tuples );
106
107 assertEquals( tuples, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE, null, null, null, null,
108 null, null, null, null, null, null, null ) );
109
110 assertEquals( tuples, filter.filter( null, tuples, OperationScope.ENTRY, null, null, null, null, null, null,
111 null, null, null, null, null ) );
112 }
113
114
115 @Test public void testZeroTuple() throws Exception
116 {
117 MaxValueCountFilter filter = new MaxValueCountFilter();
118
119 assertEquals( 0, filter.filter( null, EMPTY_ACI_TUPLE_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE,
120 null, null, null, null, null, null, null, null, null, null, null ).size() );
121 }
122
123
124 @Test public void testDenialTuple() throws Exception
125 {
126 MaxValueCountFilter filter = new MaxValueCountFilter();
127 Collection<ACITuple> tuples = new ArrayList<ACITuple>();
128 tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS,
129 EMPTY_MICRO_OPERATION_SET, false, 0 ) );
130
131 tuples = Collections.unmodifiableCollection( tuples );
132
133 assertEquals( tuples, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
134 null, null, null, "cn", null, ENTRY, null, null ) );
135 assertEquals( tuples, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
136 null, null, null, "cn", null, FULL_ENTRY, null, null ) );
137 }
138
139
140 @Test public void testGrantTuple() throws Exception
141 {
142 MaxValueCountFilter filter = new MaxValueCountFilter();
143 Collection<ACITuple> tuples = new ArrayList<ACITuple>();
144
145
146
147 tuples.add( new ACITuple(
148 EMPTY_USER_CLASS_COLLECTION,
149 AuthenticationLevel.NONE,
150 PROTECTED_ITEMS,
151 EMPTY_MICRO_OPERATION_SET,
152 true,
153 0 ) );
154
155 assertEquals( 1, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
156 null, null, "cn", null, ENTRY, null, ENTRY ).size() );
157
158 assertEquals( 0, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
159 null, null, "cn", null, FULL_ENTRY, null, FULL_ENTRY ).size() );
160 }
161 }