1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.core.authz.support;
21  
22  
23  import java.util.ArrayList;
24  import java.util.Collection;
25  import java.util.Collections;
26  import java.util.HashSet;
27  import java.util.Set;
28  
29  import javax.naming.NamingException;
30  
31  
32  import org.apache.directory.server.core.DefaultDirectoryService;
33  import org.apache.directory.server.core.DirectoryService;
34  import org.apache.directory.server.core.authz.support.MaxValueCountFilter;
35  import org.apache.directory.server.core.authz.support.OperationScope;
36  import org.apache.directory.server.core.entry.DefaultServerEntry;
37  import org.apache.directory.server.core.entry.ServerEntry;
38  import org.apache.directory.shared.ldap.aci.ACITuple;
39  import org.apache.directory.shared.ldap.aci.MicroOperation;
40  import org.apache.directory.shared.ldap.aci.ProtectedItem;
41  import org.apache.directory.shared.ldap.aci.UserClass;
42  import org.apache.directory.shared.ldap.aci.ProtectedItem.MaxValueCountItem;
43  import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
44  import org.apache.directory.shared.ldap.name.LdapDN;
45  import org.junit.Before;
46  import org.junit.BeforeClass;
47  import org.junit.Test;
48  
49  import static org.junit.Assert.assertEquals;
50  
51  
52  /**
53   * Tests {@link MaxValueCountFilter}.
54   *
55   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
56   * @version $Rev: 638228 $, $Date: 2008-03-18 07:12:41 +0100 (Di, 18 Mär 2008) $
57   */
58  public class MaxValueCountFilterTest
59  {
60      private static final Collection<ACITuple> EMPTY_ACI_TUPLE_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ACITuple>() );
61      private static final Collection<UserClass> EMPTY_USER_CLASS_COLLECTION = Collections.unmodifiableCollection( new ArrayList<UserClass>() );
62      private static final Collection<ProtectedItem> EMPTY_PROTECTED_ITEM_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>() );
63  
64      private static final Set<MicroOperation> EMPTY_MICRO_OPERATION_SET = Collections.unmodifiableSet( new HashSet<MicroOperation>() );
65  
66      private static final Collection<ProtectedItem> PROTECTED_ITEMS = new ArrayList<ProtectedItem>();
67      private static ServerEntry ENTRY;
68      private static ServerEntry FULL_ENTRY;
69  
70      static
71      {
72          Collection<MaxValueCountItem> mvcItems = new ArrayList<MaxValueCountItem>();
73          mvcItems.add( new MaxValueCountItem( "cn", 2 ) );
74          PROTECTED_ITEMS.add( new ProtectedItem.MaxValueCount( mvcItems ) );
75      }
76  
77  
78      /** A reference to the directory service */
79      private static DirectoryService service;
80  
81      
82      @BeforeClass public static void init() throws NamingException
83      {
84          service = new DefaultDirectoryService();
85      }
86      
87      @Before public void setup() throws NamingException
88      {
89          LdapDN entryName = new LdapDN( "ou=test, ou=system" );
90          ENTRY = new DefaultServerEntry( service.getRegistries(), entryName );
91          FULL_ENTRY = new DefaultServerEntry( service.getRegistries(), entryName );
92          
93          ENTRY.put( "cn", "1" );
94          FULL_ENTRY.put( "cn", "1", "2", "3" );
95      }
96  
97  
98      @Test public void testWrongScope() throws Exception
99      {
100         MaxValueCountFilter filter = new MaxValueCountFilter();
101         Collection<ACITuple> tuples = new ArrayList<ACITuple>();
102         tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, 
103             EMPTY_MICRO_OPERATION_SET, true, 0 ) );
104 
105         tuples = Collections.unmodifiableCollection( tuples );
106 
107         assertEquals( tuples, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE, null, null, null, null,
108             null, null, null, null, null, null, null ) );
109 
110         assertEquals( tuples, filter.filter( null, tuples, OperationScope.ENTRY, null, null, null, null, null, null,
111             null, null, null, null, null ) );
112     }
113 
114 
115     @Test public void testZeroTuple() throws Exception
116     {
117         MaxValueCountFilter filter = new MaxValueCountFilter();
118 
119         assertEquals( 0, filter.filter( null, EMPTY_ACI_TUPLE_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, 
120             null, null, null, null, null, null, null, null, null, null, null ).size() );
121     }
122 
123 
124     @Test public void testDenialTuple() throws Exception
125     {
126         MaxValueCountFilter filter = new MaxValueCountFilter();
127         Collection<ACITuple> tuples = new ArrayList<ACITuple>();
128         tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS, 
129             EMPTY_MICRO_OPERATION_SET, false, 0 ) );
130 
131         tuples = Collections.unmodifiableCollection( tuples );
132 
133         assertEquals( tuples, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
134             null, null, null, "cn", null, ENTRY, null, null ) );
135         assertEquals( tuples, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
136             null, null, null, "cn", null, FULL_ENTRY, null, null ) );
137     }
138 
139 
140     @Test public void testGrantTuple() throws Exception
141     {
142         MaxValueCountFilter filter = new MaxValueCountFilter();
143         Collection<ACITuple> tuples = new ArrayList<ACITuple>();
144         
145         // Test with this ACI :
146         // 
147         tuples.add( new ACITuple( 
148             EMPTY_USER_CLASS_COLLECTION, 
149             AuthenticationLevel.NONE, 
150             PROTECTED_ITEMS, 
151             EMPTY_MICRO_OPERATION_SET, 
152             true, 
153             0 ) );
154 
155         assertEquals( 1, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
156             null, null, "cn", null, ENTRY, null, ENTRY ).size() );
157 
158         assertEquals( 0, filter.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
159             null, null, "cn", null, FULL_ENTRY, null, FULL_ENTRY ).size() );
160     }
161 }