1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.core.schema;
21  
22  
23  import junit.framework.TestCase;
24  
25  import javax.naming.NamingException;
26  
27  import org.apache.directory.server.core.entry.DefaultServerAttribute;
28  import org.apache.directory.server.core.entry.DefaultServerEntry;
29  import org.apache.directory.server.core.entry.ServerAttribute;
30  import org.apache.directory.server.core.entry.ServerEntry;
31  import org.apache.directory.server.core.schema.SchemaChecker;
32  import org.apache.directory.server.schema.bootstrap.ApacheSchema;
33  import org.apache.directory.server.schema.bootstrap.BootstrapSchemaLoader;
34  import org.apache.directory.server.schema.bootstrap.CoreSchema;
35  import org.apache.directory.server.schema.bootstrap.Schema;
36  import org.apache.directory.server.schema.bootstrap.SystemSchema;
37  import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
38  import org.apache.directory.server.schema.registries.DefaultOidRegistry;
39  import org.apache.directory.server.schema.registries.DefaultRegistries;
40  import org.apache.directory.server.schema.registries.ObjectClassRegistry;
41  import org.apache.directory.server.schema.registries.OidRegistry;
42  import org.apache.directory.server.schema.registries.Registries;
43  import org.apache.directory.shared.ldap.entry.EntryAttribute;
44  import org.apache.directory.shared.ldap.entry.ModificationOperation;
45  import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
46  import org.apache.directory.shared.ldap.message.ResultCodeEnum;
47  import org.apache.directory.shared.ldap.name.LdapDN;
48  import org.apache.directory.shared.ldap.schema.AttributeType;
49  import org.apache.directory.shared.ldap.util.StringTools;
50  import org.junit.BeforeClass;
51  import org.junit.Test;
52  
53  import java.util.Collections;
54  import java.util.Iterator;
55  import java.util.List;
56  import java.util.Map;
57  import java.util.Set;
58  import java.util.HashSet;
59  
60  
61  /**
62   * Tests to make sure the schema checker is operating correctly.
63   *
64   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
65   * @version $Rev: 690295 $, $Date: 2008-08-29 17:24:22 +0200 (Fr, 29 Aug 2008) $
66   */
67  public class SchemaCheckerTest extends TestCase
68  {
69      static Registries registries;
70  
71  
72      @BeforeClass
73      protected void setUp() throws Exception
74      {
75          BootstrapSchemaLoader loader = new BootstrapSchemaLoader();
76          registries = new DefaultRegistries( "bootstrap", loader, new DefaultOidRegistry() );
77  
78          Set<Schema> schemas = new HashSet<Schema>();
79          schemas.add( new SystemSchema() );
80          schemas.add( new ApacheSchema() );
81          schemas.add( new CoreSchema() );
82          loader.loadWithDependencies( schemas,registries );
83  
84          List<Throwable> errors = registries.checkRefInteg();
85          
86          if ( !errors.isEmpty() )
87          {
88              NamingException e = new NamingException();
89              e.setRootCause( ( Throwable ) errors.get( 0 ) );
90              throw e;
91          }
92      }
93  
94  
95      /**
96       * Test case to check the schema checker operates correctly when modify
97       * operations replace objectClasses.
98       */
99      @Test
100     public void testPreventStructuralClassRemovalOnModifyReplace() throws Exception
101     {
102         LdapDN name = new LdapDN( "uid=akarasulu,ou=users,dc=example,dc=com" );
103         ModificationOperation mod = ModificationOperation.REPLACE_ATTRIBUTE;
104         ServerEntry modifyAttributes = new DefaultServerEntry( registries );
105         AttributeType atCN = registries.getAttributeTypeRegistry().lookup( "cn" );
106         modifyAttributes.put( new DefaultServerAttribute( atCN ) );
107 
108         ObjectClassRegistry ocRegistry = registries.getObjectClassRegistry();
109 
110         // this should pass
111         SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, modifyAttributes );
112 
113         // this should succeed since person is still in replaced set and is structural
114         modifyAttributes.removeAttributes( atCN );
115         AttributeType atOC = registries.getAttributeTypeRegistry().lookup( "objectClass" );
116         EntryAttribute objectClassesReplaced = new DefaultServerAttribute( atOC );
117         objectClassesReplaced.add( "top" );
118         objectClassesReplaced.add( "person" );
119         modifyAttributes.put( objectClassesReplaced );
120         SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, modifyAttributes );
121 
122         // this should fail since only top is left
123         objectClassesReplaced = new DefaultServerAttribute( atOC );
124         objectClassesReplaced.add( "top" );
125         modifyAttributes.put( objectClassesReplaced );
126         try
127         {
128             SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, modifyAttributes );
129             fail( "should never get here due to an LdapSchemaViolationException" );
130         }
131         catch ( LdapSchemaViolationException e )
132         {
133             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
134         }
135 
136         // this should fail since the modify operation tries to delete all
137         // objectClass attribute values
138         modifyAttributes.removeAttributes( "cn" );
139         objectClassesReplaced = new DefaultServerAttribute( atOC );
140         modifyAttributes.put( objectClassesReplaced );
141         try
142         {
143             SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, modifyAttributes );
144             fail( "should never get here due to an LdapSchemaViolationException" );
145         }
146         catch ( LdapSchemaViolationException e )
147         {
148             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
149         }
150     }
151 
152 
153     /**
154      * Test case to check the schema checker operates correctly when modify
155      * operations remove objectClasses.
156      *
157     public void testPreventStructuralClassRemovalOnModifyRemove() throws Exception
158     {
159         LdapDN name = new LdapDN( "uid=akarasulu,ou=users,dc=example,dc=com" );
160         int mod = DirContext.REMOVE_ATTRIBUTE;
161         Attributes modifyAttributes = new AttributesImpl( true );
162         Attribute entryObjectClasses = new AttributeImpl( "objectClass" );
163         entryObjectClasses.add( "top" );
164         entryObjectClasses.add( "person" );
165         entryObjectClasses.add( "organizationalPerson" );
166         modifyAttributes.put( new AttributeImpl( "cn" ) );
167 
168         ObjectClassRegistry ocRegistry = registries.getObjectClassRegistry();
169 
170         // this should pass
171         SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, modifyAttributes,
172             entryObjectClasses );
173 
174         // this should succeed since person is left and is structural
175         modifyAttributes.remove( "cn" );
176         Attribute objectClassesRemoved = new AttributeImpl( "objectClass" );
177         objectClassesRemoved.add( "person" );
178         modifyAttributes.put( objectClassesRemoved );
179         SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, modifyAttributes,
180             entryObjectClasses );
181 
182         // this should fail since only top is left
183         modifyAttributes.remove( "cn" );
184         objectClassesRemoved = new AttributeImpl( "objectClass" );
185         objectClassesRemoved.add( "person" );
186         objectClassesRemoved.add( "organizationalPerson" );
187         modifyAttributes.put( objectClassesRemoved );
188         try
189         {
190             SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, modifyAttributes,
191                 entryObjectClasses );
192             fail( "should never get here due to an LdapSchemaViolationException" );
193         }
194         catch ( LdapSchemaViolationException e )
195         {
196             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
197         }
198 
199         // this should fail since the modify operation tries to delete all
200         // objectClass attribute values
201         modifyAttributes.remove( "cn" );
202         objectClassesRemoved = new AttributeImpl( "objectClass" );
203         modifyAttributes.put( objectClassesRemoved );
204         try
205         {
206             SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, modifyAttributes,
207                 entryObjectClasses );
208             fail( "should never get here due to an LdapSchemaViolationException" );
209         }
210         catch ( LdapSchemaViolationException e )
211         {
212             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
213         }
214     }
215 
216 
217     /**
218      * Test case to check the schema checker operates correctly when modify
219      * operations remove RDN attributes.
220      */
221     @Test
222     public void testPreventRdnChangeOnModifyRemove() throws Exception
223     {
224         ModificationOperation mod = ModificationOperation.REMOVE_ATTRIBUTE;
225         LdapDN name = new LdapDN( "ou=user,dc=example,dc=com" );
226         ServerEntry attributes = new DefaultServerEntry( registries, name );
227         attributes.put( "cn", "does not matter" );
228 
229         // postive test which should pass
230         SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, registries.getOidRegistry() );
231 
232         // test should fail since we are removing the ou attribute
233         AttributeType OU_AT = registries.getAttributeTypeRegistry().lookup( "ou" );
234         attributes.put( new DefaultServerAttribute( "ou", OU_AT ) );
235 
236         try
237         {
238             SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, registries.getOidRegistry() );
239             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
240         }
241         catch ( LdapSchemaViolationException e )
242         {
243             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
244         }
245 
246         // test success using more than one attribute for the Rdn but not modifying rdn attribute
247         name = new LdapDN( "ou=users+cn=system users,dc=example,dc=com" );
248         attributes = new DefaultServerEntry( registries, name );
249         attributes.put( "sn", "does not matter" );
250         SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, registries.getOidRegistry() );
251 
252         // test for failure when modifying Rdn attribute in multi attribute Rdn
253         AttributeType CN_AT = registries.getAttributeTypeRegistry().lookup( "cn" );
254         attributes.put( new DefaultServerAttribute( "cn", CN_AT ) );
255         
256         try
257         {
258             SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, registries.getOidRegistry() );
259             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
260         }
261         catch ( LdapSchemaViolationException e )
262         {
263             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
264         }
265 
266         // should succeed since the value being deleted from the rdn attribute is
267         // is not used when composing the Rdn
268         attributes = new DefaultServerEntry( registries, name );
269         attributes.put( "ou", "container" );
270         SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, registries.getOidRegistry() );
271 
272         // now let's make it fail again just by providing the right value for ou (users)
273         attributes = new DefaultServerEntry( registries, name );
274         attributes.put( "ou", "users" );
275         try
276         {
277             SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, registries.getOidRegistry() );
278             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
279         }
280         catch ( LdapSchemaViolationException e )
281         {
282             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
283         }
284     }
285 
286 
287     /**
288      * Test case to check the schema checker operates correctly when modify
289      * operations replace RDN attributes.
290      */
291     @Test
292     public void testPreventRdnChangeOnModifyReplace() throws Exception
293     {
294         ModificationOperation mod = ModificationOperation.REPLACE_ATTRIBUTE;
295         LdapDN name = new LdapDN( "ou=user,dc=example,dc=com" );
296         ServerEntry attributes = new DefaultServerEntry( registries, name );
297         attributes.put( "cn", "does not matter" );
298 
299         // postive test which should pass
300         SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, registries.getOidRegistry() );
301 
302         // test should fail since we are removing the ou attribute
303         attributes.put( "ou", (String)null );
304         
305         try
306         {
307             SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, registries.getOidRegistry() );
308             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
309         }
310         catch ( LdapSchemaViolationException e )
311         {
312             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
313         }
314 
315         // test success using more than one attribute for the Rdn but not modifying rdn attribute
316         name = new LdapDN( "ou=users+cn=system users,dc=example,dc=com" );
317         attributes = new DefaultServerEntry( registries, name );
318         attributes.put( "sn", "does not matter" );
319         SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, registries.getOidRegistry() );
320 
321         // test for failure when modifying Rdn attribute in multi attribute Rdn
322         attributes.put("cn", (String)null );
323         
324         try
325         {
326             SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, registries.getOidRegistry() );
327             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
328         }
329         catch ( LdapSchemaViolationException e )
330         {
331             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
332         }
333 
334         // should succeed since the values being replaced from the rdn attribute is
335         // is includes the old Rdn attribute value
336         attributes = new DefaultServerEntry( registries, name );
337         attributes.put( "ou", "container" );
338         attributes.put( "ou", "users" );
339         SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, registries.getOidRegistry() );
340 
341         // now let's make it fail by not including the old value for ou (users)
342         attributes = new DefaultServerEntry( registries, name );
343         attributes.put( "ou", "container" );
344         try
345         {
346             SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, registries.getOidRegistry() );
347             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
348         }
349         catch ( LdapSchemaViolationException e )
350         {
351             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
352         }
353     }
354 
355 
356     // ------------------------------------------------------------------------
357     // Single Attribute Test Cases
358     // ------------------------------------------------------------------------
359 
360     /**
361      * Test case to check the schema checker operates correctly when modify
362      * operations replace objectClasses.
363      */
364     @Test
365     public void testPreventStructuralClassRemovalOnModifyReplaceAttribute() throws Exception
366     {
367         ObjectClassRegistry ocRegistry = registries.getObjectClassRegistry();
368         AttributeType OBJECT_CLASS = registries.getAttributeTypeRegistry().lookup( "objectClass" );
369         AttributeType CN_AT = registries.getAttributeTypeRegistry().lookup( "cn" );
370 
371         // this should pass
372         LdapDN name = new LdapDN( "uid=akarasulu,ou=users,dc=example,dc=com" );
373         ModificationOperation mod = ModificationOperation.REPLACE_ATTRIBUTE;
374         SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, new DefaultServerAttribute( "cn", CN_AT ) );
375 
376         // this should succeed since person is still in replaced set and is structural
377         ServerAttribute objectClassesReplaced = new DefaultServerAttribute( "objectClass", OBJECT_CLASS );
378         objectClassesReplaced.add( "top" );
379         objectClassesReplaced.add( "person" );
380         SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, objectClassesReplaced );
381 
382         // this should fail since only top is left
383         objectClassesReplaced = new DefaultServerAttribute( "objectClass", OBJECT_CLASS );
384         objectClassesReplaced.add( "top" );
385         try
386         {
387             SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, objectClassesReplaced );
388             fail( "should never get here due to an LdapSchemaViolationException" );
389         }
390         catch ( LdapSchemaViolationException e )
391         {
392             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
393         }
394 
395         // this should fail since the modify operation tries to delete all
396         // objectClass attribute values
397         objectClassesReplaced = new DefaultServerAttribute( "objectClass", OBJECT_CLASS );
398         try
399         {
400             SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, mod, objectClassesReplaced );
401             fail( "should never get here due to an LdapSchemaViolationException" );
402         }
403         catch ( LdapSchemaViolationException e )
404         {
405             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
406         }
407     }
408 
409 
410     /**
411      * Test case to check the schema checker operates correctly when modify
412      * operations remove objectClasses.
413      */
414     @Test
415     public void testPreventStructuralClassRemovalOnModifyRemoveAttribute() throws Exception
416     {
417         AttributeTypeRegistry atReg = registries.getAttributeTypeRegistry();
418         LdapDN name = new LdapDN( "uid=akarasulu,ou=users,dc=example,dc=com" );
419         ModificationOperation mod = ModificationOperation.REMOVE_ATTRIBUTE;
420         AttributeType ocAt = atReg.lookup( "objectClass" );
421         
422         ServerAttribute entryObjectClasses = new DefaultServerAttribute( "objectClass", ocAt );
423         entryObjectClasses.add( "top", "person", "organizationalPerson" );
424 
425         ObjectClassRegistry ocRegistry = registries.getObjectClassRegistry();
426 
427         // this should pass
428         SchemaChecker.preventStructuralClassRemovalOnModifyRemove( 
429             ocRegistry, 
430             name, 
431             mod, 
432             new DefaultServerAttribute( "cn", atReg.lookup( "cn" ) ),
433             entryObjectClasses );
434 
435         // this should succeed since person is left and is structural
436         ServerAttribute objectClassesRemoved = new DefaultServerAttribute( 
437             "objectClass", ocAt );
438         objectClassesRemoved.add( "person" );
439         SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, objectClassesRemoved,
440             entryObjectClasses );
441 
442         // this should fail since only top is left
443         objectClassesRemoved = new DefaultServerAttribute( "objectClass", ocAt );
444         objectClassesRemoved.add( "person", "organizationalPerson" );
445         
446         try
447         {
448             SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, objectClassesRemoved,
449                 entryObjectClasses );
450             fail( "should never get here due to an LdapSchemaViolationException" );
451         }
452         catch ( LdapSchemaViolationException e )
453         {
454             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
455         }
456 
457         // this should fail since the modify operation tries to delete all
458         // objectClass attribute values
459         objectClassesRemoved = new DefaultServerAttribute( "objectClass", ocAt );
460 
461         try
462         {
463             SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, mod, objectClassesRemoved,
464                 entryObjectClasses );
465             fail( "should never get here due to an LdapSchemaViolationException" );
466         }
467         catch ( LdapSchemaViolationException e )
468         {
469             assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
470         }
471     }
472 
473 
474     /**
475      * Test case to check the schema checker operates correctly when modify
476      * operations remove RDN attributes.
477      */
478     @Test
479     public void testPreventRdnChangeOnModifyRemoveAttribute() throws Exception
480     {
481         OidRegistry registry = new MockOidRegistry();
482         ModificationOperation mod = ModificationOperation.REMOVE_ATTRIBUTE;
483         LdapDN name = new LdapDN( "ou=user,dc=example,dc=com" );
484         AttributeType cnAt = registries.getAttributeTypeRegistry().lookup( "cn" );
485         AttributeType ouAt = registries.getAttributeTypeRegistry().lookup( "ou" );
486         AttributeType snAt = registries.getAttributeTypeRegistry().lookup( "sn" );
487 
488         // postive test which should pass
489         SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, 
490             new DefaultServerAttribute( "cn", cnAt, "does not matter" ), registry );
491 
492         // test should fail since we are removing the ou attribute
493         try
494         {
495             SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, 
496                 new DefaultServerAttribute( "ou", ouAt ), registry );
497             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
498         }
499         catch ( LdapSchemaViolationException e )
500         {
501             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
502         }
503 
504         // test success using more than one attribute for the Rdn but not modifying rdn attribute
505         name = new LdapDN( "ou=users+cn=system users,dc=example,dc=com" );
506         SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, 
507             new DefaultServerAttribute( "sn", snAt, "does not matter" ), registry );
508 
509         // test for failure when modifying Rdn attribute in multi attribute Rdn
510         try
511         {
512             SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, 
513                 new DefaultServerAttribute( "cn", cnAt ), registry );
514             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
515         }
516         catch ( LdapSchemaViolationException e )
517         {
518             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
519         }
520 
521         // should succeed since the value being deleted from the rdn attribute is
522         // is not used when composing the Rdn
523         SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, 
524             new DefaultServerAttribute( "ou", ouAt, "container" ), registry );
525 
526         // now let's make it fail again just by providing the right value for ou (users)
527         try
528         {
529             SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, 
530                 new DefaultServerAttribute( "ou", ouAt, "users" ), registry );
531             fail( "should never get here due to a LdapSchemaViolationException being thrown" );
532         }
533         catch ( LdapSchemaViolationException e )
534         {
535             assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
536         }
537     }
538 
539 
540 //    /**
541 //     * Test case to check the schema checker operates correctly when modify
542 //     * operations replace RDN attributes.
543 //     */
544 //    public void testPreventRdnChangeOnModifyReplaceAttribute() throws Exception
545 //    {
546 //        int mod = DirContext.REPLACE_ATTRIBUTE;
547 //        LdapDN name = new LdapDN( "ou=user,dc=example,dc=com" );
548 //
549 //        // postive test which should pass
550 //        SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, new AttributeImpl( "cn", "does not matter" ), registries.getOidRegistry() );
551 //
552 //        // test should fail since we are removing the ou attribute
553 //        try
554 //        {
555 //            SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, new AttributeImpl( "ou" ), registries.getOidRegistry() );
556 //            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
557 //        }
558 //        catch ( LdapSchemaViolationException e )
559 //        {
560 //            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
561 //        }
562 //
563 //        // test success using more than one attribute for the Rdn but not modifying rdn attribute
564 //        name = new LdapDN( "ou=users+cn=system users,dc=example,dc=com" );
565 //        SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, new AttributeImpl( "sn", "does not matter" ), registries.getOidRegistry() );
566 //
567 //        // test for failure when modifying Rdn attribute in multi attribute Rdn
568 //        try
569 //        {
570 //            SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, new AttributeImpl( "cn" ), registries.getOidRegistry() );
571 //            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
572 //        }
573 //        catch ( LdapSchemaViolationException e )
574 //        {
575 //            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
576 //        }
577 //
578 //        // should succeed since the values being replaced from the rdn attribute is
579 //        // is includes the old Rdn attribute value
580 //        Attribute attribute = new AttributeImpl( "ou" );
581 //        attribute.add( "container" );
582 //        attribute.add( "users" );
583 //        SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attribute, registries.getOidRegistry() );
584 //
585 //        // now let's make it fail by not including the old value for ou (users)
586 //        attribute = new AttributeImpl( "ou" );
587 //        attribute.add( "container" );
588 //        try
589 //        {
590 //            SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attribute, registries.getOidRegistry() );
591 //            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
592 //        }
593 //        catch ( LdapSchemaViolationException e )
594 //        {
595 //            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
596 //        }
597 //    }
598 
599 
600     class MockOidRegistry implements OidRegistry
601     {
602         public String getOid( String name ) throws NamingException
603         {
604             return StringTools.deepTrimToLower( name );
605         }
606 
607         public boolean hasOid( String id )
608         {
609             return true;
610         }
611 
612         public String getPrimaryName( String oid ) throws NamingException
613         {
614             return oid;
615         }
616 
617         public List getNameSet( String oid ) throws NamingException
618         {
619             return Collections.singletonList( oid );
620         }
621 
622         public Iterator list()
623         {
624             return Collections.EMPTY_LIST.iterator();
625         }
626 
627         public void register( String name, String oid )
628         {
629         }
630 
631         public Map getOidByName()
632         {
633             return null;
634         }
635 
636         public Map getNameByOid()
637         {
638             return null;
639         }
640 
641         public void unregister( String numericOid ) throws NamingException
642         {
643         }
644     }
645 }