1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.core.authz;
21
22
23 import org.apache.directory.server.core.DirectoryService;
24 import static org.apache.directory.server.core.authz.AutzIntegUtils.createAccessControlSubentry;
25 import org.apache.directory.server.core.integ.CiRunner;
26 import org.apache.directory.server.core.integ.annotations.Factory;
27 import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeValueException;
28 import org.apache.directory.shared.ldap.message.ResultCodeEnum;
29 import static org.junit.Assert.assertEquals;
30 import static org.junit.Assert.fail;
31 import org.junit.Test;
32 import org.junit.runner.RunWith;
33
34 import javax.naming.NamingException;
35
36
37
38
39
40
41
42
43 @RunWith ( CiRunner.class )
44 @Factory ( AutzIntegUtils.ServiceFactory.class )
45 public class GeneralAuthorizationIT
46 {
47 public static DirectoryService service;
48
49
50
51
52
53
54
55
56 @Test
57 public void testFailureToAddBadACI() throws Exception
58 {
59
60 try
61 {
62 createAccessControlSubentry( "anybodyAdd", "{ " + "identificationTag \"addAci\", " + "precedence 14, "
63 + "authenticationLevel none, " + "itemOrUserFirst userFirst: { " + "userClasses { allUsers }, "
64 + "userPermissions { { " + "protectedItems {entry, allUserAttributeTypesAndValues}, "
65 + "grantsAndDenials { grantAdd, grantBrowse } } }" );
66 fail( "should never get here due to failure to add bad ACIItem" );
67 }
68 catch( LdapInvalidAttributeValueException e )
69 {
70 assertEquals( ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, e.getResultCode() );
71 }
72 }
73 }