1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.ldap.server.authz.support;
20
21 import java.util.ArrayList;
22 import java.util.Collection;
23 import java.util.Collections;
24 import java.util.HashSet;
25 import java.util.Set;
26
27 import javax.naming.Name;
28 import javax.naming.NamingException;
29 import javax.naming.directory.Attributes;
30 import javax.naming.directory.BasicAttribute;
31 import javax.naming.directory.BasicAttributes;
32
33 import junit.framework.Assert;
34 import junit.framework.TestCase;
35
36 import org.apache.ldap.common.aci.ACITuple;
37 import org.apache.ldap.common.aci.AuthenticationLevel;
38 import org.apache.ldap.common.aci.ProtectedItem;
39 import org.apache.ldap.common.aci.ProtectedItem.MaxValueCountItem;
40 import org.apache.ldap.common.aci.ProtectedItem.RestrictedByItem;
41 import org.apache.ldap.common.filter.PresenceNode;
42 import org.apache.ldap.common.name.LdapName;
43 import org.apache.ldap.server.event.ExpressionEvaluator;
44 import org.apache.ldap.server.schema.AttributeTypeRegistry;
45 import org.apache.ldap.server.schema.OidRegistry;
46 import org.apache.ldap.server.subtree.RefinementEvaluator;
47 import org.apache.ldap.server.subtree.RefinementLeafEvaluator;
48
49 /***
50 * Tests {@link RelatedUserClassFilter}.
51 *
52 * @author The Apache Directory Project
53 * @version $Rev: 321002 $, $Date: 2005-10-14 00:52:52 -0400 (Fri, 14 Oct 2005) $
54 */
55 public class RelatedProtectedItemFilterTest extends TestCase
56 {
57 private static final Collection EMPTY_COLLECTION =
58 Collections.unmodifiableCollection( new ArrayList() );
59 private static final Set EMPTY_SET =
60 Collections.unmodifiableSet( new HashSet() );
61
62 private static final Name GROUP_NAME;
63 private static final Name USER_NAME;
64 private static final Set USER_NAMES = new HashSet();
65 private static final Set GROUP_NAMES = new HashSet();
66
67 private static final AttributeTypeRegistry ATTR_TYPE_REGISTRY_A = new DummyAttributeTypeRegistry( false );
68 private static final AttributeTypeRegistry ATTR_TYPE_REGISTRY_B = new DummyAttributeTypeRegistry( true );
69 private static final OidRegistry OID_REGISTRY = new DummyOidRegistry();
70
71 private static final RelatedProtectedItemFilter filterA;
72 private static final RelatedProtectedItemFilter filterB;
73
74
75 static
76 {
77 try
78 {
79 GROUP_NAME = new LdapName( "ou=test,ou=groups,ou=system" );
80 USER_NAME = new LdapName( "ou=test, ou=users, ou=system" );
81
82 filterA = new RelatedProtectedItemFilter(
83 ATTR_TYPE_REGISTRY_A,
84 new RefinementEvaluator(
85 new RefinementLeafEvaluator( OID_REGISTRY ) ),
86 new ExpressionEvaluator( OID_REGISTRY, ATTR_TYPE_REGISTRY_A ) );
87
88 filterB = new RelatedProtectedItemFilter(
89 ATTR_TYPE_REGISTRY_B,
90 new RefinementEvaluator(
91 new RefinementLeafEvaluator( OID_REGISTRY ) ),
92 new ExpressionEvaluator( OID_REGISTRY, ATTR_TYPE_REGISTRY_B ) );
93 }
94 catch( NamingException e )
95 {
96 throw new Error();
97 }
98
99 USER_NAMES.add( USER_NAME );
100 GROUP_NAMES.add( GROUP_NAME );
101 }
102
103 public void testZeroTuple() throws Exception
104 {
105 Assert.assertEquals(
106 0, filterA.filter(
107 EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE,
108 null, null, null, null, null, null, null, null, null, null ).size() );
109 }
110
111 public void testEntry() throws Exception
112 {
113 Collection tuples = getTuples( ProtectedItem.ENTRY );
114
115 Assert.assertEquals(
116 1, filterA.filter(
117 tuples, OperationScope.ENTRY, null, null, null,
118 null, AuthenticationLevel.NONE, null, null, null, null, null ).size() );
119 }
120
121 public void testAllUserAttributeTypes() throws Exception
122 {
123 Collection tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
124
125
126 Assert.assertEquals(
127 0, filterA.filter(
128 tuples, OperationScope.ENTRY, null, null, USER_NAME,
129 null, null, null,
130 "userAttr", null, null, null ).size() );
131
132 tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
133
134 Assert.assertEquals(
135 1, filterA.filter(
136 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
137 null, null, null,
138 "userAttr", null, null, null ).size() );
139
140
141
142
143
144
145
146
147 }
148
149 public void testAllUserAttributeTypesAndValues() throws Exception
150 {
151 Collection tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
152
153
154 Assert.assertEquals(
155 0, filterA.filter(
156 tuples, OperationScope.ENTRY, null, null, USER_NAME,
157 null, null, null,
158 "userAttr", null, null, null ).size() );
159
160 tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
161
162 Assert.assertEquals(
163 1, filterA.filter(
164 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
165 null, null, null,
166 "userAttr", null, null, null ).size() );
167
168
169
170
171
172
173
174
175 }
176
177 public void testAllAttributeValues() throws Exception
178 {
179 Collection attrTypes = new ArrayList();
180 attrTypes.add( "attrA" );
181 Collection tuples = getTuples( new ProtectedItem.AllAttributeValues( attrTypes ) );
182
183
184 Assert.assertEquals(
185 0, filterA.filter(
186 tuples, OperationScope.ENTRY, null, null, USER_NAME,
187 null, null, null,
188 "attrA", null, null, null ).size() );
189
190 tuples = getTuples( new ProtectedItem.AllAttributeValues( attrTypes ) );
191
192 Assert.assertEquals(
193 1, filterA.filter(
194 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
195 null, null, null,
196 "attrA", null, null, null ).size() );
197
198 Assert.assertEquals(
199 0, filterB.filter(
200 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
201 null, null, null,
202 "attrB", null, null, null ).size() );
203 }
204
205 public void testAttributeType() throws Exception
206 {
207 Collection attrTypes = new ArrayList();
208 attrTypes.add( "attrA" );
209 Collection tuples = getTuples( new ProtectedItem.AttributeType( attrTypes ) );
210
211
212 Assert.assertEquals(
213 0, filterA.filter(
214 tuples, OperationScope.ENTRY, null, null, USER_NAME,
215 null, null, null,
216 "attrA", null, null, null ).size() );
217
218 tuples = getTuples( new ProtectedItem.AttributeType( attrTypes ) );
219
220 Assert.assertEquals(
221 1, filterA.filter(
222 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
223 null, null, null,
224 "attrA", null, null, null ).size() );
225
226 Assert.assertEquals(
227 0, filterA.filter(
228 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
229 null, null, null,
230 "attrB", null, null, null ).size() );
231 }
232
233 public void testAttributeValue() throws Exception
234 {
235 Collection attributes = new ArrayList();
236 attributes.add( new BasicAttribute( "attrA", "valueA" ) );
237 Collection tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
238
239
240 Assert.assertEquals(
241 0, filterA.filter(
242 tuples, OperationScope.ENTRY, null, null, USER_NAME,
243 null, null, null,
244 "attrA", null, null, null ).size() );
245 tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
246 Assert.assertEquals(
247 0, filterA.filter(
248 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
249 null, null, null,
250 "attrA", null, null, null ).size() );
251
252
253 tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
254
255 Assert.assertEquals(
256 1, filterA.filter(
257 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
258 null, null, null,
259 "attrA", "valueA", null, null ).size() );
260
261 Assert.assertEquals(
262 0, filterA.filter(
263 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
264 null, null, null,
265 "attrA", "valueB", null, null ).size() );
266
267 tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
268
269 Assert.assertEquals(
270 0, filterA.filter(
271 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
272 null, null, null,
273 "attrB", "valueA", null, null ).size() );
274 }
275
276 public void testClasses() throws Exception
277 {
278
279 }
280
281 public void testMaxImmSub() throws Exception
282 {
283 Collection tuples = getTuples( new ProtectedItem.MaxImmSub( 2 ) );
284
285
286 Assert.assertEquals(
287 1, filterA.filter(
288 tuples, OperationScope.ENTRY, null, null, USER_NAME,
289 null, null, null,
290 "attrA", null, null, null ).size() );
291 }
292
293 public void testMaxValueCount() throws Exception
294 {
295 Collection mvcItems = new ArrayList();
296 mvcItems.add( new MaxValueCountItem( "attrA", 3 ) );
297 Collection tuples = getTuples( new ProtectedItem.MaxValueCount( mvcItems ) );
298
299
300 Assert.assertEquals(
301 0, filterA.filter(
302 tuples, OperationScope.ENTRY, null, null, USER_NAME,
303 null, null, null,
304 "attrA", null, null, null ).size() );
305 tuples = getTuples( new ProtectedItem.MaxValueCount( mvcItems ) );
306 Assert.assertEquals(
307 0, filterA.filter(
308 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
309 null, null, null,
310 "attrA", null, null, null ).size() );
311
312 tuples = getTuples( new ProtectedItem.MaxValueCount( mvcItems ) );
313
314 Assert.assertEquals(
315 1, filterA.filter(
316 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
317 null, null, null,
318 "attrA", null, null, null ).size() );
319
320 Assert.assertEquals(
321 0, filterA.filter(
322 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
323 null, null, null,
324 "attrB", null, null, null ).size() );
325 }
326
327 public void testRangeOfValues() throws Exception
328 {
329 Attributes entry = new BasicAttributes();
330 entry.put( "attrA", "valueA" );
331 Collection tuples = getTuples( new ProtectedItem.RangeOfValues( new PresenceNode( "attrA" ) ) );
332
333 Assert.assertEquals(
334 1, filterA.filter(
335 tuples, OperationScope.ENTRY, null, null, USER_NAME,
336 null, null, new LdapName( "ou=testEntry" ),
337 null, null, entry, null ).size() );
338
339 entry.remove( "attrA" );
340 Assert.assertEquals(
341 0, filterA.filter(
342 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
343 null, null, new LdapName( "ou=testEntry" ),
344 null, null, entry, null ).size() );
345 }
346
347 public void testRestrictedBy() throws Exception
348 {
349 Collection rbItems = new ArrayList();
350 rbItems.add( new RestrictedByItem( "attrA", "attrB" ) );
351 Collection tuples = getTuples( new ProtectedItem.RestrictedBy( rbItems ) );
352
353
354 Assert.assertEquals(
355 0, filterA.filter(
356 tuples, OperationScope.ENTRY, null, null, USER_NAME,
357 null, null, null,
358 "attrA", null, null, null ).size() );
359 tuples = getTuples( new ProtectedItem.RestrictedBy( rbItems ) );
360 Assert.assertEquals(
361 0, filterA.filter(
362 tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME,
363 null, null, null,
364 "attrA", null, null, null ).size() );
365
366 tuples = getTuples( new ProtectedItem.RestrictedBy( rbItems ) );
367
368 Assert.assertEquals(
369 1, filterA.filter(
370 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
371 null, null, null,
372 "attrA", null, null, null ).size() );
373
374 Assert.assertEquals(
375 0, filterA.filter(
376 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
377 null, null, null,
378 "attrB", null, null, null ).size() );
379 }
380
381 public void testSelfValue() throws Exception
382 {
383 Collection attrTypes = new ArrayList();
384 attrTypes.add( "attrA" );
385 Collection tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );
386
387 Attributes entry = new BasicAttributes();
388 entry.put( "attrA", USER_NAME );
389
390
391 Assert.assertEquals(
392 0, filterA.filter(
393 tuples, OperationScope.ENTRY, null, null, USER_NAME,
394 null, null, null,
395 "attrA", null, entry, null ).size() );
396
397 tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );
398
399 Assert.assertEquals(
400 1, filterA.filter(
401 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
402 null, null, null,
403 "attrA", null, entry, null ).size() );
404
405 entry.remove( "attrA" );
406 Assert.assertEquals(
407 0, filterA.filter(
408 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
409 null, null, null,
410 "attrA", null, entry, null ).size() );
411
412 tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );
413 Assert.assertEquals(
414 0, filterA.filter(
415 tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
416 null, null, null,
417 "attrB", null, entry, null ).size() );
418 }
419
420 private static Collection getTuples( ProtectedItem protectedItem )
421 {
422 Collection protectedItems = new ArrayList();
423 protectedItems.add( protectedItem );
424
425 Collection tuples = new ArrayList();
426 tuples.add( new ACITuple(
427 EMPTY_COLLECTION, AuthenticationLevel.NONE, protectedItems,
428 EMPTY_SET, true, 0 ) );
429
430 return tuples;
431 }
432 }