1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.ldap.server.operational;
18
19
20 import org.apache.ldap.common.message.DerefAliasesEnum;
21 import org.apache.ldap.server.AbstractCoreTest;
22
23 import javax.naming.NamingEnumeration;
24 import javax.naming.NamingException;
25 import javax.naming.directory.*;
26
27
28 /***
29 * Tests the methods on JNDI contexts that are analogous to entry modify
30 * operations in LDAP.
31 *
32 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
33 * @version $Rev: 165254 $
34 */
35 public class OperationalAttributeServiceTest extends AbstractCoreTest
36 {
37 private static final String CREATORS_NAME = "creatorsName";
38 private static final String CREATE_TIMESTAMP = "createTimestamp";
39
40
41 public void testModifyOperationalOpAttrs() throws NamingException
42 {
43
44
45
46 Attributes attributes = new BasicAttributes();
47 Attribute attribute = new BasicAttribute( "objectClass" );
48 attribute.add( "top" );
49 attribute.add( "organizationalUnit" );
50 attributes.put( attribute );
51 attributes.put( "ou", "testing00" );
52 DirContext ctx = sysRoot.createSubcontext( "ou=testing00", attributes );
53 assertNotNull( ctx );
54
55 ctx = ( DirContext ) sysRoot.lookup( "ou=testing00" );
56 assertNotNull( ctx );
57
58 attributes = ctx.getAttributes( "" );
59 assertNotNull( attributes );
60 assertEquals( "testing00", attributes.get( "ou" ).get() );
61 attribute = attributes.get( "objectClass" );
62 assertNotNull( attribute );
63 assertTrue( attribute.contains( "top" ) );
64 assertTrue( attribute.contains( "organizationalUnit" ) );
65 assertNull( attributes.get( CREATE_TIMESTAMP ) );
66 assertNull( attributes.get( CREATORS_NAME ) );
67
68 SearchControls ctls = new SearchControls();
69 ctls.setReturningAttributes( new String[]
70 { "ou", "createTimestamp", "creatorsName" } );
71
72 sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_PROP,
73 DerefAliasesEnum.NEVERDEREFALIASES_NAME );
74 NamingEnumeration list;
75 list = sysRoot.search( "", "(ou=testing00)", ctls );
76 SearchResult result = ( SearchResult ) list.next();
77 list.close();
78
79 System.out.println( result );
80
81 assertNotNull( result.getAttributes().get( "ou" ) );
82 assertNotNull( result.getAttributes().get( CREATORS_NAME ) );
83 assertNotNull( result.getAttributes().get( CREATE_TIMESTAMP ) );
84 }
85
86
87 /***
88 * Checks to confirm that the system context root ou=system has the
89 * required operational attributes. Since this is created automatically
90 * on system database creation properties the create attributes must be
91 * specified. There are no interceptors in effect when this happens so
92 * we must test explicitly.
93 *
94 *
95 * @see <a href="http://nagoya.apache.org/jira/browse/DIREVE-57">DIREVE-57:
96 * ou=system does not contain operational attributes</a>
97 */
98 public void testSystemContextRoot() throws NamingException
99 {
100 SearchControls controls = new SearchControls();
101 controls.setSearchScope( SearchControls.OBJECT_SCOPE );
102 NamingEnumeration list;
103 list = sysRoot.search( "", "(objectClass=*)", controls );
104 SearchResult result = ( SearchResult ) list.next();
105
106
107 Attributes attributes = result.getAttributes();
108 assertNull( attributes.get( "creatorsName" ) );
109 assertNull( attributes.get( "createTimestamp" ) );
110
111
112 String[] ids = new String[] { "creatorsName", "createTimestamp" };
113 controls.setReturningAttributes( ids );
114 list = sysRoot.search( "", "(objectClass=*)", controls );
115 result = ( SearchResult ) list.next();
116 attributes = result.getAttributes();
117 assertNotNull( attributes.get( "creatorsName" ) );
118 assertNotNull( attributes.get( "createTimestamp" ) );
119 }
120
121
122 /***
123 * Test which confirms that all new users created under the user's dn
124 * (ou=users,ou=system) have the creatorsName set to the DN of the new
125 * user even though the admin is creating the user. This is the basis
126 * for some authorization rules to protect passwords.
127 *
128 * NOTE THIS CHANGE WAS REVERTED SO WE ADAPTED THE TEST TO MAKE SURE THE
129 * CHANGE DOES NOT PERSIST!
130 *
131 * @see <a href="http://nagoya.apache.org/jira/browse/DIREVE-67">JIRA Issue DIREVE-67</a>
132 */
133 public void testConfirmNonAdminUserDnIsCreatorsName() throws NamingException
134 {
135 Attributes attributes = sysRoot.getAttributes( "uid=akarasulu,ou=users", new String[] { "creatorsName" } );
136
137 assertFalse( "uid=akarasulu,ou=users,ou=system".equals( attributes.get( "creatorsName" ).get() ) );
138 }
139 }