1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.ldap.server.jndi;
18
19
20 import javax.naming.NameClassPair;
21 import javax.naming.NamingEnumeration;
22 import javax.naming.NamingException;
23 import java.util.HashSet;
24
25
26 /***
27 * Tests our ability to list elements as the admin user and as a non admin user
28 * on security sensitive values. We do not return results or name class pairs
29 * for user accounts if the user is not the admin.
30 *
31 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
32 * @version $Rev: 165254 $
33 */
34 public class ListTest extends AbstractMultiUserJndiTest
35 {
36 public void testListSystemAsAdmin() throws NamingException
37 {
38 HashSet set = new HashSet();
39
40 NamingEnumeration list = sysRoot.list( "" );
41
42 while ( list.hasMore() )
43 {
44 NameClassPair ncp = ( NameClassPair ) list.next();
45
46 set.add( ncp.getName() );
47 }
48
49 assertTrue( set.contains( "uid=admin,ou=system" ) );
50
51 assertTrue( set.contains( "ou=users,ou=system" ) );
52
53 assertTrue( set.contains( "ou=groups,ou=system" ) );
54 }
55
56
57 public void testListSystemAsNonAdmin() throws NamingException
58 {
59 HashSet set = new HashSet();
60
61 NamingEnumeration list = sysRootAsNonAdminUser.list( "" );
62
63 while ( list.hasMore() )
64 {
65 NameClassPair ncp = ( NameClassPair ) list.next();
66
67 set.add( ncp.getName() );
68 }
69
70 assertFalse( set.contains( "uid=admin,ou=system" ) );
71
72 assertTrue( set.contains( "ou=users,ou=system" ) );
73
74 assertTrue( set.contains( "ou=groups,ou=system" ) );
75 }
76
77
78 public void testListUsersAsAdmin() throws NamingException
79 {
80 HashSet set = new HashSet();
81
82 NamingEnumeration list = sysRoot.list( "ou=users" );
83
84 while ( list.hasMore() )
85 {
86 NameClassPair ncp = ( NameClassPair ) list.next();
87
88 set.add( ncp.getName() );
89 }
90
91 assertTrue( set.contains( "uid=akarasulu,ou=users,ou=system" ) );
92 }
93
94
95 public void testListUsersAsNonAdmin() throws NamingException
96 {
97 HashSet set = new HashSet();
98
99 NamingEnumeration list = sysRootAsNonAdminUser.list( "ou=users" );
100
101 while ( list.hasMore() )
102 {
103 NameClassPair ncp = ( NameClassPair ) list.next();
104
105 set.add( ncp.getName() );
106 }
107
108 assertFalse( set.contains( "uid=akarasulu,ou=users,ou=system" ) );
109 }
110 }