1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.ldap.server.jndi;
18
19
20 import java.util.HashSet;
21
22 import javax.naming.NameClassPair;
23 import javax.naming.NamingEnumeration;
24 import javax.naming.NamingException;
25
26 import org.apache.ldap.server.AbstractAdminTestCase;
27
28
29 /***
30 * Tests our ability to list elements as the admin user and as a non admin user
31 * on security sensitive values. We do not return results or name class pairs
32 * for user accounts if the user is not the admin.
33 *
34 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
35 * @version $Rev: 264732 $
36 */
37 public class ListAsAdminTest extends AbstractAdminTestCase
38 {
39 public void testListSystemAsAdmin() throws NamingException
40 {
41 HashSet set = new HashSet();
42
43 NamingEnumeration list = sysRoot.list( "" );
44
45 while ( list.hasMore() )
46 {
47 NameClassPair ncp = ( NameClassPair ) list.next();
48
49 set.add( ncp.getName() );
50 }
51
52 assertTrue( set.contains( "uid=admin,ou=system" ) );
53
54 assertTrue( set.contains( "ou=users,ou=system" ) );
55
56 assertTrue( set.contains( "ou=groups,ou=system" ) );
57 }
58
59
60 public void testListUsersAsAdmin() throws NamingException
61 {
62 HashSet set = new HashSet();
63
64 NamingEnumeration list = sysRoot.list( "ou=users" );
65
66 while ( list.hasMore() )
67 {
68 NameClassPair ncp = ( NameClassPair ) list.next();
69
70 set.add( ncp.getName() );
71 }
72
73 assertTrue( set.contains( "uid=akarasulu,ou=users,ou=system" ) );
74 }
75 }