1   /*
2    *   Copyright 2004 The Apache Software Foundation
3    *
4    *   Licensed under the Apache License, Version 2.0 (the "License");
5    *   you may not use this file except in compliance with the License.
6    *   You may obtain a copy of the License at
7    *
8    *       http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *   Unless required by applicable law or agreed to in writing, software
11   *   distributed under the License is distributed on an "AS IS" BASIS,
12   *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *   See the License for the specific language governing permissions and
14   *   limitations under the License.
15   *
16   */
17  package org.apache.ldap.server.collective;
18  
19  
20  import org.apache.ldap.server.AbstractAdminTestCase;
21  import org.apache.ldap.common.message.LockableAttributeImpl;
22  import org.apache.ldap.common.message.LockableAttributesImpl;
23  
24  import javax.naming.NamingException;
25  import javax.naming.NamingEnumeration;
26  import javax.naming.directory.*;
27  import java.util.Map;
28  import java.util.HashMap;
29  
30  
31  /***
32   * Test cases for the collective attribute service.
33   *
34   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
35   * @version $Rev$
36   */
37  public class CollectiveAttributeServiceTest extends AbstractAdminTestCase
38  {
39      public Attributes getTestEntry( String cn )
40      {
41          Attributes subentry = new LockableAttributesImpl();
42          Attribute objectClass = new LockableAttributeImpl( "objectClass" );
43          objectClass.add( "top" );
44          objectClass.add( "person" );
45          subentry.put( objectClass );
46          subentry.put( "cn", cn );
47          subentry.put( "sn", "testentry" );
48          return subentry;
49      }
50  
51  
52      public Attributes getTestSubentry()
53      {
54          Attributes subentry = new LockableAttributesImpl();
55          Attribute objectClass = new LockableAttributeImpl( "objectClass" );
56          objectClass.add( "top" );
57          objectClass.add( "subentry" );
58          objectClass.add( "collectiveAttributeSubentry" );
59          subentry.put( objectClass );
60          subentry.put( "c-ou", "configuration" );
61          subentry.put( "subtreeSpecification", "{ base \"ou=configuration\" }" );
62          subentry.put( "cn", "testsubentry" );
63          return subentry;
64      }
65  
66  
67      public Attributes getTestSubentry2()
68      {
69          Attributes subentry = new LockableAttributesImpl();
70          Attribute objectClass = new LockableAttributeImpl( "objectClass" );
71          objectClass.add( "top" );
72          objectClass.add( "subentry" );
73          objectClass.add( "collectiveAttributeSubentry" );
74          subentry.put( objectClass );
75          subentry.put( "c-ou", "configuration2" );
76          subentry.put( "subtreeSpecification", "{ base \"ou=configuration\" }" );
77          subentry.put( "cn", "testsubentry2" );
78          return subentry;
79      }
80  
81  
82      public Attributes getTestSubentry3()
83      {
84          Attributes subentry = new LockableAttributesImpl();
85          Attribute objectClass = new LockableAttributeImpl( "objectClass" );
86          objectClass.add( "top" );
87          objectClass.add( "subentry" );
88          objectClass.add( "collectiveAttributeSubentry" );
89          subentry.put( objectClass );
90          subentry.put( "c-st", "FL" );
91          subentry.put( "subtreeSpecification", "{ base \"ou=configuration\" }" );
92          subentry.put( "cn", "testsubentry3" );
93          return subentry;
94      }
95  
96  
97      public void addAdministrativeRole( String role ) throws NamingException
98      {
99          Attribute attribute = new LockableAttributeImpl( "administrativeRole" );
100         attribute.add( role );
101         ModificationItem item = new ModificationItem( DirContext.ADD_ATTRIBUTE, attribute );
102         super.sysRoot.modifyAttributes( "", new ModificationItem[] { item } );
103     }
104 
105 
106     public Map getAllEntries() throws NamingException
107     {
108         Map resultMap = new HashMap();
109         SearchControls controls = new SearchControls();
110         controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
111         controls.setReturningAttributes( new String[] { "+", "*" } );
112         NamingEnumeration results = super.sysRoot.search( "", "(objectClass=*)", controls );
113         while ( results.hasMore() )
114         {
115             SearchResult result = ( SearchResult ) results.next();
116             resultMap.put( result.getName(), result.getAttributes() );
117         }
118         return resultMap;
119     }
120 
121 
122     public Map getAllEntriesRestrictAttributes() throws NamingException
123     {
124         Map resultMap = new HashMap();
125         SearchControls controls = new SearchControls();
126         controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
127         controls.setReturningAttributes( new String[] { "cn", "ou" } );
128         NamingEnumeration results = super.sysRoot.search( "", "(objectClass=*)", controls );
129         while ( results.hasMore() )
130         {
131             SearchResult result = ( SearchResult ) results.next();
132             resultMap.put( result.getName(), result.getAttributes() );
133         }
134         return resultMap;
135     }
136 
137 
138     public void testLookup() throws Exception
139     {
140         // -------------------------------------------------------------------
141         // Setup the collective attribute specific administration point
142         // -------------------------------------------------------------------
143 
144         addAdministrativeRole( "collectiveAttributeSpecificArea" );
145         super.sysRoot.createSubcontext( "cn=testsubentry", getTestSubentry() );
146 
147         // -------------------------------------------------------------------
148         // test an entry that should show the collective attribute c-ou
149         // -------------------------------------------------------------------
150 
151         Attributes attributes = super.sysRoot.getAttributes( "ou=services,ou=configuration" );
152         Attribute c_ou = attributes.get( "c-ou" );
153         assertNotNull( "a collective c-ou attribute should be present", c_ou );
154         assertEquals( "configuration", c_ou.get() );
155 
156         // -------------------------------------------------------------------
157         // test an entry that should not show the collective attribute
158         // -------------------------------------------------------------------
159 
160         attributes = super.sysRoot.getAttributes( "ou=users" );
161         c_ou = attributes.get( "c-ou" );
162         assertNull( "the c-ou collective attribute should not be present", c_ou );
163 
164         // -------------------------------------------------------------------
165         // now modify entries included by the subentry to have collectiveExclusions
166         // -------------------------------------------------------------------
167 
168         ModificationItem[] items = new ModificationItem[] {
169             new ModificationItem( DirContext.ADD_ATTRIBUTE,
170                     new LockableAttributeImpl( "collectiveExclusions", "c-ou" ) ) };
171         super.sysRoot.modifyAttributes( "ou=services,ou=configuration", items );
172 
173         // entry should not show the c-ou collective attribute anymore
174         attributes = super.sysRoot.getAttributes( "ou=services,ou=configuration" );
175         c_ou = attributes.get( "c-ou" );
176         if ( c_ou != null )
177         {
178             assertEquals( "the c-ou collective attribute should not be present", 0, c_ou.size() );
179         }
180 
181         // now add more collective subentries - the c-ou should still not show due to exclusions
182         super.sysRoot.createSubcontext( "cn=testsubentry2", getTestSubentry2() );
183 
184         attributes = super.sysRoot.getAttributes( "ou=services,ou=configuration" );
185         c_ou = attributes.get( "c-ou" );
186         if ( c_ou != null )
187         {
188             assertEquals( "the c-ou collective attribute should not be present", 0, c_ou.size() );
189         }
190 
191         // entries without the collectiveExclusion should still show both values of c-ou
192         attributes = super.sysRoot.getAttributes( "ou=interceptors,ou=configuration" );
193         c_ou = attributes.get( "c-ou" );
194         assertNotNull( "a collective c-ou attribute should be present", c_ou );
195         assertTrue( c_ou.contains( "configuration" ) );
196         assertTrue( c_ou.contains( "configuration2" ) );
197 
198         // -------------------------------------------------------------------
199         // now add the subentry for the c-st collective attribute
200         // -------------------------------------------------------------------
201 
202         super.sysRoot.createSubcontext( "cn=testsubentry3", getTestSubentry3() );
203 
204         // the new attribute c-st should appear in the node with the c-ou exclusion
205         attributes = super.sysRoot.getAttributes( "ou=services,ou=configuration" );
206         Attribute c_st = attributes.get( "c-st" );
207         assertNotNull( "a collective c-st attribute should be present", c_st );
208         assertTrue( c_st.contains( "FL" ) );
209 
210         // in node without exclusions both values of c-ou should appear with c-st value
211         attributes = super.sysRoot.getAttributes( "ou=interceptors,ou=configuration" );
212         c_ou = attributes.get( "c-ou" );
213         assertNotNull( "a collective c-ou attribute should be present", c_ou );
214         assertTrue( c_ou.contains( "configuration" ) );
215         assertTrue( c_ou.contains( "configuration2" ) );
216         c_st = attributes.get( "c-st" );
217         assertNotNull( "a collective c-st attribute should be present", c_st );
218         assertTrue( c_st.contains( "FL" ) );
219 
220         // -------------------------------------------------------------------
221         // now modify an entry to exclude all collective attributes
222         // -------------------------------------------------------------------
223 
224         items = new ModificationItem[] {
225             new ModificationItem( DirContext.REPLACE_ATTRIBUTE,
226                     new LockableAttributeImpl( "collectiveExclusions", "excludeAllCollectiveAttributes" ) ) };
227         super.sysRoot.modifyAttributes( "ou=interceptors,ou=configuration", items );
228 
229         // none of the attributes should appear any longer
230         attributes = super.sysRoot.getAttributes( "ou=interceptors,ou=configuration" );
231         c_ou = attributes.get( "c-ou" );
232         if ( c_ou != null )
233         {
234             assertEquals( "the c-ou collective attribute should not be present", 0, c_ou.size() );
235         }
236         c_st = attributes.get( "c-st" );
237         if ( c_st != null )
238         {
239             assertEquals( "the c-st collective attribute should not be present", 0, c_st.size() );
240         }
241     }
242 
243 
244     public void testSearch() throws Exception
245     {
246         // -------------------------------------------------------------------
247         // Setup the collective attribute specific administration point
248         // -------------------------------------------------------------------
249 
250         addAdministrativeRole( "collectiveAttributeSpecificArea" );
251         super.sysRoot.createSubcontext( "cn=testsubentry", getTestSubentry() );
252 
253         // -------------------------------------------------------------------
254         // test an entry that should show the collective attribute c-ou
255         // -------------------------------------------------------------------
256 
257         Map entries = getAllEntries();
258         Attributes attributes = ( Attributes ) entries.get( "ou=services,ou=configuration,ou=system" );
259         Attribute c_ou = attributes.get( "c-ou" );
260         assertNotNull( "a collective c-ou attribute should be present", c_ou );
261         assertEquals( "configuration", c_ou.get() );
262 
263         // -------------------------------------------------------------------
264         // test an entry that should not show the collective attribute
265         // -------------------------------------------------------------------
266 
267         attributes = ( Attributes ) entries.get( "ou=users,ou=system" );
268         c_ou = attributes.get( "c-ou" );
269         assertNull( "the c-ou collective attribute should not be present", c_ou );
270 
271         // -------------------------------------------------------------------
272         // now modify entries included by the subentry to have collectiveExclusions
273         // -------------------------------------------------------------------
274 
275         ModificationItem[] items = new ModificationItem[] {
276             new ModificationItem( DirContext.ADD_ATTRIBUTE,
277                     new LockableAttributeImpl( "collectiveExclusions", "c-ou" ) ) };
278         super.sysRoot.modifyAttributes( "ou=services,ou=configuration", items );
279         entries = getAllEntries();
280 
281         // entry should not show the c-ou collective attribute anymore
282         attributes = ( Attributes ) entries.get( "ou=services,ou=configuration,ou=system" );
283         c_ou = attributes.get( "c-ou" );
284         if ( c_ou != null )
285         {
286             assertEquals( "the c-ou collective attribute should not be present", 0, c_ou.size() );
287         }
288 
289         // now add more collective subentries - the c-ou should still not show due to exclusions
290         super.sysRoot.createSubcontext( "cn=testsubentry2", getTestSubentry2() );
291         entries = getAllEntries();
292 
293         attributes = ( Attributes ) entries.get( "ou=services,ou=configuration,ou=system" );
294         c_ou = attributes.get( "c-ou" );
295         if ( c_ou != null )
296         {
297             assertEquals( "the c-ou collective attribute should not be present", 0, c_ou.size() );
298         }
299 
300         // entries without the collectiveExclusion should still show both values of c-ou
301         attributes = ( Attributes ) entries.get( "ou=interceptors,ou=configuration,ou=system" );
302         c_ou = attributes.get( "c-ou" );
303         assertNotNull( "a collective c-ou attribute should be present", c_ou );
304         assertTrue( c_ou.contains( "configuration" ) );
305         assertTrue( c_ou.contains( "configuration2" ) );
306 
307         // -------------------------------------------------------------------
308         // now add the subentry for the c-st collective attribute
309         // -------------------------------------------------------------------
310 
311         super.sysRoot.createSubcontext( "cn=testsubentry3", getTestSubentry3() );
312         entries = getAllEntries();
313 
314         // the new attribute c-st should appear in the node with the c-ou exclusion
315         attributes = ( Attributes ) entries.get( "ou=services,ou=configuration,ou=system" );
316         Attribute c_st = attributes.get( "c-st" );
317         assertNotNull( "a collective c-st attribute should be present", c_st );
318         assertTrue( c_st.contains( "FL" ) );
319 
320         // in node without exclusions both values of c-ou should appear with c-st value
321         attributes = ( Attributes ) entries.get( "ou=interceptors,ou=configuration,ou=system" );
322         c_ou = attributes.get( "c-ou" );
323         assertNotNull( "a collective c-ou attribute should be present", c_ou );
324         assertTrue( c_ou.contains( "configuration" ) );
325         assertTrue( c_ou.contains( "configuration2" ) );
326         c_st = attributes.get( "c-st" );
327         assertNotNull( "a collective c-st attribute should be present", c_st );
328         assertTrue( c_st.contains( "FL" ) );
329 
330         // -------------------------------------------------------------------
331         // now modify an entry to exclude all collective attributes
332         // -------------------------------------------------------------------
333 
334         items = new ModificationItem[] {
335             new ModificationItem( DirContext.REPLACE_ATTRIBUTE,
336                     new LockableAttributeImpl( "collectiveExclusions", "excludeAllCollectiveAttributes" ) ) };
337         super.sysRoot.modifyAttributes( "ou=interceptors,ou=configuration", items );
338         entries = getAllEntries();
339 
340         // none of the attributes should appear any longer
341         attributes = ( Attributes ) entries.get( "ou=interceptors,ou=configuration,ou=system" );
342         c_ou = attributes.get( "c-ou" );
343         if ( c_ou != null )
344         {
345             assertEquals( "the c-ou collective attribute should not be present", 0, c_ou.size() );
346         }
347         c_st = attributes.get( "c-st" );
348         if ( c_st != null )
349         {
350             assertEquals( "the c-st collective attribute should not be present", 0, c_st.size() );
351         }
352 
353         // -------------------------------------------------------------------
354         // Now search attributes but restrict returned attributes to cn and ou
355         // -------------------------------------------------------------------
356 
357         entries = getAllEntriesRestrictAttributes();
358 
359         // we should no longer see collective attributes with restricted return attribs
360         attributes = ( Attributes ) entries.get( "ou=services,ou=configuration,ou=system" );
361         c_st = attributes.get( "c-st" );
362         assertNull( "a collective c-st attribute should NOT be present", c_st );
363 
364         attributes = ( Attributes ) entries.get( "ou=partitions,ou=configuration,ou=system" );
365         c_ou = attributes.get( "c-ou" );
366         c_st = attributes.get( "c-st" );
367         assertNull( c_ou );
368         assertNull( c_st );
369     }
370 }