directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r959029 [4/4] - in /directory/shared/trunk/ldap-aci: ./ .settings/ src/ src/main/ src/main/antlr/ src/main/java/ src/main/java/org/ src/main/java/org/apache/ src/main/java/org/apache/directory/ src/main/java/org/apache/directory/shared/ src...
Date Tue, 29 Jun 2010 16:56:09 GMT
Added: directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/ProtectedItem_SelfValueTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/ProtectedItem_SelfValueTest.java?rev=959029&view=auto
==============================================================================
--- directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/ProtectedItem_SelfValueTest.java
(added)
+++ directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/ProtectedItem_SelfValueTest.java
Tue Jun 29 16:56:07 2010
@@ -0,0 +1,139 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.shared.ldap.aci;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.junit.tools.Concurrent;
+import org.apache.directory.junit.tools.ConcurrentJunitRunner;
+import org.apache.directory.shared.ldap.aci.protectedItem.SelfValueItem;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Unit tests class ProtectedItem.SelfValue.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrent()
+public class ProtectedItem_SelfValueTest
+{
+    SelfValueItem selfValueA;
+    SelfValueItem selfValueACopy;
+    SelfValueItem selfValueB;
+    SelfValueItem selfValueC;
+
+
+    /**
+     * Initialize name instances
+     */
+    @Before
+    public void initNames() throws Exception
+    {
+        Set<String> colA = new HashSet<String>();
+        colA.add( "aa" );
+        colA.add( "bb" );
+        colA.add( "cc" );
+        Set<String> colB = new HashSet<String>();
+        colB.add( "aa" );
+        colB.add( "bb" );
+        colB.add( "cc" );
+        Set<String> colC = new HashSet<String>();
+        colC.add( "bb" );
+        colC.add( "cc" );
+        colC.add( "dd" );
+
+        selfValueA = new SelfValueItem( colA );
+        selfValueACopy = new SelfValueItem( colA );
+        selfValueB = new SelfValueItem( colB );
+        selfValueC = new SelfValueItem( colC );
+    }
+
+
+    @Test
+    public void testEqualsNull() throws Exception
+    {
+        assertFalse( selfValueA.equals( null ) );
+    }
+
+
+    @Test
+    public void testEqualsReflexive() throws Exception
+    {
+        assertEquals( selfValueA, selfValueA );
+    }
+
+
+    @Test
+    public void testHashCodeReflexive() throws Exception
+    {
+        assertEquals( selfValueA.hashCode(), selfValueA.hashCode() );
+    }
+
+
+    @Test
+    public void testEqualsSymmetric() throws Exception
+    {
+        assertEquals( selfValueA, selfValueACopy );
+        assertEquals( selfValueACopy, selfValueA );
+    }
+
+
+    @Test
+    public void testHashCodeSymmetric() throws Exception
+    {
+        assertEquals( selfValueA.hashCode(), selfValueACopy.hashCode() );
+        assertEquals( selfValueACopy.hashCode(), selfValueA.hashCode() );
+    }
+
+
+    @Test
+    public void testEqualsTransitive() throws Exception
+    {
+        assertEquals( selfValueA, selfValueACopy );
+        assertEquals( selfValueACopy, selfValueB );
+        assertEquals( selfValueA, selfValueB );
+    }
+
+
+    @Test
+    public void testHashCodeTransitive() throws Exception
+    {
+        assertEquals( selfValueA.hashCode(), selfValueACopy.hashCode() );
+        assertEquals( selfValueACopy.hashCode(), selfValueB.hashCode() );
+        assertEquals( selfValueA.hashCode(), selfValueB.hashCode() );
+    }
+
+
+    @Test
+    public void testNotEqualDiffValue() throws Exception
+    {
+        assertFalse( selfValueA.equals( selfValueC ) );
+        assertFalse( selfValueC.equals( selfValueA ) );
+    }
+}

Added: directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_NameTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_NameTest.java?rev=959029&view=auto
==============================================================================
--- directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_NameTest.java
(added)
+++ directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_NameTest.java
Tue Jun 29 16:56:07 2010
@@ -0,0 +1,144 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.shared.ldap.aci;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.junit.tools.Concurrent;
+import org.apache.directory.junit.tools.ConcurrentJunitRunner;
+import org.apache.directory.shared.ldap.aci.UserClass.Name;
+import org.apache.directory.shared.ldap.exception.LdapInvalidDnException;
+import org.apache.directory.shared.ldap.name.DN;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Unit tests class UserClass.Name.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrent()
+public class UserClass_NameTest
+{
+    private Name nameA;
+    private Name nameACopy;
+    private Name nameB;
+    private Name nameC;
+
+
+    /**
+     * Initialize name instances
+     */
+    @Before
+    public void initNames() throws LdapInvalidDnException
+    {
+        Set<DN> dnSetA = new HashSet<DN>();
+        dnSetA.add( new DN( "a=aa" ) );
+        dnSetA.add( new DN( "b=bb" ) );
+
+        Set<DN> dnSetB = new HashSet<DN>();
+        dnSetB.add( new DN( "b=bb" ) );
+        dnSetB.add( new DN( "a=aa" ) );
+
+        Set<DN> dnSetC = new HashSet<DN>();
+        dnSetC.add( new DN( "a=aa" ) );
+        dnSetC.add( new DN( "b=bb" ) );
+
+        Set<DN> dnSetD = new HashSet<DN>();
+        dnSetD.add( new DN( "b=bb" ) );
+        dnSetD.add( new DN( "c=cc" ) );
+
+        nameA = new Name( dnSetA );
+        nameACopy = new Name( dnSetB );
+        nameB = new Name( dnSetC );
+        nameC = new Name( dnSetD );
+    }
+
+
+    @Test
+    public void testEqualsNull() throws Exception
+    {
+        assertFalse( nameA.equals( null ) );
+    }
+
+
+    @Test
+    public void testEqualsReflexive() throws Exception
+    {
+        assertEquals( nameA, nameA );
+    }
+
+
+    @Test
+    public void testHashCodeReflexive() throws Exception
+    {
+        assertEquals( nameA.hashCode(), nameA.hashCode() );
+    }
+
+
+    @Test
+    public void testEqualsSymmetric() throws Exception
+    {
+        assertEquals( nameA, nameACopy );
+        assertEquals( nameACopy, nameA );
+    }
+
+
+    @Test
+    public void testHashCodeSymmetric() throws Exception
+    {
+        assertEquals( nameA.hashCode(), nameACopy.hashCode() );
+        assertEquals( nameACopy.hashCode(), nameA.hashCode() );
+    }
+
+
+    @Test
+    public void testEqualsTransitive() throws Exception
+    {
+        assertEquals( nameA, nameACopy );
+        assertEquals( nameACopy, nameB );
+        assertEquals( nameA, nameB );
+    }
+
+
+    @Test
+    public void testHashCodeTransitive() throws Exception
+    {
+        assertEquals( nameA.hashCode(), nameACopy.hashCode() );
+        assertEquals( nameACopy.hashCode(), nameB.hashCode() );
+        assertEquals( nameA.hashCode(), nameB.hashCode() );
+    }
+
+
+    @Test
+    public void testNotEqualDiffValue() throws Exception
+    {
+        assertFalse( nameA.equals( nameC ) );
+        assertFalse( nameC.equals( nameA ) );
+    }
+}
\ No newline at end of file

Added: directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_SubtreeTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_SubtreeTest.java?rev=959029&view=auto
==============================================================================
--- directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_SubtreeTest.java
(added)
+++ directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/aci/UserClass_SubtreeTest.java
Tue Jun 29 16:56:07 2010
@@ -0,0 +1,147 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.shared.ldap.aci;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.junit.tools.Concurrent;
+import org.apache.directory.junit.tools.ConcurrentJunitRunner;
+import org.apache.directory.shared.ldap.aci.UserClass.Subtree;
+import org.apache.directory.shared.ldap.name.DN;
+import org.apache.directory.shared.ldap.subtree.BaseSubtreeSpecification;
+import org.apache.directory.shared.ldap.subtree.SubtreeSpecification;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Unit tests class UserClass.Subtree.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrent()
+public class UserClass_SubtreeTest
+{
+    Subtree subtreeA;
+    Subtree subtreeACopy;
+    Subtree subtreeB;
+    Subtree subtreeC;
+
+
+    /**
+     * Initialize name instances
+     */
+    @Before
+    public void initNames() throws Exception
+    {
+        SubtreeSpecification subtreeSpecA = new BaseSubtreeSpecification();
+        SubtreeSpecification subtreeSpecB = new BaseSubtreeSpecification();
+        SubtreeSpecification subtreeSpecC = new BaseSubtreeSpecification();
+        SubtreeSpecification subtreeSpecD = new BaseSubtreeSpecification( new DN( "cn=dummy"
) );
+
+        Set<SubtreeSpecification> colA = new HashSet<SubtreeSpecification>();
+        colA.add( subtreeSpecA );
+        colA.add( subtreeSpecB );
+        colA.add( subtreeSpecC );
+        Set<SubtreeSpecification> colB = new HashSet<SubtreeSpecification>();
+        colB.add( subtreeSpecA );
+        colB.add( subtreeSpecB );
+        colB.add( subtreeSpecC );
+        Set<SubtreeSpecification> colC = new HashSet<SubtreeSpecification>();
+        colC.add( subtreeSpecB );
+        colC.add( subtreeSpecC );
+        colC.add( subtreeSpecD );
+
+        subtreeA = new Subtree( colA );
+        subtreeACopy = new Subtree( colA );
+        subtreeB = new Subtree( colB );
+        subtreeC = new Subtree( colC );
+    }
+
+
+    @Test
+    public void testEqualsNull() throws Exception
+    {
+        assertFalse( subtreeA.equals( null ) );
+    }
+
+
+    @Test
+    public void testEqualsReflexive() throws Exception
+    {
+        assertEquals( subtreeA, subtreeA );
+    }
+
+
+    @Test
+    public void testHashCodeReflexive() throws Exception
+    {
+        assertEquals( subtreeA.hashCode(), subtreeA.hashCode() );
+    }
+
+
+    @Test
+    public void testEqualsSymmetric() throws Exception
+    {
+        assertEquals( subtreeA, subtreeACopy );
+        assertEquals( subtreeACopy, subtreeA );
+    }
+
+
+    @Test
+    public void testHashCodeSymmetric() throws Exception
+    {
+        assertEquals( subtreeA.hashCode(), subtreeACopy.hashCode() );
+        assertEquals( subtreeACopy.hashCode(), subtreeA.hashCode() );
+    }
+
+
+    @Test
+    public void testEqualsTransitive() throws Exception
+    {
+        assertEquals( subtreeA, subtreeACopy );
+        assertEquals( subtreeACopy, subtreeB );
+        assertEquals( subtreeA, subtreeB );
+    }
+
+
+    @Test
+    public void testHashCodeTransitive() throws Exception
+    {
+        assertEquals( subtreeA.hashCode(), subtreeACopy.hashCode() );
+        assertEquals( subtreeACopy.hashCode(), subtreeB.hashCode() );
+        assertEquals( subtreeA.hashCode(), subtreeB.hashCode() );
+    }
+
+
+    @Test
+    public void testNotEqualDiffValue() throws Exception
+    {
+        assertFalse( subtreeA.equals( subtreeC ) );
+        assertFalse( subtreeC.equals( subtreeA ) );
+    }
+}

Added: directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/schema/syntaxCheckers/ACIItemSyntaxCheckerTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/schema/syntaxCheckers/ACIItemSyntaxCheckerTest.java?rev=959029&view=auto
==============================================================================
--- directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/schema/syntaxCheckers/ACIItemSyntaxCheckerTest.java
(added)
+++ directory/shared/trunk/ldap-aci/src/test/java/org/apache/directory/shared/ldap/schema/syntaxCheckers/ACIItemSyntaxCheckerTest.java
Tue Jun 29 16:56:07 2010
@@ -0,0 +1,275 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.shared.ldap.schema.syntaxCheckers;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.directory.junit.tools.Concurrent;
+import org.apache.directory.junit.tools.ConcurrentJunitRunner;
+import org.apache.directory.shared.ldap.schema.syntaxCheckers.ACIItemSyntaxChecker;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Test cases for ACIItemSyntaxChecker.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrent()
+public class ACIItemSyntaxCheckerTest
+{
+    ACIItemSyntaxChecker checker = new ACIItemSyntaxChecker();
+
+
+    @Test
+    public void testNullString()
+    {
+        assertFalse( checker.isValidSyntax( null ) );
+    }
+
+
+    @Test
+    public void testEmptyString()
+    {
+        assertFalse( checker.isValidSyntax( "" ) );
+    }
+
+    @Test
+    public void testOid()
+    {
+        assertEquals( "1.3.6.1.4.1.1466.115.121.1.1", checker.getOid() );
+    }
+
+    @Test
+    public void testCorrectCase()
+    {
+    }
+
+    /**
+     * Tests the checker with an ACIItem of ItemFirst main component.
+     */
+    @Test
+    public void testItemFirst()
+    {
+        String spec = " {  identificationTag  \"id1\" , precedence 114  , authenticationLevel
simple  , "
+            + "itemOrUserFirst itemFirst  :{ protectedItems  { entry  , attributeType { 1.2.3
   , ou }  , "
+            + " attributeValue { ou=people  , cn=Ersin  }  , rangeOfValues (cn=ErsinEr) ,
"
+            + "classes and : { item: xyz , or:{item:X,item:Y}   }}  , "
+            + "itemPermissions { { userClasses {allUsers  , userGroup { \"1.2=y,z=t\"  ,
\"a=b,c=d\" } "
+            + " , subtree { { base \"ou=people\" } } }   , grantsAndDenials  {  denyCompare
 , grantModify } },"
+            + "{ precedence 10, userClasses {allUsers  , userGroup { \"1.2=y,z=t\"  , \"a=b,c=d\"
} "
+            + " , subtree { { base \"ou=people\" } } }   , grantsAndDenials  {  denyCompare
 , grantModify } } } }}";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    /**
+     * Tests the checker with an ACIItem of UserFirst main component.
+     */
+    @Test
+    public void testUserFirst()
+    {
+        String spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel
none  , "
+            + "itemOrUserFirst userFirst:  { userClasses {  allUsers  , name { \"ou=people,cn=ersin\"
}, "
+            + "subtree {{ base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\","
+            + "minimum  1, maximum   2 } } }  , "
+            + "userPermissions { { protectedItems{ entry  , attributeType { cn  , ou }  ,
attributeValue {x=y,m=n,k=l} , "
+            + "rangeOfValues (cn=ErsinEr) }  , grantsAndDenials { grantBrowse } } } }  }
  ";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testAllowAddAllUsers()
+    {
+        String spec = "{ identificationTag \"addAci\", " + "precedence 14, " + "authenticationLevel
none, "
+            + "itemOrUserFirst userFirst: { " + "userClasses { allUsers }, "
+            + "userPermissions { { protectedItems {entry}, " + "grantsAndDenials { grantAdd
} } } } }";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testCombo()
+    {
+        String spec = "{ identificationTag \"addAci\", " + "precedence 14, " + "authenticationLevel
none, "
+            + "itemOrUserFirst userFirst: { " + "userClasses { allUsers, name { \"ou=blah\"
} }, "
+            + "userPermissions { { protectedItems {entry}, " + "grantsAndDenials { grantAdd
} } } } }";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testOrderOfProtectedItemsDoesNotMatter()
+    {
+        String spec = " {  identificationTag  \"id1\" , precedence 114  , authenticationLevel
simple  , "
+            + "itemOrUserFirst itemFirst  :{ protectedItems  { attributeType { 1.2.3    ,
ou }, entry , "
+            + " rangeOfValues (cn=ErsinEr) , attributeValue { ou=people  , cn=Ersin  },"
+            + "classes and : { item: xyz , or:{item:X,item:Y}   }}  , "
+            + "itemPermissions { { userClasses {allUsers  , userGroup { \"1.2=y,z=t\"  ,
\"a=b,c=d\" } "
+            + " , subtree { { base \"ou=people\" } } }   , grantsAndDenials  {  denyCompare
 , grantModify } },"
+            + "{ precedence 10, userClasses {allUsers  , userGroup { \"1.2=y,z=t\"  , \"a=b,c=d\"
} "
+            + " , subtree { { base \"ou=people\" } } }   , grantsAndDenials  {  denyCompare
 , grantModify } } } }}";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testOrderOfUserClassesDoesNotMatter()
+    {
+        String spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel
none  , "
+            + "itemOrUserFirst userFirst:  { userClasses {  name { \"ou=people,cn=ersin\"
}, allUsers, "
+            + "subtree {{ base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\","
+            + "minimum  1, maximum   2 } } }  , "
+            + "userPermissions { { protectedItems{ entry  , attributeType { cn  , ou }  ,
attributeValue {x=y,m=n,k=l} , "
+            + "rangeOfValues (cn=ErsinEr) }  , grantsAndDenials { grantBrowse } } } }  }
  ";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testItemPermissionComponentsOrderDoesNotMatter()
+    {
+        String spec = " {  identificationTag  \"id1\" , precedence 114  , authenticationLevel
simple  , "
+            + "itemOrUserFirst itemFirst  :{ protectedItems  { attributeType { 1.2.3    ,
ou }, entry , "
+            + " rangeOfValues (cn=ErsinEr) , attributeValue { ou=people  , cn=Ersin  },"
+            + "classes and : { item: xyz , or:{item:X,item:Y}   }}  , "
+            + "itemPermissions { { grantsAndDenials  {  denyCompare  , grantModify }, userClasses
{allUsers  , userGroup { \"1.2=y,z=t\"  , \"a=b,c=d\" } "
+            + " , subtree { { base \"ou=people\" } } }   },"
+            + "{ precedence 10, userClasses {allUsers  , userGroup { \"1.2=y,z=t\"  , \"a=b,c=d\"
} "
+            + " , subtree { { base \"ou=people\" } } }   , grantsAndDenials  {  denyCompare
 , grantModify } } } }}";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testUserPermissionComponentsOrderDoesNotMatter()
+    {
+        String spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel
none  , "
+            + "itemOrUserFirst userFirst:  { userClasses {  allUsers  , name { \"ou=people,cn=ersin\"
}, "
+            + "subtree {{ base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\","
+            + "minimum  1, maximum   2 } } }  , "
+            + "userPermissions { { grantsAndDenials { grantBrowse }, protectedItems{ entry
 , attributeType { cn  , ou }  , attributeValue {x=y,m=n,k=l} , "
+            + "rangeOfValues (cn=ErsinEr) }  } } }  }   ";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testOrderOfMainACIComponentsDoesNotMatter()
+    {
+        String spec = "{   itemOrUserFirst userFirst:  { userClasses {  allUsers  , name
{ \"ou=people,cn=ersin\" }, "
+            + "subtree {{ base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\","
+            + "minimum  1, maximum   2 } } }  , "
+            + "userPermissions { { protectedItems{ entry  , attributeType { cn  , ou }  ,
attributeValue {x=y,m=n,k=l} , "
+            + "rangeOfValues (cn=ErsinEr) }  , grantsAndDenials { grantBrowse } } } }, "
+            + " identificationTag \"id2\"   , authenticationLevel none, precedence 14 } 
 ";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testRestrictedValueComponentsOrderDoesNotMatter()
+    {
+        String spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel
none  , "
+            + "itemOrUserFirst userFirst:  { userClasses {  allUsers  , name { \"ou=people,cn=ersin\"
}, "
+            + "subtree {{ base \"ou=system\"}, { base \"ou=ORGANIZATIONUNIT\"," + "minimum
 1, maximum   2 } } }  , "
+            + "userPermissions { { protectedItems{ entry  , "
+            + "maxValueCount { { type 10.11.12, maxCount 10 }, { maxCount 20, type 11.12.13
 } } "
+            + " }  , grantsAndDenials { grantBrowse } } } }  }   ";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    @Test
+    public void testMaxValueCountComponentsOrderDoesNotMatter()
+    {
+        String spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel
none  , "
+            + "itemOrUserFirst userFirst:  { userClasses {  allUsers  , name { \"ou=people,cn=ersin\"
}, "
+            + "subtree {{ base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\"," + "minimum
 1, maximum   2 } } }  , "
+            + "userPermissions { { protectedItems{ entry  , "
+            + "restrictedBy { { type 10.11.12, valuesIn ou }, { valuesIn cn, type 11.12.13
 } } "
+            + " }  , grantsAndDenials { grantBrowse } } } }  }   ";
+
+        assertTrue( checker.isValidSyntax( spec ) );
+    }
+
+
+    /**
+     * Test case for DIRSERVER-891
+     */
+    @Test
+    public void testInvalidAttributeValue()
+    {
+        String spec;
+        
+        // no name-value-pair
+        spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel none 
, "
+            + "itemOrUserFirst userFirst:  { userPermissions { { protectedItems{ entry  ,
attributeType { cn  , ou }  , attributeValue { must_be_a_name_value_pair } , "
+            + "rangeOfValues (cn=ErsinEr) }  , grantsAndDenials { grantBrowse } } }, userClasses
{  allUsers  , name { \"ou=people,cn=ersin\" }, "
+            + "subtree {{ minimum 7, maximum 9, base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\","
+            + " maximum   2, minimum  1 } } }  }  }   ";
+        assertFalse( checker.isValidSyntax( spec ) );
+        
+        // no name-value-pair
+        spec = "{ identificationTag \"id2\"   , precedence 14, authenticationLevel none 
, "
+            + "itemOrUserFirst userFirst:  { userPermissions { { protectedItems{ entry  ,
attributeType { cn  , ou }  , attributeValue { x=y,m=n,k=l,x } , "
+            + "rangeOfValues (cn=ErsinEr) }  , grantsAndDenials { grantBrowse } } }, userClasses
{  allUsers  , name { \"ou=people,cn=ersin\" }, "
+            + "subtree {{ minimum 7, maximum 9, base \"ou=system\" }, { base \"ou=ORGANIZATIONUNIT\","
+            + " maximum   2, minimum  1 } } }  }  }   ";
+        assertFalse( checker.isValidSyntax( spec ) );
+    }
+    
+    
+    /**
+     * Test case for DIRSERVER-891
+     */
+    @Test
+    public void testIncomplete()
+    {
+        String spec;
+        
+        spec = "{ }";
+        assertFalse( checker.isValidSyntax( spec ) );
+        
+        spec = "{ identificationTag \"id2\" }";
+        assertFalse( checker.isValidSyntax( spec ) );
+        
+        spec = "{ identificationTag \"id2\", precedence 14 } ";
+        assertFalse( checker.isValidSyntax( spec ) );
+        
+        spec = "{ identificationTag \"id2\", precedence 14, authenticationLevel none } ";
+        assertFalse( checker.isValidSyntax( spec ) );
+    }
+}



Mime
View raw message