directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1049858 - /directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/authz/AddAuthorizationIT.java
Date Thu, 16 Dec 2010 10:08:07 GMT
Author: elecharny
Date: Thu Dec 16 10:08:07 2010
New Revision: 1049858

URL: http://svn.apache.org/viewvc?rev=1049858&view=rev
Log:
Some more refactoring

Modified:
    directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/authz/AddAuthorizationIT.java

Modified: directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/authz/AddAuthorizationIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/authz/AddAuthorizationIT.java?rev=1049858&r1=1049857&r2=1049858&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/authz/AddAuthorizationIT.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/authz/AddAuthorizationIT.java
Thu Dec 16 10:08:07 2010
@@ -130,11 +130,23 @@ public class AddAuthorizationIT extends 
 
         // Gives grantAdd perm to all users in the Administrators group for
         // entries and all attribute types and values
-        createAccessControlSubentry( "administratorAdd", "{ " + "  identificationTag \"addAci\",
"
-            + "  precedence 14, " + "  authenticationLevel none, " + "  itemOrUserFirst userFirst:
" + "  { "
-            + "    userClasses { userGroup { \"cn=Administrators,ou=groups,ou=system\" }
}, " + "    userPermissions "
-            + "    { " + "      { " + "        protectedItems {entry, allUserAttributeTypesAndValues},
"
-            + "        grantsAndDenials { grantAdd, grantBrowse } " + "      } " + "    }
" + "  } " + "}" );
+        createAccessControlSubentry( "administratorAdd", 
+              "{ " 
+            + "  identificationTag \"addAci\", "
+            + "  precedence 14, " 
+            + "  authenticationLevel none, " 
+            + "  itemOrUserFirst userFirst: " 
+            + "  { "
+            + "    userClasses { userGroup { \"cn=Administrators,ou=groups,ou=system\" }
}, " 
+            + "    userPermissions "
+            + "    { " 
+            + "      { " 
+            + "        protectedItems {entry, allUserAttributeTypesAndValues}, "
+            + "        grantsAndDenials { grantAdd, grantBrowse } " 
+            + "      } " 
+            + "    } " 
+            + "  } " 
+            + "}" );
 
         // see if we can now add that test entry which we could not before
         // add op should still fail since billd is not in the admin group
@@ -163,11 +175,23 @@ public class AddAuthorizationIT extends 
         assertFalse( checkCanAddEntryAs( "billyd", "billyd", "ou=testou" ) );
 
         // now add a subentry that enables user billyd to add an entry below ou=system
-        createAccessControlSubentry( "billydAdd", "{ " + "  identificationTag \"addAci\",
" + "  precedence 14, "
-            + "  authenticationLevel none, " + "  itemOrUserFirst userFirst: " + "  { "
-            + "    userClasses { name { \"uid=billyd,ou=users,ou=system\" } }, " + "    userPermissions
" + "    { "
-            + "      { " + "        protectedItems {entry, allUserAttributeTypesAndValues},
"
-            + "        grantsAndDenials { grantAdd, grantBrowse } " + "      } " + "    }
" + "  } " + "}" );
+        createAccessControlSubentry( "billydAdd", 
+              "{ " 
+            + "  identificationTag \"addAci\", " 
+            + "  precedence 14, "
+            + "  authenticationLevel none, " 
+            + "  itemOrUserFirst userFirst: " 
+            + "  { "
+            + "    userClasses { name { \"uid=billyd,ou=users,ou=system\" } }, " 
+            + "    userPermissions " 
+            + "    { "
+            + "      { " 
+            + "        protectedItems {entry, allUserAttributeTypesAndValues}, "
+            + "        grantsAndDenials { grantAdd, grantBrowse } "
+            + "      } " 
+            + "    } " 
+            + "  } " 
+            + "}" );
 
         // should work now that billyd is authorized by name
         assertTrue( checkCanAddEntryAs( "billyd", "billyd", "ou=testou" ) );
@@ -189,12 +213,26 @@ public class AddAuthorizationIT extends 
         assertFalse( checkCanAddEntryAs( "billyd", "billyd", "ou=testou" ) );
 
         // now add a subentry that enables user billyd to add an entry below ou=system
-        createAccessControlSubentry( "billyAddBySubtree", "{ " + "  identificationTag \"addAci\",
"
-            + "  precedence 14, " + "  authenticationLevel none, " + "  itemOrUserFirst userFirst:
" + "  { "
-            + "    userClasses " + "    { " + "      subtree { { base \"ou=users,ou=system\"
} } " + "    }, "
-            + "    userPermissions " + "    { " + "      { "
+        createAccessControlSubentry( "billyAddBySubtree", 
+              "{ " 
+            + "  identificationTag \"addAci\", "
+            + "  precedence 14, " 
+            + "  authenticationLevel none, " 
+            + "  itemOrUserFirst userFirst: " 
+            + "  { "
+            + "    userClasses " 
+            + "    { " 
+            + "      subtree { { base \"ou=users,ou=system\" } } " 
+            + "    }, "
+            + "    userPermissions " 
+            + "    { " 
+            + "      { "
             + "        protectedItems {entry, allUserAttributeTypesAndValues}, "
-            + "        grantsAndDenials { grantAdd, grantBrowse } " + "      } " + "    }
" + "  } " + "}" );
+            + "        grantsAndDenials { grantAdd, grantBrowse } " 
+            + "      } " 
+            + "    } " 
+            + "  } " 
+            + "}" );
 
         // should work now that billyd is authorized by the subtree userClass
         assertTrue( checkCanAddEntryAs( "billyd", "billyd", "ou=testou" ) );
@@ -216,11 +254,23 @@ public class AddAuthorizationIT extends 
         assertFalse( checkCanAddEntryAs( "billyd", "billyd", "ou=testou" ) );
 
         // now add a subentry that enables anyone to add an entry below ou=system
-        createAccessControlSubentry( "anybodyAdd", "{ " + "  identificationTag \"addAci\",
" + "  precedence 14, "
-            + "  authenticationLevel none, " + "  itemOrUserFirst userFirst: " + "  { "
-            + "    userClasses { allUsers }, " + "    userPermissions " + "    { " + "  
   { "
+        createAccessControlSubentry( "anybodyAdd", 
+              "{ " 
+            + "  identificationTag \"addAci\", " 
+            + "  precedence 14, "
+            + "  authenticationLevel none, " 
+            + "  itemOrUserFirst userFirst: " 
+            + "  { "
+            + "    userClasses { allUsers }, " 
+            + "    userPermissions " 
+            + "    { " 
+            + "      { "
             + "        protectedItems {entry, allUserAttributeTypesAndValues}, "
-            + "        grantsAndDenials { grantAdd, grantBrowse } " + "      } " + "    }
" + "  } " + "}" );
+            + "        grantsAndDenials { grantAdd, grantBrowse } " 
+            + "      } " 
+            + "    } " 
+            + "  } " 
+            + "}" );
 
         // see if we can now add that test entry which we could not before
         // should work now with billyd now that all users are authorized



Mime
View raw message