directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1127522 - /directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authz/DeleteAuthorizationIT.java
Date Wed, 25 May 2011 13:35:50 GMT
Author: elecharny
Date: Wed May 25 13:35:49 2011
New Revision: 1127522

URL: http://svn.apache.org/viewvc?rev=1127522&view=rev
Log:
o Removed an @Ignored annotation
o Formated the ACIs

Modified:
    directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authz/DeleteAuthorizationIT.java

Modified: directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authz/DeleteAuthorizationIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authz/DeleteAuthorizationIT.java?rev=1127522&r1=1127521&r2=1127522&view=diff
==============================================================================
--- directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authz/DeleteAuthorizationIT.java
(original)
+++ directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/authz/DeleteAuthorizationIT.java
Wed May 25 13:35:49 2011
@@ -40,7 +40,6 @@ import org.apache.directory.shared.ldap.
 import org.apache.directory.shared.ldap.model.name.Dn;
 import org.junit.After;
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
@@ -127,7 +126,6 @@ public class DeleteAuthorizationIT exten
      * @throws Exception if the test encounters an error
      */
     @Test
-    @Ignore
     public void testGrantDeleteAdministrators() throws Exception
     {
         // create the non-admin user
@@ -138,11 +136,23 @@ public class DeleteAuthorizationIT exten
 
         // Gives grantRemove perm to all users in the Administrators group for
         // entries and all attribute types and values
-        createAccessControlSubentry( "administratorAdd", "{ " + "  identificationTag \"addAci\",
"
-            + "  precedence 14, " + "  authenticationLevel none, " + "  itemOrUserFirst userFirst:
" + "  { "
-            + "    userClasses { userGroup { \"cn=Administrators,ou=groups,ou=system\" }
}, " + "    userPermissions "
-            + "    { " + "      { " + "        protectedItems {entry}, "
-            + "       grantsAndDenials { grantRemove, grantBrowse } " + "      } " + "  
 } " + "  } " + "}" );
+        createAccessControlSubentry( "administratorAdd", 
+            "{ " + 
+            "  identificationTag \"addAci\", " +
+            "  precedence 14, " + 
+            "  authenticationLevel none, " + 
+            "  itemOrUserFirst userFirst: " + 
+            "  { " +
+            "    userClasses { userGroup { \"cn=Administrators,ou=groups,ou=system\" } },
" + 
+            "    userPermissions " +
+            "    { " + 
+            "      { " + 
+            "        protectedItems {entry}, " +
+            "       grantsAndDenials { grantRemove, grantBrowse } " + 
+            "      } " + 
+            "    } " + 
+            "  } " + 
+            "}" );
 
         // see if we can now delete that test entry which we could not before
         // delete op should still fail since billd is not in the admin group
@@ -171,11 +181,22 @@ public class DeleteAuthorizationIT exten
         assertFalse( checkCanDeleteEntryAs( "billyd", "billyd", "ou=testou" ) );
 
         // now add a subentry that enables user billyd to delete an entry below ou=system
-        createAccessControlSubentry( "billydAdd", "{ " + "  identificationTag \"addAci\",
" + "  precedence 14, "
-            + "  authenticationLevel none, " + "  itemOrUserFirst userFirst: " + "  { "
-            + "    userClasses { name { \"uid=billyd,ou=users,ou=system\" } }, " + "    userPermissions
" + "    { "
-            + "      { " + "        protectedItems {entry}, "
-            + "        grantsAndDenials { grantRemove, grantBrowse } " + "      } " + " 
  } " + "  } " + "}" );
+        createAccessControlSubentry( "billydAdd", 
+            "{ " + 
+            "  identificationTag \"addAci\", " + 
+            "  precedence 14, " +
+            "  authenticationLevel none, " + 
+            "  itemOrUserFirst userFirst: " + 
+            "  { " +
+            "    userClasses { name { \"uid=billyd,ou=users,ou=system\" } }, " + 
+            "    userPermissions " + 
+            "    { " +
+            "      { " + "        protectedItems {entry}, " +
+            "        grantsAndDenials { grantRemove, grantBrowse } " + 
+            "      } " + 
+            "    } " + 
+            "  } " + 
+            "}" );
 
         // should work now that billyd is authorized by name
         assertTrue( checkCanDeleteEntryAs( "billyd", "billyd", "ou=testou" ) );
@@ -197,11 +218,24 @@ public class DeleteAuthorizationIT exten
         assertFalse( checkCanDeleteEntryAs( "billyd", "billyd", "ou=testou" ) );
 
         // now add a subentry that enables user billyd to delte an entry below ou=system
-        createAccessControlSubentry( "billyAddBySubtree", "{ " + "  identificationTag \"addAci\",
"
-            + "  precedence 14, " + "  authenticationLevel none, " + "  itemOrUserFirst userFirst:
" + "  { "
-            + "    userClasses " + "    { " + "      subtree { { base \"ou=users,ou=system\"
} } " + "    }, "
-            + "    userPermissions " + "    { " + "      { " + "        protectedItems {entry},
"
-            + "        grantsAndDenials { grantRemove, grantBrowse } " + "      } " + " 
  } " + "  } " + "}" );
+        createAccessControlSubentry( "billyAddBySubtree", 
+            "{ " + 
+            "  identificationTag \"addAci\", " +
+            "  precedence 14, " + 
+            "  authenticationLevel none, " + "  itemOrUserFirst userFirst: " + 
+            "  { " +
+            "    userClasses " + 
+            "    { " + "      subtree { { base \"ou=users,ou=system\" } } " + 
+            "    }, " +
+            "    userPermissions " + 
+            "    { " + 
+            "      { " + 
+            "        protectedItems {entry}, " +
+            "        grantsAndDenials { grantRemove, grantBrowse } " + 
+            "      } " + 
+            "    } " + 
+            "  } " + 
+            "}" );
 
         // should work now that billyd is authorized by the subtree userClass
         assertTrue( checkCanDeleteEntryAs( "billyd", "billyd", "ou=testou" ) );
@@ -223,11 +257,23 @@ public class DeleteAuthorizationIT exten
         assertFalse( checkCanDeleteEntryAs( "billyd", "billyd", "ou=testou" ) );
 
         // now add a subentry that enables anyone to add an entry below ou=system
-        createAccessControlSubentry( "anybodyAdd", "{ " + "  identificationTag \"addAci\",
" + "  precedence 14, "
-            + "  authenticationLevel none, " + "  itemOrUserFirst userFirst: " + "  { "
-            + "    userClasses { allUsers }, " + "    userPermissions " + "    { " + "  
   { "
-            + "        protectedItems {entry}, " + "        grantsAndDenials { grantRemove,
grantBrowse } "
-            + "      } " + "    } " + "  } " + "}" );
+        createAccessControlSubentry( "anybodyAdd", 
+            "{ " + 
+            "  identificationTag \"addAci\", " + 
+            "  precedence 14, " +
+            "  authenticationLevel none, " + 
+            "  itemOrUserFirst userFirst: " + 
+            "  { " +
+            "    userClasses { allUsers }, " + 
+            "    userPermissions " + 
+            "    { " + 
+            "      { " +
+            "        protectedItems {entry}, " + 
+            "        grantsAndDenials { grantRemove, grantBrowse } " +
+            "      } " + 
+            "    } " + 
+            "  } " + 
+            "}" );
 
         // see if we can now delete that test entry which we could not before
         // should work now with billyd now that all users are authorized



Mime
View raw message