directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1183441 [4/4] - in /directory/apacheds/trunk/interceptors/authz: ./ .settings/ src/ src/main/ src/main/java/ src/main/java/org/ src/main/java/org/apache/ src/main/java/org/apache/directory/ src/main/java/org/apache/directory/server/ src/ma...
Date Fri, 14 Oct 2011 17:38:32 GMT
Added: directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java?rev=1183441&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java (added)
+++ directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java Fri Oct 14 17:38:30 2011
@@ -0,0 +1,266 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.core.authz.support;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertSame;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import com.mycila.junit.concurrent.Concurrency;
+import com.mycila.junit.concurrent.ConcurrentJunitRunner;
+import org.apache.directory.shared.ldap.aci.ACITuple;
+import org.apache.directory.shared.ldap.aci.MicroOperation;
+import org.apache.directory.shared.ldap.aci.ProtectedItem;
+import org.apache.directory.shared.ldap.aci.UserClass;
+import org.apache.directory.shared.ldap.aci.protectedItem.AllAttributeValuesItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.AttributeTypeItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.AttributeValueItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.RangeOfValuesItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.SelfValueItem;
+import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.model.entry.Attribute;
+import org.apache.directory.shared.ldap.model.filter.PresenceNode;
+import org.apache.directory.shared.ldap.model.schema.AttributeType;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Tests {@link MostSpecificProtectedItemFilter}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrency()
+public class MostSpecificProtectedItemFilterTest
+{
+    private static final Set<AttributeType> EMPTY_STRING_COLLECTION = Collections.unmodifiableSet( new HashSet<AttributeType>() );
+
+    private static final Set<Attribute> EMPTY_ATTRIBUTE_COLLECTION = Collections
+        .unmodifiableSet( new HashSet<Attribute>() );
+
+    private static final Collection<UserClass> EMPTY_USER_CLASS_COLLECTION = Collections
+        .unmodifiableCollection( new ArrayList<UserClass>() );
+
+    private static final Collection<ACITuple> EMPTY_ACI_TUPLE_COLLECTION = Collections
+        .unmodifiableCollection( new ArrayList<ACITuple>() );
+
+    private static final Collection<ProtectedItem> EMPTY_PROTECTED_ITEM_COLLECTION = Collections
+        .unmodifiableCollection( new ArrayList<ProtectedItem>() );
+
+    private static final Set<MicroOperation> EMPTY_MICRO_OPERATION_SET = Collections
+        .unmodifiableSet( new HashSet<MicroOperation>() );
+    
+    private static final List<ACITuple> TUPLES_A = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_B = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_C = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_D = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_E = new ArrayList<ACITuple>();
+
+    
+    @BeforeClass
+    public static void init()
+    {
+        Collection<ProtectedItem> attributeType = new ArrayList<ProtectedItem>();
+        Collection<ProtectedItem> allAttributeValues = new ArrayList<ProtectedItem>();
+        Collection<ProtectedItem> selfValue = new ArrayList<ProtectedItem>();
+        Collection<ProtectedItem> attributeValue = new ArrayList<ProtectedItem>();
+        Collection<ProtectedItem> rangeOfValues = new ArrayList<ProtectedItem>();
+        Collection<ProtectedItem> allUserAttributeTypes = new ArrayList<ProtectedItem>();
+        Collection<ProtectedItem> allUserAttributeTypesAndValues = new ArrayList<ProtectedItem>();
+
+        attributeType.add( new AttributeTypeItem( EMPTY_STRING_COLLECTION ) );
+        allAttributeValues.add( new AllAttributeValuesItem( EMPTY_STRING_COLLECTION ) );
+        selfValue.add( new SelfValueItem( EMPTY_STRING_COLLECTION ) );
+        attributeValue.add( new AttributeValueItem( EMPTY_ATTRIBUTE_COLLECTION ) );
+        rangeOfValues.add( new RangeOfValuesItem( new PresenceNode( (String)null ) ) );
+        allUserAttributeTypes.add( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
+        allUserAttributeTypesAndValues.add( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
+
+        ACITuple attributeTypeTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, attributeType,
+            EMPTY_MICRO_OPERATION_SET, true, 0 );
+        
+        ACITuple allAttributeValuesTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE,
+            allAttributeValues, EMPTY_MICRO_OPERATION_SET, true, 0 );
+        
+        ACITuple selfValueTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, selfValue, 
+                EMPTY_MICRO_OPERATION_SET, true, 0 );
+        
+        ACITuple attributeValueTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, attributeValue,
+                EMPTY_MICRO_OPERATION_SET, true, 0 );
+        
+        ACITuple rangeOfValuesTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, rangeOfValues,
+                EMPTY_MICRO_OPERATION_SET, true, 0 );
+        
+        ACITuple allUserAttributeTypesTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE,
+            allUserAttributeTypes, EMPTY_MICRO_OPERATION_SET, true, 0 );
+        
+        ACITuple allUserAttributeTypesAndValuesTuple = new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE,
+            allUserAttributeTypesAndValues, EMPTY_MICRO_OPERATION_SET, true, 0 );
+
+        TUPLES_A.add( attributeTypeTuple );
+        TUPLES_A.add( allAttributeValuesTuple );
+        TUPLES_A.add( selfValueTuple );
+        TUPLES_A.add( attributeValueTuple );
+        TUPLES_A.add( rangeOfValuesTuple );
+        TUPLES_A.add( allUserAttributeTypesTuple );
+        TUPLES_A.add( allUserAttributeTypesAndValuesTuple );
+
+        TUPLES_B.add( allAttributeValuesTuple );
+        TUPLES_B.add( selfValueTuple );
+        TUPLES_B.add( attributeValueTuple );
+        TUPLES_B.add( rangeOfValuesTuple );
+        TUPLES_B.add( allUserAttributeTypesTuple );
+        TUPLES_B.add( allUserAttributeTypesAndValuesTuple );
+
+        TUPLES_C.add( selfValueTuple );
+        TUPLES_C.add( attributeValueTuple );
+        TUPLES_C.add( rangeOfValuesTuple );
+        TUPLES_C.add( allUserAttributeTypesTuple );
+        TUPLES_C.add( allUserAttributeTypesAndValuesTuple );
+
+        TUPLES_D.add( attributeValueTuple );
+        TUPLES_D.add( rangeOfValuesTuple );
+        TUPLES_D.add( allUserAttributeTypesTuple );
+        TUPLES_D.add( allUserAttributeTypesAndValuesTuple );
+
+        TUPLES_E.add( allUserAttributeTypesTuple );
+        TUPLES_E.add( allUserAttributeTypesAndValuesTuple );
+    }
+
+    @Test
+    public void testZeroOrOneTuple() throws Exception
+    {
+        MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( EMPTY_ACI_TUPLE_COLLECTION );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, false, 0 ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test
+    public void testTuplesA() throws Exception
+    {
+        MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_A );
+        
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter(  aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 4, tuples.size() );
+        assertSame( TUPLES_A.get( 0 ), tuples.get( 0 ) );
+        assertSame( TUPLES_A.get( 1 ), tuples.get( 1 ) );
+        assertSame( TUPLES_A.get( 2 ), tuples.get( 2 ) );
+        assertSame( TUPLES_A.get( 3 ), tuples.get( 3 ) );
+    }
+
+
+    @Test
+    public void testTuplesB() throws Exception
+    {
+        MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_B );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 3, tuples.size() );
+        assertSame( TUPLES_B.get( 0 ), tuples.get( 0 ) );
+        assertSame( TUPLES_B.get( 1 ), tuples.get( 1 ) );
+        assertSame( TUPLES_B.get( 2 ), tuples.get( 2 ) );
+    }
+
+
+    @Test
+    public void testTuplesC() throws Exception
+    {
+        MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_C );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 2, tuples.size() );
+        assertSame( TUPLES_C.get( 0 ), tuples.get( 0 ) );
+        assertSame( TUPLES_C.get( 1 ), tuples.get( 1 ) );
+    }
+
+
+    @Test
+    public void testTuplesD() throws Exception
+    {
+        MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_D );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 1, tuples.size() );
+        assertSame( TUPLES_D.get( 0 ), tuples.get( 0 ) );
+    }
+
+
+    @Test
+    public void testTuplesE() throws Exception
+    {
+        MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_E );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 2, tuples.size() );
+        assertSame( TUPLES_E.get( 0 ), tuples.get( 0 ) );
+        assertSame( TUPLES_E.get( 1 ), tuples.get( 1 ) );
+    }
+}

Added: directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java?rev=1183441&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java (added)
+++ directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java Fri Oct 14 17:38:30 2011
@@ -0,0 +1,211 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.core.authz.support;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertSame;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import com.mycila.junit.concurrent.Concurrency;
+import com.mycila.junit.concurrent.ConcurrentJunitRunner;
+import org.apache.directory.shared.ldap.aci.ACITuple;
+import org.apache.directory.shared.ldap.aci.MicroOperation;
+import org.apache.directory.shared.ldap.aci.ProtectedItem;
+import org.apache.directory.shared.ldap.aci.UserClass;
+import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.model.name.Dn;
+import org.apache.directory.shared.ldap.model.subtree.SubtreeSpecification;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Tests {@link MostSpecificUserClassFilter}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrency()
+public class MostSpecificUserClassFilterTest
+{
+    private static final Set<Dn> EMPTY_NAME_SET = Collections.unmodifiableSet( new HashSet<Dn>() );
+    private static final Set<MicroOperation> EMPTY_MICRO_OPERATION_SET = Collections.unmodifiableSet( new HashSet<MicroOperation>() );
+    private static final Collection<UserClass> EMPTY_USER_CLASS_COLLECTION = Collections.unmodifiableCollection( new ArrayList<UserClass>() );
+    private static final Set<SubtreeSpecification> EMPTY_SUBTREE_SPECIFICATION_COLLECTION = Collections.unmodifiableSet( new HashSet<SubtreeSpecification>() );
+    private static final Collection<ProtectedItem> EMPTY_PROTECTED_ITEM_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>() );
+    private static final Collection<ACITuple> EMPTY_ACI_TUPLE_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ACITuple>() );
+
+    private static final List<ACITuple> TUPLES_A = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_B = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_C = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_D = new ArrayList<ACITuple>();
+    private static final List<ACITuple> TUPLES_E = new ArrayList<ACITuple>();
+
+    static
+    {
+        Collection<UserClass> name = new ArrayList<UserClass>();
+        Collection<UserClass> thisEntry = new ArrayList<UserClass>();
+        Collection<UserClass> userGroup = new ArrayList<UserClass>();
+        Collection<UserClass> subtree = new ArrayList<UserClass>();
+        Collection<UserClass> allUsers = new ArrayList<UserClass>();
+
+        name.add( new UserClass.Name( EMPTY_NAME_SET ) );
+        thisEntry.add( UserClass.THIS_ENTRY );
+        userGroup.add( new UserClass.UserGroup( EMPTY_NAME_SET ) );
+        subtree.add( new UserClass.Subtree( EMPTY_SUBTREE_SPECIFICATION_COLLECTION ) );
+        allUsers.add( UserClass.ALL_USERS );
+
+        ACITuple nameTuple = new ACITuple( name, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, true, 0 );
+        ACITuple thisEntryTuple = new ACITuple( thisEntry, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, true, 0 );
+        ACITuple userGroupTuple = new ACITuple( userGroup, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, true, 0 );
+        ACITuple subtreeTuple = new ACITuple( subtree, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, true, 0 );
+        ACITuple allUsersTuple = new ACITuple( allUsers, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, true, 0 );
+
+        TUPLES_A.add( nameTuple );
+        TUPLES_A.add( thisEntryTuple );
+        TUPLES_A.add( userGroupTuple );
+        TUPLES_A.add( subtreeTuple );
+        TUPLES_A.add( allUsersTuple );
+
+        TUPLES_B.add( thisEntryTuple );
+        TUPLES_B.add( userGroupTuple );
+        TUPLES_B.add( subtreeTuple );
+        TUPLES_B.add( allUsersTuple );
+
+        TUPLES_C.add( userGroupTuple );
+        TUPLES_C.add( subtreeTuple );
+        TUPLES_C.add( allUsersTuple );
+
+        TUPLES_D.add( subtreeTuple );
+        TUPLES_D.add( allUsersTuple );
+
+        TUPLES_E.add( allUsersTuple );
+        TUPLES_E.add( allUsersTuple );
+    }
+
+
+    @Test
+    public void testZeroOrOneTuple() throws Exception
+    {
+        MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( EMPTY_ACI_TUPLE_COLLECTION );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, false, 0 ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test
+    public void testNameAndThisEntry() throws Exception
+    {
+        MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_A );
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 2, tuples.size() );
+        assertSame( TUPLES_A.get( 0 ), tuples.get( 0 ) );
+        assertSame( TUPLES_A.get( 1 ), tuples.get( 1 ) );
+    }
+
+
+    @Test
+    public void testThisEntry() throws Exception
+    {
+        MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_B );
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 1, tuples.size() );
+        assertSame( TUPLES_B.get( 0 ), tuples.get( 0 ) );
+    }
+
+
+    @Test
+    public void testUserGroup() throws Exception
+    {
+        MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_C );
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 1, tuples.size() );
+        assertSame( TUPLES_C.get( 0 ), tuples.get( 0 ) );
+    }
+
+
+    @Test
+    public void testSubtree() throws Exception
+    {
+        MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_D );
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = ( List<ACITuple> ) filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 1, tuples.size() );
+        assertSame( TUPLES_D.get( 0 ), tuples.get( 0 ) );
+    }
+
+
+    @Test
+    public void testOthers() throws Exception
+    {
+        MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
+
+        List<ACITuple> tuples = new ArrayList<ACITuple>( TUPLES_E );
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        tuples = (List<ACITuple>)filter.filter( aciContext, OperationScope.ENTRY, null );
+
+        assertEquals( 2, tuples.size() );
+        assertSame( TUPLES_E.get( 0 ), tuples.get( 0 ) );
+        assertSame( TUPLES_E.get( 1 ), tuples.get( 1 ) );
+    }
+}

Added: directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/OperationScopeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/OperationScopeTest.java?rev=1183441&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/OperationScopeTest.java (added)
+++ directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/OperationScopeTest.java Fri Oct 14 17:38:30 2011
@@ -0,0 +1,58 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.core.authz.support;
+
+
+import static org.junit.Assert.assertEquals;
+
+import com.mycila.junit.concurrent.Concurrency;
+import com.mycila.junit.concurrent.ConcurrentJunitRunner;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Tests {@link OperationScope}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ *
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrency()
+public class OperationScopeTest
+{
+    @Test
+    public void testGetName() throws Exception
+    {
+        assertEquals( "Entry", OperationScope.ENTRY.getName() );
+        assertEquals( "Attribute Type", OperationScope.ATTRIBUTE_TYPE.getName() );
+        assertEquals( "Attribute Type & Value", OperationScope.ATTRIBUTE_TYPE_AND_VALUE.getName() );
+    }
+
+
+    @Test
+    public void testGetNameAndToStringEquality()
+    {
+        assertEquals( OperationScope.ENTRY.getName(), OperationScope.ENTRY.toString() );
+        assertEquals( OperationScope.ATTRIBUTE_TYPE.getName(), OperationScope.ATTRIBUTE_TYPE.toString() );
+        assertEquals( OperationScope.ATTRIBUTE_TYPE_AND_VALUE.getName(), OperationScope.ATTRIBUTE_TYPE_AND_VALUE
+            .toString() );
+    }
+}

Added: directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java?rev=1183441&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java (added)
+++ directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java Fri Oct 14 17:38:30 2011
@@ -0,0 +1,495 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.core.authz.support;
+
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.server.core.event.ExpressionEvaluator;
+import org.apache.directory.server.core.subtree.RefinementEvaluator;
+import org.apache.directory.server.core.subtree.RefinementLeafEvaluator;
+import org.apache.directory.shared.ldap.aci.ACITuple;
+import org.apache.directory.shared.ldap.aci.MicroOperation;
+import org.apache.directory.shared.ldap.aci.ProtectedItem;
+import org.apache.directory.shared.ldap.aci.UserClass;
+import org.apache.directory.shared.ldap.aci.protectedItem.AllAttributeValuesItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.AttributeTypeItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.AttributeValueItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.MaxImmSubItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.MaxValueCountElem;
+import org.apache.directory.shared.ldap.aci.protectedItem.MaxValueCountItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.RestrictedByElem;
+import org.apache.directory.shared.ldap.aci.protectedItem.RestrictedByItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.SelfValueItem;
+import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.model.entry.DefaultEntry;
+import org.apache.directory.shared.ldap.model.entry.DefaultAttribute;
+import org.apache.directory.shared.ldap.model.entry.Entry;
+import org.apache.directory.shared.ldap.model.entry.Attribute;
+import org.apache.directory.shared.ldap.model.entry.StringValue;
+import org.apache.directory.shared.ldap.model.name.Dn;
+import org.apache.directory.shared.ldap.model.schema.AttributeType;
+import org.apache.directory.shared.ldap.model.schema.SchemaManager;
+import org.apache.directory.shared.ldap.schemamanager.impl.DefaultSchemaManager;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import com.mycila.junit.concurrent.Concurrency;
+import com.mycila.junit.concurrent.ConcurrentJunitRunner;
+
+
+/**
+ * Tests {@link RelatedUserClassFilter}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrency()
+public class RelatedProtectedItemFilterTest
+{
+    private static final Collection<UserClass> EMPTY_USER_CLASS_COLLECTION = Collections.unmodifiableCollection( new ArrayList<UserClass>() );
+    private static final Collection<ACITuple> EMPTY_ACI_TUPLE_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ACITuple>() );
+    private static final Set<MicroOperation> EMPTY_MICRO_OPERATION_SET = Collections.unmodifiableSet( new HashSet<MicroOperation>() );
+
+    private static Dn GROUP_NAME;
+    private static Dn USER_NAME;
+    private static Set<Dn> USER_NAMES = new HashSet<Dn>();
+    private static Set<Dn> GROUP_NAMES = new HashSet<Dn>();
+
+    private static SchemaManager schemaManager;
+
+    private static RelatedProtectedItemFilter filterA;
+    private static RelatedProtectedItemFilter filterB;
+    
+    /** The CN attribute Type */
+    private static AttributeType CN_AT;
+    
+    /** The OU attribute Type */
+    private static AttributeType OU_AT;
+    
+    /** The SN attribute Type */
+    private static AttributeType SN_AT;
+
+    
+    @BeforeClass 
+    public static void setup() throws Exception
+    {
+        schemaManager = new DefaultSchemaManager();
+
+        GROUP_NAME = new Dn( schemaManager, "ou=test,ou=groups,ou=system" );
+        USER_NAME = new Dn( schemaManager, "ou=test, ou=users, ou=system" );
+        
+        filterA = new RelatedProtectedItemFilter( new RefinementEvaluator( new RefinementLeafEvaluator(
+            schemaManager ) ), new ExpressionEvaluator( schemaManager ), schemaManager );
+
+        filterB = new RelatedProtectedItemFilter( new RefinementEvaluator( new RefinementLeafEvaluator(
+            schemaManager ) ), new ExpressionEvaluator( schemaManager ), schemaManager );
+
+        USER_NAMES.add( USER_NAME );
+        GROUP_NAMES.add( GROUP_NAME );
+        CN_AT = schemaManager.lookupAttributeTypeRegistry( "cn" );
+        OU_AT = schemaManager.lookupAttributeTypeRegistry( "ou" );
+        SN_AT = schemaManager.lookupAttributeTypeRegistry( "sn" );
+    }
+
+    
+    @Test 
+    public void testZeroTuple() throws Exception
+    {
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( EMPTY_ACI_TUPLE_COLLECTION );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test 
+    public void testEntry() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( ProtectedItem.ENTRY );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setAttributeType( OU_AT );
+
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    @Test 
+    public void testAllUserAttributeTypes() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+    }
+
+
+    @Test 
+    public void testAllUserAttributeTypesAndValues() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+    }
+
+
+    @Test 
+    public void testAllAttributeValues() throws Exception
+    {
+        Set<AttributeType> attrTypes = new HashSet<AttributeType>();
+        attrTypes.add( CN_AT );
+        Collection<ACITuple> tuples = getTuples( new AllAttributeValuesItem( attrTypes ) );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( new AllAttributeValuesItem( attrTypes ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( SN_AT );
+
+        assertEquals( 0, filterB.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test 
+    public void testAttributeType() throws Exception
+    {
+        Set<AttributeType> attrTypes = new HashSet<AttributeType>();
+        attrTypes.add( CN_AT );
+        Collection<ACITuple> tuples = getTuples( new AttributeTypeItem( attrTypes ) );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( new AttributeTypeItem( attrTypes ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( SN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+    }
+
+
+    @Test 
+    public void testAttributeValue() throws Exception
+    {
+        Set<Attribute> attributes = new HashSet<Attribute>();
+        attributes.add( new DefaultAttribute( "cn", CN_AT, "valueA" ) );
+        Collection<ACITuple> tuples = getTuples( new AttributeValueItem( attributes ) );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+        tuples = getTuples( new AttributeValueItem( attributes ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+
+        tuples = getTuples( new AttributeValueItem( attributes ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        aciContext.setAttrValue( new StringValue( "valueA" ) );
+
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        aciContext.setAttrValue( new StringValue( "valueB" ) );
+
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        tuples = getTuples( new AttributeValueItem( attributes ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( SN_AT );
+        aciContext.setAttrValue( new StringValue( "valueA" ) );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    public void testClasses() throws Exception
+    {
+        // TODO I don't know how to test with Refinement yet.
+    }
+
+
+    @Test 
+    public void testMaxImmSub() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( new MaxImmSubItem( 2 ) );
+
+        // Should always retain tuples.
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    @Test 
+    public void testMaxValueCount() throws Exception
+    {
+        Set<MaxValueCountElem> mvcItems = new HashSet<MaxValueCountElem>();
+        mvcItems.add( new MaxValueCountElem( CN_AT, 3 ) );
+        Collection<ACITuple> tuples = getTuples( new MaxValueCountItem( mvcItems ) );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+        tuples = getTuples( new MaxValueCountItem( mvcItems ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+
+        tuples = getTuples( new MaxValueCountItem( mvcItems ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( SN_AT );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    /* this test requires a real registry with real values or the dummy registry
+     * needs to be altered to contain some usable mock data.  This is a result of
+     * using the registry now in this operation.    
+     *
+    public void testRangeOfValues() throws Exception
+    {
+        Entry entry = new DefaultEntry( service.getRegistries(), USER_NAME );
+        entry.put( "cn", "valueA" );
+        Collection<ACITuple> tuples = getTuples( new ProtectedItem.RangeOfValues( new PresenceNode( "cn" ) ) );
+
+        Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null,
+            DNFactory.create( "ou=testEntry" ), null, null, entry, null ).size() );
+
+        entry.remove( "cn" );
+        Assert.assertEquals( 0, filterA.filter( service.getRegistries(), tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
+            null, null, DNFactory.create( "ou=testEntry" ), null, null, entry, null ).size() );
+    }
+    */
+
+
+    @Test 
+    public void testRestrictedBy() throws Exception
+    {
+        Set<RestrictedByElem> rbItems = new HashSet<RestrictedByElem>();
+        rbItems.add( new RestrictedByElem( CN_AT, SN_AT ) );
+        Collection<ACITuple> tuples = getTuples( new RestrictedByItem( rbItems ) );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+        tuples = getTuples( new RestrictedByItem( rbItems ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ).size() );
+
+        tuples = getTuples( new RestrictedByItem( rbItems ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( SN_AT );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test 
+    public void testSelfValue() throws Exception
+    {
+        Set<AttributeType> attrTypes = new HashSet<AttributeType>();
+        attrTypes.add( CN_AT );
+        Collection<ACITuple> tuples = getTuples( new SelfValueItem( attrTypes ) );
+
+        Entry entry = new DefaultEntry( schemaManager, USER_NAME );
+        entry.put( "cn", USER_NAME.getNormName() );
+
+        // Test wrong scope
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        aciContext.setEntry( entry );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( new SelfValueItem( attrTypes ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        aciContext.setEntry( entry );
+        
+        assertEquals( 1, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        entry.removeAttributes( "cn" );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( CN_AT );
+        aciContext.setEntry( entry );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        tuples = getTuples( new SelfValueItem( attrTypes ) );
+        
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAttributeType( SN_AT );
+        aciContext.setEntry( entry );
+        
+        assertEquals( 0, filterA.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    private static Collection<ACITuple> getTuples( ProtectedItem protectedItem )
+    {
+        Collection<ProtectedItem> protectedItems = new ArrayList<ProtectedItem>();
+        protectedItems.add( protectedItem );
+
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( EMPTY_USER_CLASS_COLLECTION, AuthenticationLevel.NONE, protectedItems, EMPTY_MICRO_OPERATION_SET, true, 0 ) );
+
+        return tuples;
+    }
+}

Added: directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java?rev=1183441&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java (added)
+++ directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java Fri Oct 14 17:38:30 2011
@@ -0,0 +1,308 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.core.authz.support;
+
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.server.core.subtree.SubtreeEvaluator;
+import org.apache.directory.shared.ldap.aci.ACITuple;
+import org.apache.directory.shared.ldap.aci.MicroOperation;
+import org.apache.directory.shared.ldap.aci.ProtectedItem;
+import org.apache.directory.shared.ldap.aci.UserClass;
+import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.model.exception.LdapInvalidDnException;
+import org.apache.directory.shared.ldap.model.name.Dn;
+import org.apache.directory.shared.ldap.model.schema.SchemaManager;
+import org.apache.directory.shared.ldap.schemamanager.impl.DefaultSchemaManager;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import com.mycila.junit.concurrent.Concurrency;
+import com.mycila.junit.concurrent.ConcurrentJunitRunner;
+
+
+/**
+ * Tests {@link RelatedUserClassFilter}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrency()
+public class RelatedUserClassFilterTest
+{
+    private static final Collection<ACITuple> EMPTY_ACI_TUPLE_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ACITuple>() );
+    private static final Collection<ProtectedItem> EMPTY_PROTECTED_ITEM_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>() );
+
+    private static final Set<MicroOperation> EMPTY_MICRO_OPERATION_SET = Collections.unmodifiableSet( new HashSet<MicroOperation>() );
+
+    private static Dn GROUP_NAME;
+    private static Dn USER_NAME;
+    private static final Set<Dn> USER_NAMES = new HashSet<Dn>();
+    private static final Set<Dn> GROUP_NAMES = new HashSet<Dn>();
+
+    private static SubtreeEvaluator SUBTREE_EVALUATOR;
+
+    private static RelatedUserClassFilter filter;
+    private static SchemaManager schemaManager;
+
+    @BeforeClass
+    public static void init() throws Exception
+    {
+        schemaManager = new DefaultSchemaManager();
+        SUBTREE_EVALUATOR = new SubtreeEvaluator( new DefaultSchemaManager( null ) );
+        filter = new RelatedUserClassFilter( SUBTREE_EVALUATOR );
+        
+        try
+        {
+            GROUP_NAME = new Dn( schemaManager, "ou=test,ou=groups,ou=system" );
+            USER_NAME = new Dn( schemaManager, "ou=test, ou=users, ou=system" );
+        }
+        catch ( LdapInvalidDnException e )
+        {
+            throw new Error();
+        }
+
+        USER_NAMES.add( USER_NAME );
+        GROUP_NAMES.add( GROUP_NAME );
+    }
+
+
+    @Test
+    public void testZeroTuple() throws Exception
+    {
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( EMPTY_ACI_TUPLE_COLLECTION );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test
+    public void testAllUsers() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( UserClass.ALL_USERS );
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    @Test
+    public void testThisEntry() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( UserClass.THIS_ENTRY );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setEntryDn( USER_NAME );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setEntryDn( new Dn( schemaManager, "ou=unrelated" ) );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+    
+    
+    @Test
+    public void testParentOfEntry() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( UserClass.PARENT_OF_ENTRY );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setEntryDn( new Dn( schemaManager, "ou=phoneBook, ou=test, ou=users, ou=system" ) );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setEntryDn( new Dn( schemaManager, "ou=unrelated" ) );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    @Test
+    public void testName() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( new UserClass.Name( USER_NAMES ) );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( new Dn( schemaManager, "ou=unrelateduser, ou=users" ) );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setEntryDn( USER_NAME );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    @Test
+    public void testUserGroup() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( new UserClass.UserGroup( GROUP_NAMES ) );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserGroupNames( GROUP_NAMES );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        Set<Dn> wrongGroupNames = new HashSet<Dn>();
+        wrongGroupNames.add( new Dn( schemaManager, "ou=unrelatedgroup" ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setUserDn( USER_NAME );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+        aciContext.setUserGroupNames( wrongGroupNames );
+        aciContext.setEntryDn( USER_NAME );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    @Test
+    public void testSubtree() throws Exception
+    {
+        // TODO Don't know how to test yet.
+    }
+
+
+    @Test
+    public void testAuthenticationLevel() throws Exception
+    {
+        Collection<ACITuple> tuples = getTuples( AuthenticationLevel.SIMPLE, true );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.STRONG );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.SIMPLE );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( AuthenticationLevel.SIMPLE, false );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.NONE );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.STRONG );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+
+        tuples = getTuples( AuthenticationLevel.SIMPLE, false );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAuthenticationLevel( AuthenticationLevel.SIMPLE );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ENTRY, null ).size() );
+    }
+
+
+    private static Collection<ACITuple> getTuples( UserClass userClass )
+    {
+        Collection<UserClass> classes = new ArrayList<UserClass>();
+        classes.add( userClass );
+
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( classes, AuthenticationLevel.NONE, EMPTY_PROTECTED_ITEM_COLLECTION, 
+            EMPTY_MICRO_OPERATION_SET, true, 0 ) );
+
+        return tuples;
+    }
+
+
+    private static Collection<ACITuple> getTuples( AuthenticationLevel level, boolean grant )
+    {
+        Collection<UserClass> classes = new ArrayList<UserClass>();
+        
+        if ( grant )
+        {
+            classes.add( UserClass.ALL_USERS );
+        }
+        else
+        {
+            Set<Dn> names = new HashSet<Dn>();
+            
+            try
+            {
+                names.add( new Dn( schemaManager, "cn=dummy" ) );
+            }
+            catch ( LdapInvalidDnException e )
+            {
+                throw new Error();
+            }
+
+            classes.add( new UserClass.Name( names ) );
+        }
+
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( classes, level, EMPTY_PROTECTED_ITEM_COLLECTION, EMPTY_MICRO_OPERATION_SET, grant, 0 ) );
+
+        return tuples;
+    }
+}

Added: directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java?rev=1183441&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java (added)
+++ directory/apacheds/trunk/interceptors/authz/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java Fri Oct 14 17:38:30 2011
@@ -0,0 +1,182 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.core.authz.support;
+
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.shared.ldap.aci.ACITuple;
+import org.apache.directory.shared.ldap.aci.MicroOperation;
+import org.apache.directory.shared.ldap.aci.ProtectedItem;
+import org.apache.directory.shared.ldap.aci.UserClass;
+import org.apache.directory.shared.ldap.aci.protectedItem.MaxImmSubItem;
+import org.apache.directory.shared.ldap.aci.protectedItem.RestrictedByElem;
+import org.apache.directory.shared.ldap.aci.protectedItem.RestrictedByItem;
+import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.model.entry.DefaultEntry;
+import org.apache.directory.shared.ldap.model.entry.Entry;
+import org.apache.directory.shared.ldap.model.entry.StringValue;
+import org.apache.directory.shared.ldap.model.name.Dn;
+import org.apache.directory.shared.ldap.model.schema.AttributeType;
+import org.apache.directory.shared.ldap.model.schema.SchemaManager;
+import org.apache.directory.shared.ldap.schemamanager.impl.DefaultSchemaManager;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import com.mycila.junit.concurrent.Concurrency;
+import com.mycila.junit.concurrent.ConcurrentJunitRunner;
+
+
+/**
+ * Tests {@link RestrictedByFilter}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@RunWith(ConcurrentJunitRunner.class)
+@Concurrency()
+public class RestrictedByFilterTest
+{
+    private static final Collection<UserClass> UC_EMPTY_COLLECTION = Collections.unmodifiableCollection( new ArrayList<UserClass>() );
+    private static final Collection<ACITuple> AT_EMPTY_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ACITuple>() );
+    private static final Collection<ProtectedItem> PI_EMPTY_COLLECTION = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>() );
+    private static final Set<MicroOperation> MO_EMPTY_SET = Collections.unmodifiableSet( new HashSet<MicroOperation>() );
+
+    private static final Collection<ProtectedItem> PROTECTED_ITEMS = new ArrayList<ProtectedItem>();
+    private static Entry ENTRY;
+
+    /** A reference to the schemaManager */
+    private static SchemaManager schemaManager;
+    
+    /** The CN attribute Type */
+    private static AttributeType CN_AT;
+
+    /** The SN attribute Type */
+    private static AttributeType SN_AT;
+
+    
+    @BeforeClass 
+    public static void setup() throws Exception
+    {
+        schemaManager = new DefaultSchemaManager();
+
+        Dn entryName = new Dn( schemaManager, "ou=test, ou=system" );
+        PROTECTED_ITEMS.add( new MaxImmSubItem( 2 ) );
+        ENTRY = new DefaultEntry( schemaManager, entryName );
+
+        ENTRY.put( "cn", "1", "2" );
+        CN_AT = schemaManager.lookupAttributeTypeRegistry( "cn" );
+        SN_AT = schemaManager.lookupAttributeTypeRegistry( "sn" );
+
+        Set<RestrictedByElem> mvcItems = new HashSet<RestrictedByElem>();
+        mvcItems.add( new RestrictedByElem( SN_AT, CN_AT ) );
+        PROTECTED_ITEMS.add( new RestrictedByItem( mvcItems ) );
+    }
+
+
+    @Test 
+    public void testWrongScope() throws Exception
+    {
+        RestrictedByFilter filter = new RestrictedByFilter();
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( UC_EMPTY_COLLECTION, AuthenticationLevel.NONE, PI_EMPTY_COLLECTION, MO_EMPTY_SET, true, 0 ) );
+
+        tuples = Collections.unmodifiableCollection( tuples );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        assertEquals( tuples, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE, null ) );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+
+        assertEquals( tuples, filter.filter( aciContext, OperationScope.ENTRY, null ) );
+    }
+
+
+    @Test 
+    public void testZeroTuple() throws Exception
+    {
+        RestrictedByFilter filter = new RestrictedByFilter();
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( AT_EMPTY_COLLECTION );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+
+
+    @Test 
+    public void testDenialTuple() throws Exception
+    {
+        RestrictedByFilter filter = new RestrictedByFilter();
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( UC_EMPTY_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS, MO_EMPTY_SET, false, 0 ) );
+
+        tuples = Collections.unmodifiableCollection( tuples );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAttributeType( SN_AT );
+        aciContext.setEntry( ENTRY );
+
+        assertEquals( tuples, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ) );
+    }
+
+
+    @Test 
+    public void testGrantTuple() throws Exception
+    {
+        RestrictedByFilter filter = new RestrictedByFilter();
+        Collection<ACITuple> tuples = new ArrayList<ACITuple>();
+        tuples.add( new ACITuple( UC_EMPTY_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS, MO_EMPTY_SET, true, 0 ) );
+
+        AciContext aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAttributeType( SN_AT );
+        aciContext.setAttrValue( new StringValue( "1" ) );
+        aciContext.setEntry( ENTRY );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAttributeType( SN_AT );
+        aciContext.setAttrValue( new StringValue( "2" ) );
+        aciContext.setEntry( ENTRY );
+
+        assertEquals( 1, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+
+        aciContext = new AciContext( null, null );
+        aciContext.setAciTuples( tuples );
+        aciContext.setAttributeType( SN_AT );
+        aciContext.setAttrValue( new StringValue( "3" ) );
+        aciContext.setEntry( ENTRY );
+
+        assertEquals( 0, filter.filter( aciContext, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null ).size() );
+    }
+}



Mime
View raw message