mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
blame | history | patch | commit | commitdiff | ignore whitespace
coulbeck
27.05.2007 6932146c7ce6be2b604fd68d4ae6450ce784a80f 
 opends/src/server/org/opends/server/authorization/dseecompat/PatternDN.java


@@ -103,6 +103,32 @@


  }




  /**


   * Create a new DN pattern matcher to match a suffix.


   * @param pattern The suffix pattern string.


   * @throws org.opends.server.types.DirectoryException If the pattern string


   * is not valid.


   * @return A new DN pattern matcher.


   */


  public static PatternDN decodeSuffix(String pattern) throws DirectoryException


  {


    AttributeType fakeType =


         DirectoryServer.getAttributeType(PATTERN_DN_FAKE_TYPE_NAME);


    if (fakeType == null)


    {


       fakeType =


            DirectoryServer.getDefaultAttributeType(PATTERN_DN_FAKE_TYPE_NAME);


    }




    SearchFilter filter;


    DN patternDN = DN.decode(pattern);


    String filterStr = PATTERN_DN_FAKE_TYPE_NAME + "=*" +


         patternDN.toNormalizedString();


    filter=SearchFilter.createFilterFromString(filterStr);




    return new PatternDN(fakeType, filter);


  }




  /**


   * Determine whether a given DN matches this pattern.


   * @param dn The DN to be matched.


   * @return true if the DN matches the pattern.




 opends/src/server/org/opends/server/authorization/dseecompat/Target.java


@@ -89,7 +89,7 @@


          LDAPURL targetURL =  LDAPURL.decode(target, false);


          if(targetURL.getRawBaseDN().indexOf("*") != -1) {


              this.isPattern=true;


              patternDN = PatternDN.decode(targetURL.getRawBaseDN());


              patternDN = PatternDN.decodeSuffix(targetURL.getRawBaseDN());


          } else {


              urlDN=targetURL.getBaseDN();


              if(!urlDN.isDescendantOf(aciDN)) {




 opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/TargetTestCase.java


@@ -132,10 +132,45 @@


//              "uid=bjensen,ou=people,dc=example,dc=com",


//         },


         // </FAIL>


         {


              "ou=aci branch,o=ACI Tests,dc=example,dc=com",


              "(target=\"ldap:///ou=Peo*,ou=aci branch, o=ACI Tests," +


                   "dc=example,dc=com\")(targetattr=\"*\")" +


                   "(version 3.0; acl \"add_aci3\"; allow" +


                   "(search,read) userdn=\"ldap:///all\";)",


              "uid=scarter,ou=People,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com",


         },


         {


              "ou=aci branch,o=ACI Tests,dc=example,dc=com",


              "(target=\"ldap:///ou=*eople,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com\")(targetattr=\"*\")" +


                   "(version 3.0; acl \"add_aci3\"; allow" +


                   "(search,read) userdn=\"ldap:///all\";)",


              "uid=scarter,ou=People,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com",


         },


         {


              "ou=aci branch,o=ACI Tests,dc=example,dc=com",


              "(target=\"ldap:///ou=Pe*le,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com\")(targetattr=\"*\")" +


                   "(version 3.0; acl \"add_aci3\"; allow" +


                   "(search,read) userdn=\"ldap:///all\";)",


              "uid=scarter,ou=People,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com",


         },


         {


              "ou=aci branch,o=ACI Tests,dc=example,dc=com",


              "(target=\"ldap:///ou=Pe*l*,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com\")(targetattr=\"*\")" +


                   "(version 3.0; acl \"add_aci3\"; allow" +


                   "(search,read) userdn=\"ldap:///all\";)",


              "uid=scarter,ou=People,ou=aci branch,o=ACI Tests," +


                   "dc=example,dc=com",


         },


    };


  }






  @DataProvider


  public Object[][] nonApplicableTargets()


  {