- unit test for [Issue 4241] Disable/Enable acis via dsconfig does break ac...

abobrov

04.53.2009 4ca6252b09f6f5208e2e5c736fbdaca5f8cd4da5

- unit test for [Issue 4241] Disable/Enable acis via dsconfig does break aci evaluation

 opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java

@@ -2034,6 +2034,44 @@
    }
  }

  /**
   * Test online handler re-initialization using selfwrite right test cases.
   * @throws Throwable If selfwrite tests fail after re-initialization.
   */
  @Test()
  public void testAciHandlerReInit() throws Throwable {

    // Setup using selfwrite test case.
    addEntries(BASIC_LDIF__GROUP_SEARCH_TESTS, DIR_MGR_DN, DIR_MGR_PW);
    modEntries(SELFWRITE_ACI, DIR_MGR_DN, DIR_MGR_PW);

    // Disable ACI handler.
    TestCaseUtils.dsconfig("set-access-control-handler-prop",
            "--set", "enabled:false");

    // Enable ACI handler.
    TestCaseUtils.dsconfig("set-access-control-handler-prop",
            "--set", "enabled:true");

    // Test selfwrite right. Attempt to bind as level3 user and remove
    // level1 user from a group, should fail.
    try {
      deleteAttrFromEntry(OU_GROUP_1_DN, "member", LEVEL_1_USER_DN,
              LEVEL_3_USER_DN, "pa$$word", false);
    } catch (Throwable e) {
      throw e;
    }

    // Test selfwrite right. Attempt to bind as level1 user and remove
    // itself from a group, should succeed.
    try {
      deleteAttrFromEntry(OU_GROUP_1_DN, "member", LEVEL_1_USER_DN,
              LEVEL_1_USER_DN, "pa$$word", true);
    } catch (Throwable e) {
      throw e;
    }
  }


// -----------------------------------------------------------------------------
// -----------------------------------------------------------------------------