Added a few more ACI functional test cases to round out the userdn usage an...

mkeyes

02.28.2007 9cc7349a9a9dbe0ed9f4d0463365a4d9c27097f2

Added a few more ACI functional test cases to round out the userdn usage and functionality.

 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci21.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci21"; allow (search,read) userdn="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci22.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci22"; allow (search,read) userdn="ldap:///anyone";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci23.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci23"; allow (search,read) userdn!="ldap:///all";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci24.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///uid=scarter,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci24"; allow (search,read) userdn="ldap:///self";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci25.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///uid=s*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci25"; allow (search,read) userdn="ldap:///self";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci26.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///uid=*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci26"; allow (search,read) userdn="ldap:///o=ACI Tests, dc=example,dc=com??sub?(|(ou=People)(ou=Marketing)(ou=Research)(ou=Sales))";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci27.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///uid=*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci27"; allow (search,read) userdn="ldap:///o=ACI Tests, dc=example,dc=com??sub?(|(ou=Marketing)(ou=Research)(ou=Sales))";)


 opends/tests/functional-tests/shared/data/aci/aci_target/add_aci28.ldif

New file
@@ -0,0 +1,30 @@
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#      Portions Copyright 2007 Sun Microsystems, Inc.
#

dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
changetype: modify
add: aci
aci: (target="ldap:///uid=*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci28"; allow (search,read) userdn="ldap:///uid=auser,ou=People,o=ACI Tests,dc=example,dc=com || ldap:///o=ACI Tests, dc=example,dc=com??sub?(|(ou=Marketing)(ou=Research)(ou=Sales))";)


 opends/tests/functional-tests/shared/functions/ldap.xml

@@ -529,6 +529,18 @@
        <stderr mode="'stdout'"/>
        <returnstdout/>
      </process>
      <script>
        SearchRC=RC
        SearchResult=STAXResult
      </script>
      
      <call function="'checkRC'">
        { 'returncode' : SearchRC ,
          'result'     : SearchResult }
      </call>
          
      <return>SearchResult</return>

    </sequence>
  </function>
  

 opends/tests/functional-tests/testcases/aci/aci_target.xml

@@ -1578,6 +1578,1136 @@
            </sequence>
          </testcase>
   
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal all
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal all
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with anonymous user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for step 1.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equals all'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci21.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equals all, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equals all, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equals all, user searching targeted entry as anonymous user'
                </message>
    
                <call function="'AnonSearchObject'">
                    { 'dsInstanceHost'      : DIRECTORY_INSTANCE_HOST ,
                        'dsInstancePort'    : DIRECTORY_INSTANCE_PORT ,
                        'dsBaseDN'          : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                        'dsFilter'          : 'objectclass=*'  ,
                        'extraParams'       : '-T'  }
                </call>

                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equals all, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equals all, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal anyone
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal anyone
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with anonoymous user
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for steps 1 and 2.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equals anyone'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci22.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equals anyone, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equals anyone, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equals anyone, user searching targeted entry as anonymous user'
                </message>
    
                <call function="'AnonSearchObject'">
                    { 'dsInstanceHost'      : DIRECTORY_INSTANCE_HOST ,
                        'dsInstancePort'    : DIRECTORY_INSTANCE_PORT ,
                        'dsBaseDN'          : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                        'dsFilter'          : 'objectclass=*'  ,
                        'extraParams'       : '-T'  }
                </call>

                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equals anyone, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equals anyone, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn not equal all
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn not equal all
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with anonymous user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for step 2.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn not equals all'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci23.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn not equals all, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn not equals all, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn not equals all, user searching targeted entry as anonymous user'
                </message>
    
                <call function="'AnonSearchObject'">
                    { 'dsInstanceHost'      : DIRECTORY_INSTANCE_HOST ,
                        'dsInstancePort'    : DIRECTORY_INSTANCE_PORT ,
                        'dsBaseDN'          : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                        'dsFilter'          : 'objectclass=*'  ,
                        'extraParams'       : '-T'  }
                </call>

                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn not equals all, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn not equals all, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal self
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal self
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with self user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for step 2.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equal self'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci24.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self, user searching targeted entry as self'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'sprain' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal self with wildcard
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal self with wildcard
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with self user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for step 2.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci25.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard, user searching targeted entry as self'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'sprain' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal self with wildcard and filter
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal self with wildcard and filter
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with another authenticated user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for steps 1 and 2.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci26.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, user searching targeted entry as self'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=buser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal self with wildcard and filter, deny
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal self with wildcard and filter, deny
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with another authenticated user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and no entries are returned for any step.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci27.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, user searching targeted entry as self'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=buser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
            <!---
                Place test-specific test information here.
                The tag, TestMarker, must be the same as the tag, TestSuiteName.
                #@TestMarker                ACI Target Tests
                #@TestName                  Target equals dn with userdn equal self with wildcard and filter, allow and deny
                #@TestIssue                 434
                #@TestPurpose               Test with the target set equal to a dn with userdn equal self with wildcard and filter, allow and deny
                #@TestPreamble              Admin adds an aci with the target equal to the dn of one existing branch.
                #@TestStep                  Client searches entry with the targeted branch dn with authenticated user.
                #@TestStep                  Client searches entry with the targeted branch dn with another authenticated user.
                #@TestStep                  Remove aci.
                #@TestStep                  Client searches entry with the previously targeted branch dn.
                #@TestPostamble             none
                #@TestResult                Success if OpenDS returns 0
                                            for all ldap operations, and
                                            and entry is returned only for step 1.
            -->
          <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
          <!-- cross reference to DS6 docs -->
            <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny'">
              <sequence>
                <call function="'testCase_Preamble'"/>
                          
                <script>
                    curr_aci_ldif_file = 'add_aci28.ldif'
                    curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
                </script>
        
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, preamble adding aci,\n %s' % curr_aci
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, user searching targeted entry as authenticated user'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '1'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, user searching targeted entry as self'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=buser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'       : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'searchStringForSubstring'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <if expr="returnCode != '0'">
                    <tcstatus result="'fail'"/>
                </if>
   
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, admin deleting aci'
                </message>
    
                <call function="'modifyEntry'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                    'entryToBeModified'   : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
                </call>
    
                <if expr="RC != 0">
                    <tcstatus result="'fail'"/>
                </if>
    
                <message>
                   'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, user searching previously targeted entry'
                </message>
    
                <call function="'SearchObject'">
                  { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'     : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
                    'dsInstancePswd'   : 'ACIRules' ,
                    'dsBaseDN'         : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
                    'dsFilter'         : 'objectclass=*'  ,
                    'attributes'      : 'cn sn uid'}
                </call>
    
                <script> 
                 returnString = STAXResult[0][1]
                </script> 
    
                <call function="'checktestStringNotPresent'">
                    { 'returnString'       : returnString ,
                      'testString'         : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
                </call>
                
                <call function="'testCase_Postamble'"/>
    
              </sequence>
            </testcase>
    
        <!---
              Place test-specific test information here.
              The tag, TestMarker, must be the same as the tag, TestSuiteName.