From 04748be0fbba73ce2f47b9a153365065bab45067 Mon Sep 17 00:00:00 2001
From: Gary Williams <gary.williams@forgerock.com>
Date: Mon, 18 Apr 2011 15:10:02 +0000
Subject: [PATCH] fix modify global aci in sasl tests
---
opends/tests/staf-tests/functional-tests/testcases/security/sasl/security_sasl_digest-md5.xml | 39 ++++++++++-----------------------------
opends/tests/staf-tests/functional-tests/testcases/security/security.xml | 3 +++
2 files changed, 13 insertions(+), 29 deletions(-)
diff --git a/opends/tests/staf-tests/functional-tests/testcases/security/sasl/security_sasl_digest-md5.xml b/opends/tests/staf-tests/functional-tests/testcases/security/sasl/security_sasl_digest-md5.xml
index fbbfb3c..418f9dd 100755
--- a/opends/tests/staf-tests/functional-tests/testcases/security/sasl/security_sasl_digest-md5.xml
+++ b/opends/tests/staf-tests/functional-tests/testcases/security/sasl/security_sasl_digest-md5.xml
@@ -24,6 +24,7 @@
! CDDL HEADER END
!
! Copyright 2008-2009 Sun Microsystems, Inc.
+ ! Portions Copyright 2011 ForgeRock AS
! -->
<stax>
@@ -942,16 +943,12 @@
<message>
'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, delete global search ACI'
</message>
-
- <script>
- global_aci="(targetattr!=\"userPassword||authPassword\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
- </script>
<call function="'modifyGlobalAci'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'remove' }
</call>
@@ -1096,7 +1093,7 @@
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'add'
}
</call>
@@ -1184,16 +1181,12 @@
<message>
'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, delete global search ACI'
</message>
-
- <script>
- global_aci="(targetattr!=\"userPassword||authPassword\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
- </script>
<call function="'modifyGlobalAci'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'remove'
}
</call>
@@ -1340,7 +1333,7 @@
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'add'
}
</call>
@@ -1428,16 +1421,12 @@
<message>
'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, delete global search ACI'
</message>
-
- <script>
- global_aci="(targetattr!=\"userPassword||authPassword\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
- </script>
<call function="'modifyGlobalAci'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'remove'
}
</call>
@@ -1584,7 +1573,7 @@
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'add'
}
</call>
@@ -1672,16 +1661,12 @@
<message>
'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, delete global search ACI'
</message>
-
- <script>
- global_aci="(targetattr!=\"userPassword||authPassword\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
- </script>
<call function="'modifyGlobalAci'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'remove'
}
</call>
@@ -1830,7 +1815,7 @@
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'add'
}
</call>
@@ -3370,16 +3355,12 @@
<message>
'Delete global search ACI'
</message>
-
- <script>
- global_aci="(targetattr!=\"userPassword||authPassword\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
- </script>
<call function="'modifyGlobalAci'">
{ 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
- 'aciValue' : global_aci ,
+ 'aciValue' : GLOBAL_ACI_SEARCH ,
'opType' : 'remove'
}
</call>
diff --git a/opends/tests/staf-tests/functional-tests/testcases/security/security.xml b/opends/tests/staf-tests/functional-tests/testcases/security/security.xml
index 5a85b63..b732587 100755
--- a/opends/tests/staf-tests/functional-tests/testcases/security/security.xml
+++ b/opends/tests/staf-tests/functional-tests/testcases/security/security.xml
@@ -24,6 +24,7 @@
! CDDL HEADER END
!
! Copyright 2006-2009 Sun Microsystems, Inc.
+ ! Portions Copyright 2011 ForgeRock AS
! -->
<stax>
<defaultcall function="main_security" />
@@ -45,6 +46,8 @@
<script>
CurrentTestPath['group']='security'
_group=CurrentTestPath['group']
+
+ GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||targetUniqueID||changeInitiatorsName||changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
</script>
<call function="'testGroup_Preamble'" />
<script>
--
Gitblit v1.10.0