From 186acabb92e49adad49abbe0cb63952ad0b513a9 Mon Sep 17 00:00:00 2001
From: coulbeck <coulbeck@localhost>
Date: Fri, 23 Feb 2007 20:11:10 +0000
Subject: [PATCH] This change prepares the unit tests for when the ACI handler will get enabled by default. Most of the failing tests are fixed by adding bypass-acl privilege to the entries of the users the failing tests bind as.
---
opendj-sdk/opends/src/server/org/opends/server/core/DeleteOperation.java | 34 +-
opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java | 4
opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java | 40 +-
opendj-sdk/opends/src/server/org/opends/server/core/AddOperation.java | 40 +-
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java | 2
opendj-sdk/opends/src/server/org/opends/server/core/CompareOperation.java | 40 +-
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPSearchTestCase.java | 6
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java | 28 -
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/TestModifyDNOperation.java | 10
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPCompareTestCase.java | 4
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/api/PasswordValidatorTestCase.java | 11
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/CompareOperationTestCase.java | 13
opendj-sdk/opends/src/server/org/opends/server/core/ModifyDNOperation.java | 42 +-
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPPasswordModifyTestCase.java | 427 +++-----------------------------
opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java | 4
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PasswordModifyExtendedOperationTestCase.java | 9
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java | 4
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/BindOperationTestCase.java | 3
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/RejectUnauthReqTests.java | 6
opendj-sdk/opends/src/server/org/opends/server/core/SearchOperation.java | 34 +-
20 files changed, 228 insertions(+), 533 deletions(-)
diff --git a/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java b/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java
index e24e9a0..d87372f 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciContainer.java
@@ -221,7 +221,7 @@
* @return The client entry.
*/
public Entry getClientEntry() {
- return clientConnection.getAuthenticationInfo().getAuthorizationEntry();
+ return operation.getAuthorizationEntry();
}
/**
@@ -270,7 +270,7 @@
* @return The client's authorization DN.
*/
public DN getClientDN() {
- return clientConnection.getAuthenticationInfo().getAuthorizationDN();
+ return operation.getAuthorizationDN();
}
/**
diff --git a/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java b/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
index b69761b..73d7260 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
@@ -226,8 +226,10 @@
container.setRights(ACI_WRITE_DELETE);
if(!skipAccessCheck && !accessAllowed(container))
return false;
- } else
+ } else {
+ if(!skipAccessCheck)
return false;
+ }
/*
Check if the modification type has an "aci" attribute type.
If so, check the syntax of that attribute value. Fail the
diff --git a/opendj-sdk/opends/src/server/org/opends/server/core/AddOperation.java b/opendj-sdk/opends/src/server/org/opends/server/core/AddOperation.java
index 6c79f9f..c6336d9 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/core/AddOperation.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/core/AddOperation.java
@@ -1659,26 +1659,6 @@
}
}
- // Check to see if the client has permission to perform the add.
-
- // FIXME: for now assume that this will check all permission
- // pertinent to the operation. This includes proxy authorization
- // and any other controls specified.
-
- // FIXME: earlier checks to see if the entry already exists or
- // if the parent entry does not exist may have already exposed
- // sensitive information to the client.
- if (AccessControlConfigManager.getInstance()
- .getAccessControlHandler().isAllowed(this) == false) {
- setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
- int msgID = MSGID_ADD_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
- appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
- skipPostOperation = true;
- break addProcessing;
- }
-
// Check to see if there are any controls in the request. If so,
// then
// see if there is any special processing required.
@@ -1901,6 +1881,26 @@
}
+ // Check to see if the client has permission to perform the add.
+
+ // FIXME: for now assume that this will check all permission
+ // pertinent to the operation. This includes proxy authorization
+ // and any other controls specified.
+
+ // FIXME: earlier checks to see if the entry already exists or
+ // if the parent entry does not exist may have already exposed
+ // sensitive information to the client.
+ if (AccessControlConfigManager.getInstance()
+ .getAccessControlHandler().isAllowed(this) == false) {
+ setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+ int msgID = MSGID_ADD_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+ appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+ skipPostOperation = true;
+ break addProcessing;
+ }
+
// Check for and handle a request to cancel this operation.
if (cancelRequest != null)
{
diff --git a/opendj-sdk/opends/src/server/org/opends/server/core/CompareOperation.java b/opendj-sdk/opends/src/server/org/opends/server/core/CompareOperation.java
index abf3204..082c102 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/core/CompareOperation.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/core/CompareOperation.java
@@ -744,26 +744,6 @@
break compareProcessing;
}
- // Check to see if the client has permission to perform the
- // compare.
-
- // FIXME: for now assume that this will check all permission
- // pertinent to the operation. This includes proxy authorization
- // and any other controls specified.
-
- // FIXME: earlier checks to see if the entry already exists may
- // have already exposed sensitive information to the client.
- if (AccessControlConfigManager.getInstance()
- .getAccessControlHandler().isAllowed(this) == false) {
- setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
- int msgID = MSGID_COMPARE_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
- appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
- skipPostOperation = true;
- break compareProcessing;
- }
-
// Check to see if there are any controls in the request. If so, then
// see if there is any special processing required.
List<Control> requestControls = getRequestControls();
@@ -955,6 +935,26 @@
}
+ // Check to see if the client has permission to perform the
+ // compare.
+
+ // FIXME: for now assume that this will check all permission
+ // pertinent to the operation. This includes proxy authorization
+ // and any other controls specified.
+
+ // FIXME: earlier checks to see if the entry already exists may
+ // have already exposed sensitive information to the client.
+ if (AccessControlConfigManager.getInstance()
+ .getAccessControlHandler().isAllowed(this) == false) {
+ setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+ int msgID = MSGID_COMPARE_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+ appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+ skipPostOperation = true;
+ break compareProcessing;
+ }
+
// Check for and handle a request to cancel this operation.
if (cancelRequest != null)
{
diff --git a/opendj-sdk/opends/src/server/org/opends/server/core/DeleteOperation.java b/opendj-sdk/opends/src/server/org/opends/server/core/DeleteOperation.java
index 5286f97..4d85931 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/core/DeleteOperation.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/core/DeleteOperation.java
@@ -682,23 +682,6 @@
// Check to see if the client has permission to perform the
// delete.
- // FIXME: for now assume that this will check all permission
- // pertinent to the operation. This includes proxy authorization
- // and any other controls specified.
-
- // FIXME: earlier checks to see if the entry already exists may
- // have already exposed sensitive information to the client.
- if (AccessControlConfigManager.getInstance()
- .getAccessControlHandler().isAllowed(this) == false) {
- setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
- int msgID = MSGID_DELETE_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
- appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
- skipPostOperation = true;
- break deleteProcessing;
- }
-
// Check to see if there are any controls in the request. If so, then
// see if there is any special processing required.
boolean noOp = false;
@@ -920,6 +903,23 @@
}
+ // FIXME: for now assume that this will check all permission
+ // pertinent to the operation. This includes proxy authorization
+ // and any other controls specified.
+
+ // FIXME: earlier checks to see if the entry already exists may
+ // have already exposed sensitive information to the client.
+ if (AccessControlConfigManager.getInstance()
+ .getAccessControlHandler().isAllowed(this) == false) {
+ setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+ int msgID = MSGID_DELETE_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+ appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+ skipPostOperation = true;
+ break deleteProcessing;
+ }
+
// Check for and handle a request to cancel this operation.
if (cancelRequest != null)
{
diff --git a/opendj-sdk/opends/src/server/org/opends/server/core/ModifyDNOperation.java b/opendj-sdk/opends/src/server/org/opends/server/core/ModifyDNOperation.java
index e0a918d..6867dfa 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/core/ModifyDNOperation.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/core/ModifyDNOperation.java
@@ -1144,27 +1144,6 @@
}
- // Check to see if the client has permission to perform the
- // modify DN.
-
- // FIXME: for now assume that this will check all permission
- // pertinent to the operation. This includes proxy authorization
- // and any other controls specified.
-
- // FIXME: earlier checks to see if the entry or new superior
- // already exists may have already exposed sensitive information
- // to the client.
- if (AccessControlConfigManager.getInstance()
- .getAccessControlHandler().isAllowed(this) == false) {
- setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
- int msgID = MSGID_MODDN_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
- appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
- skipPostOperation = true;
- break modifyDNProcessing;
- }
-
// Check to see if there are any controls in the request. If so, then
// see if there is any special processing required.
boolean noOp = false;
@@ -1411,6 +1390,27 @@
}
+ // Check to see if the client has permission to perform the
+ // modify DN.
+
+ // FIXME: for now assume that this will check all permission
+ // pertinent to the operation. This includes proxy authorization
+ // and any other controls specified.
+
+ // FIXME: earlier checks to see if the entry or new superior
+ // already exists may have already exposed sensitive information
+ // to the client.
+ if (AccessControlConfigManager.getInstance()
+ .getAccessControlHandler().isAllowed(this) == false) {
+ setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+ int msgID = MSGID_MODDN_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+ appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+ skipPostOperation = true;
+ break modifyDNProcessing;
+ }
+
// Duplicate the entry and set its new DN. Also, create an empty list
// to hold the attribute-level modifications.
newEntry = currentEntry.duplicate();
diff --git a/opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java b/opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java
index 8292097..292e824 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/core/ModifyOperation.java
@@ -947,26 +947,6 @@
break modifyProcessing;
}
- // Check to see if the client has permission to perform the
- // modify.
-
- // FIXME: for now assume that this will check all permission
- // pertinent to the operation. This includes proxy authorization
- // and any other controls specified.
-
- // FIXME: earlier checks to see if the entry already exists may
- // have already exposed sensitive information to the client.
- if (AccessControlConfigManager.getInstance()
- .getAccessControlHandler().isAllowed(this) == false) {
- setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
- int msgID = MSGID_MODIFY_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
- appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
-
- skipPostOperation = true;
- break modifyProcessing;
- }
-
// Check to see if there are any controls in the request. If so, then
// see if there is any special processing required.
boolean noOp = false;
@@ -1213,6 +1193,26 @@
}
+ // Check to see if the client has permission to perform the
+ // modify.
+
+ // FIXME: for now assume that this will check all permission
+ // pertinent to the operation. This includes proxy authorization
+ // and any other controls specified.
+
+ // FIXME: earlier checks to see if the entry already exists may
+ // have already exposed sensitive information to the client.
+ if (AccessControlConfigManager.getInstance()
+ .getAccessControlHandler().isAllowed(this) == false) {
+ setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+ int msgID = MSGID_MODIFY_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+ appendErrorMessage(getMessage(msgID, String.valueOf(entryDN)));
+
+ skipPostOperation = true;
+ break modifyProcessing;
+ }
+
// Get the password policy state object for the entry that can be used
// to perform any appropriate password policy processing. Also, see if
// the entry is being updated by the end user or an administrator.
diff --git a/opendj-sdk/opends/src/server/org/opends/server/core/SearchOperation.java b/opendj-sdk/opends/src/server/org/opends/server/core/SearchOperation.java
index 15a319a..b950974 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/core/SearchOperation.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/core/SearchOperation.java
@@ -1652,23 +1652,6 @@
break searchProcessing;
}
- // Check to see if the client has permission to perform the
- // search.
-
- // FIXME: for now assume that this will check all permission
- // pertinent to the operation. This includes proxy authorization
- // and any other controls specified.
- if (AccessControlConfigManager.getInstance()
- .getAccessControlHandler().isAllowed(this) == false) {
- setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
-
- int msgID = MSGID_SEARCH_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
- appendErrorMessage(getMessage(msgID, String.valueOf(baseDN)));
-
- skipPostOperation = true;
- break searchProcessing;
- }
-
// Check to see if there are any controls in the request. If so, then
// see if there is any special processing required.
boolean processSearch = true;
@@ -1952,6 +1935,23 @@
}
+ // Check to see if the client has permission to perform the
+ // search.
+
+ // FIXME: for now assume that this will check all permission
+ // pertinent to the operation. This includes proxy authorization
+ // and any other controls specified.
+ if (AccessControlConfigManager.getInstance()
+ .getAccessControlHandler().isAllowed(this) == false) {
+ setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
+
+ int msgID = MSGID_SEARCH_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS;
+ appendErrorMessage(getMessage(msgID, String.valueOf(baseDN)));
+
+ skipPostOperation = true;
+ break searchProcessing;
+ }
+
// Check for and handle a request to cancel this operation.
if (cancelRequest != null)
{
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/api/PasswordValidatorTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/api/PasswordValidatorTestCase.java
index e29f383..8d30918 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/api/PasswordValidatorTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/api/PasswordValidatorTestCase.java
@@ -119,6 +119,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -176,6 +177,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -238,6 +240,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -294,6 +297,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -354,6 +358,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
@@ -415,6 +420,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
@@ -476,6 +482,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -553,6 +560,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -634,6 +642,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -721,6 +730,7 @@
"sn: User",
"cn: Test User",
"userPassword: password",
+ "ds-privilege-name: bypass-acl",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
@@ -804,6 +814,7 @@
"sn: User",
"cn: Test User",
"userPassword: password",
+ "ds-privilege-name: bypass-acl",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java
index ff2db2f..db960a8 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java
@@ -28,7 +28,6 @@
import org.opends.server.DirectoryServerTestCase;
import org.opends.server.TestCaseUtils;
-import org.opends.server.TestErrorLogger;
import org.opends.server.types.LDIFImportConfig;
import org.opends.server.types.LDIFExportConfig;
import org.opends.server.tools.LDAPModify;
@@ -50,9 +49,6 @@
import java.io.OutputStream;
import java.io.ByteArrayOutputStream;
import java.io.StringReader;
-import java.io.PrintStream;
-import java.io.FileOutputStream;
-import java.io.FileNotFoundException;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
@@ -110,7 +106,7 @@
// TODO: Test userattr
// Tests are disabled this way because a class-level @Test(enabled=false)
- // doesn't appear to work and the aci code itself isn't checked in yet.
+ // doesn't appear to work and the aci handler is not yet enabled.
private static final boolean TESTS_ARE_DISABLED = true;
@@ -219,10 +215,10 @@
private static final String BIND_RULE_TODAY = "dayofweek=\"" + getThisDayOfWeek() + "\"";
private static final String BIND_RULE_TODAY_AND_TOMORROW = "dayofweek=\"" + getThisDayOfWeek() + "," + getTomorrowDayOfWeek() + "\"";
- private static final String BIND_RULE_NOT_TODAY = "dayofweek=\"" + getNotThisDayOfWeek() + "\"";
+ private static final String BIND_RULE_NOT_TODAY = "dayofweek=\"" + getNotThisDayOfWeek() + "\"";
- private static final String BIND_RULE_USERDN_ADMIN_AND_SSL = and(BIND_RULE_USERDN_ADMIN, BIND_RULE_AUTHMETHOD_SSL);
- private static final String BIND_RULE_IP_NOT_LOCALHOST_OR_USERDN_ADMIN = or(BIND_RULE_IP_NOT_LOCALHOST, BIND_RULE_USERDN_ADMIN);
+ private static final String BIND_RULE_USERDN_ADMIN_AND_SSL = and(BIND_RULE_USERDN_ADMIN, BIND_RULE_AUTHMETHOD_SSL);
+ private static final String BIND_RULE_IP_NOT_LOCALHOST_OR_USERDN_ADMIN = or(BIND_RULE_IP_NOT_LOCALHOST, BIND_RULE_USERDN_ADMIN);
private static final String BIND_RULE_ADMIN_AND_LOCALHOST_OR_SSL = and(BIND_RULE_USERDN_ADMIN, or(BIND_RULE_AUTHMETHOD_SSL, BIND_RULE_DNS_LOCALHOST));
@@ -233,7 +229,7 @@
private static final String BIND_RULE_GROUPDN_3 = "groupdn=\"ldap:///cn=SomeGroup,dc=example,dc=com || ldap:///cn=SomeOtherGroup,dc=example,dc=com || ldap:///cn=SomeThirdGroup,dc=example,dc=com\"";
private static final String BIND_RULE_USERDN_FILTER = "userdn=\"ldap:///dc=example,dc=com??one?(|(ou=eng)(ou=acct))\"";
- private static final String BIND_RULE_INVALID_DAY = "dayofweek=\"sumday\"";
+ private static final String BIND_RULE_INVALID_DAY = "dayofweek=\"sumday\"";
private static final String BIND_RULE_ONLY_AT_NOON = "timeofday=\"1200\"";
private static final String BIND_RULE_NOT_AT_NOON = "timeofday!=\"1200\"";
@@ -315,7 +311,7 @@
private static final String DENY_READ_TO_TOP_LEVEL_CN_ADMINS =
buildAciValue("name", "deny read to users with 'admin' in their cn", "targetattr", "*", "deny(read)", BIND_RULE_USERDN_TOP_LEVEL_CN_ADMINS);
-
+
private static final String DENY_ALL_TO_LOCALHOST =
buildAciValue("name", "deny all to localhost", "targetattr", "*", "deny(all)", BIND_RULE_IP_LOCALHOST);
@@ -787,7 +783,7 @@
throw e;
}
}
-
+
// I'd like to make this dependsOnMethods = {"testBasisOfInvalidityTestsAreValid(String,String,String)"}
// but I can't figure out how.
@Test(dataProvider = "invalidAcis")
@@ -874,7 +870,7 @@
private static final String NO_ACIS_LDIF = "";
// ------------------------------------------------------------
- // THESE ALL WILL RETURN NO RESULTS FOR ADMINS AND ANONYMOUS
+ // THESE ALL WILL RETURN NO RESULTS FOR ADMINS AND ANONYMOUS
// ------------------------------------------------------------
private static final String ALLOW_ALL_BASE_DENY_ALL_BASE_LDIF =
@@ -1042,7 +1038,7 @@
// -----------------------------------------------------------------
// THESE ALL WILL RETURN EVERYTHING IN AT LEAST OU=INNER FOR ADMINS
// -----------------------------------------------------------------
-
+
private static final String ALLOW_ALL_BASE_TO_ADMIN =
makeAddAciLdif(OU_BASE_DN, ALLOW_ALL_TO_ADMIN);
@@ -1089,7 +1085,7 @@
makeAddAciLdif(OU_BASE_DN, ALLOW_SEARCH_OU_AND_PERSON_TO_SIMPLE);
// ------------------------------------------------------------
- //
+ //
// ------------------------------------------------------------
private static final String NO_SEARCH_RESULTS = "";
@@ -1149,7 +1145,7 @@
NO_ACIS_LDIF,
ALLOW_ALL_BASE_DENY_ALL_BASE_LDIF,
ALLOW_ALL_BASE_DENY_READ_BASE_LDIF,
- ALLOW_READ_BASE_DENY_ALL_BASE_LDIF,
+ ALLOW_READ_BASE_DENY_ALL_BASE_LDIF,
ALLOW_ALL_BASE_DENY_ALL_INNER_LDIF,
ALLOW_READ_BASE_DENY_ALL_INNER_LDIF,
ALLOW_ALL_BASE_DENY_READ_INNER_LDIF,
@@ -1221,7 +1217,7 @@
ALLOW_BASE_SEARCH_OUR_ATTRS_TO_ADMIN,
ALLOW_BASE_SEARCH_OU_AND_PERSON_TO_SIMPLE
);
-
+
testParams.addSingleSearch(ADMIN_DN, OU_INNER_DN, OBJECTCLASS_STAR, SCOPE_SUB, INNER_OU_FULL_LDIF__SEARCH_TESTS);
testParams.addSingleSearch(ADMIN_DN, OU_LEAF_DN, OBJECTCLASS_STAR, SCOPE_SUB, LEAF_OU_FULL_LDIF__SEARCH_TESTS);
testParams.addSingleSearch(ADMIN_DN, OU_LEAF_DN, OBJECTCLASS_STAR, SCOPE_ONE, LEVEL_3_USER_LDIF__SEARCH_TESTS);
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/BindOperationTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/BindOperationTestCase.java
index 9e13bd7..bfbbfeb 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/BindOperationTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/BindOperationTestCase.java
@@ -1826,7 +1826,8 @@
"cn: Test User");
InternalClientConnection conn =
- new InternalClientConnection(new AuthenticationInfo());
+ InternalClientConnection.getRootConnection();
+// new InternalClientConnection(new AuthenticationInfo());
AddOperation addOperation =
conn.processAdd(e.getDN(), e.getObjectClasses(), e.getUserAttributes(),
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/CompareOperationTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/CompareOperationTestCase.java
index 396fea5..ea58f90 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/CompareOperationTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/CompareOperationTestCase.java
@@ -39,6 +39,7 @@
import org.opends.server.types.Entry;
import org.opends.server.types.LockManager;
import org.opends.server.TestCaseUtils;
+import org.opends.server.util.ServerConstants;
import org.opends.server.controls.LDAPAssertionRequestControl;
import org.opends.server.controls.ProxiedAuthV1Control;
import org.opends.server.controls.ProxiedAuthV2Control;
@@ -117,6 +118,7 @@
"sn: User",
"cn: Proxy User",
"userPassword: password",
+ "ds-privilege-name: bypass-acl",
"ds-privilege-name: proxied-auth");
Entry proxyUserEntry =
@@ -338,7 +340,7 @@
examineCompletedOperation(compareOperation);
}
- @Test(enabled = false) // FIXME Issue 739.
+ @Test
public void testCompareSubtype()
{
InternalClientConnection conn =
@@ -556,14 +558,15 @@
examineIncompleteOperation(compareOperation);
}
- @Test(enabled = false) // FIXME Issue 741.
+ @Test
public void testCompareProxiedAuthV2Criticality() throws Exception
{
InvocationCounterPlugin.resetAllCounters();
- ProxiedAuthV2Control authV2Control =
- new ProxiedAuthV2Control(new ASN1OctetString());
- authV2Control.setCritical(false);
+ Control authV2Control =
+ new Control(ServerConstants.OID_PROXIED_AUTH_V2, false,
+ new ASN1OctetString());
+
List<Control> controls = new ArrayList<Control>();
controls.add(authV2Control);
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/RejectUnauthReqTests.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/RejectUnauthReqTests.java
index 7a32b33..d7d09fd 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/RejectUnauthReqTests.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/RejectUnauthReqTests.java
@@ -439,10 +439,12 @@
/**
* Tests the whether the unauthenticated ADD,MODIFY,COMPARE,MODRDN and
* DELETE requests succeed with the default configuration settings.
+ * FIXME: This test is disabled because it is unreasonable to expect
+ * unauthenticated writes to succeed when access control is enabled.
*
* @throws Exception If an unexpected problem occurs.
*/
- @Test()
+ @Test(enabled=false)
public void testOtherOpsUnauthDefCfg() throws Exception
{
assertEquals(performAddOperation(false),0);
@@ -472,7 +474,7 @@
"org.opends.server.core.RejectUnauthReqTests.testUnauthWAIDefCfg",
"org.opends.server.core.RejectUnauthReqTests.testAuthWAIDefCfg",
"org.opends.server.core.RejectUnauthReqTests.testStartTLSUnauthDefCfg",
- "org.opends.server.core.RejectUnauthReqTests.testOtherOpsUnauthDefCfg",
+// "org.opends.server.core.RejectUnauthReqTests.testOtherOpsUnauthDefCfg",
"org.opends.server.core.RejectUnauthReqTests.testOtherOpsAuthDefCfg"
})
public void testChangeAndVerifyRejUnauthReqCfgAttr() throws Exception
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/TestModifyDNOperation.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/TestModifyDNOperation.java
index 75ae817..819da8b 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/TestModifyDNOperation.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/core/TestModifyDNOperation.java
@@ -40,6 +40,7 @@
import org.opends.server.protocols.ldap.*;
import org.opends.server.types.*;
import org.opends.server.TestCaseUtils;
+import org.opends.server.util.ServerConstants;
import org.opends.server.controls.ProxiedAuthV1Control;
import org.opends.server.controls.ProxiedAuthV2Control;
import org.opends.server.controls.LDAPAssertionRequestControl;
@@ -1043,13 +1044,14 @@
examineIncompleteOperation(modifyDNOperation);
}
- @Test(enabled = false) //FIXME: Issue 741
+ @Test
public void testProcessedProxyAuthV2CriticalityModify() throws Exception
{
- ProxiedAuthV2Control authV2Control = new ProxiedAuthV2Control(
- new ASN1OctetString("dn:cn=nonexistent,o=test"));
+ Control authV2Control =
+ new Control(ServerConstants.OID_PROXIED_AUTH_V2, false,
+ new ASN1OctetString("dn:cn=nonexistent,o=test"));
+
List<Control> controls = new ArrayList<Control>();
- authV2Control.setCritical(false);
controls.add(authV2Control);
InvocationCounterPlugin.resetAllCounters();
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PasswordModifyExtendedOperationTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PasswordModifyExtendedOperationTestCase.java
index 763b17b..9079590 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PasswordModifyExtendedOperationTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PasswordModifyExtendedOperationTestCase.java
@@ -355,6 +355,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -418,6 +419,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -480,6 +482,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -534,6 +537,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -597,6 +601,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -660,6 +665,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -722,6 +728,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -784,6 +791,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
@@ -1941,6 +1949,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password");
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPCompareTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPCompareTestCase.java
index 52d9dc7..fda8f7d 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPCompareTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPCompareTestCase.java
@@ -601,6 +601,7 @@
"objectClass: inetOrgPerson",
"cn: Test User",
"givenName: Test",
+ "ds-privilege-name: bypass-acl",
"sn: User");
InternalClientConnection conn =
@@ -654,6 +655,7 @@
"objectClass: inetOrgPerson",
"cn: Test User",
"givenName: Test",
+ "ds-privilege-name: bypass-acl",
"sn: User");
InternalClientConnection conn =
@@ -708,6 +710,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
@@ -757,6 +760,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java
index 8145442..212f5fa 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java
@@ -528,6 +528,7 @@
"objectClass: inetOrgPerson",
"cn: Test User",
"givenName: Test",
+ "ds-privilege-name: bypass-acl",
"sn: User");
InternalClientConnection conn =
@@ -580,6 +581,7 @@
"objectClass: inetOrgPerson",
"cn: Test User",
"givenName: Test",
+ "ds-privilege-name: bypass-acl",
"sn: User");
InternalClientConnection conn =
@@ -633,6 +635,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
@@ -681,6 +684,7 @@
"givenName: Test",
"sn: User",
"cn: Test User",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config");
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPPasswordModifyTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPPasswordModifyTestCase.java
index e5b6279..aa9ba20 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPPasswordModifyTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPPasswordModifyTestCase.java
@@ -339,7 +339,24 @@
"Should have been invalid because: " + invalidReason);
}
-
+ /**
+ * Add a test user.
+ */
+ private static void addTestUser() throws Exception
+ {
+ TestCaseUtils.addEntry(
+ "dn: uid=test.user,o=test",
+ "objectClass: top",
+ "objectClass: person",
+ "objectClass: organizationalPerson",
+ "objectClass: inetOrgPerson",
+ "uid: test.user",
+ "givenName: Test",
+ "sn: User",
+ "cn: Test User",
+ "ds-privilege-name: bypass-acl",
+ "userPassword: password");
+ }
/**
* Tests the ability to perform a self change including both the current and
@@ -353,24 +370,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -400,24 +400,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -446,24 +429,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -492,24 +458,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -537,24 +486,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -585,24 +517,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -634,24 +549,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -681,24 +579,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -727,24 +608,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -771,24 +635,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -817,24 +664,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -862,24 +692,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -912,24 +725,7 @@
String trustStorePath = DirectoryServer.getServerRoot() + File.separator +
"config" + File.separator + "client.truststore";
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -960,24 +756,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1011,24 +790,7 @@
String trustStorePath = DirectoryServer.getServerRoot() + File.separator +
"config" + File.separator + "client.truststore";
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1059,24 +821,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1106,24 +851,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1209,7 +937,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
+ TestCaseUtils.addEntry(
"dn: uid=test.user,o=test",
"objectClass: top",
"objectClass: person",
@@ -1222,13 +950,6 @@
"userPassword: password",
"ds-pwp-account-disabled: true");
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
-
String[] args =
{
"-h", "127.0.0.1",
@@ -1258,24 +979,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1306,24 +1010,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1355,24 +1042,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
@@ -1404,24 +1074,7 @@
{
TestCaseUtils.initializeTestBackend(true);
- Entry e = TestCaseUtils.makeEntry(
- "dn: uid=test.user,o=test",
- "objectClass: top",
- "objectClass: person",
- "objectClass: organizationalPerson",
- "objectClass: inetOrgPerson",
- "uid: test.user",
- "givenName: Test",
- "sn: User",
- "cn: Test User",
- "userPassword: password");
-
- InternalClientConnection conn =
- InternalClientConnection.getRootConnection();
- AddOperation addOperation =
- conn.processAdd(e.getDN(), e.getObjectClasses(),
- e.getUserAttributes(), e.getOperationalAttributes());
- assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+ addTestUser();
String[] args =
{
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPSearchTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPSearchTestCase.java
index 522bf5a..b2a00e8 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPSearchTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPSearchTestCase.java
@@ -1401,6 +1401,8 @@
String[] args =
{
+ "-D", "cn=Directory Manager",
+ "-w", "password",
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-b", "o=test",
@@ -1413,6 +1415,8 @@
args = new String[]
{
+ "-D", "cn=Directory Manager",
+ "-w", "password",
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-b", "o=test",
@@ -1426,6 +1430,8 @@
args = new String[]
{
+ "-D", "cn=Directory Manager",
+ "-w", "password",
"-h", "127.0.0.1",
"-p", String.valueOf(TestCaseUtils.getServerLdapPort()),
"-b", "o=test",
diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java
index 6f89632..5876712 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java
@@ -167,6 +167,7 @@
"ds-privilege-name: backend-backup",
"ds-privilege-name: backend-restore",
"ds-privilege-name: proxied-auth",
+ "ds-privilege-name: bypass-acl",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config",
"",
@@ -179,6 +180,7 @@
"givenName: Unprivileged",
"sn: User",
"uid: unprivileged.user",
+ "ds-privilege-name: bypass-acl",
"userPassword: password",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config",
--
Gitblit v1.10.0