From 2741b2c9a61f42aa40a7b913d6ba9b080df9d0ef Mon Sep 17 00:00:00 2001
From: mkeyes <mkeyes@localhost>
Date: Wed, 02 May 2007 20:28:57 +0000
Subject: [PATCH] Added a few more ACI functional test cases to round out the userdn usage and functionality.
---
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci26.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci21.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci23.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/shared/functions/ldap.xml | 12
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci22.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci25.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci27.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/testcases/aci/aci_target.xml | 1130 +++++++++++++++++++++++++++++++++++++++++++++++
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci24.ldif | 30 +
opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci28.ldif | 30 +
10 files changed, 1,382 insertions(+), 0 deletions(-)
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci21.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci21.ldif
new file mode 100644
index 0000000..7fa84da
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci21.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci21"; allow (search,read) userdn="ldap:///all";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci22.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci22.ldif
new file mode 100644
index 0000000..a26dfad
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci22.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci22"; allow (search,read) userdn="ldap:///anyone";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci23.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci23.ldif
new file mode 100644
index 0000000..73e0a5d
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci23.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci23"; allow (search,read) userdn!="ldap:///all";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci24.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci24.ldif
new file mode 100644
index 0000000..531db9c
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci24.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///uid=scarter,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci24"; allow (search,read) userdn="ldap:///self";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci25.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci25.ldif
new file mode 100644
index 0000000..0a79d49
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci25.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///uid=s*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci25"; allow (search,read) userdn="ldap:///self";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci26.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci26.ldif
new file mode 100644
index 0000000..8683b4b
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci26.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///uid=*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci26"; allow (search,read) userdn="ldap:///o=ACI Tests, dc=example,dc=com??sub?(|(ou=People)(ou=Marketing)(ou=Research)(ou=Sales))";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci27.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci27.ldif
new file mode 100644
index 0000000..f3de409
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci27.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///uid=*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci27"; allow (search,read) userdn="ldap:///o=ACI Tests, dc=example,dc=com??sub?(|(ou=Marketing)(ou=Research)(ou=Sales))";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci28.ldif b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci28.ldif
new file mode 100644
index 0000000..1fb28af
--- /dev/null
+++ b/opendj-sdk/opends/tests/functional-tests/shared/data/aci/aci_target/add_aci28.ldif
@@ -0,0 +1,30 @@
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE
+# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at
+# trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
+# add the following below this CDDL HEADER, with the fields enclosed
+# by brackets "[]" replaced with your own identifying information:
+# Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Portions Copyright 2007 Sun Microsystems, Inc.
+#
+
+dn: ou=aci branch, o=ACI Tests, dc=example,dc=com
+changetype: modify
+add: aci
+aci: (target="ldap:///uid=*,ou=People,ou=aci branch, o=ACI Tests, dc=example,dc=com")(targetattr="*")(version 3.0; acl "add_aci28"; allow (search,read) userdn="ldap:///uid=auser,ou=People,o=ACI Tests,dc=example,dc=com || ldap:///o=ACI Tests, dc=example,dc=com??sub?(|(ou=Marketing)(ou=Research)(ou=Sales))";)
+
diff --git a/opendj-sdk/opends/tests/functional-tests/shared/functions/ldap.xml b/opendj-sdk/opends/tests/functional-tests/shared/functions/ldap.xml
index 9218d15..c3c8c45 100755
--- a/opendj-sdk/opends/tests/functional-tests/shared/functions/ldap.xml
+++ b/opendj-sdk/opends/tests/functional-tests/shared/functions/ldap.xml
@@ -529,6 +529,18 @@
<stderr mode="'stdout'"/>
<returnstdout/>
</process>
+ <script>
+ SearchRC=RC
+ SearchResult=STAXResult
+ </script>
+
+ <call function="'checkRC'">
+ { 'returncode' : SearchRC ,
+ 'result' : SearchResult }
+ </call>
+
+ <return>SearchResult</return>
+
</sequence>
</function>
diff --git a/opendj-sdk/opends/tests/functional-tests/testcases/aci/aci_target.xml b/opendj-sdk/opends/tests/functional-tests/testcases/aci/aci_target.xml
index f17976d..7613be2 100755
--- a/opendj-sdk/opends/tests/functional-tests/testcases/aci/aci_target.xml
+++ b/opendj-sdk/opends/tests/functional-tests/testcases/aci/aci_target.xml
@@ -1578,6 +1578,1136 @@
</sequence>
</testcase>
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal all
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal all
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with anonymous user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for step 1.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equals all'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci21.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals all, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals all, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals all, user searching targeted entry as anonymous user'
+ </message>
+
+ <call function="'AnonSearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-T' }
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals all, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals all, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal anyone
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal anyone
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with anonoymous user
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for steps 1 and 2.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equals anyone'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci22.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals anyone, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals anyone, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals anyone, user searching targeted entry as anonymous user'
+ </message>
+
+ <call function="'AnonSearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-T' }
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals anyone, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equals anyone, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn not equal all
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn not equal all
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with anonymous user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for step 2.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn not equals all'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci23.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn not equals all, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn not equals all, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn not equals all, user searching targeted entry as anonymous user'
+ </message>
+
+ <call function="'AnonSearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'extraParams' : '-T' }
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn not equals all, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn not equals all, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal self
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal self
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with self user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for step 2.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equal self'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci24.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self, user searching targeted entry as self'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprain' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal self with wildcard
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal self with wildcard
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with self user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for step 2.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci25.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard, user searching targeted entry as self'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'sprain' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal self with wildcard and filter
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal self with wildcard and filter
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with another authenticated user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for steps 1 and 2.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci26.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, user searching targeted entry as self'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=buser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal self with wildcard and filter, deny
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal self with wildcard and filter, deny
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with another authenticated user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and no entries are returned for any step.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci27.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, user searching targeted entry as self'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=buser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, deny, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
+ <!---
+ Place test-specific test information here.
+ The tag, TestMarker, must be the same as the tag, TestSuiteName.
+ #@TestMarker ACI Target Tests
+ #@TestName Target equals dn with userdn equal self with wildcard and filter, allow and deny
+ #@TestIssue 434
+ #@TestPurpose Test with the target set equal to a dn with userdn equal self with wildcard and filter, allow and deny
+ #@TestPreamble Admin adds an aci with the target equal to the dn of one existing branch.
+ #@TestStep Client searches entry with the targeted branch dn with authenticated user.
+ #@TestStep Client searches entry with the targeted branch dn with another authenticated user.
+ #@TestStep Remove aci.
+ #@TestStep Client searches entry with the previously targeted branch dn.
+ #@TestPostamble none
+ #@TestResult Success if OpenDS returns 0
+ for all ldap operations, and
+ and entry is returned only for step 1.
+ -->
+ <!-- cross reference to http://docs.sun.com/source/816-6698-10/aci.html -->
+ <!-- cross reference to DS6 docs -->
+ <testcase name="'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny'">
+ <sequence>
+ <call function="'testCase_Preamble'"/>
+
+ <script>
+ curr_aci_ldif_file = 'add_aci28.ldif'
+ curr_aci=retrieve_aci('%s/aci/aci_target/%s' % (LOCAL_DATA_DIR,curr_aci_ldif_file));
+ </script>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, preamble adding aci,\n %s' % curr_aci
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/%s' % (STAGED_DATA_DIR,curr_aci_ldif_file) }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, user searching targeted entry as authenticated user'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '1'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, user searching targeted entry as self'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=buser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'searchStringForSubstring'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <if expr="returnCode != '0'">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, admin deleting aci'
+ </message>
+
+ <call function="'modifyEntry'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
+ 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
+ 'entryToBeModified' : '%s/aci/aci_target/del_aci.ldif' % STAGED_DATA_DIR }
+ </call>
+
+ <if expr="RC != 0">
+ <tcstatus result="'fail'"/>
+ </if>
+
+ <message>
+ 'ACI: Target: Target Equals DN with userdn equal self with wildcard and filter, allow and deny, user searching previously targeted entry'
+ </message>
+
+ <call function="'SearchObject'">
+ { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
+ 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
+ 'dsInstanceDn' : 'uid=auser,ou=people,o=ACI Tests,dc=example,dc=com' ,
+ 'dsInstancePswd' : 'ACIRules' ,
+ 'dsBaseDN' : 'uid=scarter,ou=People,ou=aci branch,o=ACI Tests,dc=example,dc=com' ,
+ 'dsFilter' : 'objectclass=*' ,
+ 'attributes' : 'cn sn uid'}
+ </call>
+
+ <script>
+ returnString = STAXResult[0][1]
+ </script>
+
+ <call function="'checktestStringNotPresent'">
+ { 'returnString' : returnString ,
+ 'testString' : 'dn: uid=scarter,ou=People,ou=aci branch,o=ACI Tests' }
+ </call>
+
+ <call function="'testCase_Postamble'"/>
+
+ </sequence>
+ </testcase>
+
<!---
Place test-specific test information here.
The tag, TestMarker, must be the same as the tag, TestSuiteName.
--
Gitblit v1.10.0