From 61596a88e3c62c6d50947d9fe8be61b496ba6971 Mon Sep 17 00:00:00 2001
From: Ian Packer <ian.packer@forgerock.com>
Date: Fri, 08 May 2015 14:18:22 +0000
Subject: [PATCH] CR-6874: fix OPENDJ-1797 Possible to add entries with invalid objectclass if structural objectclass checking is off
---
opendj-sdk/opendj-server-legacy/src/test/java/org/opends/server/types/EntrySchemaCheckingTestCase.java | 36 ++++++++++++++++++++++++++++++++----
opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/types/Entry.java | 7 +++++++
2 files changed, 39 insertions(+), 4 deletions(-)
diff --git a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/types/Entry.java b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/types/Entry.java
index 94ab13b..7d3406c 100644
--- a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/types/Entry.java
+++ b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/types/Entry.java
@@ -1750,6 +1750,13 @@
{
logger.error(message);
}
+
+ if (! checkAttributesAndObjectClasses(null,
+ structuralPolicy, invalidReason))
+ {
+ return false;
+ }
+
}
else
{
diff --git a/opendj-sdk/opendj-server-legacy/src/test/java/org/opends/server/types/EntrySchemaCheckingTestCase.java b/opendj-sdk/opendj-server-legacy/src/test/java/org/opends/server/types/EntrySchemaCheckingTestCase.java
index df821a8..16bc5a4 100644
--- a/opendj-sdk/opendj-server-legacy/src/test/java/org/opends/server/types/EntrySchemaCheckingTestCase.java
+++ b/opendj-sdk/opendj-server-legacy/src/test/java/org/opends/server/types/EntrySchemaCheckingTestCase.java
@@ -75,6 +75,36 @@
}
}
+ /**
+ * Ensures that the provided entry fails schema checking validation irrespective
+ * of relaxed compliance configured. Added due to unique niche case described
+ * in OPENDJ-1797
+ *
+ * @param e The entry to be tested.
+ */
+ private void failAlwaysStrictEvaluation(Entry e)
+ {
+ try
+ {
+ LocalizableMessageBuilder invalidReason = new LocalizableMessageBuilder();
+ DirectoryServer.setSingleStructuralObjectClassPolicy(REJECT);
+ assertFalse(e.conformsToSchema(null, false, true, true, invalidReason),
+ "Entry validation succeeded with REJECT policy");
+
+ DirectoryServer.setSingleStructuralObjectClassPolicy(WARN);
+ assertFalse(e.conformsToSchema(null, false, true, true, invalidReason),
+ "Entry validation failed with WARN policy: " + invalidReason);
+
+ DirectoryServer.setSingleStructuralObjectClassPolicy(ACCEPT);
+ assertFalse(e.conformsToSchema(null, false, true, true, invalidReason),
+ "Entry validation failed with ACCEPT policy: " + invalidReason);
+ }
+ finally
+ {
+ DirectoryServer.setSingleStructuralObjectClassPolicy(REJECT);
+ }
+ }
+
/**
@@ -194,8 +224,7 @@
"objectClass: xxxundefinedstructuralxxx",
"cn: test");
- assertFalse(e.conformsToSchema(null, false, true, true,
- new LocalizableMessageBuilder()));
+ failAlwaysStrictEvaluation(e);
}
@@ -219,8 +248,7 @@
"objectClass: xxxundefinedauxiliaryxxx",
"cn: test");
- assertFalse(e.conformsToSchema(null, false, true, true,
- new LocalizableMessageBuilder()));
+ failAlwaysStrictEvaluation(e);
}
--
Gitblit v1.10.0