From d7d15ea4c3e821c3563c13882ba9975d22baf151 Mon Sep 17 00:00:00 2001
From: abobrov <abobrov@localhost>
Date: Sun, 04 Oct 2009 00:15:52 +0000
Subject: [PATCH] - add global aci test case to handler re-init test.

---
 opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java |   33 ++++++++++++++++++++++++++++++---
 1 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java
index 351e9ef..b94161c 100644
--- a/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java
+++ b/opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/authorization/dseecompat/AciTests.java
@@ -2035,14 +2035,16 @@
   }
 
   /**
-   * Test online handler re-initialization using selfwrite right test cases.
-   * @throws Throwable If selfwrite tests fail after re-initialization.
+   * Test online handler re-initialization using global and selfwrite
+   * right test cases.
+   * @throws Throwable If any test cases fail after re-initialization.
    */
   @Test()
   public void testAciHandlerReInit() throws Throwable {
 
-    // Setup using selfwrite test case.
+    // Setup using global and selfwrite test cases.
     addEntries(BASIC_LDIF__GROUP_SEARCH_TESTS, DIR_MGR_DN, DIR_MGR_PW);
+    modEntries(GLOBAL_MODS, DIR_MGR_DN, DIR_MGR_PW);
     modEntries(SELFWRITE_ACI, DIR_MGR_DN, DIR_MGR_PW);
 
     // Disable ACI handler.
@@ -2053,6 +2055,31 @@
     TestCaseUtils.dsconfig("set-access-control-handler-prop",
             "--set", "enabled:true");
 
+    // Test global ACI. Two ACIs are used, one protecting
+    // "cn=monitor" and the other the test DIT.
+    SingleSearchParams monitorParam =
+            new SingleSearchParams(ADMIN_DN, ADMIN_PW, MONITOR_DN,
+            OBJECTCLASS_STAR, SCOPE_BASE,
+            null, null, null);
+    SingleSearchParams baseParam =
+            new SingleSearchParams(LEVEL_1_USER_DN,
+            "pa$$word", OU_BASE_DN,
+            OBJECTCLASS_STAR, SCOPE_BASE,
+            null, null, null);
+    try {
+      String monitorResults = ldapSearch(monitorParam.getLdapSearchArgs());
+      Assert.assertFalse(monitorResults.equals(""));
+      String baseResults = ldapSearch(baseParam.getLdapSearchArgs());
+      Assert.assertFalse(baseResults.equals(""));
+      deleteAttrFromEntry(ACCESS_HANDLER_DN, ATTR_AUTHZ_GLOBAL_ACI, true);
+      monitorResults = ldapSearch(monitorParam.getLdapSearchArgs());
+      Assert.assertTrue(monitorResults.equals(""));
+      baseResults = ldapSearch(baseParam.getLdapSearchArgs());
+      Assert.assertTrue(baseResults.equals(""));
+    } catch (Throwable e) {
+      throw e;
+    }
+
     // Test selfwrite right. Attempt to bind as level3 user and remove
     // level1 user from a group, should fail.
     try {

--
Gitblit v1.10.0