You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/01/07 16:22:19 UTC
svn commit: r493745 - in /directory/trunks/apacheds/core/src:
main/java/org/apache/directory/server/core/authz/support/
main/java/org/apache/directory/server/core/subtree/
test/java/org/apache/directory/server/core/authz/support/
test/java/org/apache/d...
Author: ersiner
Date: Sun Jan 7 07:22:19 2007
New Revision: 493745
URL: http://svn.apache.org/viewvc?view=rev&rev=493745
Log:
Adding Filtered SubtreeSpecification support to the core.
Now, entries can be selected via LDAP filters as well as Refinements.
This improves the capability of all services that depends on the Administrative Model: Collective Attributes, Authorization, Triggers.
This may have some side effects, we'll see.
One thing missing is that I did not update the SubtreeSpecification bean to replace refinement with a more general term filterExpr. Still all API uses the term refinement but it's really either a Refinement or a Filter.
Modified:
directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java
directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java
directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubtreeEvaluator.java
directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java
directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/subtree/SubtreeEvaluatorTest.java
Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java?view=diff&rev=493745&r1=493744&r2=493745
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java (original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java Sun Jan 7 07:22:19 2007
@@ -78,7 +78,7 @@
public ACDFEngine(OidRegistry oidRegistry, AttributeTypeRegistry attrTypeRegistry) throws NamingException
{
Evaluator entryEvaluator = new ExpressionEvaluator( oidRegistry, attrTypeRegistry );
- SubtreeEvaluator subtreeEvaluator = new SubtreeEvaluator( oidRegistry );
+ SubtreeEvaluator subtreeEvaluator = new SubtreeEvaluator( oidRegistry, attrTypeRegistry );
RefinementEvaluator refinementEvaluator = new RefinementEvaluator( new RefinementLeafEvaluator( oidRegistry ) );
filters = new ACITupleFilter[]
Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java?view=diff&rev=493745&r1=493744&r2=493745
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java (original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java Sun Jan 7 07:22:19 2007
@@ -152,7 +152,7 @@
for ( Iterator i = subtree.getSubtreeSpecifications().iterator(); i.hasNext(); )
{
SubtreeSpecification subtreeSpec = ( SubtreeSpecification ) i.next();
- if ( subtreeEvaluator.evaluate( subtreeSpec, ROOTDSE_NAME, userName, userEntry.get( "userClass" ) ) )
+ if ( subtreeEvaluator.evaluate( subtreeSpec, ROOTDSE_NAME, userName, userEntry ) )
{
return true;
}
Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java?view=diff&rev=493745&r1=493744&r2=493745
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java (original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java Sun Jan 7 07:22:19 2007
@@ -129,7 +129,7 @@
return attrRegistry.getNormalizerMapping();
}
}, attrRegistry.getNormalizerMapping() );
- evaluator = new SubtreeEvaluator( factoryCfg.getRegistries().getOidRegistry() );
+ evaluator = new SubtreeEvaluator( factoryCfg.getRegistries().getOidRegistry(), factoryCfg.getRegistries().getAttributeTypeRegistry() );
// prepare to find all subentries in all namingContexts
Iterator suffixes = this.nexus.listSuffixes();
@@ -299,7 +299,6 @@
public Attributes getSubentryAttributes( Name dn, Attributes entryAttrs ) throws NamingException
{
Attributes subentryAttrs = new LockableAttributesImpl();
- Attribute objectClasses = entryAttrs.get( "objectClass" );
Iterator list = subentryCache.nameIterator();
while ( list.hasNext() )
{
@@ -310,7 +309,7 @@
Subentry subentry = subentryCache.getSubentry( subentryDnStr );
SubtreeSpecification ss = subentry.getSubtreeSpecification();
- if ( evaluator.evaluate( ss, apDn, dn, objectClasses ) )
+ if ( evaluator.evaluate( ss, apDn, dn, entryAttrs ) )
{
Attribute operational;
@@ -441,7 +440,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ss, apName, dn, candidate.get( "objectClass" ) ) )
+ if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
}
@@ -459,7 +458,7 @@
Subentry subentry = subentryCache.getSubentry( subentryDnStr );
SubtreeSpecification ss = subentry.getSubtreeSpecification();
- if ( evaluator.evaluate( ss, apDn, normName, objectClasses ) )
+ if ( evaluator.evaluate( ss, apDn, normName, entry ) )
{
Attribute operational;
@@ -552,7 +551,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ss, apName, dn, ServerUtils.getAttribute( objectClassType, candidate ) ) )
+ if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForRemove( name, candidate ) );
}
@@ -597,7 +596,6 @@
private ModificationItem[] getModsOnEntryRdnChange( Name oldName, Name newName, Attributes entry )
throws NamingException
{
- Attribute objectClasses = entry.get( "objectClass" );
List modList = new ArrayList();
/*
@@ -620,8 +618,8 @@
Name apDn = new LdapDN( subentryDn );
apDn.remove( apDn.size() - 1 );
SubtreeSpecification ss = subentryCache.getSubentry( subentryDn ).getSubtreeSpecification();
- boolean isOldNameSelected = evaluator.evaluate( ss, apDn, oldName, objectClasses );
- boolean isNewNameSelected = evaluator.evaluate( ss, apDn, newName, objectClasses );
+ boolean isOldNameSelected = evaluator.evaluate( ss, apDn, oldName, entry );
+ boolean isNewNameSelected = evaluator.evaluate( ss, apDn, newName, entry );
if ( isOldNameSelected == isNewNameSelected )
{
@@ -706,7 +704,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ss, apName, dn, ServerUtils.getAttribute( objectClassType, candidate ) ) )
+ if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForReplace( name, newName, subentry, candidate ) );
}
@@ -778,7 +776,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ss, apName, dn, ServerUtils.getAttribute( objectClassType, candidate ) ) )
+ if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForReplace( oriChildName, newName, subentry,
candidate ) );
@@ -846,7 +844,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ss, apName, dn, candidate.get( "objectClass" ) ) )
+ if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForReplace( oriChildName, newName, subentry,
candidate ) );
@@ -995,7 +993,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ssOld, apName, dn, ServerUtils.getAttribute( objectClassType, candidate ) ) )
+ if ( evaluator.evaluate( ssOld, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForRemove( name, candidate ) );
}
@@ -1014,7 +1012,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ssNew, apName, dn, ServerUtils.getAttribute( objectClassType, candidate ) ) )
+ if ( evaluator.evaluate( ssNew, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
}
@@ -1080,7 +1078,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ssOld, apName, dn, candidate.get( "objectClass" ) ) )
+ if ( evaluator.evaluate( ssOld, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForRemove( name, candidate ) );
}
@@ -1099,7 +1097,7 @@
LdapDN dn = new LdapDN( result.getName() );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( evaluator.evaluate( ssNew, apName, dn, candidate.get( "objectClass" ) ) )
+ if ( evaluator.evaluate( ssNew, apName, dn, candidate ) )
{
nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
}
Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubtreeEvaluator.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubtreeEvaluator.java?view=diff&rev=493745&r1=493744&r2=493745
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubtreeEvaluator.java (original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/subtree/SubtreeEvaluator.java Sun Jan 7 07:22:19 2007
@@ -20,16 +20,20 @@
package org.apache.directory.server.core.subtree;
+import java.util.Iterator;
+
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+
+import org.apache.directory.server.core.event.Evaluator;
+import org.apache.directory.server.core.event.ExpressionEvaluator;
+import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.subtree.SubtreeSpecification;
import org.apache.directory.shared.ldap.util.NamespaceTools;
-import javax.naming.Name;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import java.util.Iterator;
-
/**
* An evaluator used to determine if an entry is included in the collection
@@ -41,7 +45,7 @@
public class SubtreeEvaluator
{
/** A refinement filter evaluator */
- private final RefinementEvaluator evaluator;
+ private final Evaluator evaluator;
/**
@@ -49,11 +53,11 @@
* if an entry is included within the collection of a subtree.
*
* @param registry a registry used to lookup objectClass names for OIDs
+ * @throws NamingException
*/
- public SubtreeEvaluator(OidRegistry registry)
+ public SubtreeEvaluator(OidRegistry oidRegistry, AttributeTypeRegistry attrRegistry) throws NamingException
{
- RefinementLeafEvaluator leafEvaluator = new RefinementLeafEvaluator( registry );
- evaluator = new RefinementEvaluator( leafEvaluator );
+ evaluator = new ExpressionEvaluator(oidRegistry, attrRegistry );
}
@@ -67,9 +71,12 @@
* @return true if the entry is selected by the specification, false if it is not
* @throws javax.naming.NamingException if errors are encountered while evaluating selection
*/
- public boolean evaluate( SubtreeSpecification subtree, Name apDn, Name entryDn, Attribute objectClasses )
+ public boolean evaluate( SubtreeSpecification subtree, Name apDn, Name entryDn, Attributes entry )
throws NamingException
{
+ // TODO: Try to make this cast unnecessary.
+ LdapDN entryLdapDn = (LdapDN) entryDn;
+
/* =====================================================================
* NOTE: Regarding the overall approach, we try to narrow down the
* possibilities by slowly pruning relative names off of the entryDn.
@@ -182,7 +189,7 @@
*/
if ( subtree.getRefinement() != null )
{
- return evaluator.evaluate( subtree.getRefinement(), objectClasses );
+ return evaluator.evaluate( subtree.getRefinement(), entryLdapDn.toNormName(), entry );
}
/*
Modified: directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java?view=diff&rev=493745&r1=493744&r2=493745
==============================================================================
--- directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java (original)
+++ directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java Sun Jan 7 07:22:19 2007
@@ -56,12 +56,22 @@
private static final Set USER_NAMES = new HashSet();
private static final Set GROUP_NAMES = new HashSet();
- private static final SubtreeEvaluator SUBTREE_EVALUATOR = new SubtreeEvaluator( new DummyOidRegistry() );
+ private static final SubtreeEvaluator SUBTREE_EVALUATOR;
- private static final RelatedUserClassFilter filter = new RelatedUserClassFilter( SUBTREE_EVALUATOR );
+ private static final RelatedUserClassFilter filter;
static
{
+ try
+ {
+ SUBTREE_EVALUATOR = new SubtreeEvaluator( new DummyOidRegistry(), new DummyAttributeTypeRegistry(true) );
+ filter = new RelatedUserClassFilter( SUBTREE_EVALUATOR );
+ }
+ catch ( NamingException e )
+ {
+ throw new Error();
+ }
+
try
{
GROUP_NAME = new LdapDN( "ou=test,ou=groups,ou=system" );
Modified: directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/subtree/SubtreeEvaluatorTest.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/subtree/SubtreeEvaluatorTest.java?view=diff&rev=493745&r1=493744&r2=493745
==============================================================================
--- directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/subtree/SubtreeEvaluatorTest.java (original)
+++ directory/trunks/apacheds/core/src/test/java/org/apache/directory/server/core/subtree/SubtreeEvaluatorTest.java Sun Jan 7 07:22:19 2007
@@ -20,12 +20,24 @@
package org.apache.directory.server.core.subtree;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+
import junit.framework.TestCase;
-import org.apache.directory.server.core.subtree.SubtreeEvaluator;
-import org.apache.directory.server.schema.bootstrap.*;
+import org.apache.directory.server.schema.bootstrap.ApacheSchema;
+import org.apache.directory.server.schema.bootstrap.BootstrapSchemaLoader;
+import org.apache.directory.server.schema.bootstrap.CoreSchema;
+import org.apache.directory.server.schema.bootstrap.Schema;
+import org.apache.directory.server.schema.bootstrap.SystemSchema;
import org.apache.directory.server.schema.registries.DefaultRegistries;
-import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.FilterParser;
@@ -34,13 +46,6 @@
import org.apache.directory.shared.ldap.subtree.SubtreeSpecification;
import org.apache.directory.shared.ldap.subtree.SubtreeSpecificationModifier;
-import javax.naming.NamingException;
-import javax.naming.Name;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.BasicAttribute;
-import java.util.Set;
-import java.util.HashSet;
-
/**
* Unit test cases for the SubtreeEvaluator.
@@ -70,8 +75,7 @@
protected void setUp() throws Exception
{
init();
- OidRegistry registry = registries.getOidRegistry();
- evaluator = new SubtreeEvaluator( registry );
+ evaluator = new SubtreeEvaluator( registries.getOidRegistry(), registries.getAttributeTypeRegistry() );
}
@@ -89,14 +93,16 @@
Name apDn = new LdapDN( "ou=system" );
Name entryDn = new LdapDN( "ou=users,ou=system" );
Attribute objectClasses = new BasicAttribute( "objectClass" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=abc" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
}
@@ -108,14 +114,16 @@
Name apDn = new LdapDN( "ou=system" );
Name entryDn = new LdapDN( "ou=users,ou=system" );
Attribute objectClasses = new BasicAttribute( "objectClass" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
}
@@ -129,23 +137,25 @@
Name apDn = new LdapDN( "ou=system" );
Name entryDn = new LdapDN( "ou=users,ou=system" );
Attribute objectClasses = new BasicAttribute( "objectClass" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=fourlevels,ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
}
@@ -163,23 +173,25 @@
Name apDn = new LdapDN( "ou=system" );
Name entryDn = new LdapDN( "ou=users,ou=system" );
Attribute objectClasses = new BasicAttribute( "objectClass" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=fourlevels,ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
}
@@ -197,23 +209,25 @@
Name apDn = new LdapDN( "ou=system" );
Name entryDn = new LdapDN( "ou=users,ou=system" );
Attribute objectClasses = new BasicAttribute( "objectClass" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=fourlevels,ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
}
@@ -231,43 +245,85 @@
Name apDn = new LdapDN( "ou=system" );
Name entryDn = new LdapDN( "ou=users,ou=system" );
Attribute objectClasses = new BasicAttribute( "objectClass", "person" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertTrue( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=fourlevels,ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
// now change the refinement so the entry is rejected
objectClasses = new BasicAttribute( "objectClass", "organizationalUnit" );
+ entry = new BasicAttributes();
+ entry.put( objectClasses );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
entryDn = new LdapDN( "ou=fourlevels,ou=threelevels,ou=twolevels,uid=akarasulu,ou=users,ou=system" );
- assertFalse( evaluator.evaluate( ss, apDn, entryDn, objectClasses ) );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
+
+ }
+
+
+ public void testWithFilter() throws Exception
+ {
+ FilterParser parser = new FilterParserImpl();
+ ExprNode filter = parser.parse( "(&(cn=Ersin)(objectClass=person))" );
+
+ SubtreeSpecificationModifier modifier = new SubtreeSpecificationModifier();
+ modifier.setRefinement( filter );
+ modifier.setMinBaseDistance( 1 );
+ modifier.setMaxBaseDistance( 3 );
+ modifier.setBase( new LdapDN( "ou=users" ) );
+ SubtreeSpecification ss = modifier.getSubtreeSpecification();
+ Name apDn = new LdapDN( "ou=system" );
+ Name entryDn = new LdapDN( "ou=users,ou=system" );
+ Attribute objectClasses = new BasicAttribute( "objectClass", "person" );
+ Attribute cn = new BasicAttribute( "cn", "Ersin" );
+ Attributes entry = new BasicAttributes();
+ entry.put( objectClasses );
+ entry.put( cn );
+
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
+
+ entryDn = new LdapDN( "cn=Ersin,ou=users,ou=system" );
+ assertTrue( evaluator.evaluate( ss, apDn, entryDn, entry ) );
+
+ // now change the filter so the entry is rejected
+ objectClasses = new BasicAttribute( "objectClass", "person" );
+ cn = new BasicAttribute( "cn", "Alex" );
+ entry = new BasicAttributes();
+ entry.put( objectClasses );
+ entry.put( cn );
+
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
+ entryDn = new LdapDN( "cn=Alex,ou=users,ou=system" );
+ assertFalse( evaluator.evaluate( ss, apDn, entryDn, entry ) );
}
}