You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/10/09 13:21:42 UTC
svn commit: r583113 - in /directory/apacheds/branches/1.0:
core-unit/src/test/java/org/apache/directory/server/core/authz/
core/src/main/java/org/apache/directory/server/core/authz/
core/src/main/java/org/apache/directory/server/core/authz/support/ cor...
Author: ersiner
Date: Tue Oct 9 04:21:40 2007
New Revision: 583113
URL: http://svn.apache.org/viewvc?rev=583113&view=rev
Log:
Fixed https://issues.apache.org/jira/browse/DIRSERVER-1062.
Fixed 1-2 more bugs while working on this one. It seems the implementation was done with misunderstood semantics.
Modified:
directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java
directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxValueCountFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MicroOperationFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java
directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java
Modified: directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java (original)
+++ directory/apacheds/branches/1.0/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java Tue Oct 9 04:21:40 2007
@@ -31,6 +31,8 @@
import javax.naming.Name;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import java.util.List;
@@ -543,4 +545,64 @@
deleteAccessControlSubentry( "modifyACI" );
}
+
+
+ public void testMaxValueCountProtectedItem() throws NamingException
+ {
+ createUser( "billyd", "billyd" );
+ createAccessControlSubentry( "mvcACI",
+ " {" +
+ " identificationTag \"mvcACI\"," +
+ " precedence 10," +
+ " authenticationLevel simple," +
+ " itemOrUserFirst userFirst:" +
+ " {" +
+ " userClasses { allUsers }," +
+ " userPermissions" +
+ " {" +
+ " {" +
+ " protectedItems { entry }," +
+ " grantsAndDenials { grantModify, grantBrowse }" +
+ " }" +
+ " ," +
+ " {" +
+ " protectedItems" +
+ " {" +
+ " attributeType { description }," +
+ " allAttributeValues { description }," +
+ " maxValueCount" +
+ " {" +
+ " { type description, maxCount 1 }" +
+ " }" +
+ " }" +
+ " ," +
+ " grantsAndDenials" +
+ " {" +
+ " grantRemove," +
+ " grantAdd" +
+ " }" +
+ " }" +
+ " }" +
+ " }" +
+ " }" );
+
+ ModificationItemImpl[] mods = toItems( DirContext.ADD_ATTRIBUTE,
+ new BasicAttributes( "description", "description 1", true ) );
+
+ assertTrue( checkCanModifyAs( "billyd", "billyd", "ou=testou", mods ) );
+
+ Attributes attrs = new BasicAttributes(true);
+ Attribute attr = new BasicAttribute( "description" );
+ attr.add( "description 1" );
+ attr.add( "description 2" );
+ attrs.put( attr );
+ mods = toItems( DirContext.ADD_ATTRIBUTE, attrs );
+
+ assertFalse( checkCanModifyAs( "billyd", "billyd", "ou=testou", mods ) );
+
+ mods = toItems( DirContext.REPLACE_ATTRIBUTE, attrs );
+
+ assertFalse( checkCanModifyAs( "billyd", "billyd", "ou=testou", mods ) );
+ }
+
}
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java Tue Oct 9 04:21:40 2007
@@ -48,6 +48,7 @@
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
+import org.apache.directory.shared.ldap.schema.SchemaUtils;
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.slf4j.Logger;
@@ -406,7 +407,7 @@
// check if entry scope permission is granted
PartitionNexusProxy proxy = invocation.getProxy();
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), normName, null, null,
- ADD_PERMS, tuples, subentryAttrs );
+ ADD_PERMS, tuples, subentryAttrs, null );
// now we must check if attribute type and value scope permission is granted
NamingEnumeration attributeList = entry.getAll();
@@ -416,7 +417,7 @@
for ( int ii = 0; ii < attr.size(); ii++ )
{
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), normName, attr
- .getID(), attr.get( ii ), ADD_PERMS, tuples, entry );
+ .getID(), attr.get( ii ), ADD_PERMS, tuples, entry, null );
}
}
@@ -462,7 +463,7 @@
addSubentryAciTuples( proxy, tuples, name, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- REMOVE_PERMS, tuples, entry );
+ REMOVE_PERMS, tuples, entry, null );
next.delete( name );
tupleCache.subentryDeleted( name, entry );
@@ -503,8 +504,10 @@
addSubentryAciTuples( proxy, tuples, name, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
+ Collections.singleton( MicroOperation.MODIFY ), tuples, entry, null );
+ Attributes entryView = ( Attributes ) entry.clone();
+
NamingEnumeration attrList = mods.getAll();
Collection perms = null;
switch ( modOp )
@@ -533,7 +536,7 @@
{
// ... we also need to check if adding the attribute is permitted
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name,
- attr.getID(), null, perms, tuples, entry );
+ attr.getID(), null, perms, tuples, entry, null );
}
break;
case ( DirContext.REMOVE_ATTRIBUTE ):
@@ -545,17 +548,31 @@
{
// ... we also need to check if removing the attribute at all is permitted
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name,
- attr.getID(), null, perms, tuples, entry );
+ attr.getID(), null, perms, tuples, entry, null );
}
}
break;
}
+ /**
+ * Update the entry view as the current modification is applied to the original entry.
+ * This is especially required for handling the MaxValueCount protected item. Number of
+ * values for an attribute after a modification should be known in advance in order to
+ * check permissions for MaxValueCount protected item. So during addition of the first
+ * value of an attribute it can be rejected if the permission denied due the the
+ * MaxValueCount protected item. This is not the perfect implementation as required by
+ * the specification because the system should reject the addition exactly on the right
+ * value of the attribute. However as we do not have that much granularity in our
+ * implementation (we consider an Attribute Addition itself a Micro Operation,
+ * not the individual Value Additions) we just handle this when the first value of an
+ * attribute is being checked for relevant permissions below.
+ */
+ entryView = SchemaUtils.getTargetEntry( new ModificationItemImpl(modOp, attr), entryView );
for ( int ii = 0; ii < attr.size(); ii++ )
{
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, attr
- .getID(), attr.get( ii ), perms, tuples, entry );
+ .getID(), attr.get( ii ), perms, tuples, entry, entryView );
}
}
@@ -599,9 +616,11 @@
addSubentryAciTuples( proxy, tuples, name, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
+ Collections.singleton( MicroOperation.MODIFY ), tuples, entry, null );
Collection perms = null;
+ Attributes entryView = ( Attributes ) entry.clone();
+
for ( int ii = 0; ii < mods.length; ii++ )
{
@@ -616,7 +635,7 @@
{
// ... we also need to check if adding the attribute is permitted
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name,
- attr.getID(), null, perms, tuples, entry );
+ attr.getID(), null, perms, tuples, entry, null );
}
break;
@@ -630,7 +649,7 @@
{
// ... we also need to check if removing the attribute at all is permitted
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name,
- attr.getID(), null, perms, tuples, entry );
+ attr.getID(), null, perms, tuples, entry, null );
}
}
break;
@@ -640,11 +659,25 @@
break;
}
+ /**
+ * Update the entry view as the current modification is applied to the original entry.
+ * This is especially required for handling the MaxValueCount protected item. Number of
+ * values for an attribute after a modification should be known in advance in order to
+ * check permissions for MaxValueCount protected item. So during addition of the first
+ * value of an attribute it can be rejected if the permission denied due the the
+ * MaxValueCount protected item. This is not the perfect implementation as required by
+ * the specification because the system should reject the addition exactly on the right
+ * value of the attribute. However as we do not have that much granularity in our
+ * implementation (we consider an Attribute Addition itself a Micro Operation,
+ * not the individual Value Additions) we just handle this when the first value of an
+ * attribute is being checked for relevant permissions below.
+ */
+ entryView = SchemaUtils.getTargetEntry( mods[ii], entryView );
for ( int jj = 0; jj < attr.size(); jj++ )
{
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, attr
- .getID(), attr.get( jj ), perms, tuples, entry );
+ .getID(), attr.get( jj ), perms, tuples, entry, entryView );
}
}
@@ -676,7 +709,7 @@
// check that we have browse access to the entry
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- BROWSE_PERMS, tuples, entry );
+ BROWSE_PERMS, tuples, entry, null );
return next.hasEntry( name );
}
@@ -715,7 +748,7 @@
// check that we have read access to the entry
engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), dn, null, null,
- LOOKUP_PERMS, tuples, entry );
+ LOOKUP_PERMS, tuples, entry, null );
// check that we have read access to every attribute type and value
NamingEnumeration attributeList = entry.getAll();
@@ -725,7 +758,7 @@
for ( int ii = 0; ii < attr.size(); ii++ )
{
engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), dn, attr
- .getID(), attr.get( ii ), READ_PERMS, tuples, entry );
+ .getID(), attr.get( ii ), READ_PERMS, tuples, entry, null );
}
}
}
@@ -806,7 +839,7 @@
addSubentryAciTuples( proxy, tuples, name, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- RENAME_PERMS, tuples, entry );
+ RENAME_PERMS, tuples, entry, null );
// if ( deleteOldRn )
// {
@@ -876,7 +909,7 @@
addSubentryAciTuples( proxy, tuples, oriChildName, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), oriChildName, null,
- null, MOVERENAME_PERMS, tuples, entry );
+ null, MOVERENAME_PERMS, tuples, entry, null );
// Get the entry again without operational attributes
// because access control subentry operational attributes
@@ -903,7 +936,7 @@
// Evaluate the target context to see whether it
// allows an entry named newName to be imported as a subordinate.
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), newName, null,
- null, IMPORT_PERMS, destTuples, subentryAttrs );
+ null, IMPORT_PERMS, destTuples, subentryAttrs, null );
// if ( deleteOldRn )
// {
@@ -972,7 +1005,7 @@
addSubentryAciTuples( proxy, tuples, oriChildName, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), oriChildName, null,
- null, EXPORT_PERMS, tuples, entry );
+ null, EXPORT_PERMS, tuples, entry, null );
// Get the entry again without operational attributes
// because access control subentry operational attributes
@@ -999,7 +1032,7 @@
// Evaluate the target context to see whether it
// allows an entry named newName to be imported as a subordinate.
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), newName, null,
- null, IMPORT_PERMS, destTuples, subentryAttrs );
+ null, IMPORT_PERMS, destTuples, subentryAttrs, null );
next.move( oriChildName, newParentName );
tupleCache.subentryRenamed( oriChildName, newName );
@@ -1071,9 +1104,9 @@
addSubentryAciTuples( proxy, tuples, name, entry );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- READ_PERMS, tuples, entry );
+ READ_PERMS, tuples, entry, null );
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, oid, value,
- COMPARE_PERMS, tuples, entry );
+ COMPARE_PERMS, tuples, entry, null );
return next.compare( name, oid, value );
}
@@ -1109,7 +1142,7 @@
addSubentryAciTuples( proxy, tuples, matched, entry );
if ( engine.hasPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), matched, null,
- null, MATCHEDNAME_PERMS, tuples, entry ) )
+ null, MATCHEDNAME_PERMS, tuples, entry, null ) )
{
return matched;
}
@@ -1144,7 +1177,7 @@
addSubentryAciTuples( invocation.getProxy(), tuples, normName, entry );
if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
- .getAuthenticationLevel(), normName, null, null, SEARCH_ENTRY_PERMS, tuples, entry ) )
+ .getAuthenticationLevel(), normName, null, null, SEARCH_ENTRY_PERMS, tuples, entry, null ) )
{
return false;
}
@@ -1163,7 +1196,7 @@
String id = ( String ) idList.next();
Attribute attr = result.getAttributes().get( id );
if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
- .getAuthenticationLevel(), normName, attr.getID(), null, SEARCH_ATTRVAL_PERMS, tuples, entry ) )
+ .getAuthenticationLevel(), normName, attr.getID(), null, SEARCH_ATTRVAL_PERMS, tuples, entry, null ) )
{
result.getAttributes().remove( attr.getID() );
@@ -1179,7 +1212,7 @@
{
if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
.getAuthenticationLevel(), normName, attr.getID(), attr.get( ii ), SEARCH_ATTRVAL_PERMS, tuples,
- entry ) )
+ entry, null ) )
{
attr.remove( ii );
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java Tue Oct 9 04:21:40 2007
@@ -106,14 +106,15 @@
* <tt>null</tt> if the user is not accessing a specific attribute value.
* @param microOperations the {@link org.apache.directory.shared.ldap.aci.MicroOperation}s to perform
* @param aciTuples {@link org.apache.directory.shared.ldap.aci.ACITuple}s translated from {@link org.apache.directory.shared.ldap.aci.ACIItem}s in the subtree entries
+ * @param entryView TODO
* @throws NamingException if failed to evaluate ACI items
*/
public void checkPermission( PartitionNexusProxy proxy, Collection userGroupNames, LdapDN username,
AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue,
- Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException
+ Collection microOperations, Collection aciTuples, Attributes entry, Attributes entryView ) throws NamingException
{
if ( !hasPermission( proxy, userGroupNames, username, authenticationLevel, entryName, attrId, attrValue,
- microOperations, aciTuples, entry ) )
+ microOperations, aciTuples, entry, entryView ) )
{
throw new LdapNoPermissionException();
}
@@ -150,10 +151,11 @@
* <tt>null</tt> if the user is not accessing a specific attribute value.
* @param microOperations the {@link org.apache.directory.shared.ldap.aci.MicroOperation}s to perform
* @param aciTuples {@link org.apache.directory.shared.ldap.aci.ACITuple}s translated from {@link org.apache.directory.shared.ldap.aci.ACIItem}s in the subtree entries
+ * @param entryView TODO
*/
public boolean hasPermission( PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName,
AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue,
- Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException
+ Collection microOperations, Collection aciTuples, Attributes entry, Attributes entryView ) throws NamingException
{
if ( entryName == null )
{
@@ -185,7 +187,7 @@
{
ACITupleFilter filter = filters[i];
aciTuples = filter.filter( aciTuples, scope, proxy, userGroupNames, userName, userEntry,
- authenticationLevel, entryName, attrId, attrValue, entry, microOperations );
+ authenticationLevel, entryName, attrId, attrValue, entry, microOperations, entryView );
}
// Deny access if no tuples left.
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java Tue Oct 9 04:21:40 2007
@@ -58,13 +58,13 @@
* @param attrValue the value of the attribute the current user accesses
* @param entry the {@link Attributes} of the entry the current user accesses
* @param microOperations the set of {@link MicroOperation}s the current user will perform
- *
+ * @param entryView TODO
* @return the collection of filtered tuples
* @throws NamingException if failed to filter the specifiec tuples
*/
Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry,
AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId,
- Object attrValue, Attributes entry, Collection microOperations )
+ Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException;
}
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java Tue Oct 9 04:21:40 2007
@@ -43,7 +43,7 @@
{
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( tuples.size() <= 1 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java Tue Oct 9 04:21:40 2007
@@ -59,7 +59,7 @@
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( entryName.size() == 0 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java Tue Oct 9 04:21:40 2007
@@ -46,7 +46,7 @@
{
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( scope != OperationScope.ATTRIBUTE_TYPE_AND_VALUE )
@@ -73,7 +73,7 @@
if ( item instanceof ProtectedItem.MaxValueCount )
{
ProtectedItem.MaxValueCount mvc = ( ProtectedItem.MaxValueCount ) item;
- if ( isRemovable( mvc, attrId, entry ) )
+ if ( isRemovable( mvc, attrId, entryView ) )
{
i.remove();
break;
@@ -95,7 +95,7 @@
{
Attribute attr = entry.get( attrId );
int attrCount = attr == null ? 0 : attr.size();
- if ( attrCount >= mvcItem.getMaxCount() )
+ if ( attrCount > mvcItem.getMaxCount() )
{
return true;
}
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java Tue Oct 9 04:21:40 2007
@@ -45,7 +45,7 @@
{
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( tuples.size() == 0 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java Tue Oct 9 04:21:40 2007
@@ -53,7 +53,7 @@
{
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( tuples.size() <= 1 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java Tue Oct 9 04:21:40 2007
@@ -51,7 +51,7 @@
{
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( tuples.size() <= 1 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java Tue Oct 9 04:21:40 2007
@@ -71,7 +71,7 @@
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry,
AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId,
- Object attrValue, Attributes entry, Collection microOperations )
+ Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( tuples.size() == 0 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java Tue Oct 9 04:21:40 2007
@@ -57,7 +57,7 @@
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( tuples.size() == 0 )
Modified: directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java (original)
+++ directory/apacheds/branches/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java Tue Oct 9 04:21:40 2007
@@ -46,7 +46,7 @@
{
public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy,
Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
- LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+ LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations, Attributes entryView )
throws NamingException
{
if ( scope != OperationScope.ATTRIBUTE_TYPE_AND_VALUE )
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilterTest.java Tue Oct 9 04:21:40 2007
@@ -52,7 +52,7 @@
{
HighestPrecedenceFilter filter = new HighestPrecedenceFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, null, null, null, null, null, null, null, null, null,
- null, null ).size() );
+ null, null, null ).size() );
}
@@ -63,7 +63,7 @@
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, EMPTY_COLLECTION, EMPTY_SET, true, 10 ) );
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, null, null, null, null, null, null, null, null, null, null,
- null ) );
+ null, null ) );
}
@@ -81,7 +81,7 @@
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, EMPTY_COLLECTION, EMPTY_SET, true,
MAX_PRECEDENCE / 3 ) );
- tuples = filter.filter( tuples, null, null, null, null, null, null, null, null, null, null, null );
+ tuples = filter.filter( tuples, null, null, null, null, null, null, null, null, null, null, null, null );
for ( Iterator i = tuples.iterator(); i.hasNext(); )
{
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java Tue Oct 9 04:21:40 2007
@@ -91,10 +91,10 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, null, null,
- null, ENTRY_NAME, null, null, ENTRY, null ) );
+ null, ENTRY_NAME, null, null, ENTRY, null, null ) );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
- null, null, ENTRY_NAME, null, null, ENTRY, null ) );
+ null, null, ENTRY_NAME, null, null, ENTRY, null, null ) );
}
@@ -108,7 +108,7 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null,
- ROOTDSE_NAME, null, null, ENTRY, null ) );
+ ROOTDSE_NAME, null, null, ENTRY, null, null ) );
}
@@ -117,7 +117,7 @@
MaxImmSubFilter filter = new MaxImmSubFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ENTRY, null, null, null, null, null,
- ENTRY_NAME, null, null, ENTRY, null ).size() );
+ ENTRY_NAME, null, null, ENTRY, null, null ).size() );
}
@@ -130,7 +130,7 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null,
- ENTRY_NAME, null, null, ENTRY, null ) );
+ ENTRY_NAME, null, null, ENTRY, null, null ) );
}
@@ -141,10 +141,10 @@
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS, EMPTY_SET, true, 0 ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, new MockProxy( 1 ), null, null, null,
- null, ENTRY_NAME, null, null, ENTRY, null ).size() );
+ null, ENTRY_NAME, null, null, ENTRY, null, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, new MockProxy( 3 ), null, null, null,
- null, ENTRY_NAME, null, null, ENTRY, null ).size() );
+ null, ENTRY_NAME, null, null, ENTRY, null, null ).size() );
}
class MockProxy extends PartitionNexusProxy
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxValueCountFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxValueCountFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxValueCountFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MaxValueCountFilterTest.java Tue Oct 9 04:21:40 2007
@@ -68,6 +68,7 @@
Attribute attr = new LockableAttributeImpl( "testAttr" );
attr.add( "1" );
attr.add( "2" );
+ attr.add( "3" );
FULL_ENTRY.put( attr );
}
@@ -81,10 +82,10 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, null, null,
- null, null, null, null, null, null ) );
+ null, null, null, null, null, null, null ) );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null,
- null, null, null, null ) );
+ null, null, null, null, null ) );
}
@@ -93,7 +94,7 @@
MaxValueCountFilter filter = new MaxValueCountFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
}
@@ -106,9 +107,9 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
- null, null, null, "testAttr", null, ENTRY, null ) );
+ null, null, null, "testAttr", null, ENTRY, null, null ) );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
- null, null, null, "testAttr", null, FULL_ENTRY, null ) );
+ null, null, null, "testAttr", null, FULL_ENTRY, null, null ) );
}
@@ -119,9 +120,9 @@
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS, EMPTY_SET, true, 0 ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, "testAttr", null, ENTRY, null ).size() );
+ null, null, "testAttr", null, ENTRY, null, ENTRY ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, "testAttr", null, FULL_ENTRY, null ).size() );
+ null, null, "testAttr", null, FULL_ENTRY, null, FULL_ENTRY ).size() );
}
}
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MicroOperationFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MicroOperationFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MicroOperationFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MicroOperationFilterTest.java Tue Oct 9 04:21:40 2007
@@ -68,7 +68,7 @@
MicroOperationFilter filter = new MicroOperationFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
}
@@ -79,8 +79,8 @@
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, EMPTY_SET, TUPLE_OPERATIONS, true, 0 ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null,
- null, null, USER_OPERATIONS_A ).size() );
+ null, null, USER_OPERATIONS_A, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null,
- null, null, USER_OPERATIONS_B ).size() );
+ null, null, USER_OPERATIONS_B, null ).size() );
}
}
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilterTest.java Tue Oct 9 04:21:40 2007
@@ -124,13 +124,13 @@
MostSpecificProtectedItemFilter filter = new MostSpecificProtectedItemFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
Collection tuples = new ArrayList();
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, EMPTY_COLLECTION, EMPTY_SET, false, 0 ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null ).size() );
}
@@ -140,7 +140,7 @@
List tuples = new ArrayList( TUPLES_A );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 4, tuples.size() );
Assert.assertSame( TUPLES_A.get( 0 ), tuples.get( 0 ) );
@@ -156,7 +156,7 @@
List tuples = new ArrayList( TUPLES_B );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 3, tuples.size() );
Assert.assertSame( TUPLES_B.get( 0 ), tuples.get( 0 ) );
@@ -171,7 +171,7 @@
List tuples = new ArrayList( TUPLES_C );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 2, tuples.size() );
Assert.assertSame( TUPLES_C.get( 0 ), tuples.get( 0 ) );
@@ -185,7 +185,7 @@
List tuples = new ArrayList( TUPLES_D );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 1, tuples.size() );
Assert.assertSame( TUPLES_D.get( 0 ), tuples.get( 0 ) );
@@ -198,7 +198,7 @@
List tuples = new ArrayList( TUPLES_E );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 2, tuples.size() );
Assert.assertSame( TUPLES_E.get( 0 ), tuples.get( 0 ) );
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilterTest.java Tue Oct 9 04:21:40 2007
@@ -104,13 +104,13 @@
MostSpecificUserClassFilter filter = new MostSpecificUserClassFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
Collection tuples = new ArrayList();
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, EMPTY_COLLECTION, EMPTY_SET, false, 0 ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null ).size() );
}
@@ -120,7 +120,7 @@
List tuples = new ArrayList( TUPLES_A );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 2, tuples.size() );
Assert.assertSame( TUPLES_A.get( 0 ), tuples.get( 0 ) );
@@ -134,7 +134,7 @@
List tuples = new ArrayList( TUPLES_B );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 1, tuples.size() );
Assert.assertSame( TUPLES_B.get( 0 ), tuples.get( 0 ) );
@@ -147,7 +147,7 @@
List tuples = new ArrayList( TUPLES_C );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 1, tuples.size() );
Assert.assertSame( TUPLES_C.get( 0 ), tuples.get( 0 ) );
@@ -160,7 +160,7 @@
List tuples = new ArrayList( TUPLES_D );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 1, tuples.size() );
Assert.assertSame( TUPLES_D.get( 0 ), tuples.get( 0 ) );
@@ -173,7 +173,7 @@
List tuples = new ArrayList( TUPLES_E );
tuples = ( List ) filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null, null, null,
- null, null );
+ null, null, null );
Assert.assertEquals( 2, tuples.size() );
Assert.assertSame( TUPLES_E.get( 0 ), tuples.get( 0 ) );
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilterTest.java Tue Oct 9 04:21:40 2007
@@ -99,7 +99,7 @@
public void testZeroTuple() throws Exception
{
Assert.assertEquals( 0, filterA.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
}
@@ -108,7 +108,7 @@
Collection tuples = getTuples( ProtectedItem.ENTRY );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.NONE, null, "ou", null, null, null ).size() );
+ AuthenticationLevel.NONE, null, "ou", null, null, null, null ).size() );
}
@@ -118,12 +118,12 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "userAttr", null, null, null ).size() );
+ "userAttr", null, null, null, null ).size() );
tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "userAttr", null, null, null ).size() );
+ null, null, "userAttr", null, null, null, null ).size() );
/* Not used anymore
Assert.assertEquals(
@@ -141,12 +141,12 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "userAttr", null, null, null ).size() );
+ "userAttr", null, null, null, null ).size() );
tuples = getTuples( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "userAttr", null, null, null ).size() );
+ null, null, "userAttr", null, null, null, null ).size() );
/* Not used anymore
Assert.assertEquals(
@@ -166,15 +166,15 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, null, null ).size() );
+ "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.AllAttributeValues( attrTypes ) );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME, null,
- null, null, "attrA", null, null, null ).size() );
+ null, null, "attrA", null, null, null, null ).size() );
Assert.assertEquals( 0, filterB.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME, null,
- null, null, "attrB", null, null, null ).size() );
+ null, null, "attrB", null, null, null, null ).size() );
}
@@ -186,15 +186,15 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, null, null ).size() );
+ "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.AttributeType( attrTypes ) );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "attrA", null, null, null ).size() );
+ null, null, "attrA", null, null, null, null ).size() );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "attrB", null, null, null ).size() );
+ null, null, "attrB", null, null, null, null ).size() );
}
@@ -206,23 +206,23 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, null, null ).size() );
+ "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "attrA", null, null, null ).size() );
+ null, null, "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrA", "valueA", null, null ).size() );
+ null, null, null, "attrA", "valueA", null, null, null ).size() );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrA", "valueB", null, null ).size() );
+ null, null, null, "attrA", "valueB", null, null, null ).size() );
tuples = getTuples( new ProtectedItem.AttributeValue( attributes ) );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrB", "valueA", null, null ).size() );
+ null, null, null, "attrB", "valueA", null, null, null ).size() );
}
@@ -238,7 +238,7 @@
// Should always retain ruples.
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, null, null ).size() );
+ "attrA", null, null, null, null ).size() );
}
@@ -250,18 +250,18 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, null, null ).size() );
+ "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.MaxValueCount( mvcItems ) );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "attrA", null, null, null ).size() );
+ null, null, "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.MaxValueCount( mvcItems ) );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrA", null, null, null ).size() );
+ null, null, null, "attrA", null, null, null, null ).size() );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrB", null, null, null ).size() );
+ null, null, null, "attrB", null, null, null, null ).size() );
}
@@ -292,18 +292,18 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, null, null ).size() );
+ "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.RestrictedBy( rbItems ) );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, USER_NAME, null,
- null, null, "attrA", null, null, null ).size() );
+ null, null, "attrA", null, null, null, null ).size() );
tuples = getTuples( new ProtectedItem.RestrictedBy( rbItems ) );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrA", null, null, null ).size() );
+ null, null, null, "attrA", null, null, null, null ).size() );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrB", null, null, null ).size() );
+ null, null, null, "attrB", null, null, null, null ).size() );
}
@@ -318,20 +318,20 @@
// Test wrong scope
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
- "attrA", null, entry, null ).size() );
+ "attrA", null, entry, null, null ).size() );
tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );
Assert.assertEquals( 1, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrA", null, entry, null ).size() );
+ null, null, null, "attrA", null, entry, null, null ).size() );
entry.remove( "attrA" );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrA", null, entry, null ).size() );
+ null, null, null, "attrA", null, entry, null, null ).size() );
tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );
Assert.assertEquals( 0, filterA.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
- null, null, null, "attrB", null, entry, null ).size() );
+ null, null, null, "attrB", null, entry, null, null ).size() );
}
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilterTest.java Tue Oct 9 04:21:40 2007
@@ -80,7 +80,7 @@
public void testZeroTuple() throws Exception
{
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
}
@@ -89,7 +89,7 @@
Collection tuples = getTuples( UserClass.ALL_USERS );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.NONE, null, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, null, null, null, null, null, null ).size() );
}
@@ -98,9 +98,9 @@
Collection tuples = getTuples( UserClass.THIS_ENTRY );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null,
- AuthenticationLevel.NONE, USER_NAME, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, USER_NAME, null, null, null, null, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null,
- AuthenticationLevel.NONE, new LdapDN( "ou=unrelated" ), null, null, null, null ).size() );
+ AuthenticationLevel.NONE, new LdapDN( "ou=unrelated" ), null, null, null, null, null ).size() );
}
@@ -108,10 +108,10 @@
{
Collection tuples = getTuples( new UserClass.Name( USER_NAMES ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, USER_NAME, null,
- AuthenticationLevel.NONE, null, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, null, null, null, null, null, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, null,
new LdapDN( "ou=unrelateduser, ou=users" ), null, AuthenticationLevel.NONE, USER_NAME, null, null, null,
- null ).size() );
+ null, null ).size() );
}
@@ -119,13 +119,13 @@
{
Collection tuples = getTuples( new UserClass.UserGroup( GROUP_NAMES ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, GROUP_NAMES, USER_NAME, null,
- AuthenticationLevel.NONE, null, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, null, null, null, null, null, null ).size() );
Set wrongGroupNames = new HashSet();
wrongGroupNames.add( new LdapDN( "ou=unrelatedgroup" ) );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, wrongGroupNames, USER_NAME, null,
- AuthenticationLevel.NONE, USER_NAME, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, USER_NAME, null, null, null, null, null ).size() );
}
@@ -140,24 +140,24 @@
Collection tuples = getTuples( AuthenticationLevel.SIMPLE, true );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.STRONG, null, null, null, null, null ).size() );
+ AuthenticationLevel.STRONG, null, null, null, null, null, null ).size() );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.SIMPLE, null, null, null, null, null ).size() );
+ AuthenticationLevel.SIMPLE, null, null, null, null, null, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.NONE, null, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, null, null, null, null, null, null ).size() );
tuples = getTuples( AuthenticationLevel.SIMPLE, false );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.NONE, null, null, null, null, null ).size() );
+ AuthenticationLevel.NONE, null, null, null, null, null, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.STRONG, null, null, null, null, null ).size() );
+ AuthenticationLevel.STRONG, null, null, null, null, null, null ).size() );
tuples = getTuples( AuthenticationLevel.SIMPLE, false );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null,
- AuthenticationLevel.SIMPLE, null, null, null, null, null ).size() );
+ AuthenticationLevel.SIMPLE, null, null, null, null, null, null ).size() );
}
Modified: directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java?rev=583113&r1=583112&r2=583113&view=diff
==============================================================================
--- directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java (original)
+++ directory/apacheds/branches/1.0/core/src/test/java/org/apache/directory/server/core/authz/support/RestrictedByFilterTest.java Tue Oct 9 04:21:40 2007
@@ -79,10 +79,10 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE, null, null, null, null,
- null, null, null, null, null, null ) );
+ null, null, null, null, null, null, null ) );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ENTRY, null, null, null, null, null, null,
- null, null, null, null ) );
+ null, null, null, null, null ) );
}
@@ -91,7 +91,7 @@
RestrictedByFilter filter = new RestrictedByFilter();
Assert.assertEquals( 0, filter.filter( EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null,
- null, null, null, null, null, null, null, null ).size() );
+ null, null, null, null, null, null, null, null, null ).size() );
}
@@ -104,7 +104,7 @@
tuples = Collections.unmodifiableCollection( tuples );
Assert.assertEquals( tuples, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null,
- null, null, null, "testAttr", null, ENTRY, null ) );
+ null, null, null, "testAttr", null, ENTRY, null, null ) );
}
@@ -115,12 +115,12 @@
tuples.add( new ACITuple( EMPTY_COLLECTION, AuthenticationLevel.NONE, PROTECTED_ITEMS, EMPTY_SET, true, 0 ) );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, "choice", "1", ENTRY, null ).size() );
+ null, null, "choice", "1", ENTRY, null, null ).size() );
Assert.assertEquals( 1, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, "choice", "2", ENTRY, null ).size() );
+ null, null, "choice", "2", ENTRY, null, null ).size() );
Assert.assertEquals( 0, filter.filter( tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, null, null,
- null, null, "choice", "3", ENTRY, null ).size() );
+ null, null, "choice", "3", ENTRY, null, null ).size() );
}
}