Commit 0823ca91 authored by Adrian Damian's avatar Adrian Damian
Browse files

Fixed unit testing to work with the agreed ldap acis

parent 89ca1ad6
Loading
Loading
Loading
Loading
+10 −15
Original line number Diff line number Diff line
@@ -114,7 +114,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
            "(groupdn = \"ldap:///<ACTUAL_GROUP>\");)";
    private static final String PUB_GROUP_ACI = "(targetattr = \"*\") " + 
            "(version 3.0;acl \"Group Public\";" + 
            "allow (read,compare,search)userdn=\"ldap:///anyone\";)";
            "allow (read,compare,search)userdn=\"ldap:///all\";)";
    
    private LdapUserDAO<T> userPersist;

@@ -327,7 +327,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
            Filter filter = Filter.createANDFilter(
                    Filter.createEqualityFilter("cn", groupID),
                    Filter.createNOTFilter(
                        Filter.createEqualityFilter("nsaccountlock", "true")));
                        Filter.createEqualityFilter("nsaccountlock", "TRUE")));
            
            SearchRequest searchRequest =  new SearchRequest(
                    config.getGroupsDN(), SearchScope.SUB, 
@@ -379,7 +379,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
                            User<X500Principal> user;
                            try
                            {
                                user = userPersist.getMember(memberDN);
                                user = userPersist.getMember(memberDN, false);
                            }
                            catch (UserNotFoundException e)
                            {
@@ -391,8 +391,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
                        else if (memberDN.isDescendantOf(config.getGroupsDN(),
                                                         false))
                        {
                            Group memberGroup = getGroup(memberDN);
                            ldapGroup.getGroupMembers().add(memberGroup);
                            ldapGroup.getGroupMembers().add(new Group(memberDN.getRDNString().replace("cn=", "")));
                        }
                        else
                        {
@@ -412,10 +411,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
                            // TODO it's gotta be a better way to do this.
                            String grRead = aci.substring(
                                    aci.indexOf("ldap:///"));
                            grRead = grRead.substring(grRead.indexOf("cn"),
                                                      grRead.lastIndexOf('"'));
                            grRead = grRead.substring(grRead.indexOf("cn=") + 3,
                                                      grRead.indexOf(','));

                            Group groupRead = getGroup(new DN(grRead));
                            Group groupRead = new Group(grRead.trim());
                            ldapGroup.groupRead = groupRead;
                        }
                        else if (aci.contains("Group Write"))
@@ -423,10 +422,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
                            // TODO it's gotta be a better way to do this.
                            String grWrite = aci.substring(
                                    aci.indexOf("ldap:///"));
                            grWrite = grWrite.substring(grWrite.indexOf("cn"), 
                                                    grWrite.lastIndexOf('"'));
                            grWrite = grWrite.substring(grWrite.indexOf("cn=") + 3, 
                                                    grWrite.indexOf(','));

                            Group groupWrite = getGroup(new DN(grWrite));
                            Group groupWrite = getGroup(grWrite.trim());
                            ldapGroup.groupWrite = groupWrite;
                        }
                        else if (aci.equals(PUB_GROUP_ACI))
@@ -446,10 +445,6 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
            // access control
            throw new TransientException("Error getting the group", e1);
        }
        catch (UserNotFoundException e2)
        {
            throw new RuntimeException("BUG - owner or member not found", e2);
        }
    }

    /**
+26 −7
Original line number Diff line number Diff line
@@ -129,7 +129,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
                    "Unsupported principal type " + userID.getClass());
        }

        searchField = "(" + searchField + "=" + userID.getName() + ")";
        searchField = "(&(objectclass=cadcaccount)(" + searchField + "=" + userID.getName() + "))";

        SearchResultEntry searchResult = null;
        try
@@ -335,11 +335,14 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
    /**
     * Returns a member user identified by the X500Principal only.
     * @param userDN
     * @param bindAsSubject - true if Ldap commands executed as subject 
     * (proxy authorization) or false if they are executed as the user
     * in the connection.
     * @return
     * @throws UserNotFoundException
     * @throws LDAPException
     */
    User<X500Principal> getMember(DN userDN)
    User<X500Principal> getMember(DN userDN, boolean bindAsSubject)
        throws UserNotFoundException, LDAPException
    {
        Filter filter = 
@@ -352,9 +355,12 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
                                  (String[]) this.attribType.values().toArray(
                                  new String[this.attribType.values().size()]));
        
        if (bindAsSubject)
        {
        	searchRequest.addControl(
        				new ProxiedAuthorizationV2RequestControl("dn:" + 
        						getSubjectDN().toNormalizedString()));
        }
        
        SearchResultEntry searchResult = 
                getConnection().searchForEntry(searchRequest);
@@ -372,6 +378,19 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
        return user;
    }
    
    /**
     * Returns a member user identified by the X500Principal only.
     * @param userDN
     * @return
     * @throws UserNotFoundException
     * @throws LDAPException
     */
    User<X500Principal> getMember(DN userDN)
        throws UserNotFoundException, LDAPException
    {
        return getMember(userDN, true);
    }

    DN getUserDN(User<? extends Principal> user)
        throws LDAPException, UserNotFoundException
    {
+1 −1
Original line number Diff line number Diff line
@@ -87,7 +87,7 @@ public class LdapDAOTest
{
    static String server = "mach275.cadc.dao.nrc.ca";
    static int port = 389;
    static String adminDN = "uid=webproxy,ou=administrators,ou=topologymanagement,o=netscaperoot";
    static String adminDN = "uid=webproxy,ou=WebProxy,ou=topologymanagement,o=netscaperoot";
    static String adminPW = "go4it";
    static String userBaseDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
    static String groupBaseDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
+4 −4
Original line number Diff line number Diff line
@@ -70,10 +70,10 @@ public class LdapGroupDAOTest
    static int port = 389;
    static String adminDN = "uid=webproxy,ou=webproxy,ou=topologymanagement,o=netscaperoot";
    static String adminPW = "go4it";
//    static String userBaseDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
//    static String groupBaseDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
    static String userBaseDN = "ou=Users,ou=ds,dc=canfar,dc=net";
    static String groupBaseDN = "ou=Groups,ou=ds,dc=canfar,dc=net";
    static String userBaseDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
    static String groupBaseDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
    //static String userBaseDN = "ou=Users,ou=ds,dc=canfar,dc=net";
    //static String groupBaseDN = "ou=Groups,ou=ds,dc=canfar,dc=net";
    
    static String daoTestDN1 = "cn=cadcdaotest1,ou=cadc,o=hia,c=ca";
    static String daoTestDN2 = "cn=cadcdaotest2,ou=cadc,o=hia,c=ca";
+1 −1
Original line number Diff line number Diff line
@@ -94,7 +94,7 @@ public class LdapUserDAOTest
    
    static String server = "mach275.cadc.dao.nrc.ca";
    static int port = 389;
    static String adminDN = "uid=webproxy,ou=administrators,ou=topologymanagement,o=netscaperoot";
    static String adminDN = "uid=webproxy,ou=Webproxy,ou=topologymanagement,o=netscaperoot";
    static String adminPW = "go4it";
    static String userBaseDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
    static String groupBaseDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
Loading