1   /*
2    *   Copyright 2004 The Apache Software Foundation
3    *
4    *   Licensed under the Apache License, Version 2.0 (the "License");
5    *   you may not use this file except in compliance with the License.
6    *   You may obtain a copy of the License at
7    *
8    *       http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *   Unless required by applicable law or agreed to in writing, software
11   *   distributed under the License is distributed on an "AS IS" BASIS,
12   *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *   See the License for the specific language governing permissions and
14   *   limitations under the License.
15   *
16   */
17  package org.apache.ldap.server.jndi;
18  
19  
20  import javax.naming.NameClassPair;
21  import javax.naming.NamingEnumeration;
22  import javax.naming.NamingException;
23  import java.util.HashSet;
24  
25  
26  /***
27   * Tests our ability to list elements as the admin user and as a non admin user
28   * on security sensitive values.  We do not return results or name class pairs
29   * for user accounts if the user is not the admin.
30   *
31   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
32   * @version $Rev: 165254 $
33   */
34  public class ListTest extends AbstractMultiUserJndiTest
35  {
36      public void testListSystemAsAdmin() throws NamingException
37      {
38          HashSet set = new HashSet();
39  
40          NamingEnumeration list = sysRoot.list( "" );
41  
42          while ( list.hasMore() )
43          {
44              NameClassPair ncp = ( NameClassPair ) list.next();
45  
46              set.add( ncp.getName() );
47          }
48  
49          assertTrue( set.contains( "uid=admin,ou=system" ) );
50  
51          assertTrue( set.contains( "ou=users,ou=system" ) );
52  
53          assertTrue( set.contains( "ou=groups,ou=system" ) );
54      }
55  
56  
57      public void testListSystemAsNonAdmin() throws NamingException
58      {
59          HashSet set = new HashSet();
60  
61          NamingEnumeration list = sysRootAsNonAdminUser.list( "" );
62  
63          while ( list.hasMore() )
64          {
65              NameClassPair ncp = ( NameClassPair ) list.next();
66  
67              set.add( ncp.getName() );
68          }
69  
70          assertFalse( set.contains( "uid=admin,ou=system" ) );
71  
72          assertTrue( set.contains( "ou=users,ou=system" ) );
73  
74          assertTrue( set.contains( "ou=groups,ou=system" ) );
75      }
76  
77  
78      public void testListUsersAsAdmin() throws NamingException
79      {
80          HashSet set = new HashSet();
81  
82          NamingEnumeration list = sysRoot.list( "ou=users" );
83  
84          while ( list.hasMore() )
85          {
86              NameClassPair ncp = ( NameClassPair ) list.next();
87  
88              set.add( ncp.getName() );
89          }
90  
91          assertTrue( set.contains( "uid=akarasulu,ou=users,ou=system" ) );
92      }
93  
94  
95      public void testListUsersAsNonAdmin() throws NamingException
96      {
97          HashSet set = new HashSet();
98  
99          NamingEnumeration list = sysRootAsNonAdminUser.list( "ou=users" );
100 
101         while ( list.hasMore() )
102         {
103             NameClassPair ncp = ( NameClassPair ) list.next();
104 
105             set.add( ncp.getName() );
106         }
107 
108         assertFalse( set.contains( "uid=akarasulu,ou=users,ou=system" ) );
109     }
110 }