From e9d19477e43b65f91bd152f5249b684dbefa5cc6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 21 Jun 2007 10:18:20 +0000 Subject: r23560: - Activate metze's schema modules (from metze's schema-loading-13 patch). - samba3sam.js: rework the samba3sam test to not use objectCategory, as it's has special rules (dnsName a simple match) - ldap.js: Test the ordering of the objectClass attributes for the baseDN - schema_init.c: Load the mayContain and mustContain (and system...) attributes when reading the schema from ldb - To make the schema load not suck in terms of performance, write the schema into a static global variable - ldif_handlers.c: Match objectCategory for equality and canonicolisation based on the loaded schema, not simple tring manipuation - ldb_msg.c: don't duplicate attributes when adding attributes to a list - kludge_acl.c: return allowedAttributesEffective based on schema results and privilages Andrew Bartlett (This used to be commit dcff83ebe463bc7391841f55856d7915c204d000) --- testprogs/ejs/ldap.js | 41 +++++++++- testprogs/ejs/samba3sam.js | 198 ++++++++++++++++++++++----------------------- 2 files changed, 138 insertions(+), 101 deletions(-) (limited to 'testprogs') diff --git a/testprogs/ejs/ldap.js b/testprogs/ejs/ldap.js index ecd50c3097..7ea66a7998 100755 --- a/testprogs/ejs/ldap.js +++ b/testprogs/ejs/ldap.js @@ -25,7 +25,7 @@ if (options.ARGV.length != 1) { var host = options.ARGV[0]; -function basic_tests(ldb, gc_ldb, base_dn, configuration_dn) +function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn) { println("Running basic tests"); @@ -473,6 +473,33 @@ objectClass: user assert(res.error == 0); assert (res.msgs.length > 0); + println("Testing objectCategory canonacolisation"); + var attrs = new Array("cn"); + var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs); + assert(res.error == 0); + if (res.msgs.length == 0) { + println("Didn't find any records with objectCategory=ntDsDSA"); + } + assert(res.msgs.length != 0); + + var attrs = new Array("cn"); + var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs); + assert(res.error == 0); + if (res.msgs.length == 0) { + println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn); + } + assert(res.msgs.length != 0); + + println("Testing objectClass attribute order on "+ base_dn); + var attrs = new Array("objectclass"); + var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + + assert(res.msgs[0].objectClass[0] == "top"); + assert(res.msgs[0].objectClass[1] == "domain"); + assert(res.msgs[0].objectClass[2] == "domainDNS"); + } function basedn_tests(ldb, gc_ldb) @@ -522,6 +549,15 @@ function find_configurationdn(ldb) return res.msgs[0].configurationNamingContext; } +function find_schemadn(ldb) +{ + var attrs = new Array("schemaNamingContext"); + var res = ldb.search("", "", ldb.SCOPE_BASE, attrs); + assert(res.error == 0); + assert(res.msgs.length == 1); + return res.msgs[0].schemaNamingContext; +} + /* use command line creds if available */ ldb.credentials = options.get_credentials(); gc_ldb.credentials = options.get_credentials(); @@ -529,6 +565,7 @@ gc_ldb.credentials = options.get_credentials(); var ok = ldb.connect("ldap://" + host); var base_dn = find_basedn(ldb); var configuration_dn = find_configurationdn(ldb); +var schema_dn = find_schemadn(ldb); printf("baseDN: %s\n", base_dn); @@ -537,7 +574,7 @@ if (!ok) { gc_ldb = undefined; } -basic_tests(ldb, gc_ldb, base_dn, configuration_dn) +basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn) basedn_tests(ldb, gc_ldb) diff --git a/testprogs/ejs/samba3sam.js b/testprogs/ejs/samba3sam.js index e0fab647b5..5fa527a694 100755 --- a/testprogs/ejs/samba3sam.js +++ b/testprogs/ejs/samba3sam.js @@ -270,7 +270,7 @@ objectClass: user cn: X codePage: x revision: x -objectCategory: x +dnsHostName: x nextRid: y lastLogon: x description: x @@ -282,7 +282,7 @@ objectClass: top cn: Y codePage: x revision: x -objectCategory: y +dnsHostName: y nextRid: y lastLogon: y description: x @@ -292,7 +292,7 @@ objectClass: top cn: Z codePage: x revision: y -objectCategory: z +dnsHostName: z nextRid: y lastLogon: z description: y @@ -342,86 +342,86 @@ description: y /* Search remote record by local DN */ dn = s4.dn("cn=A"); - attrs = new Array("objectCategory", "lastLogon"); + attrs = new Array("dnsHostName", "lastLogon"); res = ldb.search("", dn, ldb.SCOPE_BASE, attrs); assert(res.error == 0); assert(res.msgs.length == 1); assert(res.msgs[0].dn == dn); - assert(res.msgs[0].objectCategory == undefined); + assert(res.msgs[0].dnsHostName == undefined); assert(res.msgs[0].lastLogon == "x"); /* Search remote record by remote DN */ dn = s3.dn("cn=A"); - attrs = new Array("objectCategory", "lastLogon", "sambaLogonTime"); + attrs = new Array("dnsHostName", "lastLogon", "sambaLogonTime"); res = s3.db.search("", dn, ldb.SCOPE_BASE, attrs); assert(res.error == 0); assert(res.msgs.length == 1); assert(res.msgs[0].dn == dn); - assert(res.msgs[0].objectCategory == undefined); + assert(res.msgs[0].dnsHostName == undefined); assert(res.msgs[0].lastLogon == undefined); assert(res.msgs[0].sambaLogonTime == "x"); /* Search split record by local DN */ dn = s4.dn("cn=X"); - attrs = new Array("objectCategory", "lastLogon"); + attrs = new Array("dnsHostName", "lastLogon"); res = ldb.search("", dn, ldb.SCOPE_BASE, attrs); assert(res.error == 0); assert(res.msgs.length == 1); assert(res.msgs[0].dn == dn); - assert(res.msgs[0].objectCategory == "x"); + assert(res.msgs[0].dnsHostName == "x"); assert(res.msgs[0].lastLogon == "x"); /* Search split record by remote DN */ dn = s3.dn("cn=X"); - attrs = new Array("objectCategory", "lastLogon", "sambaLogonTime"); + attrs = new Array("dnsHostName", "lastLogon", "sambaLogonTime"); res = s3.db.search("", dn, ldb.SCOPE_BASE, attrs); assert(res.error == 0); assert(res.msgs.length == 1); assert(res.msgs[0].dn == dn); - assert(res.msgs[0].objectCategory == undefined); + assert(res.msgs[0].dnsHostName == undefined); assert(res.msgs[0].lastLogon == undefined); assert(res.msgs[0].sambaLogonTime == "x"); println("Testing search by attribute"); /* Search by ignored attribute */ - attrs = new Array("objectCategory", "lastLogon"); + attrs = new Array("dnsHostName", "lastLogon"); res = ldb.search("(revision=x)", NULL, ldb. SCOPE_DEFAULT, attrs); assert(res.error == 0); assert(res.msgs.length == 2); assert(res.msgs[0].dn == s4.dn("cn=Y")); - assert(res.msgs[0].objectCategory == "y"); + assert(res.msgs[0].dnsHostName == "y"); assert(res.msgs[0].lastLogon == "y"); assert(res.msgs[1].dn == s4.dn("cn=X")); - assert(res.msgs[1].objectCategory == "x"); + assert(res.msgs[1].dnsHostName == "x"); assert(res.msgs[1].lastLogon == "x"); /* Search by kept attribute */ - attrs = new Array("objectCategory", "lastLogon"); + attrs = new Array("dnsHostName", "lastLogon"); res = ldb.search("(description=y)", NULL, ldb. SCOPE_DEFAULT, attrs); assert(res.error == 0); assert(res.msgs.length == 2); assert(res.msgs[0].dn == s4.dn("cn=Z")); - assert(res.msgs[0].objectCategory == "z"); + assert(res.msgs[0].dnsHostName == "z"); assert(res.msgs[0].lastLogon == "z"); assert(res.msgs[1].dn == s4.dn("cn=C")); - assert(res.msgs[1].objectCategory == undefined); + assert(res.msgs[1].dnsHostName == undefined); assert(res.msgs[1].lastLogon == "z"); /* Search by renamed attribute */ - attrs = new Array("objectCategory", "lastLogon"); + attrs = new Array("dnsHostName", "lastLogon"); res = ldb.search("(badPwdCount=x)", NULL, ldb. SCOPE_DEFAULT, attrs); assert(res.error == 0); assert(res.msgs.length == 2); assert(res.msgs[0].dn == s4.dn("cn=B")); - assert(res.msgs[0].objectCategory == undefined); + assert(res.msgs[0].dnsHostName == undefined); assert(res.msgs[0].lastLogon == "y"); assert(res.msgs[1].dn == s4.dn("cn=A")); - assert(res.msgs[1].objectCategory == undefined); + assert(res.msgs[1].dnsHostName == undefined); assert(res.msgs[1].lastLogon == "x"); /* Search by converted attribute */ - attrs = new Array("objectCategory", "lastLogon", "objectSid"); + attrs = new Array("dnsHostName", "lastLogon", "objectSid"); /* TODO: Using the SID directly in the parse tree leads to conversion errors, letting the search fail with no results. @@ -431,23 +431,23 @@ description: y assert(res.error == 0); assert(res.msgs.length == 2); assert(res.msgs[0].dn == s4.dn("cn=X")); - assert(res.msgs[0].objectCategory == "x"); + assert(res.msgs[0].dnsHostName == "x"); assert(res.msgs[0].lastLogon == "x"); assert(res.msgs[0].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); assert(res.msgs[1].dn == s4.dn("cn=A")); - assert(res.msgs[1].objectCategory == undefined); + assert(res.msgs[1].dnsHostName == undefined); assert(res.msgs[1].lastLogon == "x"); assert(res.msgs[1].objectSid == "S-1-5-21-4231626423-2410014848-2360679739-552"); /* Search by generated attribute */ /* In most cases, this even works when the mapping is missing * a `convert_operator' by enumerating the remote db. */ - attrs = new Array("objectCategory", "lastLogon", "primaryGroupID"); + attrs = new Array("dnsHostName", "lastLogon", "primaryGroupID"); res = ldb.search("(primaryGroupID=512)", NULL, ldb. SCOPE_DEFAULT, attrs); assert(res.error == 0); assert(res.msgs.length == 1); assert(res.msgs[0].dn == s4.dn("cn=A")); - assert(res.msgs[0].objectCategory == undefined); + assert(res.msgs[0].dnsHostName == undefined); assert(res.msgs[0].lastLogon == "x"); assert(res.msgs[0].primaryGroupID == "512"); @@ -468,23 +468,23 @@ description: y */ /* Search by remote name of renamed attribute */ - attrs = new Array("objectCategory", "lastLogon"); + attrs = new Array("dnsHostName", "lastLogon"); res = ldb.search("(sambaBadPasswordCount=*)", "", ldb. SCOPE_DEFAULT, attrs); assert(res.error == 0); assert(res.msgs.length == 0); /* Search by objectClass */ - attrs = new Array("objectCategory", "lastLogon", "objectClass"); + attrs = new Array("dnsHostName", "lastLogon", "objectClass"); res = ldb.search("(objectClass=user)", NULL, ldb. SCOPE_DEFAULT, attrs); assert(res.error == 0); assert(res.msgs.length == 2); assert(res.msgs[0].dn == s4.dn("cn=X")); - assert(res.msgs[0].objectCategory == "x"); + assert(res.msgs[0].dnsHostName == "x"); assert(res.msgs[0].lastLogon == "x"); assert(res.msgs[0].objectClass != undefined); assert(res.msgs[0].objectClass[3] == "user"); assert(res.msgs[1].dn == s4.dn("cn=A")); - assert(res.msgs[1].objectCategory == undefined); + assert(res.msgs[1].dnsHostName == undefined); assert(res.msgs[1].lastLogon == "x"); assert(res.msgs[1].objectClass != undefined); assert(res.msgs[1].objectClass[0] == "user"); @@ -494,19 +494,19 @@ description: y assert(res.error == 0); assert(res.msgs.length == 3); assert(res.msgs[0].dn == s4.dn("cn=B")); - assert(res.msgs[0].objectCategory == undefined); + assert(res.msgs[0].dnsHostName == undefined); assert(res.msgs[0].lastLogon == "y"); assert(res.msgs[0].objectClass != undefined); for (i=0;i