mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 04:27:02 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

20240926 tech debt (#3066)

Browse source 
Large clean up
This commit is contained in:
Firstyear 2024-10-01 10:07:08 +10:00 committed by GitHub
parent 23636acbf7
commit 90afc8207c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 801 additions and 959 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
proto/src/attribute.rs
View file

@ -598,10 +598,17 @@ impl fmt::Display for Attribute {
mod test {
use super::Attribute;
#[test]
fn test_valueattribute_from_str() {
assert_eq!(Attribute::Uuid, Attribute::from_str("UUID"));
assert_eq!(Attribute::Uuid, Attribute::from_str("UuiD"));
assert_eq!(Attribute::Uuid, Attribute::from_str("uuid"));
}
#[test]
fn test_valueattribute_as_str() {
assert!(Attribute::Class.as_str() == "class");
assert!(Attribute::Class.to_string() == *"class");
assert_eq!(Attribute::Class.as_str(), "class");
assert_eq!(Attribute::Class.to_string(), "class".to_string());
}
#[test]

172
server/lib/src/entry.rs
View file

@ -351,178 +351,6 @@ impl Entry<EntryInit, EntryNew> {
Self::from_proto_entry(&pe, qs)
}
#[cfg(test)]
// TODO: #[deprecated(note = "Use entry_init! macro instead or like... anything else")]
pub(crate) fn unsafe_from_entry_str(es: &str) -> Self {
// Just use log directly here, it's testing
// str -> proto entry
let pe: ProtoEntry = serde_json::from_str(es).expect("Invalid Proto Entry");
// use a const map to convert str -> ava
let x: Eattrs = pe.attrs.into_iter()
.filter_map(|(k, vs)| {
if vs.is_empty() {
None
} else {
let attr = Attribute::from(k.to_lowercase().as_str());
let vv: ValueSet = match attr.as_str() {
kanidm_proto::constants::ATTR_ATTRIBUTENAME | kanidm_proto::constants::ATTR_CLASSNAME | kanidm_proto::constants::ATTR_DOMAIN => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_iutf8(&v))
)
}
kanidm_proto::constants::ATTR_NAME | kanidm_proto::constants::ATTR_DOMAIN_NAME => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_iname(&v))
)
}
kanidm_proto::constants::ATTR_USERID | kanidm_proto::constants::ATTR_UIDNUMBER => {
warn!("WARNING: Use of unstabilised attributes userid/uidnumber");
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_iutf8(&v))
)
}
kanidm_proto::constants::ATTR_CLASS | kanidm_proto::constants::ATTR_ACP_CREATE_CLASS | kanidm_proto::constants::ATTR_ACP_MODIFY_CLASS => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_class(v.as_str()))
)
}
kanidm_proto::constants::ATTR_ACP_CREATE_ATTR |
kanidm_proto::constants::ATTR_ACP_SEARCH_ATTR |
kanidm_proto::constants::ATTR_ACP_MODIFY_REMOVEDATTR |
kanidm_proto::constants::ATTR_ACP_MODIFY_PRESENTATTR |
kanidm_proto::constants::ATTR_SYSTEMMAY |
kanidm_proto::constants::ATTR_SYSTEMMUST |
kanidm_proto::constants::ATTR_MAY |
kanidm_proto::constants::ATTR_MUST
=> {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_attr(v.as_str()))
)
}
kanidm_proto::constants::ATTR_UUID |
kanidm_proto::constants::ATTR_DOMAIN_UUID => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_uuid_s(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect attribute to be presented UTF8 string");
Value::new_utf8(v)
})
)
)
}
kanidm_proto::constants::ATTR_MEMBER |
kanidm_proto::constants::ATTR_MEMBEROF |
kanidm_proto::constants::ATTR_DIRECTMEMBEROF |
kanidm_proto::constants::ATTR_ACP_RECEIVER_GROUP => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_refer_s(v.as_str()).expect("Failed to convert value") )
)
}
kanidm_proto::constants::ATTR_ACP_ENABLE |
kanidm_proto::constants::ATTR_MULTIVALUE |
kanidm_proto::constants::ATTR_UNIQUE => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_bools(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect attribute to be presented UTF8 string");
Value::new_utf8(v)
})
)
)
}
kanidm_proto::constants::ATTR_SYNTAX => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_syntaxs(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect attribute to be presented UTF8 string");
Value::new_utf8(v)
})
)
)
}
kanidm_proto::constants::ATTR_INDEX => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_indexes(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect attribute to be presented UTF8 string");
Value::new_utf8(v)
})
)
)
}
kanidm_proto::constants::ATTR_ACP_TARGET_SCOPE |
kanidm_proto::constants::ATTR_ACP_RECEIVER
=> {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_json_filter_s(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect attribute to be presented UTF8 string");
Value::new_utf8(v)
})
)
)
}
kanidm_proto::constants::ATTR_DISPLAYNAME | kanidm_proto::constants::ATTR_DESCRIPTION | kanidm_proto::constants::ATTR_DOMAIN_DISPLAY_NAME => {
valueset::from_value_iter(
vs.into_iter().map(Value::new_utf8)
)
}
kanidm_proto::constants::ATTR_SPN => {
valueset::from_value_iter(
vs.into_iter().map(|v| {
Value::new_spn_parse(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect SPN attribute to be presented UTF8 string");
Value::new_utf8(v)
})
})
)
}
kanidm_proto::constants::ATTR_GIDNUMBER |
kanidm_proto::constants::ATTR_VERSION => {
valueset::from_value_iter(
vs.into_iter().map(|v| {
Value::new_uint32_str(v.as_str())
.unwrap_or_else(|| {
warn!("WARNING: Allowing syntax incorrect UINT32 attribute to be presented UTF8 string");
Value::new_utf8(v)
})
})
)
}
kanidm_proto::constants::ATTR_DOMAIN_TOKEN_KEY |
kanidm_proto::constants::ATTR_FERNET_PRIVATE_KEY_STR => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_secret_str(&v))
)
}
kanidm_proto::constants::ATTR_ES256_PRIVATE_KEY_DER |
kanidm_proto::constants::ATTR_PRIVATE_COOKIE_KEY => {
valueset::from_value_iter(
vs.into_iter().map(|v| Value::new_privatebinary_base64(&v))
)
}
ia => {
error!("WARNING: Allowing invalid attribute {} to be interpreted as UTF8 string. YOU MAY ENCOUNTER ODD BEHAVIOUR!!!", ia);
valueset::from_value_iter(
vs.into_iter().map(Value::new_utf8)
)
}
}
.expect("Failed to convert value from string");
Some((attr, vv))
}
})
.collect();
// return the entry!
Entry {
valid: EntryInit,
state: EntryNew,
attrs: x,
}
}
/// Assign the Change Identifier to this Entry, allowing it to be modified and then
/// written to the `Backend`
pub fn assign_cid(

37
server/lib/src/event.rs
View file

@ -205,20 +205,6 @@ impl SearchEvent {
})
}
/// ⚠️ - Bypass the schema state machine and force the filter to be considered valid.
/// This is a TEST ONLY method and will never be exposed in production.
#[cfg(test)]
pub fn new_impersonate_entry_ser(e: &str, filter: Filter<FilterInvalid>) -> Self {
// Just impersonate the account with no filter changes.
let ei: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(e);
SearchEvent {
ident: Identity::from_impersonate_entry_readonly(Arc::new(ei.into_sealed_committed())),
filter: filter.clone().into_valid(),
filter_orig: filter.into_valid(),
attrs: None,
}
}
/// ⚠️ - Bypass the schema state machine and force the filter to be considered valid.
/// This is a TEST ONLY method and will never be exposed in production.
#[cfg(test)]
@ -372,17 +358,6 @@ impl CreateEvent {
}
}
/// ⚠️ - Use an unsafe entry impersonation method.
/// This is a TEST ONLY method and will never be exposed in production.
#[cfg(test)]
pub fn new_impersonate_entry_ser(e: &str, entries: Vec<Entry<EntryInit, EntryNew>>) -> Self {
let ei: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(e);
CreateEvent {
ident: Identity::from_impersonate_entry_readwrite(Arc::new(ei.into_sealed_committed())),
entries,
}
}
#[cfg(test)]
pub fn new_impersonate_identity(
ident: Identity,
@ -501,18 +476,6 @@ impl DeleteEvent {
}
}
/// ⚠️ - Bypass the schema state machine and force the filter to be considered valid.
/// This is a TEST ONLY method and will never be exposed in production.
#[cfg(test)]
pub fn new_impersonate_entry_ser(e: &str, filter: Filter<FilterInvalid>) -> Self {
let ei: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(e);
DeleteEvent {
ident: Identity::from_impersonate_entry_readwrite(Arc::new(ei.into_sealed_committed())),
filter: filter.clone().into_valid(),
filter_orig: filter.into_valid(),
}
}
/// ⚠️ - Bypass the schema state machine and force the filter to be considered valid.
/// This is a TEST ONLY method and will never be exposed in production.
#[cfg(test)]

2
server/lib/src/lib.rs
View file

@ -2,7 +2,7 @@
//! which is used to process authentication, store identities and enforce access controls.
#![deny(warnings)]
#![allow(deprecated)]
#![deny(deprecated)]
#![recursion_limit = "512"]
#![warn(unused_extern_crates)]
// Enable some groups of clippy lints.

267
server/lib/src/plugins/base.rs
View file

@ -350,15 +350,14 @@ mod tests {
fn test_pre_create_no_uuid() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "account"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
)
);
let create = vec![e];
@ -386,16 +385,15 @@ mod tests {
fn test_pre_create_uuid_invalid() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "account"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["xxxxxx"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
),
(Attribute::Uuid, Value::Utf8("xxxxxx".to_string()))
);
let create = vec![e];
@ -416,16 +414,18 @@ mod tests {
fn test_pre_create_uuid_empty() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let mut e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "account"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["79724141-3603-4060-b6bb-35c72772611d"]
}
}"#,
let mut e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let vs = e.get_ava_mut(Attribute::Uuid).unwrap();
@ -449,16 +449,18 @@ mod tests {
fn test_pre_create_uuid_valid() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "account"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["79724141-3603-4060-b6bb-35c72772611d"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let create = vec![e];
@ -488,16 +490,22 @@ mod tests {
fn test_pre_create_uuid_valid_multi() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["79724141-3603-4060-b6bb-35c72772611d", "79724141-3603-4060-b6bb-35c72772611e"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611e"))
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let create = vec![e];
@ -523,16 +531,18 @@ mod tests {
// to ensure we always have a name space to draw from?
#[test]
fn test_pre_create_uuid_exist() {
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["account", "person"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["79724141-3603-4060-b6bb-35c72772611d"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let create = vec![e.clone()];
@ -554,29 +564,21 @@ mod tests {
// Test adding two entries with the same uuid
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person"],
"name": ["testperson_a"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["79724141-3603-4060-b6bb-35c72772611d"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("Test Person".to_string())
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person"],
"name": ["testperson_a"],
"description": ["testperson"],
"displayname": ["testperson"],
"uuid": ["79724141-3603-4060-b6bb-35c72772611d"]
}
}"#,
);
let eb = ea.clone();
let create = vec![ea, eb];
@ -595,15 +597,13 @@ mod tests {
#[test]
fn test_modify_uuid_present() {
// Add another uuid to a type
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let preload = vec![ea];
@ -628,15 +628,13 @@ mod tests {
#[test]
fn test_modify_uuid_removed() {
// Test attempting to remove a uuid
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let preload = vec![ea];
@ -661,15 +659,13 @@ mod tests {
#[test]
fn test_modify_uuid_purged() {
// Test attempting to purge uuid
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("79724141-3603-4060-b6bb-35c72772611d"))
)
);
let preload = vec![ea];
@ -695,16 +691,15 @@ mod tests {
// up testing this every time we run :P
let preload = PRELOAD.clone();
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "system"],
"name": ["testperson"],
"uuid": ["00000000-0000-0000-0000-f0f0f0f0f0f0"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::System.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(Attribute::DisplayName, Value::new_iname("testperson")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("00000000-0000-0000-0000-f0f0f0f0f0f0"))
)
);
let create = vec![e];
@ -727,16 +722,15 @@ mod tests {
// up testing this every time we run :P
let preload = PRELOAD.clone();
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "system"],
"name": ["testperson"],
"uuid": ["00000000-0000-0000-0000-ffff00000088"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::System.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(Attribute::DisplayName, Value::new_iname("testperson")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("00000000-0000-0000-0000-f0f0f0f0f0f0"))
)
);
let create = vec![e];
@ -757,16 +751,15 @@ mod tests {
// Test that internal create of "does not exist" will fail.
let preload = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["person", "system"],
"name": ["testperson"],
"uuid": ["00000000-0000-0000-0000-fffffffffffe"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::System.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(Attribute::DisplayName, Value::new_iname("testperson")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("00000000-0000-0000-0000-fffffffffffe"))
)
);
let create = vec![e];

202
server/lib/src/plugins/memberof.rs
View file

@ -763,37 +763,32 @@ mod tests {
const UUID_C: &str = "cccccccc-9b01-423f-9ba6-51aa4bbd5dd2";
const UUID_D: &str = "dddddddd-2ab3-48e3-938d-1b4754cd2984";
const EA: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_a"],
"uuid": ["aaaaaaaa-f82e-4484-a407-181aa03bda5c"]
}
}"#;
const EB: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_b"],
"uuid": ["bbbbbbbb-2438-4384-9891-48f4c8172e9b"]
}
}"#;
const EC: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_c"],
"uuid": ["cccccccc-9b01-423f-9ba6-51aa4bbd5dd2"]
}
}"#;
const ED: &str = r#"{
"attrs": {
"class": ["group", "memberof"],
"name": ["testgroup_d"],
"uuid": ["dddddddd-2ab3-48e3-938d-1b4754cd2984"]
}
}"#;
lazy_static! {
static ref EA: EntryInitNew = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Class, EntryClass::MemberOf.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!(UUID_A)))
);
static ref EB: EntryInitNew = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Class, EntryClass::MemberOf.to_value()),
(Attribute::Name, Value::new_iname("testgroup_b")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!(UUID_B)))
);
static ref EC: EntryInitNew = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Class, EntryClass::MemberOf.to_value()),
(Attribute::Name, Value::new_iname("testgroup_c")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!(UUID_C)))
);
static ref ED: EntryInitNew = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Class, EntryClass::MemberOf.to_value()),
(Attribute::Name, Value::new_iname("testgroup_d")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!(UUID_D)))
);
}
macro_rules! assert_memberof_int {
(
@ -856,9 +851,8 @@ mod tests {
#[test]
fn test_create_mo_single() {
// A -> B
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ea = EA.clone();
let eb = EB.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
@ -884,11 +878,11 @@ mod tests {
#[test]
fn test_create_mo_nested() {
// A -> B -> C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut ea = EA.clone();
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut eb = EB.clone();
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
@ -935,11 +929,11 @@ mod tests {
fn test_create_mo_cycle() {
// A -> B -> C -
// ^-----------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut ea = EA.clone();
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut eb = EB.clone();
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
@ -987,13 +981,13 @@ mod tests {
// A -> B -> C --> D -
// ^-----------/ /
// |---------------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut ea = EA.clone();
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut eb = EB.clone();
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ec = EC.clone();
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
let mut ed = ED.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
@ -1061,9 +1055,8 @@ mod tests {
// A B
// Add member
// A -> B
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let ea = EA.clone();
let eb = EB.clone();
let preload = vec![ea, eb];
run_modify_test!(
@ -1096,11 +1089,9 @@ mod tests {
// A B -> C
// Add member A -> B
// A -> B -> C
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let ea = EA.clone();
let mut eb = EB.clone();
let ec = EC.clone();
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
@ -1153,11 +1144,9 @@ mod tests {
// A -> B C
// Add member B -> C
// A -> B -> C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let eb = EB.clone();
let ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
@ -1212,11 +1201,9 @@ mod tests {
// Add member C -> A
// A -> B -> C -
// ^-----------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
@ -1276,13 +1263,10 @@ mod tests {
// A -> B -> C --> D -
// ^-----------/ /
// |---------------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
let ed = ED.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::Member, Value::new_refer_s(UUID_C).unwrap());
@ -1353,9 +1337,8 @@ mod tests {
// A -> B
// remove member A -> B
// A B
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ea = EA.clone();
let mut eb = EB.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1391,11 +1374,9 @@ mod tests {
// A -> B -> C
// Remove A -> B
// A B -> C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1451,11 +1432,9 @@ mod tests {
// A -> B -> C
// Remove B -> C
// A -> B C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1513,11 +1492,9 @@ mod tests {
// ^-----------/
// Remove C -> A
// A -> B -> C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
ea.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_C).unwrap());
@ -1590,13 +1567,10 @@ mod tests {
// A -> B -> C D -
// ^ /
// |---------------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
let mut ed = ED.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
ea.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_D).unwrap());
@ -1692,9 +1666,8 @@ mod tests {
#[test]
fn test_delete_mo_simple() {
// X -> B
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ea = EA.clone();
let mut eb = EB.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1723,11 +1696,9 @@ mod tests {
#[test]
fn test_delete_mo_nested_head() {
// X -> B -> C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1770,11 +1741,9 @@ mod tests {
#[test]
fn test_delete_mo_nested_branch() {
// A -> X -> C
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
eb.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1818,11 +1787,9 @@ mod tests {
fn test_delete_mo_cycle() {
// X -> B -> C -
// ^-----------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
ea.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());
@ -1875,13 +1842,10 @@ mod tests {
// A -> X -> C --> D -
// ^-----------/ /
// |---------------/
let mut ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EA);
let mut eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EB);
let mut ec: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(EC);
let mut ed: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(ED);
let mut ea = EA.clone();
let mut eb = EB.clone();
let mut ec = EC.clone();
let mut ed = ED.clone();
ea.add_ava(Attribute::Member, Value::new_refer_s(UUID_B).unwrap());
ea.add_ava(Attribute::MemberOf, Value::new_refer_s(UUID_A).unwrap());

163
server/lib/src/plugins/protected.rs
View file

@ -461,15 +461,15 @@ mod tests {
#[test]
fn test_pre_create_deny() {
// Test creating with class: system is rejected.
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["account", "person", "system"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::System.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("testperson".to_string())
)
);
let create = vec![e];
@ -487,15 +487,15 @@ mod tests {
#[test]
fn test_pre_modify_system_deny() {
// Test modify of class to a system is denied
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["account", "person", "system"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::System.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("testperson".to_string())
)
);
let mut preload = PRELOAD.clone();
@ -519,15 +519,18 @@ mod tests {
fn test_pre_modify_class_add_deny() {
// Show that adding a system class is denied
// TODO: replace this with a `SchemaClass` object
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["testclass"],
"uuid": ["cfcae205-31c3-484b-8ced-667d1709c5e3"],
"description": ["Test Class"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("testclass")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
)
);
let mut preload = PRELOAD.clone();
preload.push(e);
@ -535,7 +538,10 @@ mod tests {
run_modify_test!(
Ok(()),
preload,
filter!(f_eq(Attribute::ClassName, EntryClass::TestClass.into())),
filter!(f_eq(
Attribute::ClassName,
PartialValue::new_iutf8("testclass")
)),
modlist!([
m_pres(Attribute::May, &Value::from(Attribute::Name)),
m_pres(Attribute::Must, &Value::from(Attribute::Name)),
@ -549,15 +555,15 @@ mod tests {
#[test]
fn test_pre_delete_deny() {
// Test deleting with class: system is rejected.
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["account", "person", "system"],
"name": ["testperson"],
"description": ["testperson"],
"displayname": ["testperson"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::Account.to_value()),
(Attribute::Class, EntryClass::Person.to_value()),
(Attribute::Class, EntryClass::System.to_value()),
(Attribute::Name, Value::new_iname("testperson")),
(
Attribute::DisplayName,
Value::Utf8("testperson".to_string())
)
);
let mut preload = PRELOAD.clone();
@ -576,20 +582,19 @@ mod tests {
fn test_modify_domain() {
// Can edit *my* domain_ssid and domain_name
// Show that adding a system class is denied
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["domain_info"],
"name": ["domain_example.net.au"],
"uuid": ["96fd1112-28bc-48ae-9dda-5acb4719aaba"],
"domain_uuid": ["96fd1112-28bc-48ae-9dda-5acb4719aaba"],
"description": ["Demonstration of a remote domain's info being created for uuid generation in test_modify_domain"],
"domain_name": ["example.net.au"],
"domain_display_name": ["example.net.au"],
"domain_ssid": ["Example_Wifi"],
"version": ["1"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::DomainInfo.to_value()),
(Attribute::Name, Value::new_iname("domain_example.net.au")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!("96fd1112-28bc-48ae-9dda-5acb4719aaba"))),
(
Attribute::Description,
Value::new_utf8s("Demonstration of a remote domain's info being created for uuid generation in test_modify_domain")
),
(Attribute::DomainUuid, Value::Uuid(uuid::uuid!("96fd1112-28bc-48ae-9dda-5acb4719aaba"))),
(Attribute::DomainName, Value::new_iname("example.net.au")),
(Attribute::DomainDisplayName, Value::Utf8("example.net.au".to_string())),
(Attribute::DomainSsid, Value::Utf8("Example_Wifi".to_string())),
(Attribute::Version, Value::Uint32(1))
);
let mut preload = PRELOAD.clone();
@ -615,22 +620,21 @@ mod tests {
#[test]
fn test_ext_create_domain() {
// can not add a domain_info type - note the lack of class: system
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["domain_info"],
"name": ["domain_example.net.au"],
"uuid": ["96fd1112-28bc-48ae-9dda-5acb4719aaba"],
"domain_uuid": ["96fd1112-28bc-48ae-9dda-5acb4719aaba"],
"description": ["Demonstration of a remote domain's info being created for uuid generation in test_ext_create_domain"],
"domain_name": ["example.net.au"],
"domain_display_name": ["example.net.au"],
"domain_ssid": ["Example_Wifi"],
"version": ["1"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::DomainInfo.to_value()),
(Attribute::Name, Value::new_iname("domain_example.net.au")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!("96fd1112-28bc-48ae-9dda-5acb4719aaba"))),
(
Attribute::Description,
Value::new_utf8s("Demonstration of a remote domain's info being created for uuid generation in test_modify_domain")
),
(Attribute::DomainUuid, Value::Uuid(uuid::uuid!("96fd1112-28bc-48ae-9dda-5acb4719aaba"))),
(Attribute::DomainName, Value::new_iname("example.net.au")),
(Attribute::DomainDisplayName, Value::Utf8("example.net.au".to_string())),
(Attribute::DomainSsid, Value::Utf8("Example_Wifi".to_string())),
(Attribute::Version, Value::Uint32(1))
);
let create = vec![e];
let preload = PRELOAD.clone();
@ -646,20 +650,19 @@ mod tests {
#[test]
fn test_delete_domain() {
// On the real thing we have a class: system, but to prove the point ...
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["domain_info"],
"name": ["domain_example.net.au"],
"uuid": ["96fd1112-28bc-48ae-9dda-5acb4719aaba"],
"domain_uuid": ["96fd1112-28bc-48ae-9dda-5acb4719aaba"],
"description": ["Demonstration of a remote domain's info being created for uuid generation in test_delete_domain"],
"domain_name": ["example.net.au"],
"domain_display_name": ["example.net.au"],
"domain_ssid": ["Example_Wifi"],
"version": ["1"]
}
}"#,
let e = entry_init!(
(Attribute::Class, EntryClass::DomainInfo.to_value()),
(Attribute::Name, Value::new_iname("domain_example.net.au")),
(Attribute::Uuid, Value::Uuid(uuid::uuid!("96fd1112-28bc-48ae-9dda-5acb4719aaba"))),
(
Attribute::Description,
Value::new_utf8s("Demonstration of a remote domain's info being created for uuid generation in test_modify_domain")
),
(Attribute::DomainUuid, Value::Uuid(uuid::uuid!("96fd1112-28bc-48ae-9dda-5acb4719aaba"))),
(Attribute::DomainName, Value::new_iname("example.net.au")),
(Attribute::DomainDisplayName, Value::Utf8("example.net.au".to_string())),
(Attribute::DomainSsid, Value::Utf8("Example_Wifi".to_string())),
(Attribute::Version, Value::Uint32(1))
);
let mut preload = PRELOAD.clone();

159
server/lib/src/plugins/refint.rs
View file

@ -522,19 +522,16 @@ mod tests {
fn test_create_uuid_reference_self() {
let preload: Vec<Entry<EntryInit, EntryNew>> = Vec::with_capacity(0);
let e: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup"],
"description": ["testgroup"],
"uuid": ["8cef42bc-2cac-43e4-96b3-8f54561885ca"],
"member": ["8cef42bc-2cac-43e4-96b3-8f54561885ca"]
}
}"#,
let id = uuid::uuid!("8cef42bc-2cac-43e4-96b3-8f54561885ca");
let e_group = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup")),
(Attribute::Uuid, Value::Uuid(id)),
(Attribute::Member, Value::Refer(id))
);
let create = vec![e];
let create = vec![e_group];
run_create_test!(
Ok(()),
@ -556,25 +553,18 @@ mod tests {
// Modify references a different object - allow
#[test]
fn test_modify_uuid_reference_exist() {
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!(TEST_TESTGROUP_A_UUID))
)
);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_b"],
"description": ["testgroup"]
}
}"#,
let eb = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_b"))
);
let preload = vec![ea, eb];
@ -599,14 +589,9 @@ mod tests {
// Modify reference something that doesn't exist - must be rejected
#[test]
fn test_modify_uuid_reference_not_exist() {
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_b"],
"description": ["testgroup"]
}
}"#,
let eb = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_b"))
);
let preload = vec![eb];
@ -634,25 +619,18 @@ mod tests {
// we fail.
#[test]
fn test_modify_uuid_reference_partial_not_exist() {
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!(TEST_TESTGROUP_A_UUID))
)
);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_b"],
"description": ["testgroup"]
}
}"#,
let eb = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_b"))
);
let preload = vec![ea, eb];
@ -682,26 +660,22 @@ mod tests {
// Modify removes the reference to an entry
#[test]
fn test_modify_remove_referee() {
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!(TEST_TESTGROUP_A_UUID))
)
);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_b"],
"description": ["testgroup"],
"member": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let eb = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_b")),
(
Attribute::Member,
Value::Refer(uuid::uuid!(TEST_TESTGROUP_A_UUID))
)
);
let preload = vec![ea, eb];
@ -723,15 +697,13 @@ mod tests {
// Modify adds reference to self - allow
#[test]
fn test_modify_uuid_reference_self() {
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!(TEST_TESTGROUP_A_UUID))
)
);
let preload = vec![ea];
@ -756,25 +728,18 @@ mod tests {
// Test that deleted entries can not be referenced
#[test]
fn test_modify_reference_deleted() {
let ea: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_a"],
"description": ["testgroup"],
"uuid": ["d2b496bd-8493-47b7-8142-f568b5cf47ee"]
}
}"#,
let ea = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_a")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!(TEST_TESTGROUP_A_UUID))
)
);
let eb: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["group"],
"name": ["testgroup_b"],
"description": ["testgroup"]
}
}"#,
let eb = entry_init!(
(Attribute::Class, EntryClass::Group.to_value()),
(Attribute::Name, Value::new_iname("testgroup_b"))
);
let preload = vec![ea, eb];

456
server/lib/src/schema.rs
View file

@ -2332,8 +2332,7 @@ mod tests {
$e:expr,
$type:ty
) => {{
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str($e);
let ev1 = e1.into_sealed_committed();
let ev1 = $e.into_sealed_committed();
let r1 = <$type>::try_from(&ev1);
assert!(r1.is_ok());
@ -2345,8 +2344,7 @@ mod tests {
$e:expr,
$type:ty
) => {{
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str($e);
let ev1 = e1.into_sealed_committed();
let ev1 = $e.into_sealed_committed();
let r1 = <$type>::try_from(&ev1);
assert!(r1.is_err());
@ -2356,110 +2354,160 @@ mod tests {
#[test]
fn test_schema_attribute_from_entry() {
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"unique": ["false"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(Attribute::Unique, Value::Bool(false))
),
SchemaAttribute
);
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"multivalue": ["false"],
"unique": ["false"],
"index": ["EQUALITY"],
"syntax": ["UTF8STRING"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(Attribute::MultiValue, Value::Bool(false)),
(Attribute::Unique, Value::Bool(false)),
(Attribute::Syntax, Value::Syntax(SyntaxType::Utf8String)),
(Attribute::Index, Value::Index(IndexType::Equality))
),
SchemaAttribute
);
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"description": ["Test attr parsing"],
"multivalue": ["htouaoeu"],
"unique": ["false"],
"index": ["EQUALITY"],
"syntax": ["UTF8STRING"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("Test attr parsing".to_string())
),
(Attribute::MultiValue, Value::Utf8("htouaoeu".to_string())),
(Attribute::Unique, Value::Bool(false)),
(Attribute::Syntax, Value::Syntax(SyntaxType::Utf8String)),
(Attribute::Index, Value::Index(IndexType::Equality))
),
SchemaAttribute
);
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"description": ["Test attr parsing"],
"multivalue": ["false"],
"unique": ["false"],
"index": ["NTEHNOU"],
"syntax": ["UTF8STRING"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("Test attr parsing".to_string())
),
(Attribute::MultiValue, Value::Bool(false)),
(Attribute::Unique, Value::Bool(false)),
(Attribute::Syntax, Value::Syntax(SyntaxType::Utf8String)),
(Attribute::Index, Value::Utf8("NTEHNOU".to_string()))
),
SchemaAttribute
);
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"description": ["Test attr parsing"],
"multivalue": ["false"],
"unique": ["false"],
"index": ["EQUALITY"],
"syntax": ["TNEOUNTUH"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("Test attr parsing".to_string())
),
(Attribute::MultiValue, Value::Bool(false)),
(Attribute::Unique, Value::Bool(false)),
(Attribute::Syntax, Value::Utf8("TNEOUNTUH".to_string())),
(Attribute::Index, Value::Index(IndexType::Equality))
),
SchemaAttribute
);
// Index is allowed to be empty
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"description": ["Test attr parsing"],
"multivalue": ["false"],
"unique": ["false"],
"syntax": ["UTF8STRING"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("Test attr parsing".to_string())
),
(Attribute::MultiValue, Value::Bool(false)),
(Attribute::Unique, Value::Bool(false)),
(Attribute::Syntax, Value::Syntax(SyntaxType::Utf8String))
),
SchemaAttribute
);
// Index present
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "attributetype"],
"attributename": ["schema_attr_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"description": ["Test attr parsing"],
"multivalue": ["false"],
"unique": ["false"],
"index": ["EQUALITY"],
"syntax": ["UTF8STRING"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AttributeType.to_value()),
(
Attribute::AttributeName,
Value::new_iutf8("schema_attr_test")
),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("Test attr parsing".to_string())
),
(Attribute::MultiValue, Value::Bool(false)),
(Attribute::Unique, Value::Bool(false)),
(Attribute::Syntax, Value::Syntax(SyntaxType::Utf8String)),
(Attribute::Index, Value::Index(IndexType::Equality))
),
SchemaAttribute
);
}
@ -2467,95 +2515,126 @@ mod tests {
#[test]
fn test_schema_class_from_entry() {
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["schema_class_test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
)
),
SchemaClass
);
sch_from_entry_err!(
r#"{
"attrs": {
"class": ["object"],
"classname": ["schema_class_test"],
"description": ["class test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
)
),
SchemaClass
);
// Classes can be valid with no attributes provided.
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["schema_class_test"],
"description": ["class test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
)
),
SchemaClass
);
// Classes with various may/must
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["schema_class_test"],
"description": ["class test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"systemmust": ["d"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
),
(Attribute::SystemMust, Value::new_iutf8("a"))
),
SchemaClass
);
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["schema_class_test"],
"description": ["class test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"systemmay": ["c"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
),
(Attribute::SystemMay, Value::new_iutf8("a"))
),
SchemaClass
);
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["schema_class_test"],
"description": ["class test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"may": ["a"],
"must": ["b"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
),
(Attribute::May, Value::new_iutf8("a")),
(Attribute::Must, Value::new_iutf8("b"))
),
SchemaClass
);
sch_from_entry_ok!(
r#"{
"attrs": {
"class": ["object", "classtype"],
"classname": ["schema_class_test"],
"description": ["class test"],
"uuid": ["66c68b2f-d02c-4243-8013-7946e40fe321"],
"may": ["a"],
"must": ["b"],
"systemmay": ["c"],
"systemmust": ["d"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::ClassType.to_value()),
(Attribute::ClassName, Value::new_iutf8("schema_class_test")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("66c68b2f-d02c-4243-8013-7946e40fe321"))
),
(
Attribute::Description,
Value::Utf8("class test".to_string())
),
(Attribute::May, Value::new_iutf8("a")),
(Attribute::Must, Value::new_iutf8("b")),
(Attribute::SystemMay, Value::new_iutf8("c")),
(Attribute::SystemMust, Value::new_iutf8("d"))
),
SchemaClass
);
}
@ -2813,61 +2892,18 @@ mod tests {
assert!(e_ok.validate(&schema).is_ok());
}
#[test]
fn test_schema_entry_validate() {
// Check that entries can be normalised and validated sanely
let schema_outer = Schema::new().expect("failed to create schema");
let schema = schema_outer.write_blocking();
// Check syntax to upper
// check index to upper
// insense to lower
// attr name to lower
let e_test: Entry<EntryInvalid, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["extensibleobject"],
"attributename": ["TestPerson"],
"syntax": ["utf8string"],
"UUID": ["db237e8a-0079-4b8c-8a56-593b22aa44d1"],
"InDeX": ["equality"]
}
}"#,
)
.into_invalid_new();
let e_expect: Entry<EntryValid, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["extensibleobject"],
"attributename": ["testperson"],
"syntax": ["UTF8STRING"],
"uuid": ["db237e8a-0079-4b8c-8a56-593b22aa44d1"],
"index": ["EQUALITY"]
}
}"#,
)
.into_valid_new();
let e_valid = e_test.validate(&schema).expect("validation failure");
assert_eq!(e_expect, e_valid);
}
#[test]
fn test_schema_extensible() {
let schema_outer = Schema::new().expect("failed to create schema");
let schema = schema_outer.read();
// Just because you are extensible, doesn't mean you can be lazy
let e_extensible_bad: Entry<EntryInvalid, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["extensibleobject"],
"uuid": ["db237e8a-0079-4b8c-8a56-593b22aa44d1"],
"multivalue": ["zzzz"]
}
}"#,
let e_extensible_bad = entry_init!(
(Attribute::Class, EntryClass::ExtensibleObject.to_value()),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("db237e8a-0079-4b8c-8a56-593b22aa44d1"))
),
(Attribute::MultiValue, Value::Utf8("zzzz".to_string()))
)
.into_invalid_new();
@ -2879,14 +2915,13 @@ mod tests {
);
// Extensible doesn't mean you can have the phantoms
let e_extensible_phantom: Entry<EntryInvalid, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["extensibleobject"],
"uuid": ["db237e8a-0079-4b8c-8a56-593b22aa44d1"],
"password_import": ["zzzz"]
}
}"#,
let e_extensible_phantom = entry_init!(
(Attribute::Class, EntryClass::ExtensibleObject.to_value()),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("db237e8a-0079-4b8c-8a56-593b22aa44d1"))
),
(Attribute::PasswordImport, Value::Utf8("zzzz".to_string()))
)
.into_invalid_new();
@ -2897,14 +2932,13 @@ mod tests {
))
);
let e_extensible: Entry<EntryInvalid, EntryNew> = Entry::unsafe_from_entry_str(
r#"{
"attrs": {
"class": ["extensibleobject"],
"uuid": ["db237e8a-0079-4b8c-8a56-593b22aa44d1"],
"multivalue": ["true"]
}
}"#,
let e_extensible = entry_init!(
(Attribute::Class, EntryClass::ExtensibleObject.to_value()),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("db237e8a-0079-4b8c-8a56-593b22aa44d1"))
),
(Attribute::MultiValue, Value::Bool(true))
)
.into_invalid_new();

281
server/lib/src/server/access/mod.rs
View file

@ -1110,8 +1110,7 @@ mod tests {
$e:expr,
$type:ty
) => {{
let e1: Entry<EntryInit, EntryNew> = Entry::unsafe_from_entry_str($e);
let ev1 = e1.into_sealed_committed();
let ev1 = $e.into_sealed_committed();
let r1 = <$type>::try_from($qs, &ev1);
error!(?r1);
@ -1147,39 +1146,66 @@ mod tests {
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object"],
"name": ["acp_invalid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Name, Value::new_iname("acp_invalid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
)
),
AccessControlProfile
);
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile", "access_control_receiver_g", "access_control_target_scope"],
"name": ["acp_invalid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(
Attribute::Class,
EntryClass::AccessControlReceiverGroup.to_value()
),
(
Attribute::Class,
EntryClass::AccessControlTargetScope.to_value()
),
(Attribute::Name, Value::new_iname("acp_invalid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
)
),
AccessControlProfile
);
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile", "access_control_receiver_g", "access_control_target_scope"],
"name": ["acp_invalid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [""]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(
Attribute::Class,
EntryClass::AccessControlReceiverGroup.to_value()
),
(
Attribute::Class,
EntryClass::AccessControlTargetScope.to_value()
),
(Attribute::Name, Value::new_iname("acp_invalid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(Attribute::AcpReceiverGroup, Value::Bool(true)),
(Attribute::AcpTargetScope, Value::Bool(true))
),
AccessControlProfile
);
@ -1192,6 +1218,14 @@ mod tests {
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(
Attribute::Class,
EntryClass::AccessControlReceiverGroup.to_value()
),
(
Attribute::Class,
EntryClass::AccessControlTargetScope.to_value()
),
(Attribute::Name, Value::new_iname("acp_valid")),
(
Attribute::Uuid,
@ -1216,17 +1250,26 @@ mod tests {
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile"],
"name": ["acp_valid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [
"{\"eq\":[\"name\",\"a\"]}"
]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(Attribute::Name, Value::new_iname("acp_valid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpReceiverGroup,
Value::Refer(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpTargetScope,
Value::new_json_filter_s("{\"eq\":[\"name\",\"a\"]}").expect("filter")
)
),
AccessControlDelete
);
@ -1265,53 +1308,80 @@ mod tests {
// Missing class acp
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_search"],
"name": ["acp_invalid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [
"{\"eq\":[\"name\",\"a\"]}"
],
"acp_search_attr": ["name", "class"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(Attribute::Class, EntryClass::AccessControlSearch.to_value()),
(Attribute::Name, Value::new_iname("acp_valid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpReceiverGroup,
Value::Refer(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpTargetScope,
Value::new_json_filter_s("{\"eq\":[\"name\",\"a\"]}").expect("filter")
),
(Attribute::AcpSearchAttr, Value::from(Attribute::Name)),
(Attribute::AcpSearchAttr, Value::new_iutf8("class"))
),
AccessControlSearch
);
// Missing class acs
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile"],
"name": ["acp_invalid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [
"{\"eq\":[\"name\",\"a\"]}"
],
"acp_search_attr": ["name", "class"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(Attribute::Name, Value::new_iname("acp_valid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpReceiverGroup,
Value::Refer(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpTargetScope,
Value::new_json_filter_s("{\"eq\":[\"name\",\"a\"]}").expect("filter")
),
(Attribute::AcpSearchAttr, Value::from(Attribute::Name)),
(Attribute::AcpSearchAttr, Value::new_iutf8("class"))
),
AccessControlSearch
);
// Missing attr acp_search_attr
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile", "access_control_search"],
"name": ["acp_invalid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [
"{\"eq\":[\"name\",\"a\"]}"
]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(Attribute::Class, EntryClass::AccessControlSearch.to_value()),
(Attribute::Name, Value::new_iname("acp_valid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpReceiverGroup,
Value::Refer(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpTargetScope,
Value::new_json_filter_s("{\"eq\":[\"name\",\"a\"]}").expect("filter")
)
),
AccessControlSearch
);
@ -1352,20 +1422,26 @@ mod tests {
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile"],
"name": ["acp_valid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [
"{\"eq\":[\"name\",\"a\"]}"
],
"acp_modify_removedattr": ["name"],
"acp_modify_presentattr": ["name"],
"acp_modify_class": ["object"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(Attribute::Name, Value::new_iname("acp_invalid")),
(
Attribute::Uuid,
Value::Uuid(uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpReceiverGroup,
Value::Refer(uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpTargetScope,
Value::new_json_filter_s("{\"eq\":[\"name\",\"a\"]}").expect("filter")
)
),
AccessControlModify
);
@ -1438,19 +1514,28 @@ mod tests {
acp_from_entry_err!(
&mut qs_write,
r#"{
"attrs": {
"class": ["object", "access_control_profile"],
"name": ["acp_valid"],
"uuid": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_receiver_group": ["cc8e95b4-c24f-4d68-ba54-8bed76f63930"],
"acp_targetscope": [
"{\"eq\":[\"name\",\"a\"]}"
],
"acp_create_class": ["object"],
"acp_create_attr": ["name"]
}
}"#,
entry_init!(
(Attribute::Class, EntryClass::Object.to_value()),
(
Attribute::Class,
EntryClass::AccessControlProfile.to_value()
),
(Attribute::Name, Value::new_iname("acp_invalid")),
(
Attribute::Uuid,
Value::Uuid(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpReceiverGroup,
Value::Refer(uuid::uuid!("cc8e95b4-c24f-4d68-ba54-8bed76f63930"))
),
(
Attribute::AcpTargetScope,
Value::new_json_filter_s("{\"eq\":[\"name\",\"a\"]}").expect("filter")
),
(Attribute::AcpCreateAttr, Value::from(Attribute::Name)),
(Attribute::AcpCreateClass, EntryClass::Object.to_value())
),
AccessControlCreate
);

10
server/lib/src/value.rs
View file

@ -2193,13 +2193,13 @@ mod tests {
#[test]
fn test_value_index_tryfrom() {
let r1 = IndexType::try_from("EQUALITY");
let r1 = IndexType::try_from("EQualiTY");
assert_eq!(r1, Ok(IndexType::Equality));
let r2 = IndexType::try_from("PRESENCE");
let r2 = IndexType::try_from("PResenCE");
assert_eq!(r2, Ok(IndexType::Presence));
let r3 = IndexType::try_from("SUBSTRING");
let r3 = IndexType::try_from("SUbstrING");
assert_eq!(r3, Ok(IndexType::SubString));
let r4 = IndexType::try_from("thaoeusaneuh");
@ -2208,10 +2208,10 @@ mod tests {
#[test]
fn test_value_syntax_tryfrom() {
let r1 = SyntaxType::try_from("UTF8STRING");
let r1 = SyntaxType::try_from("UTF8strinG");
assert_eq!(r1, Ok(SyntaxType::Utf8String));
let r2 = SyntaxType::try_from("UTF8STRING_INSENSITIVE");
let r2 = SyntaxType::try_from("UTF8STRING_INSensitIVE");
assert_eq!(r2, Ok(SyntaxType::Utf8StringInsensitive));
let r3 = SyntaxType::try_from("BOOLEAN");