mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-06 10:46:21 +08:00
test attrval.{exact,regex} (related to ITS#4253)
This commit is contained in:
parent
da03eb0390
commit
33cccee62a
@ -20,6 +20,19 @@ mail: jaj@mail.alumni.example.com
|
||||
facsimileTelephoneNumber: +1 313 555 4332
|
||||
telephoneNumber: +1 313 555 0895
|
||||
|
||||
# Checking exact/regex attrval clause
|
||||
dn: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com
|
||||
cn: Mark A Elliot
|
||||
|
||||
dn: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com
|
||||
cn: Mark Elliot
|
||||
|
||||
dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
|
||||
cn: John Doe
|
||||
|
||||
dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
|
||||
cn: Jonathon Doe
|
||||
|
||||
# Using ldapsearch to retrieve all the entries...
|
||||
dn: ou=Add & Delete,dc=example,dc=com
|
||||
objectClass: organizationalUnit
|
||||
@ -316,8 +329,6 @@ telephoneNumber: +1 313 555 7334
|
||||
|
||||
dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
|
||||
objectClass: OpenLDAPperson
|
||||
cn: John Doe
|
||||
cn: Jonathon Doe
|
||||
sn: Doe
|
||||
uid: johnd
|
||||
postalAddress: ITD $ 535 W. William $ Anytown, MI 48109
|
||||
|
@ -63,6 +63,34 @@ access to filter="(objectclass=person)" attr=userpassword
|
||||
by anonymous auth
|
||||
by self =wx
|
||||
|
||||
access to dn.exact="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com"
|
||||
attrs=cn val="Mark A Elliot"
|
||||
by dn="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
|
||||
by * break
|
||||
|
||||
access to dn.exact="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com"
|
||||
attrs=cn val="Mark Elliot"
|
||||
by dn="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
|
||||
by * break
|
||||
|
||||
access to dn.exact="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com"
|
||||
attrs=cn
|
||||
by * search
|
||||
|
||||
access to dn.exact="cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
||||
attrs=cn val.regex="^John D.*"
|
||||
by dn="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
|
||||
by * break
|
||||
|
||||
access to dn.exact="cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
||||
attrs=cn val.regex="^Jonath.*"
|
||||
by dn="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
|
||||
by * break
|
||||
|
||||
access to dn.exact="cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
||||
attrs=cn
|
||||
by * search
|
||||
|
||||
access to dn.children="ou=Alumni Association,ou=People,dc=example,dc=com"
|
||||
by dn.regex=".+,dc=example,dc=com" +c continue
|
||||
by dn.subtree="dc=example,dc=com" +rs continue
|
||||
|
@ -205,6 +205,8 @@ PASSWD=secret
|
||||
BABSDN="cn=Barbara Jensen,ou=Information Technology DivisioN,OU=People,dc=example,dc=com"
|
||||
BJORNSDN="cn=Bjorn Jensen,ou=Information Technology DivisioN,OU=People,dc=example,dc=com"
|
||||
JAJDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
|
||||
JOHNDDN="cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
||||
MELLIOTDN="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com"
|
||||
REFINTDN="cn=Manager,o=refint"
|
||||
RETCODEDN="ou=RetCodes,$BASEDN"
|
||||
UNIQUEDN="cn=Manager,o=unique"
|
||||
|
@ -80,6 +80,22 @@ echo "# ... and should return all attributes if we're bound as anyone
|
||||
$LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT1 \
|
||||
-D "$BABSDN" -w bjensen "(objectclass=*)" >> $SEARCHOUT 2>&1
|
||||
|
||||
# ITS#4253
|
||||
echo "# Checking exact/regex attrval clause" >> $SEARCHOUT
|
||||
$LDAPSEARCH -h $LOCALHOST -p $PORT1 \
|
||||
-D "$BABSDN" -w bjensen \
|
||||
-b "$MELLIOTDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
|
||||
$LDAPSEARCH -h $LOCALHOST -p $PORT1 \
|
||||
-D "$BJORNSDN" -w bjorn \
|
||||
-b "$MELLIOTDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
|
||||
|
||||
$LDAPSEARCH -h $LOCALHOST -p $PORT1 \
|
||||
-D "$BABSDN" -w bjensen \
|
||||
-b "$JOHNDDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
|
||||
$LDAPSEARCH -h $LOCALHOST -p $PORT1 \
|
||||
-D "$BJORNSDN" -w bjorn \
|
||||
-b "$JOHNDDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
|
||||
|
||||
#
|
||||
# Check group access. Try to modify Babs' entry. Two attempts:
|
||||
# 1) bound as "James A Jones 1" - should fail
|
||||
|
Loading…
Reference in New Issue
Block a user