mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-03-07 14:18:15 +08:00
Added group ACL tests
This commit is contained in:
parent
a8297e6d22
commit
615af63d04
@ -83,6 +83,7 @@ homepostaladdress: 123 Wesley $ Ann Arbor, MI 48103
|
||||
description: Mythical manager of the rsdd unix project
|
||||
drink: water
|
||||
homephone: +1 313 555 2333
|
||||
homephone: +1 313 555 5444
|
||||
pager: +1 313 555 3233
|
||||
facsimiletelephonenumber: +1 313 555 2274
|
||||
telephonenumber: +1 313 555 9022
|
||||
|
@ -61,6 +61,10 @@ access to filter="(objectclass=groupofnames)"
|
||||
by dn="^cn=Bjorn Jensen,ou=Information Technology Division,ou=People,o=University of Michigan,c=US$" +rw stop
|
||||
by * break
|
||||
|
||||
access to dn.children="ou=Information Technology Division,ou=People,o=University of Michigan,c=US"
|
||||
by group.exact="cn=ITD Staff,ou=Groups,o=University of Michigan,c=US" write
|
||||
by * read
|
||||
|
||||
access to filter="(name=X*Y*Z)"
|
||||
by * continue
|
||||
|
||||
|
@ -73,6 +73,29 @@ $LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT "objectclass=*" \
|
||||
$LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT \
|
||||
-D "$BABSDN" -w bjensen "objectclass=*" >> $SEARCHOUT 2>&1
|
||||
|
||||
#
|
||||
# Check group access. Try to modify Babs' entry. Two attempts:
|
||||
# 1) bound as "James A Jones 1" - should fail
|
||||
# 2) bound as "Bjorn Jensen" - should succeed
|
||||
|
||||
$LDAPMODIFY -D "$JAJDN" -h $LOCALHOST -p $PORT -w jaj >> \
|
||||
$TESTOUT 2>&1 << EOMODS5
|
||||
dn: $BABSDN
|
||||
changetype: modify
|
||||
replace: drink
|
||||
drink: wine
|
||||
|
||||
EOMODS5
|
||||
|
||||
|
||||
$LDAPMODIFY -D "$BJORNSDN" -h $LOCALHOST -p $PORT -w bjorn >> \
|
||||
$TESTOUT 2>&1 << EOMODS6
|
||||
dn: $BABSDN
|
||||
changetype: modify
|
||||
add: homephone
|
||||
homephone: +1 313 555 5444
|
||||
|
||||
EOMODS6
|
||||
|
||||
#
|
||||
# Try to add a "member" attribute to the "All Staff" group. It should
|
||||
|
Loading…
Reference in New Issue
Block a user