Added group ACL tests

tests/data/acl.out.master

@@ -83,6 +83,7 @@ homepostaladdress: 123 Wesley $ Ann Arbor, MI 48103
 description: Mythical manager of the rsdd unix project
 drink: water
 homephone: +1 313 555 2333
+homephone: +1 313 555 5444
 pager: +1 313 555 3233
 facsimiletelephonenumber: +1 313 555 2274
 telephonenumber: +1 313 555 9022

tests/data/slapd-acl.conf

@@ -61,6 +61,10 @@ access		to filter="(objectclass=groupofnames)"
 		by dn="^cn=Bjorn Jensen,ou=Information Technology Division,ou=People,o=University of Michigan,c=US$" +rw stop
 		by * break
 
+access		to dn.children="ou=Information Technology Division,ou=People,o=University of Michigan,c=US"
+		by group.exact="cn=ITD Staff,ou=Groups,o=University of Michigan,c=US" write
+		by * read
+
 access	to filter="(name=X*Y*Z)"
 		by * continue
 

tests/scripts/test006-acls

@@ -73,6 +73,29 @@ $LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT "objectclass=*" \
 $LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT \
 	-D "$BABSDN" -w bjensen "objectclass=*"  >> $SEARCHOUT 2>&1
 
+#
+# Check group access. Try to modify Babs' entry. Two attempts:
+# 1) bound as "James A Jones 1" - should fail
+# 2) bound as "Bjorn Jensen" - should succeed
+
+$LDAPMODIFY -D "$JAJDN" -h $LOCALHOST -p $PORT -w jaj >> \
+	$TESTOUT 2>&1 << EOMODS5
+dn: $BABSDN
+changetype: modify
+replace: drink
+drink: wine
+
+EOMODS5
+
+
+$LDAPMODIFY -D "$BJORNSDN" -h $LOCALHOST -p $PORT -w bjorn >> \
+	$TESTOUT 2>&1 << EOMODS6
+dn: $BABSDN
+changetype: modify
+add: homephone
+homephone: +1 313 555 5444
+
+EOMODS6
 
 #
 # Try to add a "member" attribute to the "All Staff" group.  It should