diff options
Diffstat (limited to 'tests/scripts/test052-memberof')
| -rwxr-xr-x | tests/scripts/test052-memberof | 464 |
1 files changed, 464 insertions, 0 deletions
diff --git a/tests/scripts/test052-memberof b/tests/scripts/test052-memberof new file mode 100755 index 0000000..afa5eb9 --- /dev/null +++ b/tests/scripts/test052-memberof @@ -0,0 +1,464 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $MEMBEROF = memberofno; then + echo "Memberof overlay not available, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR1 $TESTDIR/confdir + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +echo "Starting slapd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $NAKEDCONF > $CONF1 +$SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL > $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$PID" + +sleep 1 +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +cat /dev/null > $TESTOUT + +if [ "$MEMBEROF" = memberofmod ]; then + echo "Inserting memberof overlay on provider..." + $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1 +dn: cn=module,cn=config +objectClass: olcModuleList +cn: module +olcModulePath: ../servers/slapd/overlays +olcModuleLoad: memberof.la +EOF + RC=$? + if test $RC != 0 ; then + echo "ldapadd failed for moduleLoad ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + fi +fi + +indexInclude="" mainInclude="" nullExclude="" +test $INDEXDB = indexdb || indexInclude="# " +test $MAINDB = maindb || mainInclude="# " +case $BACKEND in +null) nullExclude="# " ;; +esac + +echo "Running ldapadd to build slapd config database..." +$LDAPADD -H $URI1 -D 'cn=config' -w `cat $CONFIGPWF` \ + >> $TESTOUT 2>&1 <<EOF +dn: cn=symas group example,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: symas group example +olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.1 + NAME 'memberA' SUP distinguishedName ) +olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.2 + NAME 'memberOfA' SUP distinguishedName ) +olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.3 + NAME 'memberB' SUP distinguishedName ) +olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.4 + NAME 'memberOfB' SUP distinguishedName ) +olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.5 + NAME 'memberOfC' SUP distinguishedName ) +olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.1 + NAME 'groupA' SUP top STRUCTURAL MUST cn MAY memberA ) +olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.2 + NAME 'groupMemberA' SUP top AUXILIARY MAY ( memberOfA $ memberOfC ) ) +olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.3 + NAME 'groupB' SUP top STRUCTURAL MUST cn MAY memberB ) +olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.4 + NAME 'groupMemberB' SUP top AUXILIARY MAY memberOfB ) + +dn: olcDatabase={1}$BACKEND,cn=config +objectClass: olcDatabaseConfig +${nullExclude}objectClass: olc${BACKEND}Config +olcDatabase: {1}$BACKEND +olcSuffix: $BASEDN +olcRootDN: cn=Manager,$BASEDN +olcRootPW:: c2VjcmV0 +olcMonitoring: TRUE +${nullExclude}olcDbDirectory: $TESTDIR/db.1.a/ +${indexInclude}olcDbIndex: objectClass eq +${indexInclude}olcDbIndex: cn pres,eq,sub +${indexInclude}olcDbIndex: uid pres,eq,sub +${indexInclude}olcDbIndex: sn pres,eq,sub +${mainInclude}olcDbMode: 384" + +dn: olcOverlay={0}memberof,olcDatabase={1}$BACKEND,cn=config +objectClass: olcOverlayConfig +objectClass: olcMemberOfConfig +olcOverlay: {0}memberof +olcMemberOfRefInt: TRUE +olcMemberOfGroupOC: groupOfNames +olcMemberOfMemberAD: member +olcMemberOfMemberOfAD: memberOf + +dn: olcOverlay={1}memberof,olcDatabase={1}$BACKEND,cn=config +objectClass: olcOverlayConfig +objectClass: olcMemberOfConfig +olcOverlay: {1}memberof +olcMemberOfRefInt: TRUE +olcMemberOfGroupOC: groupA +olcMemberOfMemberAD: memberA +olcMemberOfMemberOfAD: memberOfA + +dn: olcOverlay={2}memberof,olcDatabase={1}$BACKEND,cn=config +objectClass: olcOverlayConfig +objectClass: olcMemberOfConfig +olcOverlay: {2}memberof +olcMemberOfRefInt: TRUE +olcMemberOfGroupOC: groupB +olcMemberOfMemberAD: memberB +olcMemberOfMemberOfAD: memberOfB + +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapadd to build slapd database..." +$LDAPADD -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: $BASEDN +objectClass: organization +objectClass: dcObject +o: Example, Inc. +dc: example + +dn: ou=People,$BASEDN +objectClass: organizationalUnit +ou: People + +dn: ou=Groups,$BASEDN +objectClass: organizationalUnit +ou: Groups + +dn: cn=Roger Rabbit,ou=People,$BASEDN +objectClass: inetOrgPerson +cn: Roger Rabbit +sn: Rabbit + +dn: cn=Baby Herman,ou=People,$BASEDN +objectClass: inetOrgPerson +cn: Baby Herman +sn: Herman + +dn: cn=Cartoonia,ou=Groups,$BASEDN +objectClass: groupOfNames +cn: Cartoonia +member: cn=Roger Rabbit,ou=People,$BASEDN +member: cn=Baby Herman,ou=People,$BASEDN +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Search the entire database..." +echo "# Search the entire database..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapmodify to add a member..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: cn=Jessica Rabbit,ou=People,$BASEDN +changetype: add +objectClass: inetOrgPerson +cn: Jessica Rabbit +sn: Rabbit + +dn: cn=Cartoonia,ou=Groups,$BASEDN +changetype: modify +add: member +member: cn=Jessica Rabbit,ou=People,$BASEDN +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after adding Jessica Rabbit and Cartoonia..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapmodify to rename a member..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: cn=Baby Herman,ou=People,$BASEDN +changetype: modrdn +newrdn: cn=Baby Herman Jr +deleteoldrdn: 1 +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after renaming Baby Herman..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapmodify to rename a group..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: cn=Cartoonia,ou=Groups,$BASEDN +changetype: modrdn +newrdn: cn=Toon town +deleteoldrdn: 1 + +dn: cn=Toon town,ou=Groups,$BASEDN +changetype: modrdn +newrdn: cn=Toon Town +deleteoldrdn: 1 +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after renaming Cartoonia..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapmodify to add self..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: cn=Toon Town,ou=Groups,$BASEDN +changetype: modify +add: member +member: cn=Toon Town,ou=Groups,$BASEDN +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after adding Toon Town to self..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapdelete to remove a member..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: cn=Baby Herman Jr,ou=People,$BASEDN +changetype: delete +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after deleting Baby Herman..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapdelete to remove a group..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 << EOF +dn: cn=Toon Town,ou=Groups,$BASEDN +changetype: delete +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after deleting Toon Town..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding groups with MAY member type schemas..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 <<EOF +dn: cn=Roger Rabbit,ou=People,$BASEDN +changetype: delete + +dn: cn=Jessica Rabbit,ou=People,$BASEDN +changetype: delete + +dn: cn=person1,ou=People,$BASEDN +changetype: add +objectClass: person +objectClass: groupMemberA +objectClass: groupMemberB +cn: person1 +sn: person1 + +dn: cn=person2,ou=People,$BASEDN +changetype: add +objectClass: person +objectClass: groupMemberA +objectClass: groupMemberB +cn: person2 +sn: person2 + +dn: cn=group1,ou=Groups,$BASEDN +changetype: add +objectclass: groupA +cn: group1 +memberA: cn=person1,ou=People,$BASEDN +memberA: cn=person2,ou=People,$BASEDN + +dn: cn=group2,ou=Groups,$BASEDN +changetype: add +objectclass: groupB +cn: group2 +memberB: cn=person1,ou=People,$BASEDN +memberB: cn=person2,ou=People,$BASEDN + +dn: cn=group1,ou=Groups,$BASEDN +changetype: modify +delete: memberA + +EOF + +echo "Re-search the entire database..." +echo "# Re-search the entire database after adding groups with MAY member type schemas..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running ldapmodify to reconfigure the schema used..." +$LDAPADD -H $URI1 -D 'cn=config' -w `cat $CONFIGPWF` \ + >> $TESTOUT 2>&1 <<EOF +dn: olcOverlay={1}memberof,olcDatabase={1}$BACKEND,cn=config +changetype: modify +replace: olcMemberOfMemberOfAD +olcMemberOfMemberOfAD: memberOfC + +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Updating groups to expose the new setting..." +$LDAPMODIFY -H $URI1 \ + -D "cn=Manager,$BASEDN" -w secret \ + >> $TESTOUT 2>&1 <<EOF +dn: cn=group1,ou=Groups,$BASEDN +changetype: modify +add: memberA +memberA: cn=person1,ou=People,$BASEDN +memberA: cn=person2,ou=People,$BASEDN + +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Re-search the entire database..." +echo "# Re-search the entire database after updating memberof configuration..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +LDIF=$MEMBEROFOUT + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < $LDIF > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + exit 1 +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 |