ITS#7423 Update slapo-constraint tests

tests/data/constraint/constraint.out

@@ -12,6 +12,8 @@ OK
 OK
 OK
 OK
+OK
+FAIL
 FAIL
 FAIL
 FAIL

tests/data/constraint/root.ldif

@@ -3,3 +3,23 @@ objectclass: dcObject
 objectclass: organization
 dc: example
 o: My Domain corp.
+
+dn: ou=users,dc=example,dc=com
+ou: users
+objectclass: organizationalUnit
+
+dn: ou=groups,dc=example,dc=com
+ou: groups
+objectclass: organizationalUnit
+
+dn: uid=1,ou=groups,dc=example,dc=com
+objectclass: inetOrgPerson
+cn: test 1
+sn: test1
+uid: 1
+
+dn: uid=2,ou=groups,dc=example,dc=com
+objectclass: inetOrgPerson
+cn: test 2
+sn: test2
+uid: 2

tests/data/constraint/t_fail_01.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_02.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_03.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_04.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_05.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_06.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: mail
 mail: a@example.com

tests/data/constraint/t_fail_07.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: mail
 mail: a@example.com

tests/data/constraint/t_fail_08.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_09.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_fail_10.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: example@not-allowed.com

tests/data/constraint/t_fail_11.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: mail
 mail: original@example.com

tests/data/constraint/t_fail_12.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: mail
 mail: original@example.com

tests/data/constraint/t_fail_13.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: givenname
 givenname: Joe

tests/data/constraint/t_fail_14.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: sn
 sn: Down

tests/data/constraint/t_fail_15.ldif

@@ -0,0 +1,5 @@
+dn: cn=John Doe,ou=users,dc=example,dc=com
+changetype: modify
+replace: uid
+uid: 3
+

tests/data/constraint/t_ok_01.ldif

@@ -1,3 +1,3 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: mail

tests/data/constraint/t_ok_02.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: mail
 mail: a@example.com

tests/data/constraint/t_ok_03.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: mail
 mail: a@example.com

tests/data/constraint/t_ok_04.ldif

@@ -1,3 +1,3 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: mail

tests/data/constraint/t_ok_05.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: a@example.com

tests/data/constraint/t_ok_06.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: mail
 -

tests/data/constraint/t_ok_07.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: mail
 -

tests/data/constraint/t_ok_08.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_ok_09.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 replace: mail
 mail: a@example.com

tests/data/constraint/t_ok_10.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_ok_11.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_ok_12.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_ok_13.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 add: mail
 mail: b@example.com

tests/data/constraint/t_ok_14.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 changetype: modify
 delete: description
 description: desc1

tests/data/constraint/t_ok_15.ldif

@@ -0,0 +1,5 @@
+dn: cn=John Doe,ou=users,dc=example,dc=com
+changetype: modify
+replace: uid
+uid: 2
+

tests/data/constraint/user.ldif

@@ -1,4 +1,4 @@
-dn: cn=John Doe,dc=example,dc=com
+dn: cn=John Doe,ou=users,dc=example,dc=com
 objectclass: inetOrgPerson
 objectclass: organizationalPerson
 cn: John Doe
@@ -7,3 +7,4 @@ sn: Doe
 mail: original@example.com
 description: desc1
 description: desc2
+uid: 1

tests/scripts/test064-constraint

@@ -13,7 +13,7 @@ ROOTLDIF="$CONSTRAINTDIR/root.ldif"
 USERLDIF="$CONSTRAINTDIR/user.ldif"
 RESULTOUT="$CONSTRAINTDIR/constraint.out"
 SCRIPTOUT="$TESTDIR/constraint.out"
-USERDN="cn=John Doe,$BASEDN"
+USERDN="cn=John Doe,ou=users,$BASEDN"
 
 CONFDIR=$TESTDIR/slapd.d
 mkdir -p $TESTDIR $CONFDIR $DBDIR1
@@ -88,13 +88,21 @@ dn: olcOverlay=constraint,olcDatabase={1}$BACKEND,cn=config
 objectClass: olcOverlayConfig
 objectClass: olcConstraintConfig
 olcOverlay: constraint
-olcConstraintAttribute: mail count 3
+olcConstraintAttribute: mail
+  count 3
+  restrict="ldap:///ou=users,$BASEDN??one?(objectClass=inetOrgPerson)"
+# check if restrict works (if not, this will apply to ou=users subtree as well
+# and some tests will fail)
+olcConstraintAttribute: mail count 1 restrict="ldap:///ou=groups,$BASEDN??one"
 olcConstraintAttribute: mail regex ^[[:alnum:]]+@example.com$
 olcConstraintAttribute: description count 2
 # cn value has to be concatenated givenName SP sn
 olcConstraintAttribute: cn,sn,givenName
   set "(this/givenName + [ ] + this/sn) & this/cn"
   restrict="ldap:///$USERDN??sub?(objectClass=inetOrgPerson)"
+olcConstraintAttribute: uid
+  uri "ldap:///ou=groups,$BASEDN?uid?one?(objectClass=inetOrgPerson)"
+  restrict="ldap:///ou=users,$BASEDN??one"
 EOF
 
 $SLAPADD -F $CONFDIR -n 0 -l $TESTDIR/config.ldif