Added referential integrity and attribute uniqueness overlays

tests/data/slapd-refint.conf

@@ -0,0 +1,45 @@
+# stand-alone slapd config -- for testing (with refint overlay)
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+ucdata-path	./ucdata
+include ./schema/core.schema
+include ./schema/cosine.schema
+include ./schema/inetorgperson.schema
+include ./schema/openldap.schema
+include ./schema/nis.schema
+
+#
+pidfile     ./testrun/slapd.1.pid
+argsfile    ./testrun/slapd.1.args
+
+#mod#modulepath	../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays
+#mod#moduleload	back_@BACKEND@.la
+#mod#moduleload refint.la
+
+#######################################################################
+# database definitions
+#######################################################################
+
+database	@BACKEND@
+suffix		"o=refint"
+directory	./testrun/db.1.a
+rootdn		"cn=Manager,o=refint"
+rootpw		secret
+index		objectClass	eq
+index		cn,sn,uid	pres,eq,sub
+
+overlay		refint
+refint_attributes	manager secretary member
+

tests/data/slapd-unique.conf

@@ -0,0 +1,45 @@
+# stand-alone slapd config -- for testing (with unique overlay)
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+ucdata-path	./ucdata
+include ./schema/core.schema
+include ./schema/cosine.schema
+include ./schema/inetorgperson.schema
+include ./schema/openldap.schema
+include ./schema/nis.schema
+
+#
+pidfile     ./testrun/slapd.1.pid
+argsfile    ./testrun/slapd.1.args
+
+#mod#modulepath	../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays
+#mod#moduleload	back_@BACKEND@.la
+#mod#moduleload unique.la
+
+#######################################################################
+# database definitions
+#######################################################################
+
+database	@BACKEND@
+suffix		"o=unique"
+directory	./testrun/db.1.a
+rootdn		"cn=Manager,o=unique"
+rootpw		secret
+index		objectClass	eq
+index		cn,sn,uid	pres,eq,sub
+
+overlay			unique
+unique_ignore		o cn sn ou objectClass
+unique_attributes	employeeNumber

tests/data/test-refint.ldif

@@ -0,0 +1,115 @@
+# base
+
+dn: o=refint
+objectClass: top
+objectClass: organization
+o: refint
+description: referential integrity test database
+
+# container
+
+dn: ou=users,o=refint
+objectClass: top
+objectClass: organizationalUnit
+ou: users
+description: container for test users
+
+# secretary
+dn: uid=alice,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: alice
+sn: typist
+cn: alice
+businessCategory: test
+carLicense: ZOOM
+departmentNumber: 5151
+displayName: George
+employeeNumber: 6363
+employeeType: contractor
+givenName: Alice the Typist
+
+# manager
+dn: uid=george,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: george
+sn: jungle
+cn: george
+businessCategory: test
+carLicense: SAMPLE
+departmentNumber: 6969
+displayName: George
+employeeNumber: 5150
+employeeType: contractor
+givenName: Big G
+
+dn: uid=dave,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: dave
+sn: nothere
+cn: dave
+secretary: uid=george,ou=users,o=refint
+businessCategory: otest
+carLicense: ALGAE
+departmentNumber: 42
+displayName: Dave
+employeeNumber: 73
+employeeType: contractor
+givenName: Dave
+
+dn: uid=bob,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: bob
+sn: bitchen
+cn: bob
+manager: uid=george,ou=users,o=refint
+businessCategory: rtest
+carLicense: SL49152
+departmentNumber: 42
+displayName: Bob
+employeeNumber: 38
+employeeType: contractor
+givenName: Bob
+
+dn: uid=bill,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: bill
+sn: problem
+cn: bill
+businessCategory: otest
+manager: uid=george,ou=users,o=refint
+secretary: uid=alice,ou=users,o=refint
+carLicense: DRV818
+departmentNumber: 42
+displayName: Bill
+employeeNumber: 69
+employeeType: contractor
+givenName: Bill
+
+dn: uid=jorge,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: jorge
+sn: burrito
+cn: jorge
+manager: uid=theman,ou=users,o=refint
+secretary: uid=alice,ou=users,o=refint
+businessCategory: rtest
+carLicense: CLA511
+departmentNumber: 42
+displayName: Jorge
+employeeNumber: 93
+employeeType: contractor
+givenName: Jorge
+
+dn: uid=richard,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: richard
+sn: cranium
+cn: richard
+manager: uid=theman,ou=users,o=refint
+businessCategory: rtest
+carLicense: DHD722
+departmentNumber: 42
+displayName: Richard
+employeeNumber: 114
+employeeType: contractor
+givenName: Richard

tests/data/test-unique.ldif

@@ -0,0 +1,29 @@
+# base
+
+dn: o=unique
+objectClass: top
+objectClass: organization
+o: unique
+description: unique test database
+
+# container
+
+dn: ou=users,o=unique
+objectClass: top
+objectClass: organizationalUnit
+ou: users
+description: container for test users
+
+# manager
+dn: uid=george,ou=users,o=unique
+objectClass: inetOrgPerson
+uid: george
+sn: jungle
+cn: george
+businessCategory: test
+carLicense: SAMPLE
+departmentNumber: 6969
+displayName: George
+employeeNumber: 5150
+employeeType: contractor
+givenName: Big G

tests/run.in

@@ -28,10 +28,13 @@ AC_ldbm=@BUILD_LDBM@
 AC_ldap=ldap@BUILD_LDAP@
 AC_pcache=pcache@BUILD_PROXYCACHE@
 AC_ppolicy=ppolicy@BUILD_PPOLICY@
+AC_refint=refint@BUILD_REFINT@
+AC_unique=unique@BUILD_UNIQUE@
 AC_MONITOR=@BUILD_MONITOR@
 AC_WITH_TLS=@WITH_TLS@
 
 export AC_MONITOR AC_WITH_TLS AC_ldap AC_pcache AC_ppolicy
+export AC_refint AC_unique
 
 if test ! -x ../servers/slapd/slapd ; then
 	echo "Could not locate slapd(8)"

tests/scripts/conf.sh

@@ -23,6 +23,8 @@ sed -e "s/@BACKEND@/${BACKEND}/"	\
 	-e "s/^#${AC_ldap}#//"			\
 	-e "s/^#${AC_pcache}#//"			\
 	-e "s/^#${AC_ppolicy}#//"			\
+	-e "s/^#${AC_refint}#//"			\
+	-e "s/^#${AC_unique}#//"			\
 	-e "s/^#${MON}#//"				\
 	-e "s/@CACHETTL@/${CACHETTL}/"   \
 	-e "s/@ENTRY_LIMIT@/${CACHE_ENTRY_LIMIT}/"   

tests/scripts/defines.sh

@@ -16,6 +16,8 @@
 MONITORDB=${AC_MONITOR-no}
 PROXYCACHE=${AC_pcache-pcacheno}
 PPOLICY=${AC_ppolicy-ppolicyno}
+REFINT=${AC_refint-refintno}
+UNIQUE=${AC_unique-uniqueno}
 WITHTLS=${AC_WITHTLS-yes}
 
 DATADIR=./testdata
@@ -52,6 +54,8 @@ P3SRSLAVECONF=$DATADIR/slapd-syncrepl-slave-persist3.conf
 REFSLAVECONF=$DATADIR/slapd-ref-slave.conf
 SCHEMACONF=$DATADIR/slapd-schema.conf
 GLUECONF=$DATADIR/slapd-glue.conf
+REFINTCONF=$DATADIR/slapd-refint.conf
+UNIQUECONF=$DATADIR/slapd-unique.conf
 
 CONF1=$TESTDIR/slapd.1.conf
 CONF2=$TESTDIR/slapd.2.conf
@@ -117,6 +121,8 @@ LDIFPPOLICY=$DATADIR/ppolicy.ldif
 LDIFLANG=$DATADIR/test-lang.ldif
 LDIFLANGOUT=$DATADIR/lang-out.ldif
 LDIFREF=$DATADIR/referrals.ldif
+LDIFREFINT=$DATADIR/test-refint.ldif
+LDIFUNIQUE=$DATADIR/test-unique.ldif
 MONITOR=""
 REFDN="c=US"
 BASEDN="o=University of Michigan,c=US"
@@ -126,6 +132,8 @@ PASSWD=secret
 BABSDN="cn=Barbara Jensen,ou=Information Technology DivisioN,OU=People,o=University of Michigan,c=us"
 BJORNSDN="cn=Bjorn Jensen,ou=Information Technology DivisioN,OU=People,o=University of Michigan,c=us"
 JAJDN="cn=James A Jones 1,ou=Alumni Association,ou=People,o=University of Michigan,c=US"
+REFINTDN="cn=Manager,o=refint"
+UNIQUEDN="cn=Manager,o=unique"
 
 LOG1=$TESTDIR/slapd.1.log
 LOG2=$TESTDIR/slapd.2.log

tests/scripts/test023-refint

@@ -0,0 +1,182 @@
+#! /bin/sh -xv
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+if test $REFINT = refintno; then 
+	echo "Referential Integrity overlay not available, test skipped"
+	exit 0
+fi 
+
+mkdir -p $TESTDIR $DBDIR1
+
+echo "Running slapadd to build slapd database..."
+. $CONFFILTER $BACKEND $MONITORDB < $REFINTCONF > $CONF1
+$SLAPADD -f $CONF1 -l $LDIFREFINT
+RC=$?
+if test $RC != 0 ; then
+	echo "slapadd failed ($RC)!"
+	exit $RC
+fi
+
+echo "Starting slapd on TCP/IP port $PORT1..."
+$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+    echo PID $PID
+    read foo
+fi
+KILLPIDS="$PID"
+
+echo "Testing slapd referential integrity operations..."
+for i in 0 1 2 3 4 5; do
+	$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
+		'objectclass=*' 
+#> /dev/null 2>&1
+	RC=$?
+	if test $RC = 0 ; then
+		break
+	fi
+	echo "Waiting 5 seconds for slapd to start..."
+	sleep 5
+done
+
+if test $RC != 0 ; then
+	echo "ldapsearch failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+echo "Searching unmodified database..."
+
+$LDAPSEARCH -S "" -b "o=refint" -h $LOCALHOST -p $PORT1 | \
+	egrep "(manager|secretary):" | sed "s/george/foster/g" | \
+	sort > $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapsearch failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+echo "Testing modrdn..."
+$LDAPMODRDN -D "$REFINTDN" -r -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+	/dev/null 2>&1 'uid=george,ou=users,o=refint' 'uid=foster'
+#$LDAPMODRDN -D "$REFINTDN" -r -h $LOCALHOST -p $PORT1 -w $PASSWD  \
+#	'uid=george,ou=users,o=refint' 'uid=foster'
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapmodrdn failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+echo "Using ldapsearch to check dependents new rdn..."
+
+$LDAPSEARCH -S "" -b "o=refint" -h $LOCALHOST -p $PORT1 | \
+	egrep "(manager|secretary):" | sort > $SEARCHFLT 2>&1
+
+RC=$?
+	if test $RC != 0 ; then
+	echo "ldapsearch failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+echo "Comparing ldapsearch results against original..."
+$CMP $SEARCHOUT $SEARCHOUT > $CMPOUT
+
+if test $? != 0 ; then
+	echo "comparison failed - modify operations did not complete correctly"
+	exit 1
+fi
+
+echo "Testing delete..."
+$LDAPMODIFY -v -D "$REFINTDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+	$TESTOUT 2>&1 << EDEL
+version: 1
+dn: uid=foster,ou=users,o=refint
+changetype: delete
+EDEL
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapmodify failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+echo "Using ldapsearch to verify dependents have been deleted..."
+$LDAPSEARCH -S "" -b "o=refint" -h $LOCALHOST -p $PORT1 | \
+	egrep "(manager|secretary):" > $SEARCHFLT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapsearch failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+RC=`grep -c foster $SEARCHFLT`
+if test $RC != 0 ; then
+	echo "dependent modify failed - dependents were not deleted"
+	exit 1
+fi
+
+echo "Additional test records..."
+
+$LDAPADD -D "$REFINTDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+	$TESTOUT 2>&1 << ETEST
+dn: uid=special,ou=users,o=refint
+objectClass: inetOrgPerson
+uid: special
+sn: special
+cn: special
+businessCategory: nothing
+carLicense: FOO
+departmentNumber: 933
+displayName: special
+employeeNumber: 41491
+employeeType: vendor
+givenName: special
+member: uid=alice,ou=users,o=refint
+ETEST
+
+echo "Testing delete when referential attribute is a MUST..."
+$LDAPMODIFY -v -D "$REFINTDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+	$TESTOUT 2>&1 << EDEL
+version: 1
+dn: uid=alice,ou=users,o=refint
+changetype: delete
+EDEL
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapmodify failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+
+
+#####
+
+test $KILLSERVERS != no && kill -HUP $KILLPIDS
+
+echo ">>>>> Test succeeded"
+exit 0

tests/scripts/test024-unique

@@ -0,0 +1,125 @@
+#! /bin/sh -xv
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+if test $UNIQUE = uniqueno; then 
+	echo "Attribute Uniqueness overlay not available, test skipped"
+	exit 0
+fi 
+
+mkdir -p $TESTDIR $DBDIR1
+
+echo "Running slapadd to build slapd database..."
+. $CONFFILTER $BACKEND $MONITORDB < $UNIQUECONF > $CONF1
+$SLAPADD -f $CONF1 -l $LDIFUNIQUE
+RC=$?
+if test $RC != 0 ; then
+	echo "slapadd failed ($RC)!"
+	exit $RC
+fi
+
+echo "Starting slapd on TCP/IP port $PORT1..."
+$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+    echo PID $PID
+    read foo
+fi
+KILLPIDS="$PID"
+
+echo "Testing slapd attribute uniqueness operations..."
+for i in 0 1 2 3 4 5; do
+	$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
+		'objectclass=*' > /dev/null 2>&1
+	RC=$?
+	if test $RC = 0 ; then
+		break
+	fi
+	echo "Waiting 5 seconds for slapd to start..."
+	sleep 5
+done
+
+if test $RC != 0 ; then
+	echo "ldapsearch failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+echo "Adding a unique record..."
+
+#$LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+#	$TESTOUT 2>&1 << EOTUNIQ1
+$LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD << EOTUNIQ1
+dn: uid=dave,ou=users,o=unique
+objectClass: inetOrgPerson
+uid: dave
+sn: nothere
+cn: dave
+businessCategory: otest
+carLicense: TEST
+departmentNumber: 42
+displayName: Dave
+employeeNumber: 69
+employeeType: contractor
+givenName: Dave
+EOTUNIQ1
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapadd failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+#echo ----------------------
+#$LDAPSEARCH -S "" -b "o=unique" -h $LOCALHOST -p $PORT1
+
+echo "Adding a non-unique record..."
+
+$LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+	 $TESTOUT 2>&1 << EOTUNIQ2
+dn: uid=bill,ou=users,o=unique
+objectClass: inetOrgPerson
+uid: bill
+sn: johnson
+cn: bill
+businessCategory: rtest
+carLicense: ABC123
+departmentNumber: 42
+displayName: Bill
+employeeNumber: 5150
+employeeType: contractor
+givenName: Bill
+EOTUNIQ2
+
+RC=$?
+if test $RC != 0 ; then
+	echo "ldapadd failed ($RC)!"
+	test $KILLSERVERS != no && kill -HUP $KILLPIDS
+	exit $RC
+fi
+
+
+#echo ----------------------
+#$LDAPSEARCH -S "" -b "o=unique" -h $LOCALHOST -p $PORT1
+
+
+
+test $KILLSERVERS != no && kill -HUP $KILLPIDS
+
+echo ">>>>> Test succeeded"
+exit 0