org.apache.directory.api.ldap.model.ldif.LdifEntry Java Examples

@BeforeClass
@CreateDS(
    name = "WildFlyDS",
    factory = InMemoryDirectoryServiceFactory.class,
    partitions = @CreatePartition(name = "wildfly", suffix = "dc=wildfly,dc=org"),
    allowAnonAccess = true
)
@CreateLdapServer(
    transports = @CreateTransport(protocol = "LDAP", address = "localhost", port = 10389),
    allowAnonymousAccess = true
)
public static void setUpLdap() throws Exception {
    directoryService = DSAnnotationProcessor.getDirectoryService();
    final SchemaManager schemaManager = directoryService.getSchemaManager();
    final InputStream ldif = OutboundLdapConnectionTestCase.class
            .getResourceAsStream("/" + OutboundLdapConnectionTestCase.class.getSimpleName() + ".ldif");
    for (LdifEntry ldifEntry : new LdifReader(ldif)) {
        directoryService.getAdminSession().add(new DefaultEntry(schemaManager, ldifEntry.getEntry()));
    }
    ldapServer = ServerAnnotationProcessor.getLdapServer(directoryService);
}
 

/**
 * Test a Modify changeType LdifEntry with a different attribute used
 */
@Test
public void testLdifEntryChangeTypeModifyNotSameAttr() throws Exception
{
    String ldif =
        "changetype: modify\n" +
            "add: cn\n" +
            "sn: v1\n" +
            "sn: v2\n" +
            "-";

    assertThrows( LdapLdifException.class, () ->
    {
        new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );
    } );
}
 

@BeforeClass
@CreateDS(
        name = "WildFlyDS",
        factory = org.jboss.as.test.integration.mgmt.access.ldap.InMemoryDirectoryServiceFactory.class,
        partitions = @CreatePartition(name = "wildfly", suffix = "dc=wildfly,dc=org"),
        allowAnonAccess = true
)
@CreateLdapServer(
        transports = @CreateTransport(protocol = "LDAP", address = "localhost", port = 10389),
        allowAnonymousAccess = true
)
public static void setUp() throws Exception {
    directoryService = DSAnnotationProcessor.getDirectoryService();
    SchemaManager schemaManager = directoryService.getSchemaManager();
    InputStream ldif = LdapRoleMappingU2GTestCase.class.getResourceAsStream("/" + LdapRoleMappingU2GTestCase.class.getSimpleName() + ".ldif");
    for (LdifEntry ldifEntry : new LdifReader(ldif)) {
        directoryService.getAdminSession().add(new DefaultEntry(schemaManager, ldifEntry.getEntry()));
    }
    ldapServer = ServerAnnotationProcessor.getLdapServer(directoryService);

    startServer();
}
 

/**
 * Creates a principal in the KDC with the specified user and password.
 *
 * @param principal principal name, do not include the domain.
 * @param password password.
 * @throws Exception thrown if the principal could not be created.
 */
public synchronized void createPrincipal(String principal, String password)
        throws Exception {
  String orgName= conf.getProperty(ORG_NAME);
  String orgDomain = conf.getProperty(ORG_DOMAIN);
  String baseDn = "ou=users,dc=" + orgName.toLowerCase(Locale.ENGLISH)
                  + ",dc=" + orgDomain.toLowerCase(Locale.ENGLISH);
  String content = "dn: uid=" + principal + "," + baseDn + "\n" +
          "objectClass: top\n" +
          "objectClass: person\n" +
          "objectClass: inetOrgPerson\n" +
          "objectClass: krb5principal\n" +
          "objectClass: krb5kdcentry\n" +
          "cn: " + principal + "\n" +
          "sn: " + principal + "\n" +
          "uid: " + principal + "\n" +
          "userPassword: " + password + "\n" +
          "krb5PrincipalName: " + principal + "@" + getRealm() + "\n" +
          "krb5KeyVersionNumber: 0";

  for (LdifEntry ldifEntry : new LdifReader(new StringReader(content))) {
    ds.getAdminSession().add(new DefaultEntry(ds.getSchemaManager(),
            ldifEntry.getEntry()));
  }
}
 

/**
 * Test a Modify changeType LdifEntry with a different attribute used
 */
@Test
public void testLdifEntryChangeTypeModifyNotSameAttr2() throws Exception
{
    String ldif =
        "changetype: modify\n" +
            "add: cn\n" +
            "cn: v1\n" +
            "sn: v2\n" +
            "-";

    assertThrows( LdapLdifException.class, () ->
    {
        new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );
    } );
}
 

/**
 * Creates a principal in the KDC with the specified user and password.
 *
 * @param principal principal name, do not include the domain.
 * @param password password.
 * @throws Exception thrown if the principal could not be created.
 */
public synchronized void createPrincipal(String principal, String password)
        throws Exception {
  String orgName= conf.getProperty(ORG_NAME);
  String orgDomain = conf.getProperty(ORG_DOMAIN);
  String baseDn = "ou=users,dc=" + orgName.toLowerCase(Locale.ENGLISH)
                  + ",dc=" + orgDomain.toLowerCase(Locale.ENGLISH);
  String content = "dn: uid=" + principal + "," + baseDn + "\n" +
          "objectClass: top\n" +
          "objectClass: person\n" +
          "objectClass: inetOrgPerson\n" +
          "objectClass: krb5principal\n" +
          "objectClass: krb5kdcentry\n" +
          "cn: " + principal + "\n" +
          "sn: " + principal + "\n" +
          "uid: " + principal + "\n" +
          "userPassword: " + password + "\n" +
          "krb5PrincipalName: " + principal + "@" + getRealm() + "\n" +
          "krb5KeyVersionNumber: 0";

  for (LdifEntry ldifEntry : new LdifReader(new StringReader(content))) {
    ds.getAdminSession().add(new DefaultEntry(ds.getSchemaManager(),
            ldifEntry.getEntry()));
  }
}
 

@BeforeClass
@CreateDS(
        name = "WildFlyDS",
        factory = org.jboss.as.test.integration.mgmt.access.ldap.InMemoryDirectoryServiceFactory.class,
        partitions = @CreatePartition(name = "wildfly", suffix = "dc=wildfly,dc=org"),
        allowAnonAccess = true
)
@CreateLdapServer(
        transports = @CreateTransport(protocol = "LDAP", address = "localhost", port = 10389),
        allowAnonymousAccess = true
)
public static void setUp() throws Exception {
    directoryService = DSAnnotationProcessor.getDirectoryService();
    SchemaManager schemaManager = directoryService.getSchemaManager();
    InputStream ldif = LdapRoleMappingG2UTestCase.class.getResourceAsStream("/" + LdapRoleMappingG2UTestCase.class.getSimpleName() + ".ldif");
    for (LdifEntry ldifEntry : new LdifReader(ldif)) {
        directoryService.getAdminSession().add(new DefaultEntry(schemaManager, ldifEntry.getEntry()));
    }
    ldapServer = ServerAnnotationProcessor.getLdapServer(directoryService);

    startServer();
}
 

/**
 * Test a reversed move ModifyDN
 *
 * @throws LdapException on error
 */
@Test
public void testReverseModifyDNMove() throws LdapException
{
    Dn dn = new Dn( "cn=john doe, dc=example, dc=com" );
    Dn newSuperior = new Dn( "ou=system" );
    Rdn rdn = new Rdn( "cn=john doe" );

    LdifEntry reversed = LdifRevertor.reverseMove( newSuperior, dn );

    assertNotNull( reversed );

    assertEquals( "cn=john doe,ou=system", reversed.getDn().getName() );
    assertEquals( ChangeType.ModDn, reversed.getChangeType() );
    assertFalse( reversed.isDeleteOldRdn() );
    assertEquals( rdn.getName(), reversed.getNewRdn() );
    assertEquals( "dc=example, dc=com", Strings.trim( reversed.getNewSuperior() ) );
    assertNull( reversed.getEntry() );
}
 

/**
 * Test a ModDn changeType LdifEntry with no control
 */
@Test
public void testLdifEntryChangeTypeModDnNoControl() throws Exception
{
    String ldif =
        "changetype: moddn\n" +
            "newrdn: cn=app2\n" +
            "deleteoldrdn: 1\n";

    LdifEntry ldifEntry = new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.ModDn, ldifEntry.getChangeType() );
    assertNull( ldifEntry.getEntry() );
    assertEquals( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldifEntry.getDn().getName() );
    assertFalse( ldifEntry.hasControls() );
    assertTrue( ldifEntry.isLdifChange() );
    assertEquals( "cn=app2", ldifEntry.getNewRdn() );
    assertTrue( ldifEntry.isDeleteOldRdn() );
    assertNull( ldifEntry.getNewSuperior() );
}
 

/**
 * Test a Add changeType LdifEntry with no control
 * @throws Exception
 */
@Test
public void testLdifEntryChangeTypeAddNoControl() throws Exception
{
    String ldif =
        "changetype: add\n" +
            "cn: app1\n" +
            "objectClass: top\n" +
            "objectClass: apApplication\n" +
            "displayName:   app1   \n" +
            "dependencies:\n" +
            "envVars:";

    LdifEntry ldifEntry = new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.Add, ldifEntry.getChangeType() );
    assertNotNull( ldifEntry.getEntry() );
    assertEquals( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldifEntry.getDn().getName() );
    assertFalse( ldifEntry.hasControls() );
    assertTrue( ldifEntry.isLdifChange() );

    Attribute attr = ldifEntry.get( "displayname" );
    assertTrue( attr.contains( "app1" ) );
}
 

/**
 * Test a ModDn changeType LdifEntry with no control and a newSuperior
 */
@Test
public void testLdifEntryChangeTypeModDnRenameNoControlNewSuperior() throws Exception
{
    String ldif =
        "changetype: moddn\n" +
            "newrdn: cn=app2\n" +
            "deleteoldrdn: 1\n" +
            "newsuperior: dc=example, dc=com";

    LdifEntry ldifEntry = new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.ModDn, ldifEntry.getChangeType() );
    assertNull( ldifEntry.getEntry() );
    assertEquals( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldifEntry.getDn().getName() );
    assertFalse( ldifEntry.hasControls() );
    assertTrue( ldifEntry.isLdifChange() );
    assertEquals( "cn=app2", ldifEntry.getNewRdn() );
    assertTrue( ldifEntry.isDeleteOldRdn() );
    assertEquals( "dc=example, dc=com", ldifEntry.getNewSuperior() );
}
 

/**
 * Test a Delete changeType LdifEntry with one control
 * 
 * @throws Exception
 */
@Test
public void testLdifParserChangeTypeDeleteWithControl() throws Exception
{
    String ldif =
        "# Delete an entry. The operation will attach the LDAPv3\n" +
            "# Tree Delete Control defined in [9]. The criticality\n" +
            "# field is \"true\" and the controlValue field is\n" +
            "# absent, as required by [9].\n" +
            "control: 1.2.840.113556.1.4.805 true\n" +
            "changetype: delete\n";

    LdifEntry ldifEntry = new LdifEntry( "ou=Product Development, dc=airius, dc=com", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.Delete, ldifEntry.getChangeType() );
    assertNull( ldifEntry.getEntry() );
    assertEquals( "ou=Product Development, dc=airius, dc=com", ldifEntry.getDn().getName() );
    assertTrue( ldifEntry.hasControls() );

    LdifControl ldifControl = ldifEntry.getControl( "1.2.840.113556.1.4.805" );
    assertNotNull( ldifControl );
    assertEquals( "1.2.840.113556.1.4.805", ldifControl.getOid() );
    assertTrue( ldifControl.isCritical() );
    assertNull( ldifControl.getValue() );
}
 

/**
 * Test a reversed rename ModifyDN, where the Rdn are both simple, not overlapping,
 * with deleteOldRdn = true, and the Ava not present in the initial entry
 * 
 * Covers case 2.1 of http://cwiki.apache.org/confluence/display/DIRxSRVx11/Reverse+LDIF
 * 
 * Initial entry
 * dn: cn=test,ou=system
 * objectclass: top
 * objectclass: person
 * cn: test
 * sn: This is a test
 * 
 * new Rdn : cn=joe
 *
 * @throws LdapException on error
 */
@Test
public void test21ReverseRenameSimpleSimpleNotOverlappingDeleteOldRdnDontExistInEntry() throws LdapException
{
    Dn dn = new Dn( "cn=test,ou=system" );
    Rdn oldRdn = new Rdn( "cn=test" );
    Rdn newRdn = new Rdn( "cn=joe" );

    Entry entry = new DefaultEntry( dn,
        "objectClass: top",
        "objectClass: person",
        "cn: test",
        "sn: this is a test" );

    List<LdifEntry> reverseds = LdifRevertor.reverseRename( entry, newRdn, LdifRevertor.DELETE_OLD_RDN );

    assertNotNull( reverseds );
    assertEquals( 1, reverseds.size() );
    LdifEntry reversed = reverseds.get( 0 );

    assertEquals( "cn=joe,ou=system", reversed.getDn().getName() );
    assertEquals( ChangeType.ModRdn, reversed.getChangeType() );
    assertTrue( reversed.isDeleteOldRdn() );
    assertEquals( oldRdn.getName(), reversed.getNewRdn() );
    assertNull( reversed.getNewSuperior() );
}
 

/**
 * Test a Delete changeType LdifEntry with no control
 * 
 * @throws Exception
 */
@Test
public void testLdifParserChangeTypeDeleteNoControl() throws Exception
{
    String ldif =
        "# Delete an entry. The operation will attach the LDAPv3\n" +
            "# Tree Delete Control defined in [9]. The criticality\n" +
            "# field is \"true\" and the controlValue field is\n" +
            "# absent, as required by [9].\n" +
            "changetype: delete\n";

    LdifEntry ldifEntry = new LdifEntry( "ou=Product Development, dc=airius, dc=com", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.Delete, ldifEntry.getChangeType() );
    assertNull( ldifEntry.getEntry() );
    assertEquals( "ou=Product Development, dc=airius, dc=com", ldifEntry.getDn().getName() );
    assertFalse( ldifEntry.hasControls() );
}
 

/**
 * Test a Delete changeType LdifEntry with no control and following Attrs :
 * should get an exception
 * 
 * @throws Exception
 */
@Test
public void testLdifParserChangeTypeDeleteNoControlAttribute() throws Exception
{
    String ldif =
        "# Delete an entry. The operation will attach the LDAPv3\n" +
            "# Tree Delete Control defined in [9]. The criticality\n" +
            "# field is \"true\" and the controlValue field is\n" +
            "# absent, as required by [9].\n" +
            "changetype: delete\n" +
            "cn: bad !!\n";

    assertThrows( LdapLdifException.class, () ->
    {
        new LdifEntry( "ou=Product Development, dc=airius, dc=com", ldif );
    } );
}
 

/**
 * Test a Modify changeType LdifEntry with increment operation
 */
@Test
public void testLdifEntryChangeTypeModifyIncrement() throws Exception
{
    String ldif =
        "changetype: modify\n" +
            "increment: uidNumber\n" +
            "-";

    LdifEntry ldifEntry = new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.Modify, ldifEntry.getChangeType() );
    assertNull( ldifEntry.getEntry() );
    assertEquals( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldifEntry.getDn().getName() );
    assertFalse( ldifEntry.hasControls() );
    assertTrue( ldifEntry.isLdifChange() );

    // Check the modification
    assertNotNull( ldifEntry.getModifications() );

    for ( Modification modification : ldifEntry.getModifications() )
    {
        assertEquals( ModificationOperation.INCREMENT_ATTRIBUTE, modification.getOperation() );
        Attribute attribute = modification.getAttribute();

        assertNotNull( attribute );
        assertEquals( "uidnumber", attribute.getId() );
    }
}
 

/**
 * Test a Modify changeType LdifEntry with no end separator ("-")
 */
@Test
public void testLdifEntryChangeTypeModifyNoEndSeparator() throws Exception
{
    String ldif =
        "changetype: modify\n" +
            "add: cn\n" +
            "cn: v1\n" +
            "cn: v2\n";

    assertThrows( LdapLdifException.class, () ->
    {
        new LdifEntry( "cn=app1,ou=applications,ou=conf,dc=apache,dc=org", ldif );
    } );
}
 

/**
 * Partition initialization - loads schema entries from the files on classpath.
 *
 * @see org.apache.directory.server.core.partition.impl.avl.AvlPartition#doInit()
 */
@Override
protected void doInit() throws Exception {
    if (initialized)
        return;

    LOG.debug("Initializing schema partition " + getId());
    suffixDn.apply(schemaManager);
    super.doInit();

    // load schema
    final Map<String, Boolean> resMap = ResourceMap.getResources(Pattern.compile("schema[/\\Q\\\\E]ou=schema.*"));
    for (String resourcePath : new TreeSet<String>(resMap.keySet())) {
        if (resourcePath.endsWith(".ldif")) {
            URL resource = DefaultSchemaLdifExtractor.getUniqueResource(resourcePath, "Schema LDIF file");
            LdifReader reader = new LdifReader(resource.openStream());
            LdifEntry ldifEntry = reader.next();
            reader.close();

            Entry entry = new DefaultEntry(schemaManager, ldifEntry.getEntry());
            // add mandatory attributes
            if (entry.get(SchemaConstants.ENTRY_CSN_AT) == null) {
                entry.add(SchemaConstants.ENTRY_CSN_AT, defaultCSNFactory.newInstance().toString());
            }
            if (entry.get(SchemaConstants.ENTRY_UUID_AT) == null) {
                entry.add(SchemaConstants.ENTRY_UUID_AT, UUID.randomUUID().toString());
            }
            AddOperationContext addContext = new AddOperationContext(null, entry);
            super.add(addContext);
        }
    }
}
 

@Test
public void testAnonymizeModify() throws Exception
{
    String ldif = 
        "dn: [email protected],ou=Email,ou=Services,o=acme,dc=com\n" +
        "changetype: modify\n" +
        "replace: cn\n" +
        "cn::QUNNRSBJbmMuIExlZ2FsIFRlYW0=\n" +
        "-";
    LdifAnonymizer anonymizer = new LdifAnonymizer( schemaManager );
    anonymizer.addNamingContext( "o=acm,dc=com" );
    String result = anonymizer.anonymize( ldif );
    
    List<LdifEntry> entries = ldifReader.parseLdif( result );
    
    assertEquals( 1, entries.size() );
    
    LdifEntry entry = entries.get( 0 );
    assertTrue( entry.isChangeModify() );
    assertEquals( 1, entry.getModifications().size() );
    
    Modification modification = entry.getModifications().get( 0 );
    assertEquals( ModificationOperation.REPLACE_ATTRIBUTE, modification.getOperation() );

    Attribute attribute = modification.getAttribute();
    assertEquals( "cn", attribute.getUpId() );
    assertEquals( 1, attribute.size() );
    
    String value = attribute.getString();
    
    // We can only test the length and the fact the values are not equal (as the value has been anonymized)
    assertEquals( "AAAAAAAAAAAAAAAAAAAA".length(), value.length() );
    assertEquals( "AAAAAAAAAAAAAAAAAAAA", value );
}
 

/**
 * Test a Delete changeType LdifEntry with controls
 * 
 * @throws Exception
 */
@Test
public void testLdifParserChangeTypeDeleteWithControls() throws Exception
{
    String ldif =
        "# Delete an entry. The operation will attach the LDAPv3\n" +
            "# Tree Delete Control defined in [9]. The criticality\n" +
            "# field is \"true\" and the controlValue field is\n" +
            "# absent, as required by [9].\n" +
            "control: 1.2.840.113556.1.4.805 true\n" +
            "control: 1.2.840.113556.1.4.806 false: test\n" +
            "changetype: delete\n";

    LdifEntry ldifEntry = new LdifEntry( "ou=Product Development, dc=airius, dc=com", ldif );

    assertNotNull( ldifEntry );
    assertEquals( ChangeType.Delete, ldifEntry.getChangeType() );
    assertNull( ldifEntry.getEntry() );
    assertEquals( "ou=Product Development, dc=airius, dc=com", ldifEntry.getDn().getName() );
    assertTrue( ldifEntry.hasControls() );

    LdifControl ldifControl = ldifEntry.getControl( "1.2.840.113556.1.4.805" );
    assertNotNull( ldifControl );
    assertEquals( "1.2.840.113556.1.4.805", ldifControl.getOid() );
    assertTrue( ldifControl.isCritical() );
    assertNull( ldifControl.getValue() );

    ldifControl = ldifEntry.getControl( "1.2.840.113556.1.4.806" );
    assertNotNull( ldifControl );
    assertEquals( "1.2.840.113556.1.4.806", ldifControl.getOid() );
    assertFalse( ldifControl.isCritical() );
    assertNotNull( ldifControl.getValue() );
    assertEquals( "test", Strings.utf8ToString( ldifControl.getValue() ) );
}
 

@Test
public void testAnonymizerModifyBinaryOptionAttribute() throws LdapException, IOException
{
    String ldif = 
        "dn: cn=Acme certificate,o=Acme,c=US,ou=IT Infrastructure,o=acme.com\n" +
        "changetype: modify\n" +
        "replace: certificateRevocationList;binary\n" +
        "certificateRevocationList;binary::YmxhaCBibGFo\n" +
        "-";

    LdifAnonymizer anonymizer = new LdifAnonymizer( schemaManager );
    anonymizer.addNamingContext( "o=acme.com" );
    String result = anonymizer.anonymize( ldif );
    
    List<LdifEntry> entries = ldifReader.parseLdif( result );
    
    assertEquals( 1, entries.size() );
    
    LdifEntry entry = entries.get( 0 );
    assertTrue( entry.isChangeModify() );
    assertEquals( 1, entry.getModifications().size() );
    
    Modification modification = entry.getModifications().get( 0 );
    assertEquals( ModificationOperation.REPLACE_ATTRIBUTE, modification.getOperation() );

    Attribute attribute = modification.getAttribute();
    assertEquals( "certificateRevocationList;binary", attribute.getUpId() );
    assertEquals( 1, attribute.size() );
    
    for ( Value value : attribute )
    {
        String str = value.getString();
        
        // We can only test the length and the fact the values are not equal (as the vale has been anonymized)
        assertNotSame( 0, value.length() );
        assertEquals( str.length(), value.length() );
    }
}
 

/**
 * Initialize the Schema object from a Single LDIF file
 * 
 * @param in The input stream to process
 * @throws LdapException If the schemas can't be initialized
 * @throws IOException If we had an issue processing the InputStream
 */
private void initializeSchemas( InputStream in ) throws LdapException, IOException
{
    try ( LdifReader ldifReader = new LdifReader( in ) )
    {
        Schema currentSchema = null;

        while ( ldifReader.hasNext() )
        {
            LdifEntry ldifEntry = ldifReader.next();
            String dn = ldifEntry.getDn().getName();
            
            if ( SCHEMA_START_PATTERN.matcher( dn ).matches() )
            {
                Schema schema = getSchema( ldifEntry.getEntry() );
                schemaMap.put( schema.getSchemaName(), schema );
                currentSchema = schema;
            }
            else
            {
                if ( currentSchema == null )
                {
                    throw new LdapException( I18n.err( I18n.ERR_16076_NOT_A_SCHEMA_DEFINITION ) );
                }
                
                loadSchemaObject( currentSchema.getSchemaName(), ldifEntry );
            }
        }
    }
}
 

/**
 * Check that we can create an LdifEntry with a null Dn
 */
@Test
public void testLdifEntryNullDn() throws Exception
{
    Entry entry = new DefaultEntry( "", "cn: test" );
    LdifEntry ldifEntry = new LdifEntry( ( Dn ) null, "cn: test" );

    assertNotNull( ldifEntry );
    assertEquals( Dn.EMPTY_DN, ldifEntry.getDn() );
    assertEquals( ChangeType.None, ldifEntry.getChangeType() );
    assertEquals( entry, ldifEntry.getEntry() );
}
 

/**
 * Check that we can create an LdifEntry with an Empty Dn
 */
@Test
public void testLdifEntryEmptyDn() throws Exception
{
    Entry entry = new DefaultEntry( "", "cn: test" );
    LdifEntry ldifEntry = new LdifEntry( "", "cn: test" );

    assertNotNull( ldifEntry );
    assertEquals( Dn.EMPTY_DN, ldifEntry.getDn() );
    assertEquals( ChangeType.None, ldifEntry.getChangeType() );
    assertEquals( entry, ldifEntry.getEntry() );
}
 

/**
 * Check that we can't create an empty LdifEntry
 */
@Test
public void testLdifEntryEmpty() throws Exception
{
    assertThrows( LdapInvalidAttributeValueException.class, () ->
    {
        new LdifEntry( "", "" );
    } );
}
 

/**
 * Test a reversed rename ModifyDN, where the initial Rdn is composite,
 * the new Rdn is composite, they are overlapping, with deleteOldRdn = true, and
 * some of the new values exists in the entry.
 * 
 * Covers case 13.1 of http://cwiki.apache.org/confluence/display/DIRxSRVx11/Reverse+LDIF
 * 
 * Initial entry
 * dn: sn=small+cn=test,ou=system
 * objectclass: top
 * objectclass: person
 * cn: test
 * sn: small
 * sn: big
 * sn: This is a test
 * 
 * new Rdn : sn=big+cn=test
 *
 * @throws LdapException on error
 */
@Test
public void test132ReverseRenameCompositeCompositeOverlappingDeleteOldRdnExistInEntry() throws LdapException
{
    Dn dn = new Dn( "sn=small+cn=test,ou=system" );
    Rdn oldRdn = new Rdn( "sn=small+cn=test" );
    Rdn newRdn = new Rdn( "sn=big+cn=test" );

    Entry entry = new DefaultEntry( dn,
        "objectClass: top",
        "objectClass: person",
        "cn: test",
        "sn: small",
        "sn: big",
        "sn: this is a test" );

    List<LdifEntry> reverseds = LdifRevertor.reverseRename( entry, newRdn, LdifRevertor.DELETE_OLD_RDN );

    assertNotNull( reverseds );
    assertEquals( 1, reverseds.size() );
    LdifEntry reversed = reverseds.get( 0 );

    assertEquals( "sn=big+cn=test,ou=system", reversed.getDn().getName() );
    assertEquals( ChangeType.ModRdn, reversed.getChangeType() );
    assertFalse( reversed.isDeleteOldRdn() );
    assertEquals( oldRdn.getName(), reversed.getNewRdn() );
    assertNull( reversed.getNewSuperior() );
}
 

/**
 * Test a reversed rename ModifyDN, where the initial Rdn is composite,
 * the new Rdn is composite, they are overlapping, with deleteOldRdn = true, and
 * none of new values exists in the entry.
 * 
 * Covers case 13.1 of http://cwiki.apache.org/confluence/display/DIRxSRVx11/Reverse+LDIF
 * 
 * Initial entry
 * dn: sn=small+cn=test,ou=system
 * objectclass: top
 * objectclass: person
 * cn: test
 * cn: big
 * sn: small
 * sn: This is a test
 * 
 * new Rdn : sn=joe+cn=test
 *
 * @throws LdapException on error
 */
@Test
public void test131ReverseRenameCompositeCompositeOverlappingDeleteOldRdnDontExistInEntry() throws LdapException
{
    Dn dn = new Dn( "sn=small+cn=test,ou=system" );
    Rdn oldRdn = new Rdn( "sn=small+cn=test" );
    Rdn newRdn = new Rdn( "sn=joe+cn=test" );

    Entry entry = new DefaultEntry( dn,
        "objectClass: top",
        "objectClass: person",
        "cn: test",
        "cn: big",
        "sn: small",
        "sn: this is a test" );

    List<LdifEntry> reverseds = LdifRevertor.reverseRename( entry, newRdn, LdifRevertor.DELETE_OLD_RDN );

    assertNotNull( reverseds );
    assertEquals( 1, reverseds.size() );
    LdifEntry reversed = reverseds.get( 0 );

    assertEquals( "sn=joe+cn=test,ou=system", reversed.getDn().getName() );
    assertEquals( ChangeType.ModRdn, reversed.getChangeType() );
    assertTrue( reversed.isDeleteOldRdn() );
    assertEquals( oldRdn.getName(), reversed.getNewRdn() );
    assertNull( reversed.getNewSuperior() );
}
 

public synchronized void createPrincipal(String principal, String password) throws Exception {
   String baseDn = getKdcServer().getSearchBaseDn();
   String content = "dn: uid=" + principal + "," + baseDn + "\n" + "objectClass: top\n" + "objectClass: person\n" + "objectClass: inetOrgPerson\n" + "objectClass: krb5principal\n"
      + "objectClass: krb5kdcentry\n" + "cn: " + principal + "\n" + "sn: " + principal + "\n"
      + "uid: " + principal + "\n" + "userPassword: " + password + "\n"
      // using businessCategory as a proxy for memberoOf attribute pending: https://issues.apache.org/jira/browse/DIRSERVER-1844
      + "businessCategory: " + "cn=admins,ou=system" + "\n"
      + "businessCategory: " + "cn=bees,ou=system" + "\n"
      + "krb5PrincipalName: " + principal + "@" + getRealm() + "\n"
      + "krb5KeyVersionNumber: 0";

   for (LdifEntry ldifEntry : new LdifReader(new StringReader(content))) {
      service.getAdminSession().add(new DefaultEntry(service.getSchemaManager(), ldifEntry.getEntry()));
   }
}
 

static LdapConnection setupLdapServer(GenericContainer server, String setupFile) {
  // setup Ldap server 1
  LdapConnection connection = new LdapNetworkConnection(server.getContainerIpAddress(), server.getMappedPort(LDAP_PORT));
  try {
    connection.bind(BIND_DN, BIND_PWD);
    LdifReader reader = new LdifReader(Resources.getResource(setupFile).getFile());
    for (LdifEntry entry : reader) {
      connection.add(entry.getEntry());
    }
  } catch (LdapException e) {
    LOG.error("Setup server 1 failed " + e);
  }
  return connection;
}
 

/**
 * Anonymize a Delete change
 * 
 * @param ldifEntry The entry to anonymize
 * @return The anonymized entry
 * @throws LdapException If the anonymization failed
 */
private LdifEntry anonymizeChangeModDn( LdifEntry ldifEntry ) throws LdapException
{
    Dn entryDn = ldifEntry.getDn();

    // Process the DN
    Dn anonymizedDn = anonymizeDn( entryDn );
    
    ldifEntry.setDn( anonymizedDn );
    
    // Anonymize the newRdn if any
    String newRdnStr = ldifEntry.getNewRdn();
    
    if ( newRdnStr != null )
    {
        Dn newRdn = new Dn( schemaManager, newRdnStr );
        Dn anonymizedRdn = anonymizeDn( newRdn );
        
        ldifEntry.setNewRdn( anonymizedRdn.toString() );
    }
    
    // Anonymize the neSuperior if any
    String newSuperiorStr = ldifEntry.getNewSuperior();
    
    if ( newSuperiorStr != null )
    {
        Dn newSuperior = new Dn( schemaManager, newSuperiorStr );
        
        Dn anonymizedSuperior = anonymizeDn( newSuperior );
        
        ldifEntry.setNewSuperior( anonymizedSuperior.toString() );
    }

    return ldifEntry;
}