From f19ee9054ca17db3895441ff09a104e3ef321368 Mon Sep 17 00:00:00 2001
From: Mathieu Baudier <mbaudier@argeo.org>
Date: Mon, 12 Oct 2015 09:26:12 +0000
Subject: [PATCH] Improve checks and fix unit tests.

git-svn-id: https://svn.argeo.org/commons/trunk@8473 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---
 org.argeo.security.core/build.properties      |  5 +-
 .../test/org/argeo/osgi/useradmin/basic.ldif  |  2 +-
 .../org/argeo/osgi/useradmin/LdifName.java    |  2 +-
 .../org/argeo/osgi/useradmin/LdifParser.java  | 60 ++++++++++---------
 .../org/argeo/osgi/useradmin/LdifWriter.java  | 16 ++++-
 5 files changed, 51 insertions(+), 34 deletions(-)

diff --git a/org.argeo.security.core/build.properties b/org.argeo.security.core/build.properties
index 436b925a8..6fa156125 100644
--- a/org.argeo.security.core/build.properties
+++ b/org.argeo.security.core/build.properties
@@ -1,4 +1,7 @@
 source.. = src/,\
            ext/test/
 additional.bundles = org.junit,\
-                     org.slf4j.commons.logging
+                     org.slf4j.commons.logging,\
+                     org.slf4j.api,\
+                     org.slf4j.log4j12,\
+                     org.apache.log4j
diff --git a/org.argeo.security.core/ext/test/org/argeo/osgi/useradmin/basic.ldif b/org.argeo.security.core/ext/test/org/argeo/osgi/useradmin/basic.ldif
index 5c6565e8a..963407177 100644
--- a/org.argeo.security.core/ext/test/org/argeo/osgi/useradmin/basic.ldif
+++ b/org.argeo.security.core/ext/test/org/argeo/osgi/useradmin/basic.ldif
@@ -49,7 +49,7 @@ member: uid=root+cn=Super Admin,ou=People,dc=demo,dc=example,dc=org
 dn: cn=editor,ou=Roles,dc=demo,dc=example,dc=org
 objectClass: groupOfNames
 objectClass: top
-cn: admin
+cn: editor
 member: cn=admin,ou=Roles,dc=demo,dc=example,dc=org
 member: uid=demo,ou=People,dc=demo,dc=example,dc=org
 
diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifName.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifName.java
index ba452ec94..24d13ad7c 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifName.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifName.java
@@ -9,7 +9,7 @@ import javax.naming.ldap.LdapName;
  */
 public enum LdifName {
 	// Attributes
-	cn, sn, uid, mail, displayName, objectClass, userpassword,
+	dn, cn, sn, uid, mail, displayName, objectClass, userpassword,
 	// Object classes
 	inetOrgPerson, organizationalPerson, person, groupOfNames, top;
 
diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java
index b59cc36e1..9e89c5eb7 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java
@@ -1,5 +1,7 @@
 package org.argeo.osgi.useradmin;
 
+import static org.argeo.osgi.useradmin.LdifName.dn;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.List;
@@ -24,6 +26,32 @@ import org.apache.commons.logging.LogFactory;
 class LdifParser {
 	private final static Log log = LogFactory.getLog(LdifParser.class);
 
+	protected Attributes addAttributes(SortedMap<LdapName, Attributes> res,
+			int lineNumber, LdapName currentDn, Attributes currentAttributes) {
+		try {
+			Rdn nameRdn = currentDn.getRdn(currentDn.size() - 1);
+			Attribute nameAttr = currentAttributes.get(nameRdn.getType());
+			if (nameAttr == null)
+				currentAttributes.put(nameRdn.getType(), nameRdn.getValue());
+			else if (!nameAttr.get().equals(nameRdn.getValue()))
+				throw new UserDirectoryException("Attribute "
+						+ nameAttr.getID() + "=" + nameAttr.get()
+						+ " not consistent with DN " + currentDn
+						+ " (shortly before line " + lineNumber
+						+ " in LDIF file)");
+			Attributes previous = res.put(currentDn, currentAttributes);
+			if (log.isTraceEnabled())
+				log.trace("Added " + currentDn);
+			return previous;
+		} catch (NamingException e) {
+			throw new UserDirectoryException("Cannot add " + currentDn, e);
+		}
+	}
+
+	static void checkDnConsistency() {
+
+	}
+
 	SortedMap<LdapName, Attributes> read(InputStream in) throws IOException {
 		SortedMap<LdapName, Attributes> res = new TreeMap<LdapName, Attributes>();
 		try {
@@ -70,37 +98,13 @@ class LdifParser {
 							.decodeBase64(cleanValueStr) : cleanValueStr;
 
 					// manage DN attributes
-					if (attributeId.equals("dn") || isLastLine) {
+					if (attributeId.equals(dn.name()) || isLastLine) {
 						if (currentDn != null) {
 							//
 							// ADD
 							//
-							Rdn nameRdn = currentDn
-									.getRdn(currentDn.size() - 1);
-							Attribute nameAttr = currentAttributes.get(nameRdn
-									.getType());
-							if (nameAttr == null)
-								currentAttributes.put(nameRdn.getType(),
-										nameRdn.getValue());
-							else
-								try {
-									if (!nameAttr.get().equals(
-											nameRdn.getValue()))
-										throw new UserDirectoryException(
-												"Attribute "
-														+ nameAttr.getID()
-														+ "="
-														+ nameAttr.get()
-														+ " not consistent with DN "
-														+ currentDn);
-								} catch (NamingException e) {
-									throw new UserDirectoryException(
-											"Cannot get attribute value", e);
-								}
-							Attributes previous = res.put(currentDn,
-									currentAttributes);
-							if (log.isTraceEnabled())
-								log.trace("Added " + currentDn);
+							Attributes previous = addAttributes(res,
+									lineNumber, currentDn, currentAttributes);
 							if (previous != null) {
 								log.warn("There was already an entry with DN "
 										+ currentDn
@@ -108,7 +112,7 @@ class LdifParser {
 							}
 						}
 
-						if (attributeId.equals("dn"))
+						if (attributeId.equals(dn.name()))
 							try {
 								currentDn = new LdapName(
 										attributeValue.toString());
diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java
index 6dfd53995..ba393cad1 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java
@@ -1,5 +1,7 @@
 package org.argeo.osgi.useradmin;
 
+import static org.argeo.osgi.useradmin.LdifName.dn;
+
 import java.io.IOException;
 import java.io.OutputStream;
 import java.io.OutputStreamWriter;
@@ -10,6 +12,7 @@ import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.ldap.LdapName;
+import javax.naming.ldap.Rdn;
 
 import org.apache.commons.codec.binary.Base64;
 
@@ -23,15 +26,22 @@ class LdifWriter {
 
 	void writeEntry(LdapName name, Attributes attributes) throws IOException {
 		try {
-			// TODO check consistency of DN with attributes
-			writer.append("dn:").append(name.toString()).append('\n');
+			// check consistency
+			Rdn nameRdn = name.getRdn(name.size() - 1);
+			Attribute nameAttr = attributes.get(nameRdn.getType());
+			if (!nameAttr.get().equals(nameRdn.getValue()))
+				throw new UserDirectoryException("Attribute "
+						+ nameAttr.getID() + "=" + nameAttr.get()
+						+ " not consistent with DN " + name);
+
+			writer.append(dn.name() + ":").append(name.toString()).append('\n');
 			Attribute objectClassAttr = attributes.get("objectClass");
 			if (objectClassAttr != null)
 				writeAttribute(objectClassAttr);
 			for (NamingEnumeration<? extends Attribute> attrs = attributes
 					.getAll(); attrs.hasMore();) {
 				Attribute attribute = attrs.next();
-				if (attribute.getID().equals("dn")
+				if (attribute.getID().equals(dn.name())
 						|| attribute.getID().equals("objectClass"))
 					continue;// skip DN attribute
 				writeAttribute(attribute);
-- 
2.30.2