#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2021 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.

echo "running defines.sh"
. $SRCDIR/scripts/defines.sh

if test $BACKSQL = "sqlno" ; then 
	echo "SQL backend not available, test skipped"
	exit 0
fi 

if test $RDBMS = "rdbmsno" ; then
	echo "SQL test not requested, test skipped"
	exit 0
fi

if test "${RDBMSWRITE}" != "yes"; then
	echo "write test disabled for ${RDBMS}; set SLAPD_USE_SQLWRITE=yes to enable"
	exit 0
fi

mkdir -p $TESTDIR $DBDIR2A

echo "Starting slapd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND < $SQLSRPROVIDERCONF > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
    echo PID $PID
    read foo
fi
KILLPIDS="$PID"

echo "Testing SQL backend write operations..."
for i in 0 1 2 3 4 5; do
	$LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
		'objectclass=*' > /dev/null 2>&1
	RC=$?
	if test $RC = 0 ; then
		break
	fi
	echo "Waiting 5 seconds for slapd to start..."
	sleep 5
done

if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Starting consumer slapd on TCP/IP port $PORT2..."
. $CONFFILTER $BACKEND < $R1SRCONSUMERCONF > $CONF2
$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 &
CONSUMERPID=$!
if test $WAIT != 0 ; then
    echo CONSUMERPID $CONSUMERPID
    read foo
fi
KILLPIDS="$KILLPIDS $CONSUMERPID"

echo "Using ldapsearch to check that consumer slapd is running..."
for i in 0 1 2 3 4 5; do
	$LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
		'objectclass=*' > /dev/null 2>&1
	RC=$?
	if test $RC = 0 ; then
		break
	fi
	echo "Waiting 5 seconds for slapd to start..."
	sleep 5
done

if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

cat /dev/null > $SEARCHOUT

echo "Using ldapsearch to retrieve all the entries from the provider..."
echo "# Using ldapsearch to retrieve all the entries from the provider..." \
	>> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
	-D "$MANAGERDN" -w $PASSWD \
	 "(!(objectClass=referral))" >> $SEARCHOUT 2>&1

RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

cat /dev/null > $SEARCHOUT2

echo "Using ldapsearch to retrieve all the entries from the consumer..."
echo "# Using ldapsearch to retrieve all the entries from the consumer..." \
	>> $SEARCHOUT2
$LDAPSEARCH -S "" -H $URI2 -b "$BASEDN" \
	-D "$UPDATEDN" -w $PASSWD \
	 "(objectClass=*)" >> $SEARCHOUT2 2>&1

RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Filtering ldapsearch results from provider..."
$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering ldapsearch results from consumer..."
$LDIFFILTER < $SEARCHOUT2 > $SEARCHFLT2
echo "Comparing filter output..."
$CMP $SEARCHFLT $SEARCHFLT2 > $CMPOUT

if test $? != 0 ; then
	echo "Comparison failed"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit 1
fi

cat /dev/null > $SEARCHOUT

echo "Using ldapsearch to retrieve all the entries..."
echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
	 "objectClass=*" >> $SEARCHOUT 2>&1

RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

case ${RDBMS} in
	# list here the RDBMSes whose mapping allows writes
pgsql|ibmdb2)
	MANAGERDN="cn=Manager,${BASEDN}"
	echo "Testing add..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

# Adding an organization...
dn: o=An Org,${BASEDN}
changetype: add
objectClass: organization
o: An Org

# Adding an organization with an "auxiliary" objectClass..
dn: dc=subnet,${BASEDN}
changetype: add
objectClass: organization
objectClass: dcObject
o: SubNet
dc: subnet

# Adding another organization with an "auxiliary" objectClass..
dn: dc=subnet2,${BASEDN}
changetype: add
objectClass: organization
objectClass: dcObject
o: SubNet 2
dc: subnet2

# Adding a person...
dn: cn=Lev Tolstoij,${BASEDN}
changetype: add
objectClass: inetOrgPerson
cn: Lev Tolstoij
sn: Tolstoij
givenName: Lev
telephoneNumber: +39 02 XXXX YYYY
telephoneNumber: +39 02 XXXX ZZZZ
userPassword: tanja

# Adding a person with an "auxiliary" objectClass...
dn: cn=Some One,${BASEDN}
changetype: add
objectClass: inetOrgPerson
objectClass: simpleSecurityObject
cn: Some One
sn: One
givenName: Some
telephoneNumber: +1 800 900 1234
telephoneNumber: +1 800 900 1235
userPassword: someone

# Adding a person in another subtree...
dn: cn=SubNet User,dc=subnet,${BASEDN}
changetype: add
objectClass: inetOrgPerson
cn: SubNet User
sn: User
givenName: SubNet

# Adding a document...
dn: documentTitle=War and Peace,${BASEDN}
changetype: add
objectClass: document
description: Historical novel
documentTitle: War and Peace
documentAuthor: cn=Lev Tolstoij,dc=example,dc=com
documentIdentifier: document 3
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve all the entries..."
	echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
		 "objectClass=*" >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Testing modify..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

# Deleting all telephone numbers...
dn: cn=Some One,${BASEDN}
changetype: modify
delete: telephoneNumber
-

# Adding a telephone number...
dn: cn=Mitya Kovalev,${BASEDN}
changetype: modify
add: telephoneNumber
telephoneNumber: +1 800 123 4567
-

# Deleting a specific telephone number and adding a new one...
dn: cn=Lev Tolstoij,${BASEDN}
changetype: modify
delete: telephoneNumber
telephoneNumber: +39 02 XXXX YYYY
-
add: telephoneNumber
telephoneNumber: +39 333 ZZZ 1234
-

# Adding an author to a document...
dn: documentTitle=book1,${BASEDN}
changetype: modify
add: documentAuthor
documentAuthor: cn=Lev Tolstoij,${BASEDN}
-

# Adding an author to another document...
dn: documentTitle=book2,${BASEDN}
changetype: modify
add: documentAuthor
documentAuthor: cn=Lev Tolstoij,${BASEDN}
-

# Adding an "auxiliary" objectClass...
dn: cn=Mitya Kovalev,${BASEDN}
changetype: modify
add: objectClass
objectClass: simpleSecurityObject
-

# Deleting an "auxiliary" objectClass...
dn: cn=Some One,${BASEDN}
changetype: modify
delete: objectClass
objectClass: simpleSecurityObject
-

# Deleting userPasswords
dn: cn=Lev Tolstoij,${BASEDN}
changetype: modify
delete: userPassword
-
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve all the entries..."
	echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
		 "objectClass=*" >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Testing delete..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

# Deleting a person...
dn: cn=Torvlobnor Puzdoy,${BASEDN}
changetype: delete

# Deleting a document...
dn: documentTitle=book1,${BASEDN}
changetype: delete

# Deleting an organization with an "auxiliary" objectClass...
dn: dc=subnet2,${BASEDN}
changetype: delete
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve all the entries..."
	echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
		 "objectClass=*" >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Testing rename..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

# Renaming an organization...
dn: o=An Org,${BASEDN}
changetype: modrdn
newrdn: o=Renamed Org
deleteoldrdn: 1

# Moving a person to another subtree...
dn: cn=Lev Tolstoij,${BASEDN}
changetype: modrdn
newrdn: cn=Lev Tolstoij
deleteoldrdn: 0
newsuperior: dc=subnet,${BASEDN}

# Renaming a book...
dn: documentTitle=book2,${BASEDN}
changetype: modrdn
newrdn: documentTitle=Renamed Book
deleteoldrdn: 1
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve all the entries..."
	echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
		 "objectClass=*" >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Adding a child to a referral (should fail)..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: cn=Should Fail,ou=Referral,${BASEDN}
changetype: add
objectClass: inetOrgPerson
cn: Should Fail
sn: Fail
telephoneNumber: +39 02 23456789
EOMODS

	RC=$?
	if test $RC = 0 ; then
		echo "ldapmodify should have failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit 1
	fi

	echo "Modifying a referral (should fail)..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Referral,${BASEDN}
changetype: modify
replace: ref
ref: ldap://localhost:9009/
-
EOMODS

	RC=$?
	if test $RC = 0 ; then
		echo "ldapmodify should have failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit 1
	fi

	echo "Renaming a referral (should fail)..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Referral,${BASEDN}
changetype: modrdn
newrdn: ou=Renamed Referral
deleteoldrdn: 1
EOMODS

	RC=$?
	if test $RC = 0 ; then
		echo "ldapmodify should have failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit 1
	fi

	echo "Deleting a referral (should fail)..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Referral,${BASEDN}
changetype: delete
EOMODS

	RC=$?
	if test $RC = 0 ; then
		echo "ldapmodify should have failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit 1
	fi

	echo "Adding a referral..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 -M >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Another Referral,${BASEDN}
changetype: add
objectClass: referral
objectClass: extensibleObject
ou: Another Referral
ref: ldap://localhost:9009/
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Modifying a referral with manageDSAit..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 -M >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Referral,${BASEDN}
changetype: modify
replace: ref
ref: ldap://localhost:9009/
-
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve the modified entry..."
	echo "# Using ldapsearch to retrieve the modified entry..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "ou=Referral,$BASEDN" -M \
		 "objectClass=*" '*' ref >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Renaming a referral with manageDSAit..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 -M >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Referral,${BASEDN}
changetype: modrdn
newrdn: ou=Renamed Referral
deleteoldrdn: 1
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve the renamed entry..."
	echo "# Using ldapsearch to retrieve the renamed entry..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "ou=Renamed Referral,$BASEDN" -M \
		 "objectClass=*" '*' ref >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Deleting a referral with manageDSAit..."
	$LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \
		-H $URI1 -M >> $TESTOUT 2>&1 << EOMODS
version: 1

dn: ou=Renamed Referral,${BASEDN}
changetype: delete
EOMODS

	RC=$?
	if test $RC != 0 ; then
		echo "ldapmodify failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	BINDDN="cn=Mitya Kovalev,${BASEDN}"
	BINDPW="mit"
	NEWPW="newsecret"
	echo "Testing passwd change..."
	$LDAPPASSWD -H $URI1 \
		-D "${BINDDN}" -w ${BINDPW} -s ${NEWPW} \
		"$BINDDN" >> $TESTOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldappasswd failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo -n "Testing bind with new secret... "
	$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $NEWPW
	RC=$?
	if test $RC != 0 ; then
		echo "ldapwhoami failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	BINDDN="cn=Some One,${BASEDN}"
	BINDPW="someone"
	echo -n "Testing bind with newly added user... "
	$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW
	RC=$?
	if test $RC != 0 ; then
		echo "ldapwhoami failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Using ldapsearch to retrieve all the entries..."
	echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
		 "objectClass=*" >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Filtering ldapsearch results..."
	$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
	echo "Filtering modified ldif..."
	$LDIFFILTER < $SQLWRITE > $LDIFFLT
	echo "Comparing filter output..."
	$CMP $SEARCHFLT $LDIFFLT > $CMPOUT

	if test $? != 0 ; then
		echo "comparison failed - SQL mods search didn't succeed"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit 1
	fi

	echo "Waiting 25 seconds for provider to send changes..."
	sleep 25

	cat /dev/null > $SEARCHOUT

	echo "Using ldapsearch to retrieve all the entries from the provider..."
	echo "# Using ldapsearch to retrieve all the entries from the provider..." \
		>> $SEARCHOUT
	$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \
		-D "$MANAGERDN" -w $PASSWD \
		 "(!(objectClass=referral))" >> $SEARCHOUT 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	cat /dev/null > $SEARCHOUT2

	echo "Using ldapsearch to retrieve all the entries from the consumer..."
	echo "# Using ldapsearch to retrieve all the entries from the consumer..." \
		>> $SEARCHOUT2
	$LDAPSEARCH -S "" -H $URI2 -b "$BASEDN" \
		-D "$UPDATEDN" -w $PASSWD \
		 "(objectClass=*)" >> $SEARCHOUT2 2>&1

	RC=$?
	if test $RC != 0 ; then
		echo "ldapsearch failed ($RC)!"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit $RC
	fi

	echo "Filtering ldapsearch results from provider..."
	$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
	echo "Filtering ldapsearch results from consumer..."
	$LDIFFILTER < $SEARCHOUT2 > $SEARCHFLT2
	echo "Comparing filter output..."
	$CMP $SEARCHFLT $SEARCHFLT2 > $CMPOUT

	if test $? != 0 ; then
		echo "Comparison failed"
		test $KILLSERVERS != no && kill -HUP $KILLPIDS
		exit 1
	fi
	;;

*)
	echo "apparently ${RDBMS} does not support writes; skipping..."
	;;
esac

test $KILLSERVERS != no && kill -HUP $KILLPIDS

echo ">>>>> Test succeeded"
exit 0