Repository: ambari Updated Branches: refs/heads/trunk 0a62b7e01 -> 66e1595c3
http://git-wip-us.apache.org/repos/asf/ambari/blob/66e1595c/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertHistoryResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertHistoryResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertHistoryResourceProviderTest.java index 99aca45..c1c9679 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertHistoryResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertHistoryResourceProviderTest.java @@ -42,20 +42,25 @@ import org.apache.ambari.server.orm.dao.AlertsDAO; import org.apache.ambari.server.orm.entities.AlertDefinitionEntity; import org.apache.ambari.server.orm.entities.AlertHistoryEntity; import org.apache.ambari.server.orm.entities.ClusterEntity; +import org.apache.ambari.server.orm.entities.ResourceEntity; +import org.apache.ambari.server.security.TestAuthenticationFactory; +import org.apache.ambari.server.security.authorization.AuthorizationException; import org.apache.ambari.server.state.AlertState; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.easymock.EasyMock; +import org.junit.After; import org.junit.Assert; import org.junit.Before; import org.junit.Test; import com.google.inject.Binder; import com.google.inject.Guice; -import com.google.inject.Inject; import com.google.inject.Injector; import com.google.inject.Module; import com.google.inject.util.Modules; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; /** * {@link AlertHistoryResourceProvider} tests. @@ -65,9 +70,6 @@ public class AlertHistoryResourceProviderTest { private AlertsDAO m_dao = null; private Injector m_injector; - @Inject - private AmbariManagementController m_amc; - @Before public void before() { m_dao = createStrictMock(AlertsDAO.class); @@ -79,12 +81,41 @@ public class AlertHistoryResourceProviderTest { m_injector.injectMembers(this); } + @After + public void clearAuthentication() { + SecurityContextHolder.getContext().setAuthentication(null); + } + + @Test + public void testGetResourcesNoPredicateAsAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsServiceAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterUser()); + } + + @Test + public void testGetResourcesNoPredicateAsViewUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetResourcesNoPredicate() throws Exception { + private void testGetResourcesNoPredicate(Authentication authentication) throws Exception { AlertHistoryResourceProvider provider = createProvider(); Request request = PropertyHelper.getReadRequest( @@ -95,15 +126,41 @@ public class AlertHistoryResourceProviderTest { replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Set<Resource> results = provider.getResources(request, null); assertEquals(0, results.size()); } + @Test + public void testGetResourcesClusterPredicateAsAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetResourcesClusterPredicateAsServiceAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetResourcesClusterPredicateAsViewUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testGetResourcesClusterPredicate() throws Exception { + private void testGetResourcesClusterPredicate(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertHistoryResourceProvider.ALERT_HISTORY_CLUSTER_NAME, AlertHistoryResourceProvider.ALERT_HISTORY_DEFINITION_ID, @@ -118,7 +175,18 @@ public class AlertHistoryResourceProviderTest { expect(m_dao.findAll(EasyMock.anyObject(AlertHistoryRequest.class))).andReturn( getMockEntities()); - replay(m_dao); + Cluster cluster = createMock(Cluster.class); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); + expect(cluster.getClusterId()).andReturn(2L).anyTimes(); + + Clusters clusters = m_injector.getInstance(Clusters.class); + expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes(); + + AmbariManagementController amc = m_injector.getInstance(AmbariManagementController.class); + + replay(m_dao, amc, clusters, cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertHistoryResourceProvider provider = createProvider(); Set<Resource> results = provider.getResources(request, predicate); @@ -134,14 +202,38 @@ public class AlertHistoryResourceProviderTest { Assert.assertEquals(AlertState.WARNING, r.getPropertyValue(AlertHistoryResourceProvider.ALERT_HISTORY_STATE)); - verify(m_dao); + verify(m_dao, amc, clusters, cluster); + } + + @Test + public void testGetSingleResourceAsAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetSingleResourceAsServiceAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetSingleResourceAsViewUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createViewUser(99L)); } /** * @throws Exception */ - @Test - public void testGetSingleResource() throws Exception { + public void testGetSingleResource(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertHistoryResourceProvider.ALERT_HISTORY_CLUSTER_NAME, AlertHistoryResourceProvider.ALERT_HISTORY_DEFINITION_ID, @@ -157,7 +249,18 @@ public class AlertHistoryResourceProviderTest { expect(m_dao.findAll(EasyMock.anyObject(AlertHistoryRequest.class))).andReturn( getMockEntities()); - replay(m_dao); + Cluster cluster = createMock(Cluster.class); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); + expect(cluster.getClusterId()).andReturn(2L).anyTimes(); + + Clusters clusters = m_injector.getInstance(Clusters.class); + expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes(); + + AmbariManagementController amc = m_injector.getInstance(AmbariManagementController.class); + + replay(m_dao, amc, clusters, cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertHistoryResourceProvider provider = createProvider(); Set<Resource> results = provider.getResources(request, predicate); @@ -175,20 +278,23 @@ public class AlertHistoryResourceProviderTest { } /** - * @param amc * @return */ private AlertHistoryResourceProvider createProvider() { - return new AlertHistoryResourceProvider(m_amc); + return new AlertHistoryResourceProvider(m_injector.getInstance(AmbariManagementController.class)); } /** * @return */ private List<AlertHistoryEntity> getMockEntities() throws Exception { + ResourceEntity clusterResource = new ResourceEntity(); + clusterResource.setId(4L); + ClusterEntity cluster = new ClusterEntity(); cluster.setClusterName("c1"); cluster.setClusterId(1L); + cluster.setResource(clusterResource); AlertDefinitionEntity definition = new AlertDefinitionEntity(); definition.setClusterId(1L); @@ -219,10 +325,14 @@ public class AlertHistoryResourceProviderTest { */ @Override public void configure(Binder binder) { + Clusters clusters = createMock(Clusters.class); + + AmbariManagementController amc = createMock(AmbariManagementController.class); + expect(amc.getClusters()).andReturn(clusters).anyTimes(); + binder.bind(AlertsDAO.class).toInstance(m_dao); - binder.bind(Clusters.class).toInstance(EasyMock.createNiceMock(Clusters.class)); - binder.bind(Cluster.class).toInstance(EasyMock.createNiceMock(Cluster.class)); - binder.bind(AmbariManagementController.class).toInstance(createMock(AmbariManagementController.class)); + binder.bind(Clusters.class).toInstance(clusters); + binder.bind(AmbariManagementController.class).toInstance(amc); binder.bind(ActionMetadata.class); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/66e1595c/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertNoticeResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertNoticeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertNoticeResourceProviderTest.java index 3322da6..9f38adf 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertNoticeResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertNoticeResourceProviderTest.java @@ -45,11 +45,15 @@ import org.apache.ambari.server.orm.entities.AlertHistoryEntity; import org.apache.ambari.server.orm.entities.AlertNoticeEntity; import org.apache.ambari.server.orm.entities.AlertTargetEntity; import org.apache.ambari.server.orm.entities.ClusterEntity; +import org.apache.ambari.server.orm.entities.ResourceEntity; +import org.apache.ambari.server.security.TestAuthenticationFactory; +import org.apache.ambari.server.security.authorization.AuthorizationException; import org.apache.ambari.server.state.AlertState; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.apache.ambari.server.state.NotificationState; import org.easymock.EasyMock; +import org.junit.After; import org.junit.Assert; import org.junit.Before; import org.junit.Test; @@ -59,6 +63,8 @@ import com.google.inject.Guice; import com.google.inject.Injector; import com.google.inject.Module; import com.google.inject.util.Modules; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; /** * {@link AlertNoticeResourceProvider} tests. @@ -79,12 +85,41 @@ public class AlertNoticeResourceProviderTest { Assert.assertNotNull(m_injector); } + @After + public void clearAuthentication() { + SecurityContextHolder.getContext().setAuthentication(null); + } + + @Test + public void testGetResourcesNoPredicateAsAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsServiceAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterUser()); + } + + @Test + public void testGetResourcesNoPredicateAsViewUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetResourcesNoPredicate() throws Exception { + public void testGetResourcesNoPredicate(Authentication authentication) throws Exception { AlertNoticeResourceProvider provider = createProvider(); Request request = PropertyHelper.getReadRequest( @@ -95,15 +130,41 @@ public class AlertNoticeResourceProviderTest { replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Set<Resource> results = provider.getResources(request, null); assertEquals(0, results.size()); } + @Test + public void testGetResourcesClusterPredicateAsAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetResourcesClusterPredicateAsServiceAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetResourcesClusterPredicateAsViewUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testGetResourcesClusterPredicate() throws Exception { + protected void testGetResourcesClusterPredicate(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertNoticeResourceProvider.ALERT_NOTICE_CLUSTER_NAME, AlertNoticeResourceProvider.ALERT_NOTICE_ID, @@ -113,15 +174,24 @@ public class AlertNoticeResourceProviderTest { AlertNoticeResourceProvider.ALERT_NOTICE_TARGET_NAME, AlertNoticeResourceProvider.ALERT_NOTICE_STATE); - AmbariManagementController amc = createMock(AmbariManagementController.class); - Predicate predicate = new PredicateBuilder().property( AlertNoticeResourceProvider.ALERT_NOTICE_CLUSTER_NAME).equals("c1").toPredicate(); expect(m_dao.findAllNotices(EasyMock.anyObject(AlertNoticeRequest.class))).andReturn( getMockEntities()); - replay(amc, m_dao); + Cluster cluster = createMock(Cluster.class); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); + expect(cluster.getClusterId()).andReturn(2L).anyTimes(); + + Clusters clusters = m_injector.getInstance(Clusters.class); + expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes(); + + AmbariManagementController amc = m_injector.getInstance(AmbariManagementController.class); + + replay(m_dao, amc, clusters, cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertNoticeResourceProvider provider = createProvider(); Set<Resource> results = provider.getResources(request, predicate); @@ -138,14 +208,38 @@ public class AlertNoticeResourceProviderTest { NotificationState.FAILED, r.getPropertyValue(AlertNoticeResourceProvider.ALERT_NOTICE_STATE)); - verify(amc, m_dao); + verify(m_dao, amc, clusters, cluster); + } + + @Test + public void testGetSingleResourceAsAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetSingleResourceAsServiceAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetSingleResourceAsViewUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createViewUser(99L)); } /** * @throws Exception */ - @Test - public void testGetSingleResource() throws Exception { + protected void testGetSingleResource(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertNoticeResourceProvider.ALERT_NOTICE_CLUSTER_NAME, AlertNoticeResourceProvider.ALERT_NOTICE_ID, @@ -162,7 +256,18 @@ public class AlertNoticeResourceProviderTest { expect(m_dao.findAllNotices(EasyMock.anyObject(AlertNoticeRequest.class))).andReturn( getMockEntities()); - replay(m_dao); + Cluster cluster = createMock(Cluster.class); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); + expect(cluster.getClusterId()).andReturn(2L).anyTimes(); + + Clusters clusters = m_injector.getInstance(Clusters.class); + expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes(); + + AmbariManagementController amc = m_injector.getInstance(AmbariManagementController.class); + + replay(m_dao, amc, clusters, cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertNoticeResourceProvider provider = createProvider(); Set<Resource> results = provider.getResources(request, predicate); @@ -180,20 +285,23 @@ public class AlertNoticeResourceProviderTest { } /** - * @param amc * @return */ private AlertNoticeResourceProvider createProvider() { - return new AlertNoticeResourceProvider(); + return new AlertNoticeResourceProvider(m_injector.getInstance(AmbariManagementController.class)); } /** * @return */ private List<AlertNoticeEntity> getMockEntities() throws Exception { + ResourceEntity clusterResource = new ResourceEntity(); + clusterResource.setId(4L); + ClusterEntity cluster = new ClusterEntity(); cluster.setClusterName("c1"); cluster.setClusterId(1L); + cluster.setResource(clusterResource); AlertDefinitionEntity definition = new AlertDefinitionEntity(); definition.setClusterId(1L); @@ -235,11 +343,14 @@ public class AlertNoticeResourceProviderTest { */ @Override public void configure(Binder binder) { + Clusters clusters = createMock(Clusters.class); + + AmbariManagementController amc = createMock(AmbariManagementController.class); + expect(amc.getClusters()).andReturn(clusters).anyTimes(); + binder.bind(AlertDispatchDAO.class).toInstance(m_dao); - binder.bind(Clusters.class).toInstance( - EasyMock.createNiceMock(Clusters.class)); - binder.bind(Cluster.class).toInstance( - EasyMock.createNiceMock(Cluster.class)); + binder.bind(Clusters.class).toInstance(clusters); + binder.bind(AmbariManagementController.class).toInstance(amc); binder.bind(ActionMetadata.class); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/66e1595c/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertResourceProviderTest.java index 4f0263b..1dcb835 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertResourceProviderTest.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p/> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p/> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -47,15 +47,21 @@ import org.apache.ambari.server.orm.dao.AlertsDAO; import org.apache.ambari.server.orm.entities.AlertCurrentEntity; import org.apache.ambari.server.orm.entities.AlertDefinitionEntity; import org.apache.ambari.server.orm.entities.AlertHistoryEntity; +import org.apache.ambari.server.orm.entities.ClusterEntity; +import org.apache.ambari.server.orm.entities.ResourceEntity; +import org.apache.ambari.server.security.TestAuthenticationFactory; +import org.apache.ambari.server.security.authorization.AuthorizationException; import org.apache.ambari.server.state.AlertState; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.apache.ambari.server.state.MaintenanceState; -import org.easymock.Capture; import org.easymock.EasyMock; +import org.junit.After; import org.junit.Assert; import org.junit.Before; import org.junit.Test; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; import javax.persistence.EntityManager; import java.io.File; @@ -83,9 +89,9 @@ import static org.junit.Assert.assertTrue; */ public class AlertResourceProviderTest { - private static final Long ALERT_VALUE_ID = Long.valueOf(1000L); + private static final Long ALERT_VALUE_ID = 1000L; private static final String ALERT_VALUE_LABEL = "My Label"; - private static final Long ALERT_VALUE_TIMESTAMP = Long.valueOf(1L); + private static final Long ALERT_VALUE_TIMESTAMP = 1L; private static final String ALERT_VALUE_TEXT = "My Text"; private static final String ALERT_VALUE_COMPONENT = "component"; private static final String ALERT_VALUE_HOSTNAME = "host"; @@ -96,7 +102,6 @@ public class AlertResourceProviderTest { private AmbariManagementController m_amc; @Before - @SuppressWarnings("boxing") public void before() throws Exception { m_dao = EasyMock.createNiceMock(AlertsDAO.class); @@ -109,22 +114,48 @@ public class AlertResourceProviderTest { Clusters clusters = m_injector.getInstance(Clusters.class); expect(m_amc.getClusters()).andReturn(clusters).atLeastOnce(); - expect(clusters.getCluster(capture(new Capture<String>()))).andReturn(cluster).atLeastOnce(); - expect(cluster.getClusterId()).andReturn(Long.valueOf(1L)); + expect(clusters.getCluster(capture(EasyMock.<String>newCapture()))).andReturn(cluster).atLeastOnce(); + expect(cluster.getClusterId()).andReturn(1L).anyTimes(); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); replay(m_amc, clusters, cluster); } + @After + public void clearAuthentication() { + SecurityContextHolder.getContext().setAuthentication(null); + } /** * @throws Exception */ @Test - public void testGetCluster() throws Exception { - expect( m_dao.findAll(capture(new Capture<AlertCurrentRequest>())) ).andReturn(getClusterMockEntities()).anyTimes(); + public void testGetClusterAsAdministrator() throws Exception { + testGetCluster(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetClusterAsClusterAdministrator() throws Exception { + testGetCluster(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetClusterAsClusterUser() throws Exception { + testGetCluster(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetClusterAsViewOnlyUser() throws Exception { + testGetCluster(TestAuthenticationFactory.createViewUser(99L)); + } + + private void testGetCluster(Authentication authentication) throws Exception { + expect(m_dao.findAll(capture(EasyMock.<AlertCurrentRequest>newCapture()))).andReturn(getClusterMockEntities()).anyTimes(); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Request request = PropertyHelper.getReadRequest( AlertResourceProvider.ALERT_ID, AlertResourceProvider.ALERT_DEFINITION_NAME, @@ -148,12 +179,33 @@ public class AlertResourceProviderTest { * Test for service */ @Test - public void testGetService() throws Exception { - expect(m_dao.findAll(capture(new Capture<AlertCurrentRequest>()))).andReturn( + public void testGetServiceAsAdministrator() throws Exception { + testGetService(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetServiceAsClusterAdministrator() throws Exception { + testGetService(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetServiceAsClusterUser() throws Exception { + testGetService(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetServiceAsViewOnlyUser() throws Exception { + testGetService(TestAuthenticationFactory.createViewUser(99L)); + } + + private void testGetService(Authentication authentication) throws Exception { + expect(m_dao.findAll(capture(EasyMock.<AlertCurrentRequest>newCapture()))).andReturn( getClusterMockEntities()).anyTimes(); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Request request = PropertyHelper.getReadRequest( AlertResourceProvider.ALERT_ID, AlertResourceProvider.ALERT_DEFINITION_NAME, @@ -179,12 +231,33 @@ public class AlertResourceProviderTest { * Test for service */ @Test - public void testGetHost() throws Exception { - expect(m_dao.findAll(capture(new Capture<AlertCurrentRequest>()))).andReturn( + public void testGetHostAsAdministrator() throws Exception { + testGetHost(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetHostAsClusterAdministrator() throws Exception { + testGetHost(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetHostAsClusterUser() throws Exception { + testGetHost(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetHostAsViewOnlyUser() throws Exception { + testGetHost(TestAuthenticationFactory.createViewUser(99L)); + } + + private void testGetHost(Authentication authentication) throws Exception { + expect(m_dao.findAll(capture(EasyMock.<AlertCurrentRequest>newCapture()))).andReturn( getClusterMockEntities()).anyTimes(); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Request request = PropertyHelper.getReadRequest( AlertResourceProvider.ALERT_ID, AlertResourceProvider.ALERT_DEFINITION_NAME, @@ -206,19 +279,41 @@ public class AlertResourceProviderTest { verify(m_dao); } + + @Test + public void testGetClusterSummaryAsAdministrator() throws Exception { + testGetClusterSummary(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetClusterSummaryAsClusterAdministrator() throws Exception { + testGetClusterSummary(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetClusterSummaryAsClusterUser() throws Exception { + testGetClusterSummary(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetClusterSummaryAsViewOnlyUser() throws Exception { + testGetClusterSummary(TestAuthenticationFactory.createViewUser(99L)); + } + /** * Tests that the {@link AlertSummaryRenderer} correctly transforms the alert * data. * * @throws Exception */ - @Test - public void testGetClusterSummary() throws Exception { - expect(m_dao.findAll(capture(new Capture<AlertCurrentRequest>()))).andReturn( + private void testGetClusterSummary(Authentication authentication) throws Exception { + expect(m_dao.findAll(capture(EasyMock.<AlertCurrentRequest>newCapture()))).andReturn( getMockEntitiesManyStates()).anyTimes(); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Request request = PropertyHelper.getReadRequest( AlertResourceProvider.ALERT_ID, AlertResourceProvider.ALERT_DEFINITION_NAME, AlertResourceProvider.ALERT_LABEL, AlertResourceProvider.ALERT_STATE, @@ -257,20 +352,41 @@ public class AlertResourceProviderTest { Assert.assertEquals(3, alertStateSummary.Unknown.Count); } + @Test + public void testGetClusterGroupedSummaryAsAdministrator() throws Exception { + testGetClusterGroupedSummary(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetClusterGroupedSummaryAsClusterAdministrator() throws Exception { + testGetClusterGroupedSummary(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetClusterGroupedSummaryAsClusterUser() throws Exception { + testGetClusterGroupedSummary(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetClusterGroupedSummaryAsViewOnlyUser() throws Exception { + testGetClusterGroupedSummary(TestAuthenticationFactory.createViewUser(99L)); + } + /** * Tests that the {@link AlertSummaryGroupedRenderer} correctly transforms the * alert data. * * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetClusterGroupedSummary() throws Exception { - expect(m_dao.findAll(capture(new Capture<AlertCurrentRequest>()))).andReturn( + private void testGetClusterGroupedSummary(Authentication authentication) throws Exception { + expect(m_dao.findAll(capture(EasyMock.<AlertCurrentRequest>newCapture()))).andReturn( getMockEntitiesManyStates()).anyTimes(); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Request request = PropertyHelper.getReadRequest( AlertResourceProvider.ALERT_ID, AlertResourceProvider.ALERT_DEFINITION_NAME, AlertResourceProvider.ALERT_LABEL, AlertResourceProvider.ALERT_STATE, @@ -303,7 +419,7 @@ public class AlertResourceProviderTest { Resource summaryResource = summaryResources.getObject(); List<AlertDefinitionSummary> summaryList = (List<AlertDefinitionSummary>) summaryResource.getPropertyValue("alerts_summary_grouped"); - Assert.assertEquals(4, summaryList.size()); + assertEquals(4, summaryList.size()); AlertDefinitionSummary nnSummary = null; AlertDefinitionSummary rmSummary = null; @@ -352,15 +468,34 @@ public class AlertResourceProviderTest { Assert.assertEquals(ALERT_VALUE_TEXT, flumeSummary.State.Unknown.AlertText); } + @Test + public void testGetClusterGroupedSummaryMaintenanceCountsAsAdministrator() throws Exception { + testGetClusterGroupedSummaryMaintenanceCounts(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetClusterGroupedSummaryMaintenanceCountsAsClusterAdministrator() throws Exception { + testGetClusterGroupedSummaryMaintenanceCounts(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetClusterGroupedSummaryMaintenanceCountsAsClusterUser() throws Exception { + testGetClusterGroupedSummaryMaintenanceCounts(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetClusterGroupedSummaryMaintenanceCountsAsViewOnlyUser() throws Exception { + testGetClusterGroupedSummaryMaintenanceCounts(TestAuthenticationFactory.createViewUser(99L)); + } + /** * Tests that the {@link AlertSummaryGroupedRenderer} correctly transforms the - * alert data when it has maintenace mode alerts. + * alert data when it has maintenance mode alerts. * * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetClusterGroupedSummaryMaintenanceCounts() throws Exception { + private void testGetClusterGroupedSummaryMaintenanceCounts(Authentication authentication) throws Exception { // turn on MM for all alerts in the WARNING state List<AlertCurrentEntity> currents = getMockEntitiesManyStates(); for (AlertCurrentEntity current : currents) { @@ -369,11 +504,13 @@ public class AlertResourceProviderTest { } } - expect(m_dao.findAll(capture(new Capture<AlertCurrentRequest>()))).andReturn( + expect(m_dao.findAll(capture(EasyMock.<AlertCurrentRequest>newCapture()))).andReturn( currents).anyTimes(); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + Request request = PropertyHelper.getReadRequest( AlertResourceProvider.ALERT_ID, AlertResourceProvider.ALERT_DEFINITION_NAME, @@ -406,7 +543,7 @@ public class AlertResourceProviderTest { Resource summaryResource = summaryResources.getObject(); List<Object> summaryList = (List<Object>) summaryResource.getPropertyValue("alerts_summary_grouped"); - Assert.assertEquals(4, summaryList.size()); + assertEquals(4, summaryList.size()); } /** @@ -421,6 +558,8 @@ public class AlertResourceProviderTest { replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createAdministrator()); + Set<String> requestProperties = new HashSet<String>(); requestProperties.add(AlertResourceProvider.ALERT_ID); requestProperties.add(AlertResourceProvider.ALERT_DEFINITION_NAME); @@ -475,7 +614,15 @@ public class AlertResourceProviderTest { history.setHostName(ALERT_VALUE_HOSTNAME); history.setServiceName(ALERT_VALUE_SERVICE); + ResourceEntity clusterResourceEntity = new ResourceEntity(); + clusterResourceEntity.setId(4L); + + ClusterEntity clusterEntity = new ClusterEntity(); + clusterEntity.setClusterId(2L); + clusterEntity.setResource(clusterResourceEntity); + AlertDefinitionEntity definition = new AlertDefinitionEntity(); + definition.setCluster(clusterEntity); history.setAlertDefinition(definition); current.setAlertHistory(history); @@ -542,9 +689,17 @@ public class AlertResourceProviderTest { history.setHostName(ALERT_VALUE_HOSTNAME); history.setServiceName(service); + ResourceEntity clusterResourceEntity = new ResourceEntity(); + clusterResourceEntity.setId(4L); + + ClusterEntity clusterEntity = new ClusterEntity(); + clusterEntity.setClusterId(2L); + clusterEntity.setResource(clusterResourceEntity); + AlertDefinitionEntity definition = new AlertDefinitionEntity(); definition.setDefinitionId(Long.valueOf(i)); definition.setDefinitionName(definitionName); + definition.setCluster(clusterEntity); history.setAlertDefinition(definition); current.setAlertHistory(history); currents.add(current); @@ -555,8 +710,8 @@ public class AlertResourceProviderTest { /** - * - */ + * + */ private class MockModule implements Module { @Override public void configure(Binder binder) { http://git-wip-us.apache.org/repos/asf/ambari/blob/66e1595c/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertTargetResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertTargetResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertTargetResourceProviderTest.java index 6cde0c2..f80b6f7 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertTargetResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertTargetResourceProviderTest.java @@ -26,6 +26,7 @@ import static org.easymock.EasyMock.createMock; import static org.easymock.EasyMock.createStrictMock; import static org.easymock.EasyMock.expect; import static org.easymock.EasyMock.expectLastCall; +import static org.easymock.EasyMock.newCapture; import static org.easymock.EasyMock.replay; import static org.easymock.EasyMock.resetToStrict; import static org.easymock.EasyMock.verify; @@ -53,6 +54,8 @@ import org.apache.ambari.server.orm.InMemoryDefaultTestModule; import org.apache.ambari.server.orm.dao.AlertDispatchDAO; import org.apache.ambari.server.orm.entities.AlertGroupEntity; import org.apache.ambari.server.orm.entities.AlertTargetEntity; +import org.apache.ambari.server.security.TestAuthenticationFactory; +import org.apache.ambari.server.security.authorization.AuthorizationException; import org.apache.ambari.server.state.AlertState; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; @@ -60,6 +63,7 @@ import org.apache.ambari.server.state.alert.TargetType; import org.apache.ambari.server.utils.CollectionPresentationUtils; import org.easymock.Capture; import org.easymock.EasyMock; +import org.junit.After; import org.junit.Assert; import org.junit.Before; import org.junit.Test; @@ -69,6 +73,8 @@ import com.google.inject.Guice; import com.google.inject.Injector; import com.google.inject.Module; import com.google.inject.util.Modules; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; /** * {@link AlertTargetResourceProvider} tests. @@ -98,12 +104,41 @@ public class AlertTargetResourceProviderTest { Assert.assertNotNull(m_injector); } + @After + public void clearAuthentication() { + SecurityContextHolder.getContext().setAuthentication(null); + } + + @Test + public void testGetResourcesNoPredicateAsAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsServiceAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterUser()); + } + + @Test + public void testGetResourcesNoPredicateAsViewUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetResourcesNoPredicate() throws Exception { + public void testGetResourcesNoPredicate(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertTargetResourceProvider.ALERT_TARGET_DESCRIPTION, AlertTargetResourceProvider.ALERT_TARGET_ID, @@ -113,6 +148,8 @@ public class AlertTargetResourceProviderTest { expect(m_dao.findAllTargets()).andReturn(getMockEntities()); replay(m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Set<Resource> results = provider.getResources(request, null); @@ -135,12 +172,36 @@ public class AlertTargetResourceProviderTest { verify(m_dao); } + @Test + public void testGetSingleResourceAsAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetSingleResourceAsServiceAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterUser()); + } + + @Test + public void testGetSingleResourceAsViewUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetSingleResource() throws Exception { + private void testGetSingleResource(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertTargetResourceProvider.ALERT_TARGET_DESCRIPTION, AlertTargetResourceProvider.ALERT_TARGET_ID, @@ -158,6 +219,8 @@ public class AlertTargetResourceProviderTest { replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Set<Resource> results = provider.getResources(request, predicate); assertEquals(1, results.size()); @@ -202,17 +265,43 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testCreateResourcesAsAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsClusterAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsServiceAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsClusterUser() throws Exception { + testCreateResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsViewUser() throws Exception { + testCreateResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testCreateResources() throws Exception { - Capture<AlertTargetEntity> targetCapture = new Capture<AlertTargetEntity>(); + private void testCreateResources(Authentication authentication) throws Exception { + Capture<AlertTargetEntity> targetCapture = newCapture(); m_dao.create(capture(targetCapture)); expectLastCall(); replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); @@ -237,11 +326,35 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testCreateResourcesWithGroupsAsAdministrator() throws Exception { + testCreateResourcesWithGroups(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesWithGroupsAsClusterAdministrator() throws Exception { + testCreateResourcesWithGroups(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesWithGroupsAsServiceAdministrator() throws Exception { + testCreateResourcesWithGroups(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesWithGroupsAsClusterUser() throws Exception { + testCreateResourcesWithGroups(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesWithGroupsAsViewUser() throws Exception { + testCreateResourcesWithGroups(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testCreateResourcesWithGroups() throws Exception { + private void testCreateResourcesWithGroups(Authentication authentication) throws Exception { List<Long> groupIds = Arrays.asList(1L, 2L, 3L); List<AlertGroupEntity> groups = new ArrayList<AlertGroupEntity>(); AlertGroupEntity group1 = new AlertGroupEntity(); @@ -259,6 +372,8 @@ public class AlertTargetResourceProviderTest { replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); @@ -287,17 +402,43 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testCreateGlobalTargetAsAdministrator() throws Exception { + testCreateGlobalTarget(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateGlobalTargetAsClusterAdministrator() throws Exception { + testCreateGlobalTarget(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateGlobalTargetAsServiceAdministrator() throws Exception { + testCreateGlobalTarget(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateGlobalTargetAsClusterUser() throws Exception { + testCreateGlobalTarget(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateGlobalTargetAsViewUser() throws Exception { + testCreateGlobalTarget(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testCreateGlobalTarget() throws Exception { + private void testCreateGlobalTarget(Authentication authentication) throws Exception { Capture<AlertTargetEntity> targetCapture = new Capture<AlertTargetEntity>(); m_dao.create(capture(targetCapture)); expectLastCall(); replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); @@ -327,17 +468,43 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testCreateResourceWithRecipientArrayAsAdministrator() throws Exception { + testCreateResourceWithRecipientArray(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithRecipientArrayAsClusterAdministrator() throws Exception { + testCreateResourceWithRecipientArray(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithRecipientArrayAsServiceAdministrator() throws Exception { + testCreateResourceWithRecipientArray(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithRecipientArrayAsClusterUser() throws Exception { + testCreateResourceWithRecipientArray(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesWithRecipientArrayAsViewUser() throws Exception { + testCreateResourceWithRecipientArray(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testCreateResourceWithRecipientArray() throws Exception { + private void testCreateResourceWithRecipientArray(Authentication authentication) throws Exception { Capture<AlertTargetEntity> targetCapture = new Capture<AlertTargetEntity>(); m_dao.create(capture(targetCapture)); expectLastCall(); replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getRecipientCreationProperties(); @@ -365,18 +532,44 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testCreateResourceWithAlertStatesAsAdministrator() throws Exception { + testCreateResourceWithAlertStates(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithAlertStatesAsClusterAdministrator() throws Exception { + testCreateResourceWithAlertStates(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithAlertStatesAsServiceAdministrator() throws Exception { + testCreateResourceWithAlertStates(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithAlertStatesAsClusterUser() throws Exception { + testCreateResourceWithAlertStates(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourceWithAlertStatesAsViewUser() throws Exception { + testCreateResourceWithAlertStates(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testCreateResourceWithAlertStates() throws Exception { + private void testCreateResourceWithAlertStates(Authentication authentication) throws Exception { Capture<AlertTargetEntity> targetCapture = new Capture<AlertTargetEntity>(); m_dao.create(capture(targetCapture)); expectLastCall(); replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); requestProps.put( @@ -407,12 +600,36 @@ public class AlertTargetResourceProviderTest { } + @Test + public void testUpdateResourcesAsAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsClusterAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsServiceAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsClusterUser() throws Exception { + testUpdateResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsViewUser() throws Exception { + testUpdateResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testUpdateResources() throws Exception { + private void testUpdateResources(Authentication authentication) throws Exception { Capture<AlertTargetEntity> entityCapture = new Capture<AlertTargetEntity>(); m_dao.create(capture(entityCapture)); expectLastCall().times(1); @@ -424,6 +641,8 @@ public class AlertTargetResourceProviderTest { replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); Request request = PropertyHelper.getCreateRequest( @@ -457,12 +676,36 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testUpdateResourcesWithGroupsAsAdministrator() throws Exception { + testUpdateResourcesWithGroups(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesWithGroupsAsClusterAdministrator() throws Exception { + testUpdateResourcesWithGroups(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesWithGroupsAsServiceAdministrator() throws Exception { + testUpdateResourcesWithGroups(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesWithGroupsAsClusterUser() throws Exception { + testUpdateResourcesWithGroups(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesWithGroupsAsViewUser() throws Exception { + testUpdateResourcesWithGroups(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testUpdateResourcesWithGroups() throws Exception { + private void testUpdateResourcesWithGroups(Authentication authentication) throws Exception { Capture<AlertTargetEntity> entityCapture = new Capture<AlertTargetEntity>(); m_dao.create(capture(entityCapture)); expectLastCall().times(1); @@ -485,6 +728,8 @@ public class AlertTargetResourceProviderTest { replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); Request request = PropertyHelper.getCreateRequest( @@ -514,17 +759,43 @@ public class AlertTargetResourceProviderTest { verify(m_amc, m_dao); } + @Test + public void testDeleteResourcesAsAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsClusterAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsServiceAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsClusterUser() throws Exception { + testDeleteResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsViewUser() throws Exception { + testDeleteResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testDeleteResources() throws Exception { + private void testDeleteResources(Authentication authentication) throws Exception { Capture<AlertTargetEntity> entityCapture = new Capture<AlertTargetEntity>(); m_dao.create(capture(entityCapture)); expectLastCall().times(1); replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); @@ -557,7 +828,31 @@ public class AlertTargetResourceProviderTest { } @Test - public void testOverwriteDirective() throws Exception { + public void testOverwriteDirectiveAsAdministrator() throws Exception { + testOverwriteDirective(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testOverwriteDirectiveAsClusterAdministrator() throws Exception { + testOverwriteDirective(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testOverwriteDirectiveAsServiceAdministrator() throws Exception { + testOverwriteDirective(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testOverwriteDirectiveAsClusterUser() throws Exception { + testOverwriteDirective(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testOverwriteDirectiveAsViewUser() throws Exception { + testOverwriteDirective(TestAuthenticationFactory.createViewUser(99L)); + } + + private void testOverwriteDirective(Authentication authentication) throws Exception { // mock out returning an existing entity AlertTargetEntity entity = getMockEntities().get(0); expect(m_dao.findTargetByName(ALERT_TARGET_NAME)).andReturn(entity).atLeastOnce(); @@ -566,6 +861,8 @@ public class AlertTargetResourceProviderTest { replay(m_amc, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertTargetResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = getCreationProperties(); http://git-wip-us.apache.org/repos/asf/ambari/blob/66e1595c/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java b/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java index 1c440eb..3e164e0 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java @@ -164,6 +164,7 @@ public class TestAuthenticationFactory { RoleAuthorization.CLUSTER_MANAGE_CREDENTIALS, RoleAuthorization.CLUSTER_MODIFY_CONFIGS, RoleAuthorization.CLUSTER_TOGGLE_ALERTS, + RoleAuthorization.CLUSTER_MANAGE_ALERTS, RoleAuthorization.CLUSTER_TOGGLE_KERBEROS, RoleAuthorization.CLUSTER_UPGRADE_DOWNGRADE_STACK, RoleAuthorization.CLUSTER_VIEW_ALERTS,
