This is an automated email from the ASF dual-hosted git repository. cwylie pushed a commit to branch 0.15.1-incubating in repository https://gitbox.apache.org/repos/asf/incubator-druid.git
commit bff1c6ca369bedfebcbea33a9775b2a33ac02ba5 Author: Gian Merlino <[email protected]> AuthorDate: Tue Jul 9 13:16:54 2019 -0700 SupervisorManager: Add authorization checks to bulk endpoints. (#8044) The endpoints added in #6272 were missing authorization checks. This patch removes the bulk methods from SupervisorManager, and instead has SupervisorResource run the full list through filterAuthorizedSupervisorIds before calling resume/suspend/terminate one by one. --- .../overlord/supervisor/SupervisorManager.java | 20 -- .../overlord/supervisor/SupervisorResource.java | 34 ++- .../supervisor/SupervisorResourceTest.java | 237 ++++++++++++++------- .../server/security/AuthenticationResult.java | 2 + 4 files changed, 189 insertions(+), 104 deletions(-) diff --git a/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorManager.java b/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorManager.java index 3168b89..30183ae 100644 --- a/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorManager.java +++ b/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorManager.java @@ -101,26 +101,6 @@ public class SupervisorManager } } - public void stopAndRemoveAllSupervisors() - { - Preconditions.checkState(started, "SupervisorManager not started"); - - synchronized (lock) { - Preconditions.checkState(started, "SupervisorManager not started"); - supervisors.keySet().forEach(id -> possiblyStopAndRemoveSupervisorInternal(id, true)); - } - } - - public void suspendOrResumeAllSupervisors(boolean suspend) - { - Preconditions.checkState(started, "SupervisorManager not started"); - - synchronized (lock) { - Preconditions.checkState(started, "SupervisorManager not started"); - supervisors.keySet().forEach(id -> possiblySuspendOrResumeSupervisorInternal(id, suspend)); - } - } - @LifecycleStart public void start() { diff --git a/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResource.java b/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResource.java index 97e0580..122cc3b 100644 --- a/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResource.java +++ b/indexing-service/src/main/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResource.java @@ -263,27 +263,36 @@ public class SupervisorResource @POST @Path("/suspendAll") @Produces(MediaType.APPLICATION_JSON) - public Response suspendAll() + public Response suspendAll(@Context final HttpServletRequest req) { - return suspendOrResumeAll(true); + return suspendOrResumeAll(req, true); } @POST @Path("/resumeAll") @Produces(MediaType.APPLICATION_JSON) - public Response resumeAll() + public Response resumeAll(@Context final HttpServletRequest req) { - return suspendOrResumeAll(false); + return suspendOrResumeAll(req, false); } @POST @Path("/terminateAll") @Produces(MediaType.APPLICATION_JSON) - public Response terminateAll() + public Response terminateAll(@Context final HttpServletRequest req) { return asLeaderWithSupervisorManager( manager -> { - manager.stopAndRemoveAllSupervisors(); + Set<String> authorizedSupervisorIds = filterAuthorizedSupervisorIds( + req, + manager, + manager.getSupervisorIds() + ); + + for (final String supervisorId : authorizedSupervisorIds) { + manager.stopAndRemoveSupervisor(supervisorId); + } + return Response.ok(ImmutableMap.of("status", "success")).build(); } ); @@ -429,11 +438,20 @@ public class SupervisorResource ); } - private Response suspendOrResumeAll(boolean suspend) + private Response suspendOrResumeAll(final HttpServletRequest req, final boolean suspend) { return asLeaderWithSupervisorManager( manager -> { - manager.suspendOrResumeAllSupervisors(suspend); + Set<String> authorizedSupervisorIds = filterAuthorizedSupervisorIds( + req, + manager, + manager.getSupervisorIds() + ); + + for (final String supervisorId : authorizedSupervisorIds) { + manager.suspendOrResumeSupervisor(supervisorId, suspend); + } + return Response.ok(ImmutableMap.of("status", "success")).build(); } ); diff --git a/indexing-service/src/test/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResourceTest.java b/indexing-service/src/test/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResourceTest.java index 3b31dec..d73b163 100644 --- a/indexing-service/src/test/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResourceTest.java +++ b/indexing-service/src/test/java/org/apache/druid/indexing/overlord/supervisor/SupervisorResourceTest.java @@ -53,6 +53,20 @@ import java.util.Set; @RunWith(EasyMockRunner.class) public class SupervisorResourceTest extends EasyMockSupport { + private static final TestSupervisorSpec SPEC1 = new TestSupervisorSpec( + "id1", + null, + Collections.singletonList("datasource1") + ); + + private static final TestSupervisorSpec SPEC2 = new TestSupervisorSpec( + "id2", + null, + Collections.singletonList("datasource2") + ); + + private static final Set<String> SUPERVISOR_IDS = ImmutableSet.of(SPEC1.getId(), SPEC2.getId()); + @Mock private TaskMaster taskMaster; @@ -69,7 +83,8 @@ public class SupervisorResourceTest extends EasyMockSupport { supervisorResource = new SupervisorResource( taskMaster, - new AuthorizerMapper(null) { + new AuthorizerMapper(null) + { @Override public Authorizer getAuthorizer(String name) { @@ -92,7 +107,8 @@ public class SupervisorResourceTest extends EasyMockSupport @Test public void testSpecPost() { - SupervisorSpec spec = new TestSupervisorSpec("my-id", null, null) { + SupervisorSpec spec = new TestSupervisorSpec("my-id", null, null) + { @Override public List<String> getDataSources() @@ -131,28 +147,10 @@ public class SupervisorResourceTest extends EasyMockSupport @Test public void testSpecGetAll() { - Set<String> supervisorIds = ImmutableSet.of("id1", "id2"); - SupervisorSpec spec1 = new TestSupervisorSpec("id1", null, null) { - - @Override - public List<String> getDataSources() - { - return Collections.singletonList("datasource1"); - } - }; - SupervisorSpec spec2 = new TestSupervisorSpec("id2", null, null) { - - @Override - public List<String> getDataSources() - { - return Collections.singletonList("datasource2"); - } - }; - EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); - EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(supervisorIds).atLeastOnce(); - EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(spec1)); - EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(spec2)); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( @@ -166,7 +164,7 @@ public class SupervisorResourceTest extends EasyMockSupport verifyAll(); Assert.assertEquals(200, response.getStatus()); - Assert.assertEquals(supervisorIds, response.getEntity()); + Assert.assertEquals(SUPERVISOR_IDS, response.getEntity()); resetAll(); EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.absent()); @@ -181,29 +179,10 @@ public class SupervisorResourceTest extends EasyMockSupport @Test public void testSpecGetAllFull() { - Set<String> supervisorIds = ImmutableSet.of("id1", "id2"); - - SupervisorSpec spec1 = new TestSupervisorSpec("id1", null, null) { - - @Override - public List<String> getDataSources() - { - return Collections.singletonList("datasource1"); - } - }; - SupervisorSpec spec2 = new TestSupervisorSpec("id2", null, null) { - - @Override - public List<String> getDataSources() - { - return Collections.singletonList("datasource2"); - } - }; - EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); - EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(supervisorIds).atLeastOnce(); - EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(spec1)).times(2); - EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(spec2)).times(2); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(SPEC1)).times(2); + EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(SPEC2)).times(2); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( @@ -221,8 +200,8 @@ public class SupervisorResourceTest extends EasyMockSupport Assert.assertTrue( specs.stream() .allMatch(spec -> - ("id1".equals(spec.get("id")) && spec1.equals(spec.get("spec"))) || - ("id2".equals(spec.get("id")) && spec2.equals(spec.get("spec"))) + ("id1".equals(spec.get("id")) && SPEC1.equals(spec.get("spec"))) || + ("id2".equals(spec.get("id")) && SPEC2.equals(spec.get("spec"))) ) ); } @@ -292,7 +271,8 @@ public class SupervisorResourceTest extends EasyMockSupport @Test public void testSpecSuspend() { - TestSupervisorSpec suspended = new TestSupervisorSpec("my-id", null, null, true) { + TestSupervisorSpec suspended = new TestSupervisorSpec("my-id", null, null, true) + { @Override public List<String> getDataSources() { @@ -329,7 +309,8 @@ public class SupervisorResourceTest extends EasyMockSupport @Test public void testSpecResume() { - TestSupervisorSpec running = new TestSupervisorSpec("my-id", null, null, false) { + TestSupervisorSpec running = new TestSupervisorSpec("my-id", null, null, false) + { @Override public List<String> getDataSources() { @@ -396,11 +377,46 @@ public class SupervisorResourceTest extends EasyMockSupport public void testSuspendAll() { EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); - supervisorManager.suspendOrResumeAllSupervisors(true); - EasyMock.expectLastCall(); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); + EasyMock.expect(supervisorManager.suspendOrResumeSupervisor(SPEC1.getId(), true)).andReturn(true); + EasyMock.expect(supervisorManager.suspendOrResumeSupervisor(SPEC2.getId(), true)).andReturn(true); + + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( + new AuthenticationResult("druid", "druid", null, null) + ).atLeastOnce(); + request.setAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true); + EasyMock.expectLastCall().anyTimes(); replayAll(); - Response response = supervisorResource.suspendAll(); + Response response = supervisorResource.suspendAll(request); + Assert.assertEquals(200, response.getStatus()); + Assert.assertEquals(ImmutableMap.of("status", "success"), response.getEntity()); + verifyAll(); + } + + @Test + public void testSuspendAllWithPartialAuthorization() + { + EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); + EasyMock.expect(supervisorManager.suspendOrResumeSupervisor(SPEC1.getId(), true)).andReturn(true); + + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( + new AuthenticationResult("notDruid", "druid", null, null) + ).atLeastOnce(); + request.setAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true); + EasyMock.expectLastCall().anyTimes(); + replayAll(); + + Response response = supervisorResource.suspendAll(request); Assert.assertEquals(200, response.getStatus()); Assert.assertEquals(ImmutableMap.of("status", "success"), response.getEntity()); verifyAll(); @@ -410,11 +426,46 @@ public class SupervisorResourceTest extends EasyMockSupport public void testResumeAll() { EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); - supervisorManager.suspendOrResumeAllSupervisors(false); - EasyMock.expectLastCall(); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); + EasyMock.expect(supervisorManager.suspendOrResumeSupervisor(SPEC1.getId(), false)).andReturn(true); + EasyMock.expect(supervisorManager.suspendOrResumeSupervisor(SPEC2.getId(), false)).andReturn(true); + + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( + new AuthenticationResult("druid", "druid", null, null) + ).atLeastOnce(); + request.setAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true); + EasyMock.expectLastCall().anyTimes(); replayAll(); - Response response = supervisorResource.resumeAll(); + Response response = supervisorResource.resumeAll(request); + Assert.assertEquals(200, response.getStatus()); + Assert.assertEquals(ImmutableMap.of("status", "success"), response.getEntity()); + verifyAll(); + } + + @Test + public void testResumeAllWithPartialAuthorization() + { + EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); + EasyMock.expect(supervisorManager.suspendOrResumeSupervisor(SPEC1.getId(), false)).andReturn(true); + + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( + new AuthenticationResult("notDruid", "druid", null, null) + ).atLeastOnce(); + request.setAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true); + EasyMock.expectLastCall().anyTimes(); + replayAll(); + + Response response = supervisorResource.resumeAll(request); Assert.assertEquals(200, response.getStatus()); Assert.assertEquals(ImmutableMap.of("status", "success"), response.getEntity()); verifyAll(); @@ -424,11 +475,46 @@ public class SupervisorResourceTest extends EasyMockSupport public void testTerminateAll() { EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); - supervisorManager.stopAndRemoveAllSupervisors(); - EasyMock.expectLastCall(); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); + EasyMock.expect(supervisorManager.stopAndRemoveSupervisor(SPEC1.getId())).andReturn(true); + EasyMock.expect(supervisorManager.stopAndRemoveSupervisor(SPEC2.getId())).andReturn(true); + + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( + new AuthenticationResult("druid", "druid", null, null) + ).atLeastOnce(); + request.setAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true); + EasyMock.expectLastCall().anyTimes(); replayAll(); - Response response = supervisorResource.terminateAll(); + Response response = supervisorResource.terminateAll(request); + Assert.assertEquals(200, response.getStatus()); + Assert.assertEquals(ImmutableMap.of("status", "success"), response.getEntity()); + verifyAll(); + } + + @Test + public void testTerminateAllWithPartialAuthorization() + { + EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)); + EasyMock.expect(supervisorManager.getSupervisorIds()).andReturn(SUPERVISOR_IDS).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC1.getId())).andReturn(Optional.of(SPEC1)); + EasyMock.expect(supervisorManager.getSupervisorSpec(SPEC2.getId())).andReturn(Optional.of(SPEC2)); + EasyMock.expect(supervisorManager.stopAndRemoveSupervisor(SPEC1.getId())).andReturn(true); + + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); + EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( + new AuthenticationResult("notDruid", "druid", null, null) + ).atLeastOnce(); + request.setAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true); + EasyMock.expectLastCall().anyTimes(); + replayAll(); + + Response response = supervisorResource.terminateAll(request); Assert.assertEquals(200, response.getStatus()); Assert.assertEquals(ImmutableMap.of("status", "success"), response.getEntity()); verifyAll(); @@ -498,10 +584,8 @@ public class SupervisorResourceTest extends EasyMockSupport EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)).times(2); EasyMock.expect(supervisorManager.getSupervisorHistory()).andReturn(history); - SupervisorSpec spec1 = new TestSupervisorSpec("id1", null, Collections.singletonList("datasource1")); - SupervisorSpec spec2 = new TestSupervisorSpec("id2", null, Collections.singletonList("datasource2")); - EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(spec1)).atLeastOnce(); - EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(spec2)).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(SPEC1)).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(SPEC2)).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( @@ -528,7 +612,7 @@ public class SupervisorResourceTest extends EasyMockSupport } @Test - public void testSpecGetAllHistoryWithAuthFailureFiltering() + public void testSpecGetAllHistoryWithPartialAuthorization() { List<VersionedSupervisorSpec> versions1 = ImmutableList.of( new VersionedSupervisorSpec( @@ -611,10 +695,8 @@ public class SupervisorResourceTest extends EasyMockSupport EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)).times(2); EasyMock.expect(supervisorManager.getSupervisorHistory()).andReturn(history); - SupervisorSpec spec1 = new TestSupervisorSpec("id1", null, Collections.singletonList("datasource1")); - SupervisorSpec spec2 = new TestSupervisorSpec("id2", null, Collections.singletonList("datasource2")); - EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(spec1)).atLeastOnce(); - EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(spec2)).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec("id1")).andReturn(Optional.of(SPEC1)).atLeastOnce(); + EasyMock.expect(supervisorManager.getSupervisorSpec("id2")).andReturn(Optional.of(SPEC2)).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).atLeastOnce(); EasyMock.expect(request.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn( @@ -872,8 +954,14 @@ public class SupervisorResourceTest extends EasyMockSupport Capture<String> id1 = Capture.newInstance(); Capture<String> id2 = Capture.newInstance(); EasyMock.expect(taskMaster.getSupervisorManager()).andReturn(Optional.of(supervisorManager)).times(2); - EasyMock.expect(supervisorManager.resetSupervisor(EasyMock.capture(id1), EasyMock.anyObject(DataSourceMetadata.class))).andReturn(true); - EasyMock.expect(supervisorManager.resetSupervisor(EasyMock.capture(id2), EasyMock.anyObject(DataSourceMetadata.class))).andReturn(false); + EasyMock.expect(supervisorManager.resetSupervisor( + EasyMock.capture(id1), + EasyMock.anyObject(DataSourceMetadata.class) + )).andReturn(true); + EasyMock.expect(supervisorManager.resetSupervisor( + EasyMock.capture(id2), + EasyMock.anyObject(DataSourceMetadata.class) + )).andReturn(false); replayAll(); Response response = supervisorResource.reset("my-id"); @@ -908,12 +996,9 @@ public class SupervisorResourceTest extends EasyMockSupport NoopSupervisorSpec deserializedSpec = mapper.readValue(oldSpec, NoopSupervisorSpec.class); Assert.assertEquals(expectedSpec, deserializedSpec); - NoopSupervisorSpec spec1 = new NoopSupervisorSpec("abcd", Collections.singletonList("defg")); - NoopSupervisorSpec spec2 = mapper.readValue( - mapper.writeValueAsBytes(spec1), - NoopSupervisorSpec.class - ); - Assert.assertEquals(spec1, spec2); + NoopSupervisorSpec spec = new NoopSupervisorSpec("abcd", Collections.singletonList("defg")); + NoopSupervisorSpec specRoundTrip = mapper.readValue(mapper.writeValueAsBytes(spec), NoopSupervisorSpec.class); + Assert.assertEquals(spec, specRoundTrip); } private static class TestSupervisorSpec implements SupervisorSpec diff --git a/server/src/main/java/org/apache/druid/server/security/AuthenticationResult.java b/server/src/main/java/org/apache/druid/server/security/AuthenticationResult.java index 854aa5e..4e7a3da 100644 --- a/server/src/main/java/org/apache/druid/server/security/AuthenticationResult.java +++ b/server/src/main/java/org/apache/druid/server/security/AuthenticationResult.java @@ -76,11 +76,13 @@ public class AuthenticationResult return authorizerName; } + @Nullable public Map<String, Object> getContext() { return context; } + @Nullable public String getAuthenticatedBy() { return authenticatedBy; --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
