This is an automated email from the ASF dual-hosted git repository.
pvillard pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new 4aee4546b9 NIFI-10135 Upgraded maven-surefire-plugin to 3.0.0-M7
4aee4546b9 is described below
commit 4aee4546b9da439a7e04dc297cdd193c6d6b91a2
Author: exceptionfactory <[email protected]>
AuthorDate: Thu Jun 16 19:08:47 2022 -0500
NIFI-10135 Upgraded maven-surefire-plugin to 3.0.0-M7
- Removed duplicate plugin configuration in nifi-registry
- Removed maven-failsafe-plugin override in
nifi-elasticsearch-client-service
- Removed failing test ResourceAuthorizationFilterSpec in
nifi-registry-web-api
Signed-off-by: Pierre Villard <[email protected]>
This closes #6132.
---
.../nifi-elasticsearch-client-service/pom.xml | 1 -
.../ResourceAuthorizationFilterSpec.groovy | 172 ---------------------
nifi-registry/pom.xml | 28 ----
pom.xml | 2 +-
4 files changed, 1 insertion(+), 202 deletions(-)
diff --git
a/nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-client-service/pom.xml
b/nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-client-service/pom.xml
index cb95985347..e651124a70 100644
---
a/nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-client-service/pom.xml
+++
b/nifi-nar-bundles/nifi-elasticsearch-bundle/nifi-elasticsearch-client-service/pom.xml
@@ -210,7 +210,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
- <version>3.0.0-M6</version>
</plugin>
</plugins>
</pluginManagement>
diff --git
a/nifi-registry/nifi-registry-core/nifi-registry-web-api/src/test/groovy/org/apache/nifi/registry/security/authorization/ResourceAuthorizationFilterSpec.groovy
b/nifi-registry/nifi-registry-core/nifi-registry-web-api/src/test/groovy/org/apache/nifi/registry/security/authorization/ResourceAuthorizationFilterSpec.groovy
deleted file mode 100644
index 806f73c03a..0000000000
---
a/nifi-registry/nifi-registry-core/nifi-registry-web-api/src/test/groovy/org/apache/nifi/registry/security/authorization/ResourceAuthorizationFilterSpec.groovy
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.registry.security.authorization
-
-import
org.apache.nifi.registry.security.authorization.exception.AccessDeniedException
-import org.apache.nifi.registry.security.authorization.resource.Authorizable
-import org.apache.nifi.registry.security.authorization.resource.ResourceType
-import org.apache.nifi.registry.service.AuthorizationService
-import org.apache.nifi.registry.service.RegistryService
-import
org.apache.nifi.registry.web.security.authorization.HttpMethodAuthorizationRules
-import
org.apache.nifi.registry.web.security.authorization.ResourceAuthorizationFilter
-import
org.apache.nifi.registry.web.security.authorization.StandardHttpMethodAuthorizationRules
-import org.springframework.http.HttpMethod
-import org.springframework.mock.web.MockHttpServletRequest
-import org.springframework.mock.web.MockHttpServletResponse
-import spock.lang.Specification
-
-import javax.servlet.FilterChain
-import javax.servlet.http.HttpServletRequest
-import javax.servlet.http.HttpServletResponse
-
-class ResourceAuthorizationFilterSpec extends Specification {
-
- RegistryService registryService = Mock(RegistryService)
- AuthorizableLookup authorizableLookup = new
StandardAuthorizableLookup(registryService)
- AuthorizationService mockAuthorizationService = Mock(AuthorizationService)
- FilterChain mockFilterChain = Mock(FilterChain)
- ResourceAuthorizationFilter.Builder resourceAuthorizationFilterBuilder
-
- // runs before every feature method
- def setup() {
- mockAuthorizationService.getAuthorizableLookup() >> authorizableLookup
- resourceAuthorizationFilterBuilder =
ResourceAuthorizationFilter.builder().setAuthorizationService(mockAuthorizationService)
- }
-
- // runs after every feature method
- def cleanup() {
- //mockAuthorizationService = null
- //mockFilterChain = null
- resourceAuthorizationFilterBuilder = null
- }
-
- // runs before the first feature method
- def setupSpec() {}
-
- // runs after the last feature method
- def cleanupSpec() {}
-
-
- def "unsecured requests are allowed without an authorization check"() {
-
- setup:
- def resourceAuthorizationFilter =
resourceAuthorizationFilterBuilder.addResourceType(ResourceType.Actuator).build()
- def httpServletRequest = createUnsecuredRequest()
- def httpServletResponse = createResponse()
-
- when: "doFilter() is called"
- resourceAuthorizationFilter.doFilter(httpServletRequest,
httpServletResponse, mockFilterChain)
-
- then: "response is forwarded without authorization check"
- 0 * mockAuthorizationService._
- 1 * mockFilterChain.doFilter(_ as HttpServletRequest, _ as
HttpServletResponse)
-
- }
-
-
- def "secure requests to an unguarded resource are allowed without an
authorization check"() {
-
- setup:
- def resourceAuthorizationFilter =
resourceAuthorizationFilterBuilder.addResourceType(ResourceType.Actuator).build()
- def httpServletRequest = createSecureRequest(HttpMethod.POST,
ResourceType.Bucket)
- def httpServletResponse = createResponse()
-
- when: "doFilter() is called"
- resourceAuthorizationFilter.doFilter(httpServletRequest,
httpServletResponse, mockFilterChain)
-
- then: "response is forwarded without authorization check"
- 0 * mockAuthorizationService._
- 1 * mockFilterChain.doFilter(_ as HttpServletRequest, _ as
HttpServletResponse)
-
- }
-
-
- def "secure requests to an unguarded HTTP method are allowed without an
authorization check"() {
-
- setup:
- HttpMethodAuthorizationRules rules = new
StandardHttpMethodAuthorizationRules(EnumSet.of(HttpMethod.POST,
HttpMethod.PUT, HttpMethod.DELETE))
- def resourceAuthorizationFilter =
resourceAuthorizationFilterBuilder.addResourceType(ResourceType.Actuator,
rules).build()
- def httpServletRequest = createSecureRequest(HttpMethod.GET,
ResourceType.Actuator)
- def httpServletResponse = createResponse()
-
- when: "doFilter() is called"
- resourceAuthorizationFilter.doFilter(httpServletRequest,
httpServletResponse, mockFilterChain)
-
- then: "response is forwarded without authorization check"
- 0 * mockAuthorizationService._
- 1 * mockFilterChain.doFilter(_ as HttpServletRequest, _ as
HttpServletResponse)
-
- }
-
-
- def "secure requests matching resource configuration rules perform
authorization check"() {
-
- setup:
- // Stubbing setup for mockAuthorizationService is done in the then
block as we are also verifying interactions with mock
- def resourceAuthorizationFilter =
resourceAuthorizationFilterBuilder.addResourceType(ResourceType.Actuator).build()
- def authorizedRequest = createSecureRequest(HttpMethod.GET,
ResourceType.Actuator)
- def unauthorizedRequest = createSecureRequest(HttpMethod.POST,
ResourceType.Actuator)
- def httpServletResponse = createResponse()
-
-
- when: "doFilter() is called with an authorized request"
- resourceAuthorizationFilter.doFilter(authorizedRequest,
httpServletResponse, mockFilterChain)
-
- then: "response is forwarded after authorization check"
- 1 * mockAuthorizationService.authorize(_ as Authorizable,
RequestAction.READ) >> { allowAccess() }
- 1 * mockFilterChain.doFilter(_ as HttpServletRequest, _ as
HttpServletResponse)
-
-
- when: "doFilter() is called with an unauthorized request"
- resourceAuthorizationFilter.doFilter(unauthorizedRequest,
httpServletResponse, mockFilterChain)
-
- then: "authorization check is performed and response is not forwarded"
- 1 * mockAuthorizationService.authorize(_ as Authorizable,
RequestAction.WRITE) >> { denyAccess() }
- 0 * mockFilterChain.doFilter(*_)
-
- }
-
- static private HttpServletRequest createUnsecuredRequest() {
- HttpServletRequest req = new MockHttpServletRequest()
- req.setScheme("http")
- req.setSecure(false)
- return req
- }
-
- static private HttpServletRequest createSecureRequest(HttpMethod
httpMethod, ResourceType resourceType) {
- HttpServletRequest req = new MockHttpServletRequest()
- req.setMethod(httpMethod.name())
- req.setScheme("https")
- req.setServletPath(resourceType.getValue())
- req.setSecure(true)
- return req
- }
-
- static private HttpServletResponse createResponse() {
- HttpServletResponse res = new MockHttpServletResponse()
- return res
- }
-
- static private void allowAccess() {
- // Do nothing (no thrown exception indicates access is allowed
- }
-
- static private void denyAccess() {
- throw new AccessDeniedException("This is an expected
AccessDeniedException.")
- }
-
-}
diff --git a/nifi-registry/pom.xml b/nifi-registry/pom.xml
index 660c36a45f..c2cb571aac 100644
--- a/nifi-registry/pom.xml
+++ b/nifi-registry/pom.xml
@@ -281,37 +281,9 @@
<artifactId>maven-resources-plugin</artifactId>
<version>2.7</version>
</plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <version>${surefire.version}</version>
- <configuration>
- <systemPropertyVariables>
- <java.awt.headless>true</java.awt.headless>
- </systemPropertyVariables>
- <includes>
- <include>**/*Test.class</include>
- <include>**/Test*.class</include>
- <include>**/*Spec.class</include>
- </includes>
-
<redirectTestOutputToFile>true</redirectTestOutputToFile>
- <argLine combine.children="append">-Xmx1G
-Djava.net.preferIPv4Stack=true
- ${maven.surefire.arguments}
- </argLine>
- </configuration>
- <dependencies>
- <dependency>
- <!-- Force surefire to use JUnit -->
- <groupId>org.apache.maven.surefire</groupId>
- <artifactId>surefire-junit4</artifactId>
- <version>${surefire.version}</version>
- </dependency>
- </dependencies>
- </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
- <version>2.18</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
diff --git a/pom.xml b/pom.xml
index b7d3f2017f..d29c3caaa0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -120,7 +120,7 @@
<jakarta.xml.bind-api.version>2.3.3</jakarta.xml.bind-api.version>
<json.smart.version>2.4.8</json.smart.version>
<nifi.groovy.version>3.0.8</nifi.groovy.version>
- <surefire.version>3.0.0-M5</surefire.version>
+ <surefire.version>3.0.0-M7</surefire.version>
<!-- The Hadoop version used by nifi-hadoop-libraries-nar and any NARs
that depend on it, other NARs that need
a specific version should override this property, or use a more
specific property like abc.hadoop.version -->
<hadoop.version>3.3.2</hadoop.version>
