This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
The following commit(s) were added to refs/heads/7.1.x by this push:
new 78e852e QPID-8411: [Broker-J] Fix invocation of management operations
with reserved parameters
78e852e is described below
commit 78e852e52e5d55c7d516ec46b99b463ba1799a8c
Author: Alex Rudyy <oru...@apache.org>
AuthorDate: Fri Feb 7 13:25:23 2020 +0000
QPID-8411: [Broker-J] Fix invocation of management operations with reserved
parameters
(cherry picked from commit a848e0df04abcd03414ba546ecce700043966044)
---
.../latest/LatestManagementController.java | 23 ++++++++++++++++++++--
.../org/apache/qpid/tests/http/HttpTestHelper.java | 10 ++++++++--
.../qpid/tests/http/rest/model/OperationTest.java | 13 ++++++++++++
3 files changed, 42 insertions(+), 4 deletions(-)
diff --git
a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/controller/latest/LatestManagementController.java
b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/controller/latest/LatestManagementController.java
index 7a32153..eaf5075 100644
---
a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/controller/latest/LatestManagementController.java
+++
b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/controller/latest/LatestManagementController.java
@@ -66,6 +66,7 @@ import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ConfiguredObjectFinder;
import org.apache.qpid.server.model.ConfiguredObjectOperation;
import org.apache.qpid.server.model.Model;
+import org.apache.qpid.server.model.OperationParameter;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.preferences.UserPreferences;
@@ -336,7 +337,25 @@ public class LatestManagementController extends
AbstractManagementController
category));
}
- if (operation.isSecure(target, operationArguments) &&
!isSecureOrAllowedOnInsecureChannel)
+ final Map<String, Object> arguments;
+ if (isPost)
+ {
+ arguments = operationArguments;
+ }
+ else
+ {
+ final Set<String> supported = ((List<OperationParameter>)
operation.getParameters()).stream()
+
.map(OperationParameter::getName)
+
.collect(Collectors.toSet());
+ arguments = operationArguments.entrySet()
+ .stream()
+ .filter(e ->
!RESERVED_PARAMS.contains(e.getKey())
+ ||
supported.contains(e.getKey()))
+
.collect(Collectors.toMap(Map.Entry::getKey,
+
Map.Entry::getValue));
+ }
+
+ if (operation.isSecure(target, arguments) &&
!isSecureOrAllowedOnInsecureChannel)
{
throw createForbiddenManagementException(String.format(
"Operation '%s' can only be performed over a secure
(HTTPS) connection",
@@ -350,7 +369,7 @@ public class LatestManagementController extends
AbstractManagementController
operationName), Collections.singletonMap("Allow",
"POST"));
}
- returnValue = operation.perform(target, operationArguments);
+ returnValue = operation.perform(target, arguments);
if
(ConfiguredObject.class.isAssignableFrom(operation.getReturnType())
|| returnsCollectionOfConfiguredObjects(operation))
diff --git
a/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
b/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
index a2b94ad..1e16909 100644
---
a/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
+++
b/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
@@ -326,8 +326,14 @@ public class HttpTestHelper
public byte[] getBytes(String path) throws IOException
{
HttpURLConnection connection = openManagementConnection(path, "GET");
- connection.connect();
- return readConnectionInputStream(connection);
+ try
+ {
+ return readConnectionInputStream(connection);
+ }
+ finally
+ {
+ connection.disconnect();
+ }
}
public String getAcceptEncoding()
diff --git
a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/rest/model/OperationTest.java
b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/rest/model/OperationTest.java
index 6a06855..2a2f13f 100644
---
a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/rest/model/OperationTest.java
+++
b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/rest/model/OperationTest.java
@@ -20,11 +20,13 @@
*/
package org.apache.qpid.tests.http.rest.model;
+import static java.nio.charset.StandardCharsets.UTF_8;
import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
import static javax.servlet.http.HttpServletResponse.SC_OK;
import static
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.SC_UNPROCESSABLE_ENTITY;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.Matchers.greaterThan;
import static org.hamcrest.Matchers.nullValue;
import static org.junit.Assert.assertThat;
@@ -127,4 +129,15 @@ public class OperationTest extends HttpTestBase
}
}
+
+ @Test
+ public void invokeOperationWithReservedParameter() throws Exception
+ {
+ final HttpTestHelper brokerHelper = new
HttpTestHelper(getBrokerAdmin());
+ final byte[] response = brokerHelper.getBytes(
+
"broker/getThreadStackTraces?contentDispositionAttachmentFilename=stack-traces.txt&appendToLog=false");
+ assertThat(response, is(notNullValue()));
+ assertThat(new String(response, UTF_8).contains("Full thread dump
captured"), is(equalTo(true)));
+
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org
