svn commit: r1595830 - in /tomee/tomee/trunk/container/openejb-core/src: main/java/org/apache/openejb/ main/java/org/apache/openejb/assembler/classic/ main/java/org/apache/openejb/core/ test/java/org/apache/openejb/assembler/classic/

Mon, 19 May 2014 04:14:52 -0700 

Author: jgallimore
Date: Mon May 19 11:14:12 2014
New Revision: 1595830

URL: http://svn.apache.org/r1595830
Log:
TOMEE-1213 propagate security-role-ref from EnterpriseBeanInfo to BeanContext. 
Use this when checking callerInRole()

Added:
    
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
Modified:
    
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
    
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
    
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java

Modified: 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
URL: 
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java?rev=1595830&r1=1595829&r2=1595830&view=diff
==============================================================================
--- 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
 (original)
+++ 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
 Mon May 19 11:14:12 2014
@@ -246,6 +246,8 @@ public class BeanContext extends Deploym
     private Stateful stateful;
     private Cmp cmp;
     private LegacyView legacyView;
+    
+    private final Map<String, String> securityRoleReferences = new 
HashMap<String, String>();
 
     /**
      * TODO: Move to MethodContext
@@ -1773,6 +1775,15 @@ public class BeanContext extends Deploym
             ((EjbTimerServiceImpl) ejbTimerService).stop();
         }
     }
+    
+    public void addSecurityRoleReference(final String roleName, final String 
roleLink) {
+        securityRoleReferences.put(roleName, roleLink);
+    }
+    
+    public String getSecurityRoleReference(final String roleName) {
+        final String roleLink = securityRoleReferences.get(roleName);
+        return roleLink != null ? roleLink : roleName;
+    }
 
     private static class Cmp {
 

Modified: 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
URL: 
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java?rev=1595830&r1=1595829&r2=1595830&view=diff
==============================================================================
--- 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
 (original)
+++ 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
 Mon May 19 11:14:12 2014
@@ -319,6 +319,10 @@ class EnterpriseBeanBuilder {
             deployment.createAsynchronousMethodSet();
         }
 
+        for (final SecurityRoleReferenceInfo securityRoleReference : 
bean.securityRoleReferences) {
+            
deployment.addSecurityRoleReference(securityRoleReference.roleName, 
securityRoleReference.roleLink);
+        }
+        
         return deployment;
     }
 

Modified: 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
URL: 
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java?rev=1595830&r1=1595829&r2=1595830&view=diff
==============================================================================
--- 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
 (original)
+++ 
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
 Mon May 19 11:14:12 2014
@@ -116,7 +116,12 @@ public abstract class BaseContext implem
 
     protected boolean isCallerInRole(final SecurityService securityService, 
final String roleName) {
         check(Call.isCallerInRole);
-        return securityService.isCallerInRole(roleName);
+        
+        final ThreadContext threadContext = ThreadContext.getThreadContext();
+        final BeanContext di = threadContext.getBeanContext();
+        final String roleLink = di.getSecurityRoleReference(roleName);
+        
+        return securityService.isCallerInRole(roleLink);
     }
 
     @Override

Added: 
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
URL: 
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java?rev=1595830&view=auto
==============================================================================
--- 
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
 (added)
+++ 
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
 Mon May 19 11:14:12 2014
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.openejb.assembler.classic;
+
+import java.util.Properties;
+
+import javax.annotation.Resource;
+import javax.ejb.SessionContext;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+
+import junit.framework.TestCase;
+
+import org.apache.openejb.config.AppModule;
+import org.apache.openejb.config.ConfigurationFactory;
+import org.apache.openejb.config.EjbModule;
+import org.apache.openejb.core.LocalInitialContextFactory;
+import org.apache.openejb.jee.EjbJar;
+import org.apache.openejb.jee.SecurityRoleRef;
+import org.apache.openejb.jee.StatelessBean;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.ContainerSystem;
+
+/**
+ * Test to ensure that the role-name/role-link elements in security-role-ref 
work correctly
+ */
+public class EjbSecurityRoleRefTest extends TestCase {
+    private InitialContext context;
+    private Assembler assembler;
+    private ConfigurationFactory config;
+
+    protected void setUp() throws Exception {
+        config = new ConfigurationFactory();
+        assembler = new Assembler();
+
+        
assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class));
+        
assembler.createTransactionManager(config.configureService(TransactionServiceInfo.class));
+        
assembler.createSecurityService(config.configureService(SecurityServiceInfo.class));
+        
assembler.createContainer(config.configureService(StatelessSessionContainerInfo.class));
+
+        final Properties props = new Properties();
+        props.setProperty(Context.SECURITY_PRINCIPAL, "jonathan");
+        props.setProperty(Context.SECURITY_CREDENTIALS, "secret");
+        props.setProperty(Context.INITIAL_CONTEXT_FACTORY, 
LocalInitialContextFactory.class.getName());
+        context = new InitialContext(props);
+    }
+
+    protected void tearDown() throws Exception {
+        for (AppInfo appInfo : assembler.getDeployedApplications()) {
+            assembler.destroyApplication(appInfo.path);
+        }
+        SystemInstance.get().setComponent(Assembler.class, null);
+        SystemInstance.get().setComponent(ContainerSystem.class, null);
+        super.tearDown();
+    }
+    
+    public void testShouldCheckUserRole() throws Exception {
+       EjbJar ejbJar = new EjbJar();
+       StatelessBean statelessBean = new StatelessBean(UserBean.class);
+       SecurityRoleRef securityRoleRef = new SecurityRoleRef();
+       securityRoleRef.setRoleName("TEST");
+       securityRoleRef.setRoleLink("committer");
+               statelessBean.getSecurityRoleRef().add(securityRoleRef);
+               ejbJar.addEnterpriseBean(statelessBean);
+       
+       AppModule app = new AppModule(this.getClass().getClassLoader(), 
"classpath-" + ejbJar.hashCode());
+       app.getEjbModules().add(new EjbModule(ejbJar));
+               assembler.createApplication(config.configureApplication(app));
+               
+               User user = (User) context.lookup("UserBeanLocal");
+               assertTrue(user.isUserInRole());
+    }
+
+    public static interface User {
+       public boolean isUserInRole();
+    }
+
+    public static class UserBean implements User {
+
+       @Resource
+        private SessionContext context;
+       
+               @Override
+               public boolean isUserInRole() {
+                       return context.isCallerInRole("TEST");
+               }
+    }
+}

Reply via email to