smengcl commented on code in PR #4538:
URL: https://github.com/apache/ozone/pull/4538#discussion_r1203219169
##########
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/s3/security/TestS3GetSecretRequest.java:
##########
@@ -264,6 +265,51 @@ public void testGetSecretOfAnotherUserAsOzoneAdmin()
throws IOException {
processSuccessSecretRequest(USER_ALICE, 2, false);
}
+ @Test
+ public void testGetOwnSecretTwice() throws IOException {
+
+ // This effectively makes alice an S3 Admin.
+ when(ozoneManager.isS3Admin(ugiAlice)).thenReturn(true);
+ String userPrincipalId = USER_ALICE;
+
+ S3GetSecretRequest s3GetSecretRequest =
+ new S3GetSecretRequest(
+ new S3GetSecretRequest(
+ s3GetSecretRequest(userPrincipalId)
+ ).preExecute(ozoneManager)
+ );
+ // Run validateAndUpdateCache for the first time
+ OMClientResponse omClientResponse1 =
+ s3GetSecretRequest.validateAndUpdateCache(ozoneManager,
+ 1, ozoneManagerDoubleBufferHelper);
+ // Check response type and cast
+ Assert.assertTrue(omClientResponse1 instanceof S3GetSecretResponse);
+ final S3GetSecretResponse s3GetSecretResponse1 =
+ (S3GetSecretResponse) omClientResponse1;
+ // Secret is returned the first time
+ final S3SecretValue s3SecretValue1 =
+ s3GetSecretResponse1.getS3SecretValue();
+ Assert.assertEquals(userPrincipalId, s3SecretValue1.getKerberosID());
+ final String awsSecret1 = s3SecretValue1.getAwsSecret();
+ Assert.assertNotNull(awsSecret1);
+
+ final GetS3SecretResponse getS3SecretResponse1 =
+ s3GetSecretResponse1.getOMResponse().getGetS3SecretResponse();
+ // The secret inside should be the same.
+ final S3Secret s3Secret2 = getS3SecretResponse1.getS3Secret();
+ Assert.assertEquals(userPrincipalId, s3Secret2.getKerberosID());
+
+ // Run validateAndUpdateCache for the second time
+ OMClientResponse omClientResponse2 =
+ s3GetSecretRequest.validateAndUpdateCache(ozoneManager,
+ 2, ozoneManagerDoubleBufferHelper);
+ // Check response type and cast
+ Assert.assertTrue(omClientResponse2 instanceof S3GetSecretResponse);
+ final S3GetSecretResponse s3GetSecretResponse2 =
+ (S3GetSecretResponse) omClientResponse2;
+ // no secret is returned as it is the second time
+ Assert.assertNull(s3GetSecretResponse2.getS3SecretValue());
+ }
Review Comment:
```suggestion
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
