jmelchio commented on a change in pull request #6927:
URL: https://github.com/apache/geode/pull/6927#discussion_r721460302
##########
File path:
geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationMultiServerDUnitTest.java
##########
@@ -253,6 +254,53 @@ public void registerInterestsWithMultiServers() throws
Exception {
.containsExactly("DATA:READ:partitionRegion:key0");
}
+ @Test
+ public void consecutivePut() throws Exception {
+ int locatorPort = locator.getPort();
+ // do consecutive puts using a client
+ ClientVM client = cluster.startClientVM(3,
+ c -> c.withProperty(SECURITY_CLIENT_AUTH_INIT,
UpdatableUserAuthInitialize.class.getName())
+ .withCacheSetup(ccf -> ccf.setPoolMaxConnections(2))
+ .withLocatorConnection(locatorPort));
+ AsyncInvocation invokePut = client.invokeAsync(() -> {
+ UpdatableUserAuthInitialize.setUser("user1");
+ Region<Object, Object> proxyRegion =
+ ClusterStartupRule.getClientCache()
Review comment:
`Objects.requireNonNull(ClusterStartupRule.getClientCache())` reduces
warnings
##########
File path:
geode-core/src/distributedTest/java/org/apache/geode/security/IntegratedSecurityPeerAuthDUnitTest.java
##########
@@ -88,7 +88,7 @@ public void startServer3_not_authenticated() {
ServerStarterRule server = new ServerStarterRule();
server.withProperties(props).withConnectionToLocator(locatorPort).withAutoStart();
assertThatThrownBy(() ->
server.before()).isInstanceOf(GemFireSecurityException.class)
- .hasMessageContaining("Authentication error");
+ .hasMessageContaining("server-3 is not authenticated");
Review comment:
literal `server-3` can also be pulled from `props` to avoid repeating
literals
##########
File path:
geode-core/src/distributedTest/java/org/apache/geode/security/IntegratedSecurityPeerAuthDUnitTest.java
##########
@@ -88,7 +88,7 @@ public void startServer3_not_authenticated() {
ServerStarterRule server = new ServerStarterRule();
server.withProperties(props).withConnectionToLocator(locatorPort).withAutoStart();
assertThatThrownBy(() ->
server.before()).isInstanceOf(GemFireSecurityException.class)
Review comment:
`server.before()` can also be written as `server::before` to reduce
warnings
##########
File path:
geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationMultiServerDUnitTest.java
##########
@@ -253,6 +254,53 @@ public void registerInterestsWithMultiServers() throws
Exception {
.containsExactly("DATA:READ:partitionRegion:key0");
}
+ @Test
+ public void consecutivePut() throws Exception {
+ int locatorPort = locator.getPort();
+ // do consecutive puts using a client
+ ClientVM client = cluster.startClientVM(3,
+ c -> c.withProperty(SECURITY_CLIENT_AUTH_INIT,
UpdatableUserAuthInitialize.class.getName())
+ .withCacheSetup(ccf -> ccf.setPoolMaxConnections(2))
+ .withLocatorConnection(locatorPort));
+ AsyncInvocation invokePut = client.invokeAsync(() -> {
+ UpdatableUserAuthInitialize.setUser("user1");
+ Region<Object, Object> proxyRegion =
+ ClusterStartupRule.getClientCache()
+ .createClientRegionFactory(ClientRegionShortcut.CACHING_PROXY)
+ .create(PARTITION_REGION);
+ IntStream.range(0, 1000).forEach(i -> proxyRegion.put("key" + i, "value"
+ i));
+ });
+
+ client.invoke(() -> {
+ // wait till at least 1/3 of the data is in the region to expire the user
+ await().until(() -> getProxyRegion() != null);
+ await().until(() -> getProxyRegion().size() > 10);
+ UpdatableUserAuthInitialize.setUser("user2");
+ });
+
+ expireUserOnAllVms("user1");
+ invokePut.await();
+
+ ExpirableSecurityManager securityManager =
collectSecurityManagers(server1, server2);
+ Map<String, List<String>> authorizedOps =
securityManager.getAuthorizedOps();
+ if (authorizedOps.size() == 1) {
+ // in case user1 has finished putting all 1000 values in the region
before we can expire it.
+ return;
+ }
+ assertThat(authorizedOps).hasSize(2);
+ assertThat(authorizedOps.get("user1").size() +
authorizedOps.get("user2").size())
+ .isEqualTo(1000);
+ Map<String, List<String>> unAuthorizedOps =
securityManager.getUnAuthorizedOps();
+ assertThat(unAuthorizedOps).hasSize(1);
+ // user1 may not be unauthorized for just 1 operations, puts maybe done by
different
+ // connections
+ assertThat(unAuthorizedOps.get("user1")).isNotEmpty();
+ }
+
+ private static Region<Object, Object> getProxyRegion() {
+ return ClusterStartupRule.getClientCache().getRegion(PARTITION_REGION);
Review comment:
`return
Objects.requireNonNull(ClusterStartupRule.getClientCache()).getRegion(PARTITION_REGION);`
reduces warnings
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
