[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15655461#comment-15655461 ] ASF GitHub Bot commented on GEODE-1993: --- Github user asfgit closed the pull request at: https://github.com/apache/incubator-geode/pull/276 > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15655344#comment-15655344 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 Precheckin successful > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15648189#comment-15648189 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 1. I am using Autowire, the annotation is on the base class's constructor. But as for the injection via the constructor, please review https://spring.io/blog/2015/11/29/how-not-to-hate-spring-in-2016 which references http://olivergierke.de/2013/11/why-field-injection-is-evil/ and http://docs.spring.io/spring-framework/docs/current/spring-framework-reference/htmlsingle/#beans-constructor-injection Do you think it would be better to only add the RestSecurityService to the controllers that actually need it instead of adding it to the base class? I think that would complicate the constructors. 2 & 3. Agreed, that'll make the test cleaner. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15646421#comment-15646421 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86920722 --- Diff: geode-web-api/src/main/java/org/apache/geode/rest/internal/web/controllers/BaseControllerAdvice.java --- @@ -50,6 +52,11 @@ protected static final String REST_API_VERSION = "/v1"; + public BaseControllerAdvice(final RestSecurityService securityService, --- End diff -- use Autowire inside AbstractBaseController to auto wire the RestSecurityService instead of using constructors. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15646418#comment-15646418 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86920671 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645947#comment-15645947 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86900866 --- Diff: geode-core/src/main/java/org/apache/geode/security/PostProcessor.java --- @@ -44,6 +47,9 @@ default void init(Properties securityProps) {} */ Object processRegionValue(Object principal, String regionName, Object key, Object value); + Collection processQueryResult(Object principal, Query query, Collection regions, --- End diff -- removed > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645946#comment-15645946 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86900849 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, --- End diff -- done > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645945#comment-15645945 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86900842 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, + Collection results); + + Collection postProcess(Object principal, Query query, Collection regionNames, --- End diff -- done > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645944#comment-15645944 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86900814 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java --- @@ -409,6 +435,34 @@ public Object postProcess(Object principal, String regionPath, Object key, Objec return newValue; } + private Object getPrincipal(Object principal) { +if (principal == null) { + Subject subject = getSubject(); + if (subject == null) +return null; + principal = subject.getPrincipal(); +} +return principal; + } + + @Override + public Collection postProcess(Query query, Collection regionNames, + Collection results) { +return postProcess(null, query, regionNames, results); + } + + @Override + public Collection postProcess(Object principal, Query query, --- End diff -- done > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645942#comment-15645942 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 precheckin successful > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645207#comment-15645207 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86852092 --- Diff: geode-web-api/src/main/java/org/apache/geode/rest/internal/web/controllers/BaseControllerAdvice.java --- @@ -50,6 +52,11 @@ protected static final String REST_API_VERSION = "/v1"; + public BaseControllerAdvice(final RestSecurityService securityService, --- End diff -- BaseControllerAdvice extends AbstractBaseController. Since the RestSecurityService lives in AbstractBaseController, yes. Otherwise, we define separate member variables in PdxBasedCrudController, CommonCrudController, and QueryAccessContoller. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645205#comment-15645205 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86852018 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645176#comment-15645176 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86848834 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645151#comment-15645151 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86847492 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644975#comment-15644975 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836374 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java --- @@ -409,6 +435,34 @@ public Object postProcess(Object principal, String regionPath, Object key, Objec return newValue; } + private Object getPrincipal(Object principal) { +if (principal == null) { + Subject subject = getSubject(); + if (subject == null) +return null; + principal = subject.getPrincipal(); +} +return principal; + } + + @Override + public Collection postProcess(Query query, Collection regionNames, --- End diff -- remove this. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644965#comment-15644965 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836336 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java --- @@ -409,6 +435,34 @@ public Object postProcess(Object principal, String regionPath, Object key, Objec return newValue; } + private Object getPrincipal(Object principal) { +if (principal == null) { + Subject subject = getSubject(); + if (subject == null) +return null; + principal = subject.getPrincipal(); +} +return principal; + } + + @Override + public Collection postProcess(Query query, Collection regionNames, + Collection results) { +return postProcess(null, query, regionNames, results); + } + + @Override + public Collection postProcess(Object principal, Query query, --- End diff -- remove this. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644972#comment-15644972 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86822046 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644970#comment-15644970 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86822375 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644964#comment-15644964 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836287 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, + Collection results); + + Collection postProcess(Object principal, Query query, Collection regionNames, --- End diff -- remove this > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644969#comment-15644969 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86819415 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644967#comment-15644967 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836714 --- Diff: geode-web-api/src/main/java/org/apache/geode/rest/internal/web/controllers/BaseControllerAdvice.java --- @@ -50,6 +52,11 @@ protected static final String REST_API_VERSION = "/v1"; + public BaseControllerAdvice(final RestSecurityService securityService, --- End diff -- do we need this? > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644974#comment-15644974 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836201 --- Diff: geode-core/src/main/java/org/apache/geode/security/PostProcessor.java --- @@ -44,6 +47,9 @@ default void init(Properties securityProps) {} */ Object processRegionValue(Object principal, String regionName, Object key, Object value); + Collection processQueryResult(Object principal, Query query, Collection regions, --- End diff -- I don't think we want to add this method in the interface. For query, essentially it's still getting value from region. Customers should not be burdened with another method to implement if they just want to manipulate the data. See how query result get post processed in gfsh queries. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644973#comment-15644973 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86820194 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); +Region region = + serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); +region.put("key1", + "{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order for XYZ Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644971#comment-15644971 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836263 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, --- End diff -- remove this. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644968#comment-15644968 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86821510 --- Diff: geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java --- @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.rest.internal.web; + +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS; +import static org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; +import static org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getContentType; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray; +import static org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.io.IOUtils; +import org.apache.geode.cache.Region; +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.execute.FunctionService; +import org.apache.geode.internal.AvailablePortHelper; +import org.apache.geode.rest.internal.web.controllers.GetRegions; +import org.apache.geode.security.templates.SamplePostProcessor; +import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; +import org.apache.http.HttpResponse; +import org.json.JSONArray; +import org.json.JSONObject; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.springframework.http.MediaType; + +import java.net.URLEncoder; +import java.util.Properties; + + +@Category({IntegrationTest.class, SecurityTest.class}) +public class RestSecurityPostProcessorTest { + + static final String REGION_NAME = "AuthRegion"; + + static int restPort = AvailablePortHelper.getRandomAvailableTCPPort(); + static Properties properties = new Properties() { +{ + setProperty(SampleSecurityManager.SECURITY_JSON, + "org/apache/geode/management/internal/security/clientServer.json"); + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(START_DEV_REST_API, "true"); + setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); + setProperty(HTTP_SERVICE_PORT, restPort + ""); + setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); +} + }; + + @ClassRule + public static ServerStarterRule serverStarter = new ServerStarterRule(properties); + private final GeodeRestClient restClient = new GeodeRestClient("localhost", restPort); + + @BeforeClass + public static void before() throws Exception { +serverStarter.startServer(); --- End diff -- I think I just made a change in the rule that you don't need to call startServer anymore if you are using is as a rule. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 >
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644682#comment-15644682 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 Precheckin successful except for one flaky test, QueueCommandsDUnitTest.testCreateUpdatesSharedConfig which doesn't appear to be related to this change. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15637605#comment-15637605 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 precheckin running > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15630909#comment-15630909 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 Don't accept this PR yet. This is just a checkin to preserve work. Addressed all of the issues listed above. Added test for adhoc queries. Still need a test for named queries. Also need to verify functions won't return any region data without being post-processed. Have not run precheckin yet, either. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15616471#comment-15616471 ] ASF GitHub Bot commented on GEODE-1993: --- GitHub user kjduling opened a pull request: https://github.com/apache/incubator-geode/pull/276 GEODE-1993: postprocess region/key Add post processing to the GET {region}/{key..key} endpoint precheckin running You can merge this pull request into a Git repository by running: $ git pull https://github.com/kjduling/incubator-geode feature/GEODE-1993 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-geode/pull/276.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #276 commit 41559682c95f844018fa285f35a1adf2f7fcf0ba Author: Kevin DulingDate: 2016-10-28T20:27:56Z GEODE-1993: postprocess region/key > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15582971#comment-15582971 ] ASF subversion and git services commented on GEODE-1993: Commit 5abe957ca1cd42eeaf82549c275711e6e94dddec in incubator-geode's branch refs/heads/develop from [~jinmeiliao] [ https://git-wip-us.apache.org/repos/asf?p=incubator-geode.git;h=5abe957 ] GEODE-1993: allow LocatorServerStartupRule to save server's ports as well. * added more tetss > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)