[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15655461#comment-15655461 ] ASF GitHub Bot commented on GEODE-1993: --- Github user asfgit closed the pull request at: https://github.com/apache/incubator-geode/pull/276 > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15655344#comment-15655344 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 Precheckin successful > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15648189#comment-15648189 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 1. I am using Autowire, the annotation is on the base class's constructor. But as for the injection via the constructor, please review https://spring.io/blog/2015/11/29/how-not-to-hate-spring-in-2016 which references http://olivergierke.de/2013/11/why-field-injection-is-evil/ and http://docs.spring.io/spring-framework/docs/current/spring-framework-reference/htmlsingle/#beans-constructor-injection Do you think it would be better to only add the RestSecurityService to the controllers that actually need it instead of adding it to the base class? I think that would complicate the constructors. 2 & 3. Agreed, that'll make the test cleaner. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15646421#comment-15646421 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86920722 --- Diff: geode-web-api/src/main/java/org/apache/geode/rest/internal/web/controllers/BaseControllerAdvice.java --- @@ -50,6 +52,11 @@ protected static final String REST_API_VERSION = "/v1"; + public BaseControllerAdvice(final RestSecurityService securityService, --- End diff -- use Autowire inside AbstractBaseController to auto wire the RestSecurityService instead of using constructors. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15646418#comment-15646418
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86920671
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645947#comment-15645947
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user kjduling commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86900866
--- Diff:
geode-core/src/main/java/org/apache/geode/security/PostProcessor.java ---
@@ -44,6 +47,9 @@ default void init(Properties securityProps) {}
*/
Object processRegionValue(Object principal, String regionName, Object
key, Object value);
+ Collection processQueryResult(Object principal, Query query,
Collection regions,
--- End diff --
removed
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
> Project: Geode
> Issue Type: New Feature
> Components: management
>Reporter: Jinmei Liao
>Assignee: Kevin Duling
> Fix For: 1.1.0-incubating
>
>
> The new rest security did not use post processor before returning the value
> back to the client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645946#comment-15645946 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86900849 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, --- End diff -- done > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645945#comment-15645945 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86900842 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, + Collection results); + + Collection postProcess(Object principal, Query query, Collection regionNames, --- End diff -- done > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645944#comment-15645944
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user kjduling commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86900814
--- Diff:
geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
---
@@ -409,6 +435,34 @@ public Object postProcess(Object principal, String
regionPath, Object key, Objec
return newValue;
}
+ private Object getPrincipal(Object principal) {
+if (principal == null) {
+ Subject subject = getSubject();
+ if (subject == null)
+return null;
+ principal = subject.getPrincipal();
+}
+return principal;
+ }
+
+ @Override
+ public Collection postProcess(Query query, Collection
regionNames,
+ Collection results) {
+return postProcess(null, query, regionNames, results);
+ }
+
+ @Override
+ public Collection postProcess(Object principal, Query query,
--- End diff --
done
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
> Project: Geode
> Issue Type: New Feature
> Components: management
>Reporter: Jinmei Liao
>Assignee: Kevin Duling
> Fix For: 1.1.0-incubating
>
>
> The new rest security did not use post processor before returning the value
> back to the client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645942#comment-15645942 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 precheckin successful > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645207#comment-15645207 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86852092 --- Diff: geode-web-api/src/main/java/org/apache/geode/rest/internal/web/controllers/BaseControllerAdvice.java --- @@ -50,6 +52,11 @@ protected static final String REST_API_VERSION = "/v1"; + public BaseControllerAdvice(final RestSecurityService securityService, --- End diff -- BaseControllerAdvice extends AbstractBaseController. Since the RestSecurityService lives in AbstractBaseController, yes. Otherwise, we define separate member variables in PdxBasedCrudController, CommonCrudController, and QueryAccessContoller. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645205#comment-15645205
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user kjduling commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86852018
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645176#comment-15645176
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user kjduling commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86848834
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15645151#comment-15645151
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user kjduling commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86847492
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644975#comment-15644975
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86836374
--- Diff:
geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
---
@@ -409,6 +435,34 @@ public Object postProcess(Object principal, String
regionPath, Object key, Objec
return newValue;
}
+ private Object getPrincipal(Object principal) {
+if (principal == null) {
+ Subject subject = getSubject();
+ if (subject == null)
+return null;
+ principal = subject.getPrincipal();
+}
+return principal;
+ }
+
+ @Override
+ public Collection postProcess(Query query, Collection
regionNames,
--- End diff --
remove this.
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
> Project: Geode
> Issue Type: New Feature
> Components: management
>Reporter: Jinmei Liao
>Assignee: Kevin Duling
> Fix For: 1.1.0-incubating
>
>
> The new rest security did not use post processor before returning the value
> back to the client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644965#comment-15644965
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86836336
--- Diff:
geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
---
@@ -409,6 +435,34 @@ public Object postProcess(Object principal, String
regionPath, Object key, Objec
return newValue;
}
+ private Object getPrincipal(Object principal) {
+if (principal == null) {
+ Subject subject = getSubject();
+ if (subject == null)
+return null;
+ principal = subject.getPrincipal();
+}
+return principal;
+ }
+
+ @Override
+ public Collection postProcess(Query query, Collection
regionNames,
+ Collection results) {
+return postProcess(null, query, regionNames, results);
+ }
+
+ @Override
+ public Collection postProcess(Object principal, Query query,
--- End diff --
remove this.
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
> Project: Geode
> Issue Type: New Feature
> Components: management
>Reporter: Jinmei Liao
>Assignee: Kevin Duling
> Fix For: 1.1.0-incubating
>
>
> The new rest security did not use post processor before returning the value
> back to the client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644972#comment-15644972
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86822046
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644970#comment-15644970
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86822375
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644964#comment-15644964 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836287 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, + Collection results); + + Collection postProcess(Object principal, Query query, Collection regionNames, --- End diff -- remove this > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644969#comment-15644969
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86819415
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644967#comment-15644967 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836714 --- Diff: geode-web-api/src/main/java/org/apache/geode/rest/internal/web/controllers/BaseControllerAdvice.java --- @@ -50,6 +52,11 @@ protected static final String REST_API_VERSION = "/v1"; + public BaseControllerAdvice(final RestSecurityService securityService, --- End diff -- do we need this? > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644974#comment-15644974
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86836201
--- Diff:
geode-core/src/main/java/org/apache/geode/security/PostProcessor.java ---
@@ -44,6 +47,9 @@ default void init(Properties securityProps) {}
*/
Object processRegionValue(Object principal, String regionName, Object
key, Object value);
+ Collection processQueryResult(Object principal, Query query,
Collection regions,
--- End diff --
I don't think we want to add this method in the interface. For query,
essentially it's still getting value from region. Customers should not be
burdened with another method to implement if they just want to manipulate the
data. See how query result get post processed in gfsh queries.
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
> Project: Geode
> Issue Type: New Feature
> Components: management
>Reporter: Jinmei Liao
>Assignee: Kevin Duling
> Fix For: 1.1.0-incubating
>
>
> The new rest security did not use post processor before returning the value
> back to the client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644973#comment-15644973
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86820194
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
+Region region =
+
serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
+region.put("key1",
+
"{\"@type\":\"com.gemstone.gemfire.web.rest.domain.Order\",\"purchaseOrderNo\":1121,\"customerId\":1012,\"description\":\"Order
for XYZ
Corp\",\"orderDate\":\"02/10/2014\",\"deliveryDate\":\"02/20/2014\",\"contact\":\"Jelly
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644971#comment-15644971 ] ASF GitHub Bot commented on GEODE-1993: --- Github user jinmeiliao commented on a diff in the pull request: https://github.com/apache/incubator-geode/pull/276#discussion_r86836263 --- Diff: geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java --- @@ -87,6 +89,12 @@ Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); + Collection postProcess(Query query, Collection regionNames, --- End diff -- remove this. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644968#comment-15644968
]
ASF GitHub Bot commented on GEODE-1993:
---
Github user jinmeiliao commented on a diff in the pull request:
https://github.com/apache/incubator-geode/pull/276#discussion_r86821510
--- Diff:
geode-assembly/src/test/java/org/apache/geode/rest/internal/web/RestSecurityPostProcessorTest.java
---
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for
additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
ANY KIND, either express
+ * or implied. See the License for the specific language governing
permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.rest.internal.web;
+
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_BIND_ADDRESS;
+import static
org.apache.geode.distributed.ConfigurationProperties.HTTP_SERVICE_PORT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static
org.apache.geode.distributed.ConfigurationProperties.START_DEV_REST_API;
+import static org.apache.geode.rest.internal.web.GeodeRestClient.getCode;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getContentType;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonArray;
+import static
org.apache.geode.rest.internal.web.GeodeRestClient.getJsonObject;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.execute.FunctionService;
+import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.rest.internal.web.controllers.GetRegions;
+import org.apache.geode.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SampleSecurityManager;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.http.HttpResponse;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.http.MediaType;
+
+import java.net.URLEncoder;
+import java.util.Properties;
+
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class RestSecurityPostProcessorTest {
+
+ static final String REGION_NAME = "AuthRegion";
+
+ static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ static Properties properties = new Properties() {
+{
+ setProperty(SampleSecurityManager.SECURITY_JSON,
+
"org/apache/geode/management/internal/security/clientServer.json");
+ setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
+ setProperty(START_DEV_REST_API, "true");
+ setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
+ setProperty(HTTP_SERVICE_PORT, restPort + "");
+ setProperty(SECURITY_POST_PROCESSOR,
SamplePostProcessor.class.getName());
+}
+ };
+
+ @ClassRule
+ public static ServerStarterRule serverStarter = new
ServerStarterRule(properties);
+ private final GeodeRestClient restClient = new
GeodeRestClient("localhost", restPort);
+
+ @BeforeClass
+ public static void before() throws Exception {
+serverStarter.startServer();
--- End diff --
I think I just made a change in the rule that you don't need to call
startServer anymore if you are using is as a rule.
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
>
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644682#comment-15644682 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 Precheckin successful except for one flaky test, QueueCommandsDUnitTest.testCreateUpdatesSharedConfig which doesn't appear to be related to this change. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15637605#comment-15637605 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 precheckin running > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15630909#comment-15630909 ] ASF GitHub Bot commented on GEODE-1993: --- Github user kjduling commented on the issue: https://github.com/apache/incubator-geode/pull/276 Don't accept this PR yet. This is just a checkin to preserve work. Addressed all of the issues listed above. Added test for adhoc queries. Still need a test for named queries. Also need to verify functions won't return any region data without being post-processed. Have not run precheckin yet, either. > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao >Assignee: Kevin Duling > Fix For: 1.1.0-incubating > > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[
https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15616471#comment-15616471
]
ASF GitHub Bot commented on GEODE-1993:
---
GitHub user kjduling opened a pull request:
https://github.com/apache/incubator-geode/pull/276
GEODE-1993: postprocess region/key
Add post processing to the GET {region}/{key..key} endpoint
precheckin running
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/kjduling/incubator-geode feature/GEODE-1993
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-geode/pull/276.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #276
commit 41559682c95f844018fa285f35a1adf2f7fcf0ba
Author: Kevin Duling
Date: 2016-10-28T20:27:56Z
GEODE-1993: postprocess region/key
> value returned through /region/key rest service needs to be post processed
> --
>
> Key: GEODE-1993
> URL: https://issues.apache.org/jira/browse/GEODE-1993
> Project: Geode
> Issue Type: New Feature
> Components: management
>Reporter: Jinmei Liao
>
> The new rest security did not use post processor before returning the value
> back to the client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (GEODE-1993) value returned through /region/key rest service needs to be post processed
[ https://issues.apache.org/jira/browse/GEODE-1993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15582971#comment-15582971 ] ASF subversion and git services commented on GEODE-1993: Commit 5abe957ca1cd42eeaf82549c275711e6e94dddec in incubator-geode's branch refs/heads/develop from [~jinmeiliao] [ https://git-wip-us.apache.org/repos/asf?p=incubator-geode.git;h=5abe957 ] GEODE-1993: allow LocatorServerStartupRule to save server's ports as well. * added more tetss > value returned through /region/key rest service needs to be post processed > -- > > Key: GEODE-1993 > URL: https://issues.apache.org/jira/browse/GEODE-1993 > Project: Geode > Issue Type: New Feature > Components: management >Reporter: Jinmei Liao > > The new rest security did not use post processor before returning the value > back to the client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
