http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java ---------------------------------------------------------------------- diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java deleted file mode 100644 index 6fe6d06..0000000 --- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.qpid.systest.rest.acl; - -import java.io.File; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.Map; -import java.util.Properties; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.qpid.systest.rest.QpidRestTestCase; -import org.apache.qpid.test.utils.TestBrokerConfiguration; -import org.apache.qpid.test.utils.TestUtils; - -public class UserRestACLTest extends QpidRestTestCase -{ - private static final String ALLOWED_GROUP = "allowedGroup"; - private static final String DENIED_GROUP = "deniedGroup"; - private static final String OTHER_GROUP = "otherGroup"; - - private static final String ALLOWED_USER = "webadmin"; - private static final String DENIED_USER = "admin"; - private static final String OTHER_USER = "other"; - - private File _groupFile; - - @Override - public void startDefaultBroker() throws Exception - { - // starting broker in tests - } - - @Override - protected void customizeConfiguration() throws Exception - { - super.customizeConfiguration(); - _groupFile = createTemporaryGroupFile(); - final TestBrokerConfiguration brokerConfiguration = getDefaultBrokerConfiguration(); - brokerConfiguration.addGroupFileConfiguration(_groupFile.getAbsolutePath()); - brokerConfiguration.configureTemporaryPasswordFile(ALLOWED_USER, DENIED_USER, OTHER_USER); - } - - @Override - public void tearDown() throws Exception - { - super.tearDown(); - - if (_groupFile != null) - { - if (_groupFile.exists()) - { - _groupFile.delete(); - } - } - } - - private File createTemporaryGroupFile() throws Exception - { - File groupFile = File.createTempFile("group", "grp"); - groupFile.deleteOnExit(); - - Properties props = new Properties(); - props.put(ALLOWED_GROUP + ".users", ALLOWED_USER); - props.put(DENIED_GROUP + ".users", DENIED_USER); - props.put(OTHER_GROUP + ".users", OTHER_USER); - - props.store(new FileOutputStream(groupFile), "test group file"); - - return groupFile; - } - - public void testAddUser() throws Exception - { - TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT", - "ACL ALLOW-LOG " + ALLOWED_GROUP + " CREATE USER", - "ACL DENY-LOG " + DENIED_GROUP + " CREATE USER"); - - super.startDefaultBroker(); - - String newUser = "newUser"; - String password = "password"; - - assertUserDoesNotExist(newUser); - - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - - getRestTestHelper().createOrUpdateUser(newUser, password, HttpServletResponse.SC_FORBIDDEN); - assertUserDoesNotExist(newUser); - - getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER); - getRestTestHelper().createOrUpdateUser(newUser, password); - assertUserExists(newUser); - } - - public void testDeleteUser() throws Exception - { - TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT", - "ACL ALLOW-LOG " + ALLOWED_GROUP + " DELETE USER", - "ACL DENY-LOG " + DENIED_GROUP + " DELETE USER"); - - super.startDefaultBroker(); - - assertUserExists(OTHER_USER); - - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - getRestTestHelper().removeUser(OTHER_USER, HttpServletResponse.SC_FORBIDDEN); - assertUserExists(OTHER_USER); - - getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER); - getRestTestHelper().removeUser(OTHER_USER); - assertUserDoesNotExist(OTHER_USER); - } - - public void testUpdateUser() throws Exception - { - TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT", - "ACL ALLOW-LOG " + ALLOWED_GROUP + " UPDATE USER", - "ACL DENY-LOG " + DENIED_GROUP + " UPDATE USER"); - - super.startDefaultBroker(); - - String newPassword = "newPassword"; - - checkPassword(OTHER_USER, OTHER_USER, true); - - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - getRestTestHelper().createOrUpdateUser(OTHER_USER, newPassword, HttpServletResponse.SC_FORBIDDEN); - - checkPassword(OTHER_USER, newPassword, false); - - getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER); - getRestTestHelper().createOrUpdateUser(OTHER_USER, newPassword, HttpServletResponse.SC_OK); // expect SC_OK rather than the default SC_CREATED - - checkPassword(OTHER_USER, newPassword, true); - checkPassword(OTHER_USER, OTHER_USER, false); - } - - private void checkPassword(String username, String password, boolean passwordExpectedToBeCorrect) throws IOException - { - getRestTestHelper().setUsernameAndPassword(username, password); - - int responseCode = getRestTestHelper().submitRequest("user/" - + TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER + "/", "GET", (byte[])null); - boolean passwordIsCorrect = responseCode == HttpServletResponse.SC_OK; - - assertEquals(passwordExpectedToBeCorrect, passwordIsCorrect); - } - - private void assertUserDoesNotExist(String newUser) throws IOException - { - String path = "user/" + TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER + "/" + newUser; - getRestTestHelper().submitRequest(path, "GET", HttpServletResponse.SC_NOT_FOUND); - } - - private void assertUserExists(String username) throws IOException - { - String path = "user/" + TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER + "/" + username; - Map<String, Object> userDetails = getRestTestHelper().getJsonAsMap(path); - - assertEquals( - "User returned by " + path + " should have name=" + username + ". The returned JSON was: " + userDetails, - username, - userDetails.get("name")); - } -}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostACLTest.java ---------------------------------------------------------------------- diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostACLTest.java deleted file mode 100644 index e117cc3..0000000 --- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostACLTest.java +++ /dev/null @@ -1,188 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.qpid.systest.rest.acl; - -import java.io.File; -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.qpid.server.logging.logback.VirtualHostFileLogger; -import org.apache.qpid.server.model.ConfiguredObject; -import org.apache.qpid.server.model.VirtualHost; -import org.apache.qpid.server.model.VirtualHostLogger; -import org.apache.qpid.server.model.VirtualHostNode; -import org.apache.qpid.server.virtualhost.ProvidedStoreVirtualHostImpl; -import org.apache.qpid.server.virtualhostnode.JsonVirtualHostNode; -import org.apache.qpid.systest.rest.QpidRestTestCase; -import org.apache.qpid.test.utils.TestBrokerConfiguration; -import org.apache.qpid.test.utils.TestUtils; - -public class VirtualHostACLTest extends QpidRestTestCase -{ - private static final String VHN_WITHOUT_VH = "myVhnWithoutVh"; - - private static final String ALLOWED_USER = "user1"; - private static final String DENIED_USER = "user2"; - private static final String RESTRICTED_USER = "restricted"; - - @Override - protected void customizeConfiguration() throws Exception - { - super.customizeConfiguration(); - final TestBrokerConfiguration defaultBrokerConfiguration = getDefaultBrokerConfiguration(); - defaultBrokerConfiguration.configureTemporaryPasswordFile(ALLOWED_USER, DENIED_USER, RESTRICTED_USER); - - TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT", - "ACL ALLOW-LOG " + ALLOWED_USER + " ALL VIRTUALHOST", - "ACL ALLOW-LOG " + RESTRICTED_USER + " ALL VIRTUALHOST attributes=\"description\"", - "ACL DENY-LOG " + DENIED_USER + " ALL VIRTUALHOST", - "ACL DENY-LOG ALL ALL"); - - Map<String, Object> virtualHostNodeAttributes = new HashMap<>(); - virtualHostNodeAttributes.put(VirtualHostNode.NAME, VHN_WITHOUT_VH); - virtualHostNodeAttributes.put(VirtualHostNode.TYPE, getTestProfileVirtualHostNodeType()); - // TODO need better way to determine the VHN's optional attributes - virtualHostNodeAttributes.put(JsonVirtualHostNode.STORE_PATH, getStoreLocation(VHN_WITHOUT_VH)); - - defaultBrokerConfiguration.addObjectConfiguration(VirtualHostNode.class, virtualHostNodeAttributes); - } - - public void testCreateVirtualHostAllowed() throws Exception - { - getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER); - - String hostName = getTestName(); - - int responseCode = createVirtualHost(VHN_WITHOUT_VH, hostName); - assertEquals("Virtual host creation should be allowed", HttpServletResponse.SC_CREATED, responseCode); - - assertVirtualHostExists(VHN_WITHOUT_VH, hostName); - } - - public void testCreateVirtualHostDenied() throws Exception - { - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - - String hostName = getTestName(); - - int responseCode = createVirtualHost(VHN_WITHOUT_VH, hostName); - assertEquals("Virtual host creation should be denied", HttpServletResponse.SC_FORBIDDEN, responseCode); - - assertVirtualHostDoesNotExist(VHN_WITHOUT_VH, hostName); - } - - public void testDeleteVirtualHostDenied() throws Exception - { - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - getRestTestHelper().submitRequest("virtualhost/" + TEST2_VIRTUALHOST + "/" + TEST2_VIRTUALHOST, "DELETE", HttpServletResponse.SC_FORBIDDEN); - - assertVirtualHostExists(TEST2_VIRTUALHOST, TEST2_VIRTUALHOST); - } - - public void testUpdateRestrictedAttributes() throws Exception - { - getRestTestHelper().setUsernameAndPassword(RESTRICTED_USER, RESTRICTED_USER); - - String virtualHostUrl = "virtualhost/" + TEST2_VIRTUALHOST + "/" + TEST2_VIRTUALHOST; - getRestTestHelper().submitRequest(virtualHostUrl, - "PUT", - Collections.singletonMap(VirtualHost.CONTEXT, - Collections.singletonMap("test1", "test2")), - HttpServletResponse.SC_FORBIDDEN); - - getRestTestHelper().submitRequest(virtualHostUrl, - "PUT", - Collections.singletonMap(VirtualHost.DESCRIPTION, "Test Description"), - HttpServletResponse.SC_OK); - } - - public void testUpdateVirtualHostDenied() throws Exception - { - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - - Map<String, Object> attributes = new HashMap<>(); - attributes.put(VirtualHost.NAME, TEST2_VIRTUALHOST); - attributes.put(VirtualHost.DESCRIPTION, "new description"); - - getRestTestHelper().submitRequest("virtualhost/" + TEST2_VIRTUALHOST + "/" + TEST2_VIRTUALHOST, "PUT", attributes, HttpServletResponse.SC_FORBIDDEN); - } - - public void testDownloadVirtualHostLoggerFileAllowedDenied() throws Exception - { - final String virtualHostName = "testVirtualHost"; - final String loggerName = "testFileLogger"; - final String loggerPath = "virtualhostlogger/" + VHN_WITHOUT_VH + "/" + virtualHostName + "/" + loggerName; - - getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER); - - createVirtualHost(VHN_WITHOUT_VH, virtualHostName); - - Map<String, Object> attributes = new HashMap<>(); - attributes.put(VirtualHostLogger.NAME, loggerName); - attributes.put(ConfiguredObject.TYPE, VirtualHostFileLogger.TYPE); - getRestTestHelper().submitRequest("virtualhostlogger/" + VHN_WITHOUT_VH + "/" + virtualHostName, "PUT", attributes, HttpServletResponse.SC_CREATED); - - getRestTestHelper().submitRequest(loggerPath + "/getFile?fileName=qpid.log", "GET", HttpServletResponse.SC_OK); - getRestTestHelper().submitRequest(loggerPath + "/getFiles?fileName=qpid.log", "GET", HttpServletResponse.SC_OK); - getRestTestHelper().submitRequest(loggerPath + "/getAllFiles", "GET", HttpServletResponse.SC_OK); - - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - getRestTestHelper().submitRequest(loggerPath + "/getFile?fileName=qpid.log", "GET", HttpServletResponse.SC_FORBIDDEN); - getRestTestHelper().submitRequest(loggerPath + "/getFiles?fileName=qpid.log", "GET", HttpServletResponse.SC_FORBIDDEN); - getRestTestHelper().submitRequest(loggerPath + "/getAllFiles", "GET", HttpServletResponse.SC_FORBIDDEN); - } - - /* === Utility Methods === */ - - private int createVirtualHost(final String testVirtualHostNode, String virtualHostName) throws Exception - { - Map<String, Object> data = new HashMap<>(); - data.put(VirtualHost.NAME, virtualHostName); - data.put(VirtualHost.TYPE, ProvidedStoreVirtualHostImpl.VIRTUAL_HOST_TYPE); - - return getRestTestHelper().submitRequest("virtualhost/" + testVirtualHostNode + "/" + virtualHostName, "PUT", data); - } - - private void assertVirtualHostDoesNotExist(final String virtualHostNodeName, String virtualHostName) throws Exception - { - assertVirtualHostExistence(virtualHostNodeName, virtualHostName, false); - } - - private void assertVirtualHostExists(final String virtualHostNodeName, String virtualHostName) throws Exception - { - assertVirtualHostExistence(virtualHostNodeName, virtualHostName, true); - } - - private void assertVirtualHostExistence(final String virtualHostNodeName, String virtualHostName, boolean exists) throws Exception - { - String path = "virtualhost/" + virtualHostNodeName + "/" + virtualHostName; - int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND; - getRestTestHelper().submitRequest(path, "GET", expectedResponseCode); - } - - private String getStoreLocation(String hostName) - { - return new File(TMP_FOLDER, "store-" + hostName + "-" + System.currentTimeMillis()).getAbsolutePath(); - } - -} http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostAccessControlProviderRestTest.java ---------------------------------------------------------------------- diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostAccessControlProviderRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostAccessControlProviderRestTest.java deleted file mode 100644 index c37b1f2..0000000 --- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostAccessControlProviderRestTest.java +++ /dev/null @@ -1,287 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.systest.rest.acl; - - - -import static org.apache.qpid.server.security.access.plugins.RuleOutcome.*; -import static org.apache.qpid.server.security.access.config.LegacyOperation.*; -import static org.apache.qpid.server.security.access.config.ObjectType.*; - -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.qpid.server.model.ConfiguredObject; -import org.apache.qpid.server.model.Queue; -import org.apache.qpid.server.model.VirtualHostAccessControlProvider; -import org.apache.qpid.server.security.access.config.LegacyOperation; -import org.apache.qpid.server.security.access.config.ObjectProperties; -import org.apache.qpid.server.security.access.config.ObjectType; -import org.apache.qpid.server.security.access.plugins.AclRule; -import org.apache.qpid.server.security.access.plugins.RuleBasedVirtualHostAccessControlProvider; -import org.apache.qpid.server.security.access.plugins.RuleOutcome; -import org.apache.qpid.systest.rest.QpidRestTestCase; -import org.apache.qpid.test.utils.TestBrokerConfiguration; - -public class VirtualHostAccessControlProviderRestTest extends QpidRestTestCase -{ - private static final String ADMIN = "admin"; - - private static final String USER1 = "user1"; - private static final String USER2 = "user2"; - private static final String USER3 = "user3"; - private static final String USER4 = "user4"; - private static final String USER5 = "user5"; - private static final String USER6 = "user6"; - - - private String _queueUrl; - private String _queueName; - private String _virtualHostRuleProviderUrl; - - @Override - public void setUp() throws Exception - { - super.setUp(); - _queueName = getTestName(); - _queueUrl = "queue/test/test/" + _queueName; - _virtualHostRuleProviderUrl = VirtualHostAccessControlProvider.class.getSimpleName().toLowerCase() + "/test/test/rules"; - - getRestTestHelper().setUsernameAndPassword(ADMIN, ADMIN); - final Map<String, Object> attributes = new HashMap<>(); - attributes.put(ConfiguredObject.NAME, "rules"); - attributes.put(ConfiguredObject.TYPE, RuleBasedVirtualHostAccessControlProvider.RULE_BASED_TYPE); - final AclRule[] rules = { - new TestAclRule(USER1, ObjectType.QUEUE, CREATE, DENY_LOG), - new TestAclRule(USER3, ObjectType.QUEUE, CREATE, ALLOW_LOG), - new TestAclRule(USER4, ObjectType.QUEUE, CREATE, ALLOW_LOG), - - new TestAclRule(USER1, ObjectType.QUEUE, UPDATE, DENY_LOG), - new TestAclRule(USER3, ObjectType.QUEUE, UPDATE, ALLOW_LOG), - new TestAclRule(USER4, ObjectType.QUEUE, UPDATE, ALLOW_LOG), - - new TestAclRule(USER1, ObjectType.QUEUE, DELETE, DENY_LOG), - new TestAclRule(USER3, ObjectType.QUEUE, DELETE, ALLOW_LOG), - new TestAclRule(USER4, ObjectType.QUEUE, DELETE, ALLOW_LOG), - - }; - attributes.put(RuleBasedVirtualHostAccessControlProvider.RULES, rules); - getRestTestHelper().submitRequest(_virtualHostRuleProviderUrl, "PUT", attributes); - - } - - @Override - protected void customizeConfiguration() throws Exception - { - super.customizeConfiguration(); - final TestBrokerConfiguration defaultBrokerConfiguration = getDefaultBrokerConfiguration(); - defaultBrokerConfiguration.configureTemporaryPasswordFile(ADMIN, USER1, USER2, USER3, USER4, USER5, USER6); - final AclRule[] rules = { - new TestAclRule(ADMIN, ObjectType.ALL, LegacyOperation.ALL, ALLOW_LOG), - - new TestAclRule("ALL", MANAGEMENT, ACCESS, ALLOW_LOG), - new TestAclRule(USER1, ObjectType.QUEUE, CREATE, ALLOW_LOG), - new TestAclRule(USER2, ObjectType.QUEUE, CREATE, DENY_LOG), - new TestAclRule(USER3, ObjectType.QUEUE, CREATE, DENY_LOG), - new TestAclRule(USER5, ObjectType.QUEUE, CREATE, ALLOW_LOG), - - new TestAclRule(USER1, ObjectType.QUEUE, UPDATE, ALLOW_LOG), - new TestAclRule(USER2, ObjectType.QUEUE, UPDATE, DENY_LOG), - new TestAclRule(USER3, ObjectType.QUEUE, UPDATE, DENY_LOG), - new TestAclRule(USER5, ObjectType.QUEUE, UPDATE, ALLOW_LOG), - - new TestAclRule(USER1, ObjectType.QUEUE, DELETE, ALLOW_LOG), - new TestAclRule(USER2, ObjectType.QUEUE, DELETE, DENY_LOG), - new TestAclRule(USER3, ObjectType.QUEUE, DELETE, DENY_LOG), - new TestAclRule(USER5, ObjectType.QUEUE, DELETE, ALLOW_LOG) - - }; - defaultBrokerConfiguration.addAclRuleConfiguration(rules); - - } - - public void testCreateAndDeleteQueueAllowedFromBrokerRule() throws Exception - { - assertCreateAndDeleteQueueSucceeds(USER5); - } - - public void testCreateDeleteQueueAllowedFromVirtualHostRule() throws Exception - { - assertCreateAndDeleteQueueSucceeds(USER4); - } - - public void testCreateDeleteQueueAllowedFromVirtualHostOverridingBrokerRule() throws Exception - { - assertCreateAndDeleteQueueSucceeds(USER3); - } - - public void testCreateQueueDeniedFromVirtualHostRule() throws Exception - { - assertCreateQueueDenied(USER1); - } - - public void testCreateQueueDeniedFromBrokerRule() throws Exception - { - assertCreateQueueDenied(USER2); - } - - - public void testCreateQueueDeniedFromDefault() throws Exception - { - assertCreateQueueDenied(USER6); - } - - @SuppressWarnings("unchecked") - public void testUpdateVirtualHostRule() throws Exception - { - // Denied by virtualhost rule - assertCreateQueueDenied(USER1); - - Map<String, Object> providerDetails = getRestTestHelper().getJsonAsMap(_virtualHostRuleProviderUrl); - - List<Map<String, Object>> currentRules = ((List<Map<String, Object>>) providerDetails.get(RuleBasedVirtualHostAccessControlProvider.RULES)); - - List<Map<String, Object>> filteredRulesWithoutUser1 = currentRules.stream() - .filter(rule -> - !rule.get("identity").equals(USER1)) - .collect(Collectors.toList()); - - Map<String, Object> update = Collections.singletonMap(RuleBasedVirtualHostAccessControlProvider.RULES, filteredRulesWithoutUser1); - getRestTestHelper().setUsernameAndPassword(ADMIN, ADMIN); - getRestTestHelper().submitRequest(_virtualHostRuleProviderUrl, "PUT", update, HttpServletResponse.SC_OK); - - // Now allowed by the rule at the broker - assertCreateQueueAllowed(USER1); - } - - private void assertCreateAndDeleteQueueSucceeds(final String username) throws Exception - { - getRestTestHelper().setUsernameAndPassword(username, username); - - int responseCode = createQueue(); - assertEquals("Queue creation should be allowed", HttpServletResponse.SC_CREATED, responseCode); - - assertQueueExists(); - - responseCode = getRestTestHelper().submitRequest(_queueUrl, "DELETE"); - assertEquals("Queue deletion should be allowed", HttpServletResponse.SC_OK, responseCode); - - assertQueueDoesNotExist(); - } - - - - private void assertCreateQueueDenied(String username) throws Exception - { - getRestTestHelper().setUsernameAndPassword(username, username); - - int responseCode = createQueue(); - assertEquals("Queue creation should be denied", HttpServletResponse.SC_FORBIDDEN, responseCode); - - assertQueueDoesNotExist(); - } - - private void assertCreateQueueAllowed(String username) throws Exception - { - getRestTestHelper().setUsernameAndPassword(username, username); - - int responseCode = createQueue(); - assertEquals("Queue creation should be allowed", HttpServletResponse.SC_CREATED, responseCode); - } - - private int createQueue() throws Exception - { - Map<String, Object> attributes = new HashMap<>(); - attributes.put(Queue.NAME, _queueName); - - return getRestTestHelper().submitRequest(_queueUrl, "PUT", attributes); - } - - private void assertQueueDoesNotExist() throws Exception - { - assertQueueExistence(false); - } - - private void assertQueueExists() throws Exception - { - assertQueueExistence(true); - } - - private void assertQueueExistence(boolean exists) throws Exception - { - int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND; - getRestTestHelper().submitRequest(_queueUrl, "GET", expectedResponseCode); - } - - public static class TestAclRule implements AclRule - { - private String _identity; - private ObjectType _objectType; - private LegacyOperation _operation; - private RuleOutcome _outcome; - - TestAclRule(final String identity, - final ObjectType objectType, - final LegacyOperation operation, - final RuleOutcome outcome) - { - _identity = identity; - _objectType = objectType; - _operation = operation; - _outcome = outcome; - } - - @Override - public String getIdentity() - { - return _identity; - } - - @Override - public ObjectType getObjectType() - { - return _objectType; - } - - @Override - public LegacyOperation getOperation() - { - return _operation; - } - - @Override - public Map<ObjectProperties.Property, String> getAttributes() - { - return Collections.emptyMap(); - } - - @Override - public RuleOutcome getOutcome() - { - return _outcome; - } - } -} http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java ---------------------------------------------------------------------- diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java deleted file mode 100644 index 859c263..0000000 --- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.qpid.systest.rest.acl; - -import java.io.File; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.qpid.server.model.VirtualHostNode; -import org.apache.qpid.server.virtualhostnode.JsonVirtualHostNode; -import org.apache.qpid.systest.rest.QpidRestTestCase; -import org.apache.qpid.test.utils.TestBrokerConfiguration; -import org.apache.qpid.test.utils.TestUtils; - -public class VirtualHostNodeACLTest extends QpidRestTestCase -{ - private static final String TEST_VIRTUAL_HOST_NODE = "myTestVirtualHostNode"; - private static final String ALLOWED_USER = "user1"; - private static final String DENIED_USER = "user2"; - - @Override - protected void customizeConfiguration() throws Exception - { - super.customizeConfiguration(); - final TestBrokerConfiguration defaultBrokerConfiguration = getDefaultBrokerConfiguration(); - defaultBrokerConfiguration.configureTemporaryPasswordFile(ALLOWED_USER, DENIED_USER); - - TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT", - "ACL ALLOW-LOG " + ALLOWED_USER + " ALL VIRTUALHOSTNODE", - "ACL DENY-LOG " + DENIED_USER + " ALL VIRTUALHOSTNODE", - "ACL DENY-LOG ALL ALL"); - - Map<String, Object> virtualHostNodeAttributes = new HashMap<>(); - virtualHostNodeAttributes.put(VirtualHostNode.NAME, TEST_VIRTUAL_HOST_NODE); - virtualHostNodeAttributes.put(VirtualHostNode.TYPE, getTestProfileVirtualHostNodeType()); - // TODO need better way to determine the VHN's optional attributes - virtualHostNodeAttributes.put(JsonVirtualHostNode.STORE_PATH, getStoreLocation(TEST_VIRTUAL_HOST_NODE)); - - defaultBrokerConfiguration.addObjectConfiguration(VirtualHostNode.class, virtualHostNodeAttributes); - } - - public void testCreateVirtualHostNodeAllowed() throws Exception - { - getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER); - - String hostName = getTestName(); - - int responseCode = createVirtualHostNode(hostName); - assertEquals("Virtual host node creation should be allowed", HttpServletResponse.SC_CREATED, responseCode); - - assertVirtualHostNodeExists(hostName); - } - - public void testCreateVirtualHostNodeDenied() throws Exception - { - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - - String hostName = getTestName(); - - int responseCode = createVirtualHostNode(hostName); - assertEquals("Virtual host node creation should be denied", HttpServletResponse.SC_FORBIDDEN, responseCode); - - assertVirtualHostNodeDoesNotExist(hostName); - } - - public void testDeleteVirtualHostNodeDenied() throws Exception - { - getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER); - getRestTestHelper().submitRequest("virtualhostnode/" + TEST_VIRTUAL_HOST_NODE, "DELETE", HttpServletResponse.SC_FORBIDDEN); - - assertVirtualHostNodeExists(TEST_VIRTUAL_HOST_NODE); - } - - /* === Utility Methods === */ - - private int createVirtualHostNode(String virtualHostNodeName) throws Exception - { - Map<String, Object> data = new HashMap<>(); - data.put(VirtualHostNode.NAME, virtualHostNodeName); - data.put(VirtualHostNode.TYPE, getTestProfileVirtualHostNodeType()); - data.put(JsonVirtualHostNode.STORE_PATH, getStoreLocation(virtualHostNodeName)); - - return getRestTestHelper().submitRequest("virtualhostnode/" + virtualHostNodeName, "PUT", data); - } - - private void assertVirtualHostNodeDoesNotExist(String name) throws Exception - { - assertVirtualHostNodeExistence(name, false); - } - - private void assertVirtualHostNodeExists(String name) throws Exception - { - assertVirtualHostNodeExistence(name, true); - } - - private void assertVirtualHostNodeExistence(String name, boolean exists) throws Exception - { - int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND; - getRestTestHelper().submitRequest("virtualhostnode/" + name, "GET", expectedResponseCode); - } - - private String getStoreLocation(String hostName) - { - return new File(TMP_FOLDER, "store-" + hostName + "-" + System.currentTimeMillis()).getAbsolutePath(); - } - -} http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/test/utils/BrokerCommandHelperTest.java ---------------------------------------------------------------------- diff --git a/systests/src/test/java/org/apache/qpid/test/utils/BrokerCommandHelperTest.java b/systests/src/test/java/org/apache/qpid/test/utils/BrokerCommandHelperTest.java deleted file mode 100644 index 793da66..0000000 --- a/systests/src/test/java/org/apache/qpid/test/utils/BrokerCommandHelperTest.java +++ /dev/null @@ -1,57 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.qpid.test.utils; - -import java.io.File; - -public class BrokerCommandHelperTest extends QpidTestCase -{ - private static final String PATH_TO_QPID_EXECUTABLE = "/path / to (/qpid"; - private static final String ARGUMENT_WITH_SPACES = " blah / blah /blah"; - private static final String ARGUMENT_PORT = "-p"; - private static final String ARGUMENT_PORT_VALUE = "@PORT"; - private static final String ARGUMENT_STORE_PATH = "-sp"; - private static final String ARGUMENT_STORE_PATH_VALUE = "@STORE_PATH"; - private static final String ARGUMENT_STORE_TYPE = "-st"; - private static final String ARGUMENT_STORE_TYPE_VALUE = "@STORE_TYPE"; - - private BrokerCommandHelper _brokerCommandHelper; - - @Override - public void setUp() throws Exception - { - super.setUp(); - _brokerCommandHelper = new BrokerCommandHelper("\"" + PATH_TO_QPID_EXECUTABLE + "\" " + ARGUMENT_PORT + " " - + ARGUMENT_PORT_VALUE + " " + ARGUMENT_STORE_PATH + " " + ARGUMENT_STORE_PATH_VALUE + " " + ARGUMENT_STORE_TYPE - + " " + ARGUMENT_STORE_TYPE_VALUE + " '" + ARGUMENT_WITH_SPACES - + "'"); - } - - public void testGetBrokerCommand() - { - String[] brokerCommand = _brokerCommandHelper.getBrokerCommand(1, TMP_FOLDER + File.separator + "work-dir", "path to config file", "json"); - - String[] expected = { PATH_TO_QPID_EXECUTABLE, ARGUMENT_PORT, "1", ARGUMENT_STORE_PATH, "path to config file", - ARGUMENT_STORE_TYPE, "json", ARGUMENT_WITH_SPACES }; - assertEquals("Unexpected broker command", expected.length, brokerCommand.length); - for (int i = 0; i < expected.length; i++) - { - assertEquals("Unexpected command part value at " + i,expected[i], brokerCommand[i] ); - } - } -} http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/test/utils/SpawnedBrokerHolderTest.java ---------------------------------------------------------------------- diff --git a/systests/src/test/java/org/apache/qpid/test/utils/SpawnedBrokerHolderTest.java b/systests/src/test/java/org/apache/qpid/test/utils/SpawnedBrokerHolderTest.java deleted file mode 100644 index 237f9a4..0000000 --- a/systests/src/test/java/org/apache/qpid/test/utils/SpawnedBrokerHolderTest.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.qpid.test.utils; - -public class SpawnedBrokerHolderTest extends QpidBrokerTestCase -{ - @Override - public void startDefaultBroker() throws Exception - { - // Don't start default broker - } - - public void testRestartOnSamePort() throws Exception - { - BrokerHolder broker = createSpawnedBroker(); - broker.start(); - int port = broker.getAmqpPort(); - broker.restart(); - assertEquals("broker not restarted on same port", port, broker.getAmqpPort()); - } -} --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org