diff options
| author | Marnie McCormack <marnie@apache.org> | 2009-10-20 11:46:29 +0000 |
|---|---|---|
| committer | Marnie McCormack <marnie@apache.org> | 2009-10-20 11:46:29 +0000 |
| commit | cd1051c7eec8cf99e7c878e7404c93888d80828f (patch) | |
| tree | 4a2271a4647aa088d173152b3d8bdd5ce41c3a6d /java/broker/src/test | |
| parent | 8703f303249057fa2921b62f665ed33f5aede6fe (diff) | |
| download | qpid-python-cd1051c7eec8cf99e7c878e7404c93888d80828f.tar.gz | |
QPID-1301 Fixes for issues with temporary queue permissions, including promotion of temporary element out from individual queue elements.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@827041 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'java/broker/src/test')
| -rw-r--r-- | java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java | 62 |
1 files changed, 60 insertions, 2 deletions
diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java b/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java index adfe9f52e4..81735aa455 100644 --- a/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java +++ b/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java @@ -46,6 +46,7 @@ public class PrincipalPermissionsTest extends TestCase // Common things that are passed to frame constructors private AMQShortString _queueName = new AMQShortString(this.getClass().getName()+"queue"); + private AMQShortString _tempQueueName = new AMQShortString(this.getClass().getName()+"tempqueue"); private AMQShortString _exchangeName = new AMQShortString("amq.direct"); private AMQShortString _routingKey = new AMQShortString(this.getClass().getName()+"route"); private int _ticket = 1; @@ -61,7 +62,9 @@ public class PrincipalPermissionsTest extends TestCase private VirtualHost _virtualHost; private AMQShortString _owner = new AMQShortString(this.getClass().getName()+"owner"); private AMQQueue _queue; + private AMQQueue _temporaryQueue; private Boolean _temporary = false; + private Boolean _ownQueue = false; @Override public void setUp() @@ -76,7 +79,8 @@ public class PrincipalPermissionsTest extends TestCase _virtualHost = new VirtualHost(new VirtualHostConfiguration("test", env)); _exchange = DirectExchange.TYPE.newInstance(_virtualHost, _exchangeName, _durable, _ticket, _autoDelete); _queue = AMQQueueFactory.createAMQQueueImpl(_queueName, false, _owner , false, _virtualHost, _arguments); - } + _temporaryQueue = AMQQueueFactory.createAMQQueueImpl(_tempQueueName, false, _owner , true, _virtualHost, _arguments); + } catch (Exception e) { fail(e.getMessage()); @@ -146,7 +150,7 @@ public class PrincipalPermissionsTest extends TestCase public void testConsume() { Object[] authArgs = new Object[]{_queue}; - Object[] grantArgs = new Object[]{_queueName, _temporary, _temporary}; + Object[] grantArgs = new Object[]{_queueName, _ownQueue}; /* FIXME: This throws a null pointer exception QPID-1599 * assertFalse(_perms.authorise(Permission.CONSUME, authArgs)); @@ -198,4 +202,58 @@ public class PrincipalPermissionsTest extends TestCase assertEquals("Queue creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.CREATEQUEUE, authArgsCreateQueue)); assertEquals("Binding creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.BIND, authArgsBind)); } + + /** + * If the consume permission for temporary queues is for an unnamed queue then is should + * be global for any temporary queue but not for any non-temporary queue + */ + public void testTemporaryUnnamedQueueConsume() + { + Object[] authNonTempQArgs = new Object[]{_queue}; + Object[] authTempQArgs = new Object[]{_temporaryQueue}; + Object[] grantArgs = new Object[]{true}; + + _perms.grant(Permission.CONSUME, grantArgs); + + //Next line shows up bug - non temp queue should be denied + assertEquals(AuthzResult.DENIED, _perms.authorise(Permission.CONSUME, authNonTempQArgs)); + assertEquals(AuthzResult.ALLOWED, _perms.authorise(Permission.CONSUME, authTempQArgs)); + } + + /** + * Test that temporary queue permissions before queue perms in the ACL config work correctly + */ + public void testTemporaryQueueFirstConsume() + { + Object[] authNonTempQArgs = new Object[]{_queue}; + Object[] authTempQArgs = new Object[]{_temporaryQueue}; + Object[] grantArgs = new Object[]{true}; + Object[] grantNonTempQArgs = new Object[]{_queueName, _ownQueue}; + + //should not matter if the temporary permission is processed first or last + _perms.grant(Permission.CONSUME, grantNonTempQArgs); + _perms.grant(Permission.CONSUME, grantArgs); + + assertEquals(AuthzResult.ALLOWED, _perms.authorise(Permission.CONSUME, authNonTempQArgs)); + assertEquals(AuthzResult.ALLOWED, _perms.authorise(Permission.CONSUME, authTempQArgs)); + } + + /** + * Test that temporary queue permissions after queue perms in the ACL config work correctly + */ + public void testTemporaryQueueLastConsume() + { + Object[] authNonTempQArgs = new Object[]{_queue}; + Object[] authTempQArgs = new Object[]{_temporaryQueue}; + Object[] grantArgs = new Object[]{true}; + Object[] grantNonTempQArgs = new Object[]{_queueName, _ownQueue}; + + //should not matter if the temporary permission is processed first or last + _perms.grant(Permission.CONSUME, grantArgs); + _perms.grant(Permission.CONSUME, grantNonTempQArgs); + + assertEquals(AuthzResult.ALLOWED, _perms.authorise(Permission.CONSUME, authNonTempQArgs)); + assertEquals(AuthzResult.ALLOWED, _perms.authorise(Permission.CONSUME, authTempQArgs)); + } + } |