summaryrefslogtreecommitdiff
path: root/qpid/java/broker-plugins/access-control/src
diff options
context:
space:
mode:
authorKeith Wall <kwall@apache.org>2014-07-04 14:40:13 +0000
committerKeith Wall <kwall@apache.org>2014-07-04 14:40:13 +0000
commitfce3f24c6745e0def3cf98725a949dfca07b9a0d (patch)
tree0d9c786584f21c57657f4600656e9d1726aee69f /qpid/java/broker-plugins/access-control/src
parent67b6cafa1b23daa3edb36325e2e1c0970130106d (diff)
downloadqpid-python-fce3f24c6745e0def3cf98725a949dfca07b9a0d.tar.gz
QPID-5873: [Java Broker] Allow ACL rules to be applied to VirtualHostNode objects
* ACL rules using the new operation VIRTUALHOSTNODE apply to VHN model objects. * ACL rules using the operation VIRTUALHOST apply to VH model objects for CREATE, UPDATE and DELETE. This is a change from previous version where BROKER operation permission was required. * For HA, VIRTUALHOSTNODE permission is required to perform updates on RemoteReplicationNodes. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1607868 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker-plugins/access-control/src')
-rw-r--r--qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java7
1 files changed, 7 insertions, 0 deletions
diff --git a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java
index 0ce2555bcf..a37c0c7858 100644
--- a/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java
+++ b/qpid/java/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/plugins/RuleSetTest.java
@@ -108,6 +108,13 @@ public class RuleSetTest extends QpidTestCase
assertEquals(_ruleSet.getDefault(), _ruleSet.check(_testSubject, Operation.ACCESS, ObjectType.VIRTUALHOST, ObjectProperties.EMPTY));
}
+ public void testVirtualHostNodeCreateAllowPermissionWithVirtualHostName() throws Exception
+ {
+ _ruleSet.grant(0, TEST_USER, Permission.ALLOW, Operation.CREATE, ObjectType.VIRTUALHOSTNODE, ObjectProperties.EMPTY);
+ assertEquals(Result.ALLOWED, _ruleSet.check(_testSubject, Operation.CREATE, ObjectType.VIRTUALHOSTNODE, ObjectProperties.EMPTY));
+ assertEquals(Result.DENIED, _ruleSet.check(_testSubject, Operation.DELETE, ObjectType.VIRTUALHOSTNODE, ObjectProperties.EMPTY));
+ }
+
public void testVirtualHostAccessAllowPermissionWithVirtualHostName() throws Exception
{
_ruleSet.grant(0, TEST_USER, Permission.ALLOW, Operation.ACCESS, ObjectType.VIRTUALHOST, new ObjectProperties(ALLOWED_VH));
View Lorry Controller Status