summaryrefslogtreecommitdiff
path: root/qpid/java/systests
diff options
context:
space:
mode:
authorAlex Rudyy <orudyy@apache.org>2013-04-19 15:50:21 +0000
committerAlex Rudyy <orudyy@apache.org>2013-04-19 15:50:21 +0000
commitd792f4deff8d3ce6b4672c7156ad56eb4438c01d (patch)
tree168c7f96f14cd252a237adfd83a7acb968c59715 /qpid/java/systests
parent31524543f12e083c30d55b72b5ade680ab3f48ae (diff)
downloadqpid-python-d792f4deff8d3ce6b4672c7156ad56eb4438c01d.tar.gz
QPID-4752: Make the GroupProvider a full broker-level configuration entry instead of a broker attribute.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1469916 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/systests')
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java2
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java2
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestTest.java14
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupProviderRestTest.java190
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupRestTest.java16
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java136
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java7
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java3
-rw-r--r--qpid/java/systests/src/main/java/org/apache/qpid/test/utils/TestBrokerConfiguration.java20
9 files changed, 361 insertions, 29 deletions
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java b/qpid/java/systests/src/main/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
index 814936f342..f3bce1874e 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
@@ -63,7 +63,7 @@ public abstract class AbstractACLTestCase extends QpidBrokerTestCase implements
@Override
public void setUp() throws Exception
{
- getBrokerConfiguration().setBrokerAttribute(Broker.GROUP_FILE, System.getProperty(QPID_HOME) + "/etc/groups-systests");
+ getBrokerConfiguration().addGroupFileConfiguration(System.getProperty(QPID_HOME) + "/etc/groups-systests");
// run test specific setup
String testSetup = StringUtils.replace(getName(), "test", "setUp");
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java
index 7fd13ed8aa..0c590ad1d8 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java
@@ -64,6 +64,6 @@ public class BrokerRestHttpsTest extends QpidRestTestCase
Asserts.assertAttributesPresent(brokerDetails, Broker.AVAILABLE_ATTRIBUTES, Broker.BYTES_RETAINED,
Broker.PROCESS_PID, Broker.SUPPORTED_STORE_TYPES, Broker.CREATED, Broker.TIME_TO_LIVE, Broker.UPDATED,
- Broker.ACL_FILE, Broker.GROUP_FILE);
+ Broker.ACL_FILE);
}
}
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestTest.java
index 677b5cb18c..7b1b1ca8be 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/BrokerRestTest.java
@@ -39,12 +39,20 @@ import org.apache.qpid.test.utils.TestBrokerConfiguration;
public class BrokerRestTest extends QpidRestTestCase
{
-
private static final String BROKER_AUTHENTICATIONPROVIDERS_ATTRIBUTE = "authenticationproviders";
private static final String BROKER_PORTS_ATTRIBUTE = "ports";
private static final String BROKER_VIRTUALHOSTS_ATTRIBUTE = "virtualhosts";
private static final String BROKER_STATISTICS_ATTRIBUTE = "statistics";
+ @Override
+ public void setUp() throws Exception
+ {
+ //Some of the tests manipulate the ACL config, which means the groups need to be in place to make the ACL work
+ getBrokerConfiguration().addGroupFileConfiguration(QpidTestCase.QPID_HOME + File.separator + "etc" + File.separator + "groups");
+
+ super.setUp();
+ }
+
public void testGet() throws Exception
{
Map<String, Object> brokerDetails = getRestTestHelper().getJsonAsSingletonList("/rest/broker");
@@ -140,7 +148,6 @@ public class BrokerRestTest extends QpidRestTestCase
invalidAttributes.put(Broker.CONNECTION_HEART_BEAT_DELAY, -11000);
invalidAttributes.put(Broker.STATISTICS_REPORTING_PERIOD, -12000);
invalidAttributes.put(Broker.ACL_FILE, QpidTestCase.QPID_HOME + File.separator + "etc" + File.separator + "non-existing-acl.acl");
- invalidAttributes.put(Broker.GROUP_FILE, QpidTestCase.QPID_HOME + File.separator + "etc" + File.separator + "groups-non-existing");
invalidAttributes.put(Broker.VIRTUALHOST_STORE_TRANSACTION_IDLE_TIMEOUT_CLOSE, -13000);
invalidAttributes.put(Broker.VIRTUALHOST_STORE_TRANSACTION_IDLE_TIMEOUT_WARN, -14000);
invalidAttributes.put(Broker.VIRTUALHOST_STORE_TRANSACTION_OPEN_TIMEOUT_CLOSE, -15000);
@@ -181,7 +188,6 @@ public class BrokerRestTest extends QpidRestTestCase
brokerAttributes.put(Broker.STATISTICS_REPORTING_PERIOD, 12000);
brokerAttributes.put(Broker.STATISTICS_REPORTING_RESET_ENABLED, true);
brokerAttributes.put(Broker.ACL_FILE, QpidTestCase.QPID_HOME + File.separator + "etc" + File.separator + "broker_example.acl");
- brokerAttributes.put(Broker.GROUP_FILE, QpidTestCase.QPID_HOME + File.separator + "etc" + File.separator + "groups");
brokerAttributes.put(Broker.VIRTUALHOST_STORE_TRANSACTION_IDLE_TIMEOUT_CLOSE, 13000);
brokerAttributes.put(Broker.VIRTUALHOST_STORE_TRANSACTION_IDLE_TIMEOUT_WARN, 14000);
brokerAttributes.put(Broker.VIRTUALHOST_STORE_TRANSACTION_OPEN_TIMEOUT_CLOSE, 15000);
@@ -205,7 +211,7 @@ public class BrokerRestTest extends QpidRestTestCase
{
Asserts.assertAttributesPresent(brokerDetails, Broker.AVAILABLE_ATTRIBUTES,
Broker.BYTES_RETAINED, Broker.PROCESS_PID, Broker.SUPPORTED_STORE_TYPES,
- Broker.CREATED, Broker.TIME_TO_LIVE, Broker.UPDATED, Broker.ACL_FILE, Broker.GROUP_FILE);
+ Broker.CREATED, Broker.TIME_TO_LIVE, Broker.UPDATED, Broker.ACL_FILE);
assertEquals("Unexpected value of attribute " + Broker.BUILD_VERSION, QpidProperties.getBuildVersion(),
brokerDetails.get(Broker.BUILD_VERSION));
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupProviderRestTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupProviderRestTest.java
index 861bf8cb71..ef8e12a929 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupProviderRestTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupProviderRestTest.java
@@ -22,20 +22,23 @@ package org.apache.qpid.systest.rest;
import java.io.File;
import java.io.FileOutputStream;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
-import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.Group;
import org.apache.qpid.server.model.GroupProvider;
import org.apache.qpid.server.model.LifetimePolicy;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.UUIDGenerator;
+import org.apache.qpid.server.security.group.FileGroupManagerFactory;
+import org.apache.qpid.test.utils.TestBrokerConfiguration;
+import org.apache.qpid.test.utils.TestFileUtils;
public class GroupProviderRestTest extends QpidRestTestCase
{
- private static final String FILE_GROUP_MANAGER = "FileGroupManager";
+ private static final String FILE_GROUP_MANAGER = TestBrokerConfiguration.ENTRY_NAME_GROUP_FILE;
private File _groupFile;
@Override
@@ -43,7 +46,7 @@ public class GroupProviderRestTest extends QpidRestTestCase
{
_groupFile = createTemporaryGroupFile();
- getBrokerConfiguration().setBrokerAttribute(Broker.GROUP_FILE, _groupFile.getAbsolutePath());
+ getBrokerConfiguration().addGroupFileConfiguration(_groupFile.getAbsolutePath());
super.setUp();
}
@@ -69,11 +72,11 @@ public class GroupProviderRestTest extends QpidRestTestCase
assertEquals("Unexpected number of providers", 1, providerDetails.size());
for (Map<String, Object> provider : providerDetails)
{
- assertProvider(FILE_GROUP_MANAGER, provider);
+ assertProvider(FILE_GROUP_MANAGER, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE, provider);
Map<String, Object> data = getRestTestHelper().getJsonAsSingletonList("/rest/groupprovider/"
+ provider.get(GroupProvider.NAME));
assertNotNull("Cannot load data for " + provider.get(GroupProvider.NAME), data);
- assertProvider(FILE_GROUP_MANAGER, data);
+ assertProvider(FILE_GROUP_MANAGER, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE, data);
}
}
@@ -111,8 +114,178 @@ public class GroupProviderRestTest extends QpidRestTestCase
getRestTestHelper().assertNumberOfGroups(data, 0);
}
+ public void testCreateNewFileGroupProviderFromExistingGroupFile() throws Exception
+ {
+ String[] groupMemberNames = {"test1","test2"};
+ File groupFile = TestFileUtils.createTempFile(this, ".groups", "testusers.users=" + groupMemberNames[0] + "," + groupMemberNames[1]);
+ try
+ {
+ String providerName = getTestName();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, providerName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, groupFile.getAbsolutePath());
+
+ int responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Group provider was not created", 201, responseCode);
+
+ Map<String, Object> data = getRestTestHelper().getJsonAsSingletonList("/rest/groupprovider/" + providerName + "?depth=2");
+ assertProvider(providerName, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE, data);
+ assertEquals("Unexpected name", providerName, data.get(GroupProvider.NAME));
+ assertEquals("Unexpected path", groupFile.getAbsolutePath(), data.get(FileGroupManagerFactory.PATH));
+
+ @SuppressWarnings("unchecked")
+ List<Map<String, Object>> groups = (List<Map<String, Object>>) data.get("groups");
+ assertEquals("Unexpected group size", 1, groups.size());
+ Map<String, Object> group = groups.get(0);
+ assertEquals("Unexpected group name", "testusers",group.get("name"));
+
+ @SuppressWarnings("unchecked")
+ List<Map<String, Object>> groupMemberList = (List<Map<String, Object>>) group.get("groupmembers");
+ assertEquals("Unexpected group members size", 2, groupMemberList.size());
+
+ for (String memberName : groupMemberNames)
+ {
+ boolean found = false;
+ for (Map<String, Object> memberData : groupMemberList)
+ {
+ Object name = memberData.get("name");
+ if (memberName.equals(name))
+ {
+ found = true;
+ break;
+ }
+ }
+ assertTrue("Cannot find group member " + memberName + " in " + groupMemberList , found);
+ }
+ }
+ finally
+ {
+ groupFile.delete();
+ }
+ }
+
+ public void testCreationOfNewFileGroupProviderFailsWhenPathIsMissed() throws Exception
+ {
+ String providerName = getTestName();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, providerName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+
+ int responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Group provider was created", 409, responseCode);
+ }
+
+ public void testCreateNewFileGroupProviderFromNonExistingGroupFile() throws Exception
+ {
+ File groupFile = new File(TMP_FOLDER + File.separator + getTestName() + File.separator + "groups");
+ assertFalse("Group file should not exist", groupFile.exists());
+ try
+ {
+ String providerName = getTestName();
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, providerName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, groupFile.getAbsolutePath());
+
+ int responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Group provider was not created", 201, responseCode);
+
+ Map<String, Object> data = getRestTestHelper().getJsonAsSingletonList("/rest/groupprovider/" + providerName);
+ assertEquals("Unexpected name", providerName, data.get(GroupProvider.NAME));
+ assertEquals("Unexpected path", groupFile.getAbsolutePath(), data.get(FileGroupManagerFactory.PATH));
+
+ @SuppressWarnings("unchecked")
+ List<Map<String, Object>> groups = (List<Map<String, Object>>) data.get("groups");
+ assertNull("Unexpected groups", groups);
+
+ assertTrue("Group file has not been created", groupFile.exists());
+ }
+ finally
+ {
+ groupFile.delete();
+ groupFile.getParentFile().delete();
+ }
+ }
+
+ public void testCreateNewFileGroupProviderForTheSameGroupFileFails() throws Exception
+ {
+ File groupFile = TestFileUtils.createTempFile(this, ".groups", "testusers.users=test1,test2");
+ String providerName = getTestName();
+ try
+ {
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, providerName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, groupFile.getAbsolutePath());
+
+ int responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Group provider was not created", 201, responseCode);
+
+ attributes.put(GroupProvider.NAME, providerName + 2);
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName + 2, "PUT", attributes);
+ assertEquals("Group provider for the same group file was created", 409, responseCode);
+ }
+ finally
+ {
+ groupFile.delete();
+ }
+ }
+
+ public void testDeleteGroupProvider() throws Exception
+ {
+ File groupFile = TestFileUtils.createTempFile(this, ".groups", "testusers.users=test1,test2");
+ String providerName = getTestName();
+ try
+ {
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, providerName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, groupFile.getAbsolutePath());
+
+ int responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Expected to fail because we can have only one password provider", 201, responseCode);
+
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName , "DELETE", null);
+ assertEquals("Group provider was not deleted", 200, responseCode);
+
+ List<Map<String, Object>> providerDetails = getRestTestHelper().getJsonAsList("/rest/groupprovider/" + providerName);
+ assertEquals("Provider was not deleted", 0, providerDetails.size());
+ assertFalse("Groups file should be deleted", groupFile.exists());
+ }
+ finally
+ {
+ groupFile.delete();
+ }
+ }
+
+ public void testUpdateGroupProviderAttributesFails() throws Exception
+ {
+ File groupFile = TestFileUtils.createTempFile(this, ".groups", "testusers.users=test1,test2");
+ String providerName = getTestName();
+ try
+ {
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, providerName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, groupFile.getAbsolutePath());
+
+ int responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Expected to fail because we can have only one password provider", 201, responseCode);
+
+ File newGroupFile = new File(TMP_FOLDER + File.separator + getTestName() + File.separator + "groups");
+ attributes.put(FileGroupManagerFactory.PATH, newGroupFile.getAbsolutePath());
+
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + providerName, "PUT", attributes);
+ assertEquals("Expected to fail because we can have only one password provider", 409, responseCode);
+ }
+ finally
+ {
+ groupFile.delete();
+ }
+ }
- private void assertProvider(String type, Map<String, Object> provider)
+ private void assertProvider(String name, String type, Map<String, Object> provider)
{
Asserts.assertAttributesPresent(provider, GroupProvider.AVAILABLE_ATTRIBUTES,
GroupProvider.CREATED, GroupProvider.UPDATED, GroupProvider.DESCRIPTION,
@@ -126,9 +299,8 @@ public class GroupProviderRestTest extends QpidRestTestCase
assertEquals("Unexpected value of provider attribute " + GroupProvider.TYPE, type,
provider.get(GroupProvider.TYPE));
- final String name = (String) provider.get(GroupProvider.NAME);
- assertEquals("Unexpected value of provider attribute " + GroupProvider.NAME, type,
- name);
+ assertEquals("Unexpected value of provider attribute " + GroupProvider.NAME, name,
+ (String) provider.get(GroupProvider.NAME));
@SuppressWarnings("unchecked")
List<Map<String, Object>> groups = (List<Map<String, Object>>) provider.get("groups");
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupRestTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupRestTest.java
index d3f93cc0fe..67e50b1bd1 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupRestTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/GroupRestTest.java
@@ -26,13 +26,13 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
-import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.test.utils.TestBrokerConfiguration;
public class GroupRestTest extends QpidRestTestCase
{
private static final String GROUP_NAME = "myGroup";
- private static final String FILE_GROUP_MANAGER = "FileGroupManager";
+ private static final String FILE_GROUP_MANAGER = TestBrokerConfiguration.ENTRY_NAME_GROUP_FILE;
private static final String EXISTING_MEMBER = "user1";
private static final String NEW_MEMBER = "user2";
@@ -43,7 +43,7 @@ public class GroupRestTest extends QpidRestTestCase
{
_groupFile = createTemporaryGroupFile();
- getBrokerConfiguration().setBrokerAttribute(Broker.GROUP_FILE, _groupFile.getAbsolutePath());
+ getBrokerConfiguration().addGroupFileConfiguration(_groupFile.getAbsolutePath());
super.setUp();
}
@@ -64,7 +64,7 @@ public class GroupRestTest extends QpidRestTestCase
public void testGet() throws Exception
{
- Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/FileGroupManager/myGroup");
+ Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/" + FILE_GROUP_MANAGER + "/myGroup");
List<Map<String, Object>> groupmembers = (List<Map<String, Object>>) group.get("groupmembers");
assertEquals(1, groupmembers.size());
@@ -74,23 +74,23 @@ public class GroupRestTest extends QpidRestTestCase
public void testCreateNewMemberOfGroup() throws Exception
{
- Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/FileGroupManager/myGroup");
+ Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/" + FILE_GROUP_MANAGER + "/myGroup");
getRestTestHelper().assertNumberOfGroupMembers(group, 1);
getRestTestHelper().createNewGroupMember(FILE_GROUP_MANAGER, GROUP_NAME, NEW_MEMBER);
- group = getRestTestHelper().getJsonAsSingletonList("/rest/group/FileGroupManager/myGroup");
+ group = getRestTestHelper().getJsonAsSingletonList("/rest/group/" + FILE_GROUP_MANAGER + "/myGroup");
getRestTestHelper().assertNumberOfGroupMembers(group, 2);
}
public void testRemoveMemberFromGroup() throws Exception
{
- Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/FileGroupManager/myGroup");
+ Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/" + FILE_GROUP_MANAGER + "/myGroup");
getRestTestHelper().assertNumberOfGroupMembers(group, 1);
getRestTestHelper().removeMemberFromGroup(FILE_GROUP_MANAGER, GROUP_NAME, EXISTING_MEMBER);
- group = getRestTestHelper().getJsonAsSingletonList("/rest/group/FileGroupManager/myGroup");
+ group = getRestTestHelper().getJsonAsSingletonList("/rest/group/" + FILE_GROUP_MANAGER + "/myGroup");
getRestTestHelper().assertNumberOfGroupMembers(group, 0);
}
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
index ce4c869e66..c8225b37e4 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
@@ -30,6 +30,7 @@ import java.util.Map;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.GroupProvider;
import org.apache.qpid.server.model.KeyStore;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Protocol;
@@ -38,6 +39,7 @@ import org.apache.qpid.server.model.VirtualHost;
import org.apache.qpid.server.security.acl.AbstractACLTestCase;
import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManagerFactory;
import org.apache.qpid.server.security.auth.manager.PlainPasswordFileAuthenticationManagerFactory;
+import org.apache.qpid.server.security.group.FileGroupManagerFactory;
import org.apache.qpid.systest.rest.QpidRestTestCase;
import org.apache.qpid.test.utils.TestBrokerConfiguration;
import org.apache.qpid.test.utils.TestFileUtils;
@@ -636,6 +638,122 @@ public class BrokerACLTest extends QpidRestTestCase
brokerAttributes.get(Broker.QUEUE_ALERT_REPEAT_GAP));
}
+ /* === GroupProvider === */
+
+ public void testCreateGroupProviderAllowed() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ String groupProviderName = getTestName();
+
+ assertGroupProviderExistence(groupProviderName, false);
+
+ int responseCode = createGroupProvider(groupProviderName);
+ assertEquals("Group provider creation should be allowed", 201, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, true);
+ }
+
+ public void testCreateGroupProviderDenied() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
+
+ String groupProviderName = getTestName();
+
+ assertGroupProviderExistence(groupProviderName, false);
+
+ int responseCode = createGroupProvider(groupProviderName);
+ assertEquals("Group provider creation should be denied", 403, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, false);
+ }
+
+ public void testDeleteGroupProviderDenied() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ String groupProviderName = getTestName();
+
+ assertGroupProviderExistence(groupProviderName, false);
+
+ int responseCode = createGroupProvider(groupProviderName);
+ assertEquals("Group provider creation should be allowed", 201, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, true);
+
+ getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
+
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + groupProviderName, "DELETE", null);
+ assertEquals("Group provider deletion should be denied", 403, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, true);
+ }
+
+ public void testDeleteGroupProviderAllowed() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ String groupProviderName = getTestName();
+
+ assertGroupProviderExistence(groupProviderName, false);
+
+ int responseCode = createGroupProvider(groupProviderName);
+ assertEquals("Group provider creation should be allowed", 201, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, true);
+
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + groupProviderName, "DELETE", null);
+ assertEquals("Group provider deletion should be allowed", 200, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, false);
+ }
+
+ public void testSetGroupProviderAttributesAllowed() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ String groupProviderName = getTestName();
+
+ assertGroupProviderExistence(groupProviderName, false);
+
+ int responseCode = createGroupProvider(groupProviderName);
+ assertEquals("Group provider creation should be allowed", 201, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, true);
+
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, groupProviderName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, "/path/to/file");
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + groupProviderName, "PUT", attributes);
+ assertEquals("Setting of group provider attributes should be allowed but not supported", 409, responseCode);
+ }
+
+ public void testSetGroupProviderAttributesDenied() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ String groupProviderName = getTestName();
+
+ assertGroupProviderExistence(groupProviderName, false);
+
+ int responseCode = createGroupProvider(groupProviderName);
+ assertEquals("Group provider creation should be allowed", 201, responseCode);
+
+ assertGroupProviderExistence(groupProviderName, true);
+
+ getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
+
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, groupProviderName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, "/path/to/file");
+ responseCode = getRestTestHelper().submitRequest("/rest/groupprovider/" + groupProviderName, "PUT", attributes);
+ assertEquals("Setting of group provider attributes should be denied", 403, responseCode);
+ }
+
private int createPort(String portName) throws Exception
{
Map<String, Object> attributes = new HashMap<String, Object>();
@@ -752,4 +870,22 @@ public class BrokerACLTest extends QpidRestTestCase
return getRestTestHelper().submitRequest("/rest/truststore/" + name, "PUT", trustStoreAttributes);
}
+
+ private void assertGroupProviderExistence(String groupProviderName, boolean exists) throws Exception
+ {
+ String path = "/rest/groupprovider/" + groupProviderName;
+ List<Map<String, Object>> providers = getRestTestHelper().getJsonAsList(path);
+ assertEquals("Unexpected result", exists, !providers.isEmpty());
+ }
+
+ private int createGroupProvider(String groupProviderName) throws Exception
+ {
+ File file = TestFileUtils.createTempFile(this, ".groups");
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, groupProviderName);
+ attributes.put(GroupProvider.TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, file.getAbsoluteFile());
+
+ return getRestTestHelper().submitRequest("/rest/groupprovider/" + groupProviderName, "PUT", attributes);
+ }
}
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java
index 40ea723b1e..3fceb27a4b 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java
@@ -29,14 +29,13 @@ import java.util.Properties;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.configuration.ConfigurationException;
-import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.security.acl.AbstractACLTestCase;
import org.apache.qpid.systest.rest.QpidRestTestCase;
import org.apache.qpid.test.utils.TestBrokerConfiguration;
public class GroupRestACLTest extends QpidRestTestCase
{
- private static final String FILE_GROUP_MANAGER = "FileGroupManager";
+ private static final String FILE_GROUP_MANAGER = TestBrokerConfiguration.ENTRY_NAME_GROUP_FILE;
private static final String ALLOWED_GROUP = "allowedGroup";
private static final String DENIED_GROUP = "deniedGroup";
@@ -52,7 +51,7 @@ public class GroupRestACLTest extends QpidRestTestCase
public void setUp() throws Exception
{
_groupFile = createTemporaryGroupFile();
- getBrokerConfiguration().setBrokerAttribute(Broker.GROUP_FILE, _groupFile.getAbsolutePath());
+ getBrokerConfiguration().addGroupFileConfiguration(_groupFile.getAbsolutePath());
//DONT call super.setUp(), the tests will start the broker after configuring it
}
@@ -191,7 +190,7 @@ public class GroupRestACLTest extends QpidRestTestCase
private void assertNumberOfGroupMembers(String groupName, int expectedNumberOfMembers) throws IOException
{
- Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/FileGroupManager/" + groupName);
+ Map<String, Object> group = getRestTestHelper().getJsonAsSingletonList("/rest/group/" + FILE_GROUP_MANAGER + "/" + groupName);
getRestTestHelper().assertNumberOfGroupMembers(group, expectedNumberOfMembers);
}
}
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java
index 12973113d8..3b81df6fd1 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/acl/UserRestACLTest.java
@@ -29,7 +29,6 @@ import java.util.Properties;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.configuration.ConfigurationException;
-import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.security.acl.AbstractACLTestCase;
import org.apache.qpid.systest.rest.QpidRestTestCase;
import org.apache.qpid.test.utils.TestBrokerConfiguration;
@@ -52,7 +51,7 @@ public class UserRestACLTest extends QpidRestTestCase
public void setUp() throws Exception
{
_groupFile = createTemporaryGroupFile();
- getBrokerConfiguration().setBrokerAttribute(Broker.GROUP_FILE, _groupFile.getAbsolutePath());
+ getBrokerConfiguration().addGroupFileConfiguration(_groupFile.getAbsolutePath());
getRestTestHelper().configureTemporaryPasswordFile(this, ALLOWED_USER, DENIED_USER, OTHER_USER);
diff --git a/qpid/java/systests/src/main/java/org/apache/qpid/test/utils/TestBrokerConfiguration.java b/qpid/java/systests/src/main/java/org/apache/qpid/test/utils/TestBrokerConfiguration.java
index 6157947a83..f37ba720b7 100644
--- a/qpid/java/systests/src/main/java/org/apache/qpid/test/utils/TestBrokerConfiguration.java
+++ b/qpid/java/systests/src/main/java/org/apache/qpid/test/utils/TestBrokerConfiguration.java
@@ -33,13 +33,16 @@ import org.apache.qpid.server.configuration.ConfigurationEntry;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.configuration.store.MemoryConfigurationEntryStore;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.GroupProvider;
import org.apache.qpid.server.model.KeyStore;
import org.apache.qpid.server.model.Plugin;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.TrustStore;
import org.apache.qpid.server.model.UUIDGenerator;
import org.apache.qpid.server.model.VirtualHost;
+import org.apache.qpid.server.plugin.GroupManagerFactory;
import org.apache.qpid.server.plugin.PluginFactory;
+import org.apache.qpid.server.security.group.FileGroupManagerFactory;
public class TestBrokerConfiguration
{
@@ -58,6 +61,7 @@ public class TestBrokerConfiguration
public static final String ENTRY_NAME_ANONYMOUS_PROVIDER = "anonymous";
public static final String ENTRY_NAME_SSL_KEYSTORE = "systestsKeyStore";
public static final String ENTRY_NAME_SSL_TRUSTSTORE = "systestsTrustStore";
+ public static final String ENTRY_NAME_GROUP_FILE = "groupFile";
private MemoryConfigurationEntryStore _store;
private boolean _saved;
@@ -132,6 +136,16 @@ public class TestBrokerConfiguration
return addObjectConfiguration(ENTRY_NAME_HTTP_MANAGEMENT, Plugin.class.getSimpleName(), attributes);
}
+ public UUID addGroupFileConfiguration(String groupFilePath)
+ {
+ Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(GroupProvider.NAME, ENTRY_NAME_GROUP_FILE);
+ attributes.put(GroupManagerFactory.ATTRIBUTE_TYPE, FileGroupManagerFactory.GROUP_FILE_PROVIDER_TYPE);
+ attributes.put(FileGroupManagerFactory.PATH, groupFilePath);
+
+ return addGroupProviderConfiguration(attributes);
+ }
+
public UUID addPortConfiguration(Map<String, Object> attributes)
{
String name = (String) attributes.get(Port.NAME);
@@ -150,6 +164,12 @@ public class TestBrokerConfiguration
return addObjectConfiguration(name, AuthenticationProvider.class.getSimpleName(), attributes);
}
+ public UUID addGroupProviderConfiguration(Map<String, Object> attributes)
+ {
+ String name = (String) attributes.get(GroupProvider.NAME);
+ return addObjectConfiguration(name, GroupProvider.class.getSimpleName(), attributes);
+ }
+
public UUID addTrustStoreConfiguration(Map<String, Object> attributes)
{
String name = (String) attributes.get(TrustStore.NAME);
View Lorry Controller Status