You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by lq...@apache.org on 2017/03/13 13:56:44 UTC
svn commit: r1786690 - in /qpid/java/trunk/broker-plugins/access-control/src:
main/java/org/apache/qpid/server/security/access/config/
test/java/org/apache/qpid/server/security/access/config/
Author: lquack
Date: Mon Mar 13 13:56:44 2017
New Revision: 1786690
URL: http://svn.apache.org/viewvc?rev=1786690&view=rev
Log:
QPID-7690: [Java Broker] Fix ACLs for VirtualHost-type objects
Add the virtualhost name to the properties so the ACL rules can refer to virtualhost_name
Modified:
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java
qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java
Modified: qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java?rev=1786690&r1=1786689&r2=1786690&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java (original)
+++ qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapter.java Mon Mar 13 13:56:44 2017
@@ -249,7 +249,7 @@ class LegacyAccessControlAdapter
else if (isVirtualHostType(configuredObjectType))
{
ConfiguredObject<?> virtualHost = getModel().getAncestor(VirtualHost.class, (ConfiguredObject<?>)configuredObject);
- properties = new ObjectProperties((String)virtualHost.getAttribute(ConfiguredObject.NAME));
+ properties.put(ObjectProperties.Property.VIRTUALHOST_NAME, (String)virtualHost.getAttribute(virtualHost.NAME));
}
return properties;
}
Modified: qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java?rev=1786690&r1=1786689&r2=1786690&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java (original)
+++ qpid/java/trunk/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/LegacyAccessControlAdapterTest.java Mon Mar 13 13:56:44 2017
@@ -165,13 +165,14 @@ public class LegacyAccessControlAdapterT
{
VirtualHostNode vhn = getMockVirtualHostNode();
- VirtualHost mock = mock(VirtualHost.class);
- when(mock.getName()).thenReturn("test");
- when(mock.getAttribute(ConfiguredObject.NAME)).thenReturn("test");
- when(mock.getCategoryClass()).thenReturn(VirtualHost.class);
- when(mock.getParent()).thenReturn(vhn);
- ObjectProperties properties = new ObjectProperties((String)mock.getName());
- assertDeleteAuthorization(mock, LegacyOperation.DELETE, ObjectType.VIRTUALHOST, properties, vhn);
+ VirtualHost virtualHost = mock(VirtualHost.class);
+ when(virtualHost.getName()).thenReturn("test");
+ when(virtualHost.getAttribute(ConfiguredObject.NAME)).thenReturn("test");
+ when(virtualHost.getCategoryClass()).thenReturn(VirtualHost.class);
+ when(virtualHost.getParent()).thenReturn(vhn);
+ ObjectProperties properties = new ObjectProperties(virtualHost.getName());
+ properties.put(ObjectProperties.Property.VIRTUALHOST_NAME, (String)virtualHost.getAttribute(virtualHost.NAME));
+ assertDeleteAuthorization(virtualHost, LegacyOperation.DELETE, ObjectType.VIRTUALHOST, properties, vhn);
}
public void testAuthoriseDeleteKeyStore()
@@ -444,7 +445,10 @@ public class LegacyAccessControlAdapterT
public void testAuthoriseCreateVirtualHost()
{
VirtualHost vh = getMockVirtualHost();
- assertCreateAuthorization(vh, LegacyOperation.CREATE, ObjectType.VIRTUALHOST, new ObjectProperties(TEST_VIRTUAL_HOST), _virtualHostNode);
+ ObjectProperties expectedProperties = new ObjectProperties(TEST_VIRTUAL_HOST);
+ expectedProperties.put(ObjectProperties.Property.VIRTUALHOST_NAME, TEST_VIRTUAL_HOST);
+ assertCreateAuthorization(vh, LegacyOperation.CREATE, ObjectType.VIRTUALHOST,
+ expectedProperties, _virtualHostNode);
}
public void testAuthoriseUpdateVirtualHostNode()
@@ -529,13 +533,14 @@ public class LegacyAccessControlAdapterT
{
VirtualHostNode vhn = getMockVirtualHostNode();
- VirtualHost mock = mock(VirtualHost.class);
- when(mock.getName()).thenReturn("test");
- when(mock.getAttribute(ConfiguredObject.NAME)).thenReturn("test");
- when(mock.getCategoryClass()).thenReturn(VirtualHost.class);
- when(mock.getParent()).thenReturn(vhn);
- ObjectProperties properties = new ObjectProperties((String)mock.getName());
- assertUpdateAuthorization(mock, LegacyOperation.UPDATE, ObjectType.VIRTUALHOST, properties, vhn);
+ VirtualHost virtualHost = mock(VirtualHost.class);
+ when(virtualHost.getName()).thenReturn("test");
+ when(virtualHost.getAttribute(ConfiguredObject.NAME)).thenReturn("test");
+ when(virtualHost.getCategoryClass()).thenReturn(VirtualHost.class);
+ when(virtualHost.getParent()).thenReturn(vhn);
+ ObjectProperties properties = new ObjectProperties(virtualHost.getName());
+ properties.put(ObjectProperties.Property.VIRTUALHOST_NAME, virtualHost.getName());
+ assertUpdateAuthorization(virtualHost, LegacyOperation.UPDATE, ObjectType.VIRTUALHOST, properties, vhn);
}
public void testAuthoriseDeleteVirtualHostNode()
@@ -615,26 +620,21 @@ public class LegacyAccessControlAdapterT
public void testAuthoriseVirtualHostLoggerOperations()
{
- ObjectProperties properties = new ObjectProperties(TEST_VIRTUAL_HOST);
-
VirtualHostLogger mock = mock(VirtualHostLogger.class);
when(mock.getName()).thenReturn("TEST");
doReturn(VirtualHostLogger.class).when(mock).getCategoryClass();
when(mock.getParent()).thenReturn(_virtualHost);
when(mock.getModel()).thenReturn(BrokerModel.getInstance());
+ ObjectProperties properties = new ObjectProperties(mock.getName());
+ properties.put(ObjectProperties.Property.VIRTUALHOST_NAME, TEST_VIRTUAL_HOST);
assertCreateAuthorization(mock, LegacyOperation.CREATE, ObjectType.VIRTUALHOST, properties, _virtualHost);
-
- when(mock.getName()).thenReturn("test");
-
assertUpdateAuthorization(mock, LegacyOperation.UPDATE, ObjectType.VIRTUALHOST, properties, _virtualHost);
assertDeleteAuthorization(mock, LegacyOperation.DELETE, ObjectType.VIRTUALHOST, properties, _virtualHost);
}
public void testAuthoriseVirtualHostLogInclusionRuleOperations()
{
- ObjectProperties properties = new ObjectProperties(TEST_VIRTUAL_HOST);
-
VirtualHostLogger vhl = mock(VirtualHostLogger.class);
when(vhl.getName()).thenReturn("LOGGER");
doReturn(VirtualHostLogger.class).when(vhl).getCategoryClass();
@@ -647,10 +647,10 @@ public class LegacyAccessControlAdapterT
when(mock.getParent()).thenReturn(vhl);
when(mock.getModel()).thenReturn(BrokerModel.getInstance());
- assertCreateAuthorization(mock, LegacyOperation.CREATE, ObjectType.VIRTUALHOST, properties, vhl);
-
- when(mock.getName()).thenReturn("test");
+ ObjectProperties properties = new ObjectProperties(mock.getName());
+ properties.put(ObjectProperties.Property.VIRTUALHOST_NAME, TEST_VIRTUAL_HOST);
+ assertCreateAuthorization(mock, LegacyOperation.CREATE, ObjectType.VIRTUALHOST, properties, vhl);
assertUpdateAuthorization(mock, LegacyOperation.UPDATE, ObjectType.VIRTUALHOST, properties, vhl);
assertDeleteAuthorization(mock, LegacyOperation.DELETE, ObjectType.VIRTUALHOST, properties, vhl);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org