You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2018/03/12 16:44:15 UTC
[7/8] qpid-broker-j git commit: NO-JIRA: [Broker-J] [System Tests]
Remove Rest ACL Tests
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
deleted file mode 100644
index 4e85329..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
+++ /dev/null
@@ -1,1129 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest.acl;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.qpid.server.logging.logback.BrokerFileLogger;
-import org.apache.qpid.server.logging.logback.BrokerMemoryLogger;
-import org.apache.qpid.server.logging.logback.BrokerNameAndLevelLogInclusionRule;
-import org.apache.qpid.server.management.plugin.HttpManagement;
-import org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet;
-import org.apache.qpid.server.model.AccessControlProvider;
-import org.apache.qpid.server.model.AuthenticationProvider;
-import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.BrokerLogger;
-import org.apache.qpid.server.model.ConfiguredObject;
-import org.apache.qpid.server.model.ExternalFileBasedAuthenticationManager;
-import org.apache.qpid.server.model.GroupProvider;
-import org.apache.qpid.server.model.KeyStore;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Protocol;
-import org.apache.qpid.server.model.State;
-import org.apache.qpid.server.model.TrustStore;
-import org.apache.qpid.server.model.adapter.FileBasedGroupProvider;
-import org.apache.qpid.server.model.adapter.FileBasedGroupProviderImpl;
-import org.apache.qpid.server.security.AllowAllAccessControlProvider;
-import org.apache.qpid.server.security.FileKeyStore;
-import org.apache.qpid.server.security.FileTrustStore;
-import org.apache.qpid.server.security.access.plugins.AclFileAccessControlProvider;
-import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
-import org.apache.qpid.server.security.auth.manager.PlainPasswordDatabaseAuthenticationManager;
-import org.apache.qpid.systest.rest.QpidRestTestCase;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.test.utils.TestFileUtils;
-import org.apache.qpid.test.utils.TestSSLConstants;
-import org.apache.qpid.test.utils.TestUtils;
-
-public class BrokerACLTest extends QpidRestTestCase
-{
- private static final String ALLOWED_USER = "user1";
- private static final String DENIED_USER = "user2";
- private String _secondaryAclFileContent = "";
-
- @Override
- protected void customizeConfiguration() throws Exception
- {
- super.customizeConfiguration();
- final TestBrokerConfiguration defaultBrokerConfiguration = getDefaultBrokerConfiguration();
- defaultBrokerConfiguration.configureTemporaryPasswordFile(ALLOWED_USER, DENIED_USER);
-
- TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_USER + " CONFIGURE BROKER",
- "ACL DENY-LOG " + DENIED_USER + " CONFIGURE BROKER",
- "ACL ALLOW-LOG " + ALLOWED_USER + " ACCESS_LOGS BROKER",
- "ACL DENY-LOG " + DENIED_USER + " ACCESS_LOGS BROKER",
- "ACL DENY-LOG ALL ALL");
-
- _secondaryAclFileContent =
- "ACL ALLOW-LOG ALL ACCESS MANAGEMENT\n" +
- "ACL ALLOW-LOG " + ALLOWED_USER + " CONFIGURE BROKER\n" +
- "ACL DENY-LOG " + DENIED_USER + " CONFIGURE BROKER\n" +
- "ACL DENY-LOG ALL ALL";
- }
-
- /* === AuthenticationProvider === */
-
- public void testCreateAuthenticationProviderAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String authenticationProviderName = getTestName();
-
- int responseCode = createAuthenticationProvider(authenticationProviderName);
- assertEquals("Provider creation should be allowed", 201, responseCode);
-
- assertAuthenticationProviderExists(authenticationProviderName);
- }
-
- public void testCreateAuthenticationProviderDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String authenticationProviderName = getTestName();
-
- int responseCode = createAuthenticationProvider(authenticationProviderName);
- assertEquals("Provider creation should be denied", 403, responseCode);
-
- assertAuthenticationProviderDoesNotExist(authenticationProviderName);
- }
-
- public void testDeleteAuthenticationProviderAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String providerName = getTestName();
-
- int responseCode = createAuthenticationProvider(providerName);
- assertEquals("Provider creation should be allowed", 201, responseCode);
-
- assertAuthenticationProviderExists(providerName);
-
- responseCode = getRestTestHelper().submitRequest("authenticationprovider/" + providerName, "DELETE");
- assertEquals("Provider deletion should be allowed", 200, responseCode);
-
- assertAuthenticationProviderDoesNotExist(TEST2_VIRTUALHOST);
- }
-
- public void testDeleteAuthenticationProviderDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String providerName = getTestName();
-
- int responseCode = createAuthenticationProvider(providerName);
- assertEquals("Provider creation should be allowed", 201, responseCode);
-
- assertAuthenticationProviderExists(providerName);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- responseCode = getRestTestHelper().submitRequest("authenticationprovider/" + providerName, "DELETE");
- assertEquals("Provider deletion should be denied", 403, responseCode);
-
- assertAuthenticationProviderExists(providerName);
- }
-
- public void testSetAuthenticationProviderAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String providerName = TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER;
-
- assertAuthenticationProviderExists(providerName);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(AuthenticationProvider.NAME, providerName);
- attributes.put(AuthenticationProvider.TYPE, PlainPasswordDatabaseAuthenticationManager.PROVIDER_TYPE);
- attributes.put(AuthenticationProvider.STATE, State.DELETED.name());
-
- int responseCode = getRestTestHelper().submitRequest("authenticationprovider/" + providerName, "PUT", attributes);
- assertEquals("Setting of provider attribites should be allowed", 200, responseCode);
- }
-
- public void testSetAuthenticationProviderAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String providerName = TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER;
- Map<String, Object> providerData = getRestTestHelper().getJsonAsMap("authenticationprovider/" + providerName);
-
- File file = TestFileUtils.createTempFile(this, ".users", "guest:guest\n" + ALLOWED_USER + ":" + ALLOWED_USER + "\n"
- + DENIED_USER + ":" + DENIED_USER);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(AuthenticationProvider.NAME, providerName);
- attributes.put(AuthenticationProvider.TYPE, AnonymousAuthenticationManager.PROVIDER_TYPE);
- attributes.put(ExternalFileBasedAuthenticationManager.PATH, file.getAbsolutePath());
-
- int responseCode = getRestTestHelper().submitRequest("authenticationprovider/" + providerName, "PUT", attributes);
- assertEquals("Setting of provider attribites should be allowed", 403, responseCode);
-
- Map<String, Object> provider = getRestTestHelper().getJsonAsMap("authenticationprovider/" + providerName);
- assertEquals("Unexpected STORE_URL attribute value",
- providerData.get(ExternalFileBasedAuthenticationManager.PATH),
- provider.get(ExternalFileBasedAuthenticationManager.PATH));
- }
-
- /* === Port === */
-
- public void testCreatePortAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String portName = getTestName();
-
- int responseCode = createPort(portName);
- assertEquals("Port creation should be allowed", 201, responseCode);
-
- assertPortExists(portName);
- }
-
- public void testCreatePortDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String portName = getTestName();
-
- int responseCode = createPort(portName);
- assertEquals("Port creation should be denied", 403, responseCode);
-
- assertPortDoesNotExist(portName);
- }
-
- public void testDeletePortDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT;
- assertPortExists(portName);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- int responseCode = getRestTestHelper().submitRequest("port/" + portName, "DELETE");
- assertEquals("Port deletion should be denied", 403, responseCode);
-
- assertPortExists(portName);
- }
-
- public void testDeletePortAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT;
- assertPortExists(portName);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- int responseCode = getRestTestHelper().submitRequest("port/" + portName, "DELETE");
- assertEquals("Port deletion should be allowed", 200, responseCode);
-
- assertPortDoesNotExist(portName);
- }
-
-
- public void testSetPortAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String portName = getTestName();
-
- int responseCode = createPort(portName);
- assertEquals("Port creation should be allowed", 201, responseCode);
-
- assertPortExists(portName);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(Port.NAME, portName);
- attributes.put(Port.PROTOCOLS, Arrays.asList(Protocol.AMQP_0_9));
- attributes.put(Port.AUTHENTICATION_PROVIDER, TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER);
- responseCode = getRestTestHelper().submitRequest("port/" + portName, "PUT", attributes);
- assertEquals("Setting of port attribites should be denied", 403, responseCode);
-
- Map<String, Object> port = getRestTestHelper().getJsonAsMap("port/" + portName);
- assertEquals("Unexpected authentication provider attribute value",
- TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER, port.get(Port.AUTHENTICATION_PROVIDER));
- }
-
- /* === KeyStore === */
-
- public void testCreateKeyStoreAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String keyStoreName = getTestName();
-
- assertKeyStoreExistence(keyStoreName, false);
-
- int responseCode = createKeyStore(keyStoreName, TestSSLConstants.CERT_ALIAS_APP1);
- assertEquals("keyStore creation should be allowed", 201, responseCode);
-
- assertKeyStoreExistence(keyStoreName, true);
- }
-
- public void testCreateKeyStoreDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String keyStoreName = getTestName();
-
- assertKeyStoreExistence(keyStoreName, false);
-
- int responseCode = createKeyStore(keyStoreName, TestSSLConstants.CERT_ALIAS_APP1);
- assertEquals("keyStore creation should be allowed", 403, responseCode);
-
- assertKeyStoreExistence(keyStoreName, false);
- }
-
- public void testDeleteKeyStoreDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String keyStoreName = getTestName();
-
- assertKeyStoreExistence(keyStoreName, false);
-
- int responseCode = createKeyStore(keyStoreName, TestSSLConstants.CERT_ALIAS_APP1);
- assertEquals("keyStore creation should be allowed", 201, responseCode);
-
- assertKeyStoreExistence(keyStoreName, true);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- responseCode = getRestTestHelper().submitRequest("keystore/" + keyStoreName, "DELETE");
- assertEquals("keystore deletion should be denied", 403, responseCode);
-
- assertKeyStoreExistence(keyStoreName, true);
- }
-
- public void testDeleteKeyStoreAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String keyStoreName = getTestName();
-
- assertKeyStoreExistence(keyStoreName, false);
-
- int responseCode = createKeyStore(keyStoreName, TestSSLConstants.CERT_ALIAS_APP1);
- assertEquals("keyStore creation should be allowed", 201, responseCode);
-
- assertKeyStoreExistence(keyStoreName, true);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- responseCode = getRestTestHelper().submitRequest("keystore/" + keyStoreName, "DELETE");
- assertEquals("keystore deletion should be allowed", 200, responseCode);
-
- assertKeyStoreExistence(keyStoreName, false);
- }
-
- public void testSetKeyStoreAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String keyStoreName = getTestName();
- String initialCertAlias = TestSSLConstants.CERT_ALIAS_APP1;
- String updatedCertAlias = TestSSLConstants.CERT_ALIAS_APP2;
-
- assertKeyStoreExistence(keyStoreName, false);
-
- int responseCode = createKeyStore(keyStoreName, initialCertAlias);
- assertEquals("keyStore creation should be allowed", 201, responseCode);
-
- assertKeyStoreExistence(keyStoreName, true);
- Map<String, Object> keyStore = getRestTestHelper().getJsonAsMap("keystore/" + keyStoreName);
- assertEquals("Unexpected certificateAlias attribute value", initialCertAlias, keyStore.get(FileKeyStore.CERTIFICATE_ALIAS));
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(KeyStore.NAME, keyStoreName);
- attributes.put(FileKeyStore.CERTIFICATE_ALIAS, updatedCertAlias);
- responseCode = getRestTestHelper().submitRequest("keystore/" + keyStoreName, "PUT", attributes);
- assertEquals("Setting of keystore attributes should be allowed", 200, responseCode);
-
- keyStore = getRestTestHelper().getJsonAsMap("keystore/" + keyStoreName);
- assertEquals("Unexpected certificateAlias attribute value", updatedCertAlias, keyStore.get(FileKeyStore.CERTIFICATE_ALIAS));
- }
-
- public void testSetKeyStoreAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String keyStoreName = getTestName();
- String initialCertAlias = TestSSLConstants.CERT_ALIAS_APP1;
- String updatedCertAlias = TestSSLConstants.CERT_ALIAS_APP2;
-
- assertKeyStoreExistence(keyStoreName, false);
-
- int responseCode = createKeyStore(keyStoreName, initialCertAlias);
- assertEquals("keyStore creation should be allowed", 201, responseCode);
-
- assertKeyStoreExistence(keyStoreName, true);
- Map<String, Object> keyStore = getRestTestHelper().getJsonAsMap("keystore/" + keyStoreName);
- assertEquals("Unexpected certificateAlias attribute value", initialCertAlias, keyStore.get(FileKeyStore.CERTIFICATE_ALIAS));
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(KeyStore.NAME, keyStoreName);
- attributes.put(FileKeyStore.CERTIFICATE_ALIAS, updatedCertAlias);
- responseCode = getRestTestHelper().submitRequest("keystore/" + keyStoreName, "PUT", attributes);
- assertEquals("Setting of keystore attributes should be denied", 403, responseCode);
-
- keyStore = getRestTestHelper().getJsonAsMap("keystore/" + keyStoreName);
- assertEquals("Unexpected certificateAlias attribute value", initialCertAlias, keyStore.get(FileKeyStore.CERTIFICATE_ALIAS));
- }
-
- /* === TrustStore === */
-
- public void testCreateTrustStoreAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String trustStoreName = getTestName();
-
- assertTrustStoreExistence(trustStoreName, false);
-
- int responseCode = createTrustStore(trustStoreName, false);
- assertEquals("trustStore creation should be allowed", 201, responseCode);
-
- assertTrustStoreExistence(trustStoreName, true);
- }
-
- public void testCreateTrustStoreDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String trustStoreName = getTestName();
-
- assertTrustStoreExistence(trustStoreName, false);
-
- int responseCode = createTrustStore(trustStoreName, false);
- assertEquals("trustStore creation should be allowed", 403, responseCode);
-
- assertTrustStoreExistence(trustStoreName, false);
- }
-
- public void testDeleteTrustStoreDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String trustStoreName = getTestName();
-
- assertTrustStoreExistence(trustStoreName, false);
-
- int responseCode = createTrustStore(trustStoreName, false);
- assertEquals("trustStore creation should be allowed", 201, responseCode);
-
- assertTrustStoreExistence(trustStoreName, true);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- responseCode = getRestTestHelper().submitRequest("truststore/" + trustStoreName, "DELETE");
- assertEquals("truststore deletion should be denied", 403, responseCode);
-
- assertTrustStoreExistence(trustStoreName, true);
- }
-
- public void testDeleteTrustStoreAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String trustStoreName = getTestName();
-
- assertTrustStoreExistence(trustStoreName, false);
-
- int responseCode = createTrustStore(trustStoreName, false);
- assertEquals("trustStore creation should be allowed", 201, responseCode);
-
- assertTrustStoreExistence(trustStoreName, true);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- responseCode = getRestTestHelper().submitRequest("truststore/" + trustStoreName, "DELETE");
- assertEquals("truststore deletion should be allowed", 200, responseCode);
-
- assertTrustStoreExistence(trustStoreName, false);
- }
-
- public void testSetTrustStoreAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String trustStoreName = getTestName();
- boolean initialPeersOnly = false;
- boolean updatedPeersOnly = true;
-
- assertTrustStoreExistence(trustStoreName, false);
-
- int responseCode = createTrustStore(trustStoreName, initialPeersOnly);
- assertEquals("trustStore creation should be allowed", 201, responseCode);
-
- assertTrustStoreExistence(trustStoreName, true);
- Map<String, Object> trustStore = getRestTestHelper().getJsonAsMap("truststore/" + trustStoreName);
- assertEquals("Unexpected peersOnly attribute value", initialPeersOnly, trustStore.get(FileTrustStore.PEERS_ONLY));
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(TrustStore.NAME, trustStoreName);
- attributes.put(FileTrustStore.PEERS_ONLY, updatedPeersOnly);
- responseCode = getRestTestHelper().submitRequest("truststore/" + trustStoreName, "PUT", attributes);
- assertEquals("Setting of truststore attributes should be allowed", 200, responseCode);
-
- trustStore = getRestTestHelper().getJsonAsMap("truststore/" + trustStoreName);
- assertEquals("Unexpected peersOnly attribute value", updatedPeersOnly, trustStore.get(FileTrustStore.PEERS_ONLY));
- }
-
- public void testSetTrustStoreAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String trustStoreName = getTestName();
- boolean initialPeersOnly = false;
- boolean updatedPeersOnly = true;
-
- assertTrustStoreExistence(trustStoreName, false);
-
- int responseCode = createTrustStore(trustStoreName, initialPeersOnly);
- assertEquals("trustStore creation should be allowed", 201, responseCode);
-
- assertTrustStoreExistence(trustStoreName, true);
- Map<String, Object> trustStore = getRestTestHelper().getJsonAsMap("truststore/" + trustStoreName);
- assertEquals("Unexpected peersOnly attribute value", initialPeersOnly, trustStore.get(FileTrustStore.PEERS_ONLY));
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(TrustStore.NAME, trustStoreName);
- attributes.put(FileTrustStore.PEERS_ONLY, updatedPeersOnly);
- responseCode = getRestTestHelper().submitRequest("truststore/" + trustStoreName, "PUT", attributes);
- assertEquals("Setting of truststore attributes should be denied", 403, responseCode);
-
- trustStore = getRestTestHelper().getJsonAsMap("truststore/" + trustStoreName);
- assertEquals("Unexpected peersOnly attribute value", initialPeersOnly, trustStore.get(FileTrustStore.PEERS_ONLY));
- }
-
- /* === Broker === */
-
- public void testSetBrokerAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> brokerAttributes = getRestTestHelper().getJsonAsMap("broker");
- assertEquals("Unexpected description", null,
- brokerAttributes.get(Broker.DESCRIPTION));
-
- String descriptionValue = "test description";
-
- getRestTestHelper().submitRequest("broker",
- "PUT",
- Collections.singletonMap(Broker.DESCRIPTION, descriptionValue),
- 200);
-
- brokerAttributes = getRestTestHelper().getJsonAsMap("broker");
- assertEquals("Unexpected description", descriptionValue,
- brokerAttributes.get(Broker.DESCRIPTION));
- }
-
- public void testSetBrokerAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> brokerAttributes = getRestTestHelper().getJsonAsMap("broker");
- assertEquals("Unexpected description", null, brokerAttributes.get(Broker.DESCRIPTION));
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- getRestTestHelper().submitRequest("broker",
- "PUT",
- Collections.singletonMap(Broker.DESCRIPTION, "test description"),
- 403);
-
- brokerAttributes = getRestTestHelper().getJsonAsMap("broker");
- assertEquals("Unexpected description", null, brokerAttributes.get(Broker.DESCRIPTION));
- }
-
- /* === GroupProvider === */
-
- public void testCreateGroupProviderAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String groupProviderName = getTestName();
-
- assertGroupProviderExistence(groupProviderName, false);
-
- int responseCode = createGroupProvider(groupProviderName);
- assertEquals("Group provider creation should be allowed", 201, responseCode);
-
- assertGroupProviderExistence(groupProviderName, true);
- }
-
- public void testCreateGroupProviderDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String groupProviderName = getTestName();
-
- assertGroupProviderExistence(groupProviderName, false);
-
- int responseCode = createGroupProvider(groupProviderName);
- assertEquals("Group provider creation should be denied", 403, responseCode);
-
- assertGroupProviderExistence(groupProviderName, false);
- }
-
- public void testDeleteGroupProviderDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String groupProviderName = getTestName();
-
- assertGroupProviderExistence(groupProviderName, false);
-
- int responseCode = createGroupProvider(groupProviderName);
- assertEquals("Group provider creation should be allowed", 201, responseCode);
-
- assertGroupProviderExistence(groupProviderName, true);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- responseCode = getRestTestHelper().submitRequest("groupprovider/" + groupProviderName, "DELETE");
- assertEquals("Group provider deletion should be denied", 403, responseCode);
-
- assertGroupProviderExistence(groupProviderName, true);
- }
-
- public void testDeleteGroupProviderAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String groupProviderName = getTestName();
-
- assertGroupProviderExistence(groupProviderName, false);
-
- int responseCode = createGroupProvider(groupProviderName);
- assertEquals("Group provider creation should be allowed", 201, responseCode);
-
- assertGroupProviderExistence(groupProviderName, true);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- responseCode = getRestTestHelper().submitRequest("groupprovider/" + groupProviderName, "DELETE");
- assertEquals("Group provider deletion should be allowed", 200, responseCode);
-
- assertGroupProviderExistence(groupProviderName, false);
- }
-
- public void testSetGroupProviderAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String groupProviderName = getTestName();
-
- assertGroupProviderExistence(groupProviderName, false);
-
- int responseCode = createGroupProvider(groupProviderName);
- assertEquals("Group provider creation should be allowed", 201, responseCode);
-
- assertGroupProviderExistence(groupProviderName, true);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(GroupProvider.NAME, groupProviderName);
- attributes.put(GroupProvider.TYPE, FileBasedGroupProviderImpl.GROUP_FILE_PROVIDER_TYPE);
- attributes.put(FileBasedGroupProvider.PATH, "/path/to/file");
- responseCode = getRestTestHelper().submitRequest("groupprovider/" + groupProviderName, "PUT", attributes);
- assertEquals("Setting of group provider attributes should be allowed but not supported", AbstractServlet.SC_UNPROCESSABLE_ENTITY, responseCode);
- }
-
- public void testSetGroupProviderAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String groupProviderName = getTestName();
-
- assertGroupProviderExistence(groupProviderName, false);
-
- int responseCode = createGroupProvider(groupProviderName);
- assertEquals("Group provider creation should be allowed", 201, responseCode);
-
- assertGroupProviderExistence(groupProviderName, true);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(GroupProvider.NAME, groupProviderName);
- attributes.put(GroupProvider.TYPE, FileBasedGroupProviderImpl.GROUP_FILE_PROVIDER_TYPE);
- attributes.put(FileBasedGroupProvider.PATH, "/path/to/file");
- responseCode = getRestTestHelper().submitRequest("groupprovider/" + groupProviderName, "PUT", attributes);
- assertEquals("Setting of group provider attributes should be denied", 403, responseCode);
- }
-
- /* === AccessControlProvider === */
-
-
- public void testCreateAccessControlProviderDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String accessControlProviderName = getTestName();
-
- assertAccessControlProviderExistence(accessControlProviderName, false);
-
- int responseCode = createAccessControlProvider(accessControlProviderName);
- assertEquals("Access control provider creation should be denied", 403, responseCode);
-
- assertAccessControlProviderExistence(accessControlProviderName, false);
- }
-
- public void testDeleteAccessControlProviderDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String accessControlProviderName = TestBrokerConfiguration.ENTRY_NAME_ACL_FILE;
-
- assertAccessControlProviderExistence(accessControlProviderName, true);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- int responseCode = getRestTestHelper().submitRequest("accesscontrolprovider/" + accessControlProviderName, "DELETE");
- assertEquals("Access control provider deletion should be denied", 403, responseCode);
-
- assertAccessControlProviderExistence(accessControlProviderName, true);
- }
-
- public void testDeleteAccessControlProviderAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String accessControlProviderName = TestBrokerConfiguration.ENTRY_NAME_ACL_FILE;
-
-
- assertAccessControlProviderExistence(accessControlProviderName, true);
- // add a second, low priority AllowAll provider
- Map<String,Object> attributes = new HashMap<>();
- final String secondProviderName = "AllowAll";
- attributes.put(ConfiguredObject.NAME, secondProviderName);
- attributes.put(ConfiguredObject.TYPE, AllowAllAccessControlProvider.ALLOW_ALL);
- attributes.put(AccessControlProvider.PRIORITY, 9999);
- int responseCode = getRestTestHelper().submitRequest("accesscontrolprovider/" + secondProviderName, "PUT", attributes);
- assertEquals("Access control provider creation should be allowed", 201, responseCode);
-
- responseCode = getRestTestHelper().submitRequest("accesscontrolprovider/" + accessControlProviderName, "DELETE");
- assertEquals("Access control provider deletion should be allowed", 200, responseCode);
-
- assertAccessControlProviderExistence(accessControlProviderName, false);
- }
-
- public void testSetAccessControlProviderAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String accessControlProviderName = TestBrokerConfiguration.ENTRY_NAME_ACL_FILE;
-
- assertAccessControlProviderExistence(accessControlProviderName, true);
-
- File aclFile = TestFileUtils.createTempFile(this, ".acl", "ACL ALLOW all all");
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(AccessControlProvider.NAME, accessControlProviderName);
- attributes.put(FileBasedGroupProvider.PATH, aclFile.getAbsolutePath());
- int responseCode = getRestTestHelper().submitRequest("accesscontrolprovider/" + accessControlProviderName, "PUT", attributes);
- assertEquals("Setting of access control provider attributes should be allowed", 200, responseCode);
- }
-
- public void testSetAccessControlProviderAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String accessControlProviderName = TestBrokerConfiguration.ENTRY_NAME_ACL_FILE;
-
- assertAccessControlProviderExistence(accessControlProviderName, true);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(GroupProvider.NAME, accessControlProviderName);
- attributes.put(GroupProvider.TYPE, FileBasedGroupProviderImpl.GROUP_FILE_PROVIDER_TYPE);
- attributes.put(FileBasedGroupProvider.PATH, "/path/to/file");
- int responseCode = getRestTestHelper().submitRequest("accesscontrolprovider/" + accessControlProviderName, "PUT", attributes);
- assertEquals("Setting of access control provider attributes should be denied", 403, responseCode);
- }
-
- /* === HTTP management === */
-
- public void testSetHttpManagementAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(HttpManagement.NAME, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT);
- attributes.put(HttpManagement.HTTPS_BASIC_AUTHENTICATION_ENABLED, false);
- attributes.put(HttpManagement.HTTPS_SASL_AUTHENTICATION_ENABLED, false);
- attributes.put(HttpManagement.HTTP_SASL_AUTHENTICATION_ENABLED, false);
- attributes.put(HttpManagement.TIME_OUT, 10000);
-
- int responseCode = getRestTestHelper().submitRequest(
- "plugin/" + TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT, "PUT", attributes);
- assertEquals("Setting of http management should be allowed", 200, responseCode);
-
- Map<String, Object> details =
- getRestTestHelper().getJsonAsMap("plugin/" + TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT);
-
- assertEquals("Unexpected session timeout", 10000, details.get(HttpManagement.TIME_OUT));
- assertEquals("Unexpected http basic auth enabled", true, details.get(HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED));
- assertEquals("Unexpected https basic auth enabled", false, details.get(HttpManagement.HTTPS_BASIC_AUTHENTICATION_ENABLED));
- assertEquals("Unexpected http sasl auth enabled", false, details.get(HttpManagement.HTTP_SASL_AUTHENTICATION_ENABLED));
- assertEquals("Unexpected https sasl auth enabled", false, details.get(HttpManagement.HTTPS_SASL_AUTHENTICATION_ENABLED));
- }
-
- public void testSetHttpManagementAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(HttpManagement.NAME, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT);
- attributes.put(HttpManagement.HTTPS_BASIC_AUTHENTICATION_ENABLED, false);
- attributes.put(HttpManagement.HTTPS_SASL_AUTHENTICATION_ENABLED, false);
- attributes.put(HttpManagement.HTTP_SASL_AUTHENTICATION_ENABLED, false);
- attributes.put(HttpManagement.TIME_OUT, 10000);
-
- int responseCode = getRestTestHelper().submitRequest(
- "plugin/" + TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT, "PUT", attributes);
- assertEquals("Setting of http management should be denied", 403, responseCode);
-
- Map<String, Object> details =
- getRestTestHelper().getJsonAsMap("plugin/" + TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT);
-
- assertEquals("Unexpected session timeout", HttpManagement.DEFAULT_TIMEOUT_IN_SECONDS,
- details.get(HttpManagement.TIME_OUT));
- assertEquals("Unexpected http basic auth enabled", true,
- details.get(HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED));
- assertEquals("Unexpected https basic auth enabled", true,
- details.get(HttpManagement.HTTPS_BASIC_AUTHENTICATION_ENABLED));
- assertEquals("Unexpected http sasl auth enabled", true,
- details.get(HttpManagement.HTTP_SASL_AUTHENTICATION_ENABLED));
- assertEquals("Unexpected https sasl auth enabled", true,
- details.get(HttpManagement.HTTPS_SASL_AUTHENTICATION_ENABLED));
- }
-
- /* === Broker Logger === */
-
- public void testCreateBrokerLoggerAllowedDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerLogger.NAME, "testLogger1");
- attributes.put(ConfiguredObject.TYPE, BrokerMemoryLogger.TYPE);
-
- getRestTestHelper().submitRequest("brokerlogger", "PUT", attributes, HttpServletResponse.SC_CREATED);
- getRestTestHelper().submitRequest("brokerlogger/testLogger1", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- attributes.put(BrokerNameAndLevelLogInclusionRule.NAME, "testLogger2");
- getRestTestHelper().submitRequest("brokerlogger", "PUT", attributes, HttpServletResponse.SC_FORBIDDEN);
- getRestTestHelper().submitRequest("brokerlogger/testLogger2", "GET", HttpServletResponse.SC_NOT_FOUND);
- }
-
- public void testDeleteBrokerLoggerAllowedDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerLogger.NAME, "testLogger1");
- attributes.put(ConfiguredObject.TYPE, BrokerMemoryLogger.TYPE);
-
- getRestTestHelper().submitRequest("brokerlogger", "PUT", attributes, HttpServletResponse.SC_CREATED);
- getRestTestHelper().submitRequest("brokerlogger/testLogger1", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- getRestTestHelper().submitRequest("brokerlogger/testLogger1", "DELETE", null, HttpServletResponse.SC_FORBIDDEN);
- getRestTestHelper().submitRequest("brokerlogger/testLogger1", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
- getRestTestHelper().submitRequest("brokerlogger/testLogger1", "DELETE", null, HttpServletResponse.SC_OK);
- getRestTestHelper().submitRequest("brokerlogger/testLogger1", "GET", HttpServletResponse.SC_NOT_FOUND);
- }
-
- public void testDownloadBrokerLoggerFileAllowedDenied() throws Exception
- {
- final String loggerName = "testFileLogger";
- final String loggerPath = "brokerlogger/" + loggerName;
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerLogger.NAME, loggerName);
- attributes.put(ConfiguredObject.TYPE, BrokerFileLogger.TYPE);
- getRestTestHelper().submitRequest("brokerlogger", "PUT", attributes, HttpServletResponse.SC_CREATED);
-
- getRestTestHelper().submitRequest(loggerPath + "/getFile?fileName=qpid.log", "GET", HttpServletResponse.SC_OK);
- getRestTestHelper().submitRequest(loggerPath + "/getFiles?fileName=qpid.log", "GET", HttpServletResponse.SC_OK);
- getRestTestHelper().submitRequest(loggerPath + "/getAllFiles", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- getRestTestHelper().submitRequest(loggerPath + "/getFile?fileName=qpid.log", "GET", HttpServletResponse.SC_FORBIDDEN);
- getRestTestHelper().submitRequest(loggerPath + "/getFiles?fileName=qpid.log", "GET", HttpServletResponse.SC_FORBIDDEN);
- getRestTestHelper().submitRequest(loggerPath + "/getAllFiles", "GET", HttpServletResponse.SC_FORBIDDEN);
- }
-
- public void testViewMemoryLoggerEntriesAllowedDenied() throws Exception
- {
- final String loggerName = "testMemoryLogger";
- final String loggerPath = "brokerlogger/" + loggerName;
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerLogger.NAME, loggerName);
- attributes.put(ConfiguredObject.TYPE, BrokerMemoryLogger.TYPE);
- getRestTestHelper().submitRequest("brokerlogger", "PUT", attributes, HttpServletResponse.SC_CREATED);
-
- getRestTestHelper().submitRequest(loggerPath + "/getLogEntries?lastLogId=0", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- getRestTestHelper().submitRequest(loggerPath + "/getLogEntries?lastLogId=0", "GET", HttpServletResponse.SC_FORBIDDEN);
- }
-
- /* === Broker Log Inclusion Rules === */
-
- public void testCreateBrokerLoggerRuleAllowedDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> loggerAttributes = new HashMap<>();
- loggerAttributes.put(BrokerLogger.NAME, "testLogger1");
- loggerAttributes.put(ConfiguredObject.TYPE, BrokerMemoryLogger.TYPE);
- getRestTestHelper().submitRequest("brokerlogger", "PUT", loggerAttributes, HttpServletResponse.SC_CREATED);
-
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerNameAndLevelLogInclusionRule.NAME, "rule1");
- attributes.put(ConfiguredObject.TYPE, BrokerNameAndLevelLogInclusionRule.TYPE);
- attributes.put(BrokerNameAndLevelLogInclusionRule.LEVEL, "DEBUG");
-
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1", "PUT", attributes, HttpServletResponse.SC_CREATED);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- attributes.put(BrokerNameAndLevelLogInclusionRule.NAME, "rule2");
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1", "PUT", attributes, HttpServletResponse.SC_FORBIDDEN);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule2", "GET", HttpServletResponse.SC_NOT_FOUND);
- }
-
- public void testUpdateBrokerLoggerRuleAllowedDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> loggerAttributes = new HashMap<>();
- loggerAttributes.put(BrokerLogger.NAME, "testLogger1");
- loggerAttributes.put(ConfiguredObject.TYPE, BrokerMemoryLogger.TYPE);
- getRestTestHelper().submitRequest("brokerlogger", "PUT", loggerAttributes, HttpServletResponse.SC_CREATED);
-
- Map<String, Object> ruleAttributes = new HashMap<>();
- ruleAttributes.put(BrokerNameAndLevelLogInclusionRule.NAME, "rule1");
- ruleAttributes.put(ConfiguredObject.TYPE, BrokerNameAndLevelLogInclusionRule.TYPE);
- ruleAttributes.put(BrokerNameAndLevelLogInclusionRule.LEVEL, "INFO");
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1", "PUT", ruleAttributes, HttpServletResponse.SC_CREATED);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerNameAndLevelLogInclusionRule.NAME, "rule1");
- attributes.put(ConfiguredObject.TYPE, BrokerNameAndLevelLogInclusionRule.TYPE);
- attributes.put(BrokerNameAndLevelLogInclusionRule.LEVEL, "DEBUG");
-
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "PUT", attributes, HttpServletResponse.SC_OK);
- Map<String,Object> resultAfterUpdate =
- getRestTestHelper().getJsonAsMap("brokerloginclusionrule/testLogger1/rule1");
- assertEquals("Log level was not changed", "DEBUG", resultAfterUpdate.get(BrokerNameAndLevelLogInclusionRule.LEVEL));
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- attributes.put(BrokerNameAndLevelLogInclusionRule.LEVEL, "INFO");
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "PUT", attributes, HttpServletResponse.SC_FORBIDDEN);
-
- Map<String,Object> resultAfterDeniedUpdate =
- getRestTestHelper().getJsonAsMap("brokerloginclusionrule/testLogger1/rule1");
- assertEquals("Log level was changed by not allowed user", "DEBUG", resultAfterDeniedUpdate.get(BrokerNameAndLevelLogInclusionRule.LEVEL));
- }
-
- public void testDeleteBrokerLoggerRuleAllowedDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> loggerAttributes = new HashMap<>();
- loggerAttributes.put(BrokerLogger.NAME, "testLogger1");
- loggerAttributes.put(ConfiguredObject.TYPE, BrokerMemoryLogger.TYPE);
- getRestTestHelper().submitRequest("brokerlogger", "PUT", loggerAttributes, HttpServletResponse.SC_CREATED);
-
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(BrokerNameAndLevelLogInclusionRule.NAME, "rule1");
- attributes.put(ConfiguredObject.TYPE, BrokerNameAndLevelLogInclusionRule.TYPE);
- attributes.put(BrokerNameAndLevelLogInclusionRule.LEVEL, "DEBUG");
-
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1", "PUT", attributes, HttpServletResponse.SC_CREATED);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "DELETE", null, HttpServletResponse.SC_FORBIDDEN);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "GET", HttpServletResponse.SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "DELETE", null, HttpServletResponse.SC_OK);
- getRestTestHelper().submitRequest("brokerloginclusionrule/testLogger1/rule1", "GET", HttpServletResponse.SC_NOT_FOUND);
- }
-
- /* === Utility Methods === */
-
- private int createPort(String portName) throws Exception
- {
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(Port.NAME, portName);
- attributes.put(Port.PORT, 0);
- attributes.put(Port.AUTHENTICATION_PROVIDER, TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER);
-
- return getRestTestHelper().submitRequest("port/" + portName, "PUT", attributes);
- }
-
- private void assertPortExists(String portName) throws Exception
- {
- assertPortExistence(portName, true);
- }
-
- private void assertPortDoesNotExist(String portName) throws Exception
- {
- assertPortExistence(portName, false);
- }
-
- private void assertPortExistence(String portName, boolean exists) throws Exception
- {
- String path = "port/" + portName;
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(path, "GET", expectedResponseCode);
-
- }
-
- private void assertKeyStoreExistence(String keyStoreName, boolean exists) throws Exception
- {
- String path = "keystore/" + keyStoreName;
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(path, "GET", expectedResponseCode);
- }
-
- private void assertTrustStoreExistence(String trustStoreName, boolean exists) throws Exception
- {
- String path = "truststore/" + trustStoreName;
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(path, "GET", expectedResponseCode);
- }
-
- private int createAuthenticationProvider(String authenticationProviderName) throws Exception
- {
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(AuthenticationProvider.NAME, authenticationProviderName);
- attributes.put(AuthenticationProvider.TYPE, AnonymousAuthenticationManager.PROVIDER_TYPE);
-
- return getRestTestHelper().submitRequest("authenticationprovider/" + authenticationProviderName, "PUT", attributes);
- }
-
- private void assertAuthenticationProviderDoesNotExist(String authenticationProviderName) throws Exception
- {
- assertAuthenticationProviderExistence(authenticationProviderName, false);
- }
-
- private void assertAuthenticationProviderExists(String authenticationProviderName) throws Exception
- {
- assertAuthenticationProviderExistence(authenticationProviderName, true);
- }
-
- private void assertAuthenticationProviderExistence(String authenticationProviderName, boolean exists) throws Exception
- {
- String path = "authenticationprovider/" + authenticationProviderName;
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(path, "GET", expectedResponseCode);
- }
-
- private int createKeyStore(String name, String certAlias) throws IOException
- {
- Map<String, Object> keyStoreAttributes = new HashMap<String, Object>();
- keyStoreAttributes.put(KeyStore.NAME, name);
- keyStoreAttributes.put(FileKeyStore.STORE_URL, TestSSLConstants.KEYSTORE);
- keyStoreAttributes.put(FileKeyStore.PASSWORD, TestSSLConstants.KEYSTORE_PASSWORD);
- keyStoreAttributes.put(FileKeyStore.CERTIFICATE_ALIAS, certAlias);
-
- return getRestTestHelper().submitRequest("keystore/" + name, "PUT", keyStoreAttributes);
- }
-
- private int createTrustStore(String name, boolean peersOnly) throws IOException
- {
- Map<String, Object> trustStoreAttributes = new HashMap<String, Object>();
- trustStoreAttributes.put(TrustStore.NAME, name);
- trustStoreAttributes.put(FileTrustStore.STORE_URL, TestSSLConstants.KEYSTORE);
- trustStoreAttributes.put(FileTrustStore.PASSWORD, TestSSLConstants.KEYSTORE_PASSWORD);
- trustStoreAttributes.put(FileTrustStore.PEERS_ONLY, peersOnly);
-
- return getRestTestHelper().submitRequest("truststore/" + name, "PUT", trustStoreAttributes);
- }
-
- private void assertGroupProviderExistence(String groupProviderName, boolean exists) throws Exception
- {
- String path = "groupprovider/" + groupProviderName;
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(path, "GET", expectedResponseCode);
- }
-
- private int createGroupProvider(String groupProviderName) throws Exception
- {
- File file = TestFileUtils.createTempFile(this, ".groups");
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(GroupProvider.NAME, groupProviderName);
- attributes.put(GroupProvider.TYPE, FileBasedGroupProviderImpl.GROUP_FILE_PROVIDER_TYPE);
- attributes.put(FileBasedGroupProvider.PATH, file.getAbsoluteFile());
-
- return getRestTestHelper().submitRequest("groupprovider/" + groupProviderName, "PUT", attributes);
- }
-
- private void assertAccessControlProviderExistence(String accessControlProviderName, boolean exists) throws Exception
- {
- String path = "accesscontrolprovider/" + accessControlProviderName;
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(path, "GET", expectedResponseCode);
- }
-
- private int createAccessControlProvider(String accessControlProviderName) throws Exception
- {
- File file = TestFileUtils.createTempFile(this, ".acl", _secondaryAclFileContent);
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(AccessControlProvider.NAME, accessControlProviderName);
- attributes.put(AccessControlProvider.TYPE, AclFileAccessControlProvider.ACL_FILE_PROVIDER_TYPE);
- attributes.put(AclFileAccessControlProvider.PATH, file.getAbsoluteFile());
-
- return getRestTestHelper().submitRequest("accesscontrolprovider/" + accessControlProviderName, "PUT", attributes);
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/ExchangeRestACLTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/ExchangeRestACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/ExchangeRestACLTest.java
deleted file mode 100644
index 41fdba2..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/ExchangeRestACLTest.java
+++ /dev/null
@@ -1,317 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest.acl;
-
-import static org.apache.qpid.test.utils.TestUtils.writeACLFileUtil;
-import static org.apache.qpid.test.utils.TestBrokerConfiguration.ENTRY_NAME_ACL_FILE;
-
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet;
-import org.apache.qpid.server.model.AccessControlProvider;
-import org.apache.qpid.server.model.AlternateBinding;
-import org.apache.qpid.server.model.Exchange;
-import org.apache.qpid.server.model.Queue;
-import org.apache.qpid.systest.rest.QpidRestTestCase;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-
-public class ExchangeRestACLTest extends QpidRestTestCase
-{
- private static final String ALLOWED_USER = "user1";
- private static final String DENIED_USER = "user2";
- private static final String ADMIN = "ADMIN";
-
- private String _queueName;
- private String _exchangeName;
- private String _exchangeUrl;
- private String _aclFilePath;
-
- @Override
- protected void customizeConfiguration() throws Exception
- {
- super.customizeConfiguration();
- final TestBrokerConfiguration defaultBrokerConfiguration = getDefaultBrokerConfiguration();
- defaultBrokerConfiguration.configureTemporaryPasswordFile(ALLOWED_USER, DENIED_USER, ADMIN);
-
- _aclFilePath = writeACLFileUtil(this,
- "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_USER + " CREATE QUEUE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " CREATE EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " CREATE EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " UPDATE EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " UPDATE EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " DELETE EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " DELETE EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " BIND EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " BIND EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " UNBIND EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " UNBIND EXCHANGE",
- "ACL ALLOW-LOG " + ADMIN + " ALL ALL",
- "ACL DENY-LOG ALL ALL");
- }
-
- @Override
- public void setUp() throws Exception
- {
- super.setUp();
- _queueName = getTestQueueName();
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
- Map<String, Object> queueData = new HashMap<String, Object>();
- queueData.put(Queue.NAME, _queueName);
- queueData.put(Queue.DURABLE, Boolean.TRUE);
- int status = getRestTestHelper().submitRequest("queue/test/test/" + _queueName, "PUT", queueData);
- assertEquals("Unexpected status", 201, status);
-
- _exchangeName = getTestName();
- _exchangeUrl = "exchange/test/test/" + _exchangeName;
- }
-
- public void testCreateExchangeAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- int responseCode = createExchange();
- assertEquals("Exchange creation should be allowed", 201, responseCode);
-
- assertExchangeExists();
- }
-
- public void testCreateExchangeDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- int responseCode = createExchange();
- assertEquals("Exchange creation should be denied", 403, responseCode);
-
- assertExchangeDoesNotExist();
- }
-
-
- public void testCreateExchangeAllowedAfterReload() throws Exception
- {
-
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- int responseCode = createExchange();
- assertEquals("Exchange creation should be denied", 403, responseCode);
-
- assertExchangeDoesNotExist();
-
- overwriteAclFile("ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_USER + " CREATE QUEUE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " CREATE EXCHANGE",
- "ACL ALLOW-LOG " + DENIED_USER + " CREATE EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " UPDATE EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " UPDATE EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " DELETE EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " DELETE EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " BIND EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " BIND EXCHANGE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " UNBIND EXCHANGE",
- "ACL DENY-LOG " + DENIED_USER + " UNBIND EXCHANGE",
- "ACL ALLOW-LOG " + ADMIN + " ALL ALL",
- "ACL DENY-LOG ALL ALL");
- getRestTestHelper().setUsernameAndPassword(ADMIN, ADMIN);
- getRestTestHelper().submitRequest("/api/latest/"
- + AccessControlProvider.class.getSimpleName().toLowerCase()
- + "/" + ENTRY_NAME_ACL_FILE + "/reload", "POST", Collections.emptyMap(), 200);
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- responseCode = createExchange();
- assertEquals("Exchange creation should be allowed", 201, responseCode);
-
- assertExchangeExists();
-
- }
-
- private void overwriteAclFile(final String... rules) throws IOException
- {
- try(FileWriter fw = new FileWriter(_aclFilePath); PrintWriter out = new PrintWriter(fw))
- {
- for(String line :rules)
- {
- out.println(line);
- }
- }
- }
-
- public void testDeleteExchangeAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- int responseCode = createExchange();
- assertEquals("Exchange creation should be allowed", 201, responseCode);
-
- assertExchangeExists();
-
-
- responseCode = getRestTestHelper().submitRequest(_exchangeUrl, "DELETE");
- assertEquals("Exchange deletion should be allowed", 200, responseCode);
-
- assertExchangeDoesNotExist();
- }
-
- public void testDeleteExchangeDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- int responseCode = createExchange();
- assertEquals("Exchange creation should be allowed", 201, responseCode);
-
- assertExchangeExists();
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- responseCode = getRestTestHelper().submitRequest(_exchangeUrl, "DELETE");
- assertEquals("Exchange deletion should be denied", 403, responseCode);
-
- assertExchangeExists();
- }
-
- public void testSetExchangeAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createExchange();
-
- assertExchangeExists();
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(Exchange.NAME, _exchangeName);
- attributes.put(Exchange.ALTERNATE_BINDING,
- Collections.singletonMap(AlternateBinding.DESTINATION, "my-alternate-exchange"));
-
- getRestTestHelper().submitRequest(_exchangeUrl, "PUT", attributes, AbstractServlet.SC_UNPROCESSABLE_ENTITY);
- }
-
- public void testSetExchangeAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createExchange();
- assertExchangeExists();
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(Exchange.NAME, _exchangeName);
- attributes.put(Exchange.ALTERNATE_BINDING,
- Collections.singletonMap(AlternateBinding.DESTINATION, "my-alternate-exchange"));
-
- getRestTestHelper().submitRequest(_exchangeUrl, "PUT", attributes, 403);
- }
-
- public void testBindToExchangeAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- String bindingName = getTestName();
- int responseCode = createBinding(bindingName);
- assertEquals("Binding creation should be allowed", 200, responseCode);
-
- assertBindingExists(bindingName);
- }
-
- public void testBindToExchangeDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- String bindingName = getTestName();
- int responseCode = createBinding(bindingName);
- assertEquals("Binding creation should be denied", 403, responseCode);
-
- assertBindingDoesNotExist(bindingName);
- }
-
- private int createExchange() throws Exception
- {
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(Exchange.NAME, _exchangeName);
- attributes.put(Exchange.TYPE, "direct");
- return getRestTestHelper().submitRequest(_exchangeUrl, "PUT", attributes);
- }
-
- private void assertExchangeDoesNotExist() throws Exception
- {
- assertExchangeExistence(false);
- }
-
- private void assertExchangeExists() throws Exception
- {
- assertExchangeExistence(true);
- }
-
- private void assertExchangeExistence(boolean exists) throws Exception
- {
- int expectedResponseCode = exists ? HttpServletResponse.SC_OK : HttpServletResponse.SC_NOT_FOUND;
- getRestTestHelper().submitRequest(_exchangeUrl, "GET", expectedResponseCode);
- }
-
- private int createBinding(String bindingName) throws IOException
- {
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put("bindingKey", bindingName);
- attributes.put("destination", _queueName);
-
- int responseCode = getRestTestHelper().submitRequest("exchange/test/test/amq.direct/bind", "POST", attributes);
- return responseCode;
- }
-
- private void assertBindingDoesNotExist(String bindingName) throws Exception
- {
- assertBindingExistence(bindingName, false);
- }
-
- private void assertBindingExists(String bindingName) throws Exception
- {
- assertBindingExistence(bindingName, true);
- }
-
- private void assertBindingExistence(String bindingName, boolean exists) throws Exception
- {
- String path = "exchange/test/test/amq.direct";
-
- final Map<String, Object> exch = getRestTestHelper().getJsonAsMap(path);
- final Collection<Map<String, Object>> bindings = (Collection<Map<String, Object>>) exch.get("bindings");
- boolean found = false;
- if (bindings != null)
- {
- for(Map<String, Object> binding : bindings)
- {
- if (bindingName.equals(binding.get("bindingKey")))
- {
- found = true;
- break;
- }
- }
- }
-
- assertEquals(exists, found);
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java
deleted file mode 100644
index 70954c5..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/GroupRestACLTest.java
+++ /dev/null
@@ -1,201 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest.acl;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.util.Map;
-import java.util.Properties;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.qpid.server.management.plugin.HttpManagement;
-import org.apache.qpid.server.model.Plugin;
-import org.apache.qpid.systest.rest.QpidRestTestCase;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.test.utils.TestUtils;
-
-public class GroupRestACLTest extends QpidRestTestCase
-{
- private static final String FILE_GROUP_MANAGER = TestBrokerConfiguration.ENTRY_NAME_GROUP_FILE;
-
- private static final String ALLOWED_GROUP = "allowedGroup";
- private static final String DENIED_GROUP = "deniedGroup";
- private static final String OTHER_GROUP = "otherGroup";
-
- private static final String ALLOWED_USER = "webadmin";
- private static final String DENIED_USER = "admin";
- private static final String OTHER_USER = "admin";
-
- private File _groupFile;
-
- @Override
- public void startDefaultBroker() throws Exception
- {
- // tests will start the broker after configuring it
- }
-
- @Override
- protected void customizeConfiguration() throws Exception
- {
- super.customizeConfiguration();
- getDefaultBrokerConfiguration().setObjectAttribute(Plugin.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT, HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED, true);
- _groupFile = createTemporaryGroupFile();
- getDefaultBrokerConfiguration().addGroupFileConfiguration(_groupFile.getAbsolutePath());
- }
-
- @Override
- public void tearDown() throws Exception
- {
- super.tearDown();
-
- if (_groupFile != null)
- {
- if (_groupFile.exists())
- {
- _groupFile.delete();
- }
- }
- }
-
- private File createTemporaryGroupFile() throws Exception
- {
- File groupFile = File.createTempFile("group", "grp");
- groupFile.deleteOnExit();
-
- Properties props = new Properties();
- props.put(ALLOWED_GROUP + ".users", ALLOWED_USER);
- props.put(DENIED_GROUP + ".users", DENIED_USER);
- props.put(OTHER_GROUP + ".users", OTHER_USER);
-
- try(final FileOutputStream out = new FileOutputStream(groupFile))
- {
- props.store(out, "test group file");
- }
-
- return groupFile;
- }
-
- public void testCreateGroup() throws Exception
- {
- TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_GROUP + " CREATE GROUP",
- "ACL DENY-LOG " + DENIED_GROUP + " CREATE GROUP");
-
- //Start the broker with the custom config
- super.startDefaultBroker();
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- Map<String, Object> data =
- getRestTestHelper().getJsonAsMap("groupprovider/" + FILE_GROUP_MANAGER + "?depth=1");
- getRestTestHelper().assertNumberOfGroups(data, 3);
-
- getRestTestHelper().createGroup("newGroup", FILE_GROUP_MANAGER);
-
- data = getRestTestHelper().getJsonAsMap("groupprovider/" + FILE_GROUP_MANAGER + "?depth=1");
- getRestTestHelper().assertNumberOfGroups(data, 4);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- getRestTestHelper().createGroup("anotherNewGroup", FILE_GROUP_MANAGER, HttpServletResponse.SC_FORBIDDEN);
-
- data = getRestTestHelper().getJsonAsMap("groupprovider/" + FILE_GROUP_MANAGER + "?depth=1");
- getRestTestHelper().assertNumberOfGroups(data, 4);
- }
-
- public void testDeleteGroup() throws Exception
- {
- TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_GROUP + " DELETE GROUP",
- "ACL DENY-LOG " + DENIED_GROUP + " DELETE GROUP");
-
- //Start the broker with the custom config
- super.startDefaultBroker();
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> data =
- getRestTestHelper().getJsonAsMap("groupprovider/" + FILE_GROUP_MANAGER + "?depth=1");
- getRestTestHelper().assertNumberOfGroups(data, 3);
-
- getRestTestHelper().removeGroup(OTHER_GROUP, FILE_GROUP_MANAGER, HttpServletResponse.SC_FORBIDDEN);
-
- data = getRestTestHelper().getJsonAsMap("groupprovider/" + FILE_GROUP_MANAGER + "?depth=1");
- getRestTestHelper().assertNumberOfGroups(data, 3);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- getRestTestHelper().removeGroup(OTHER_GROUP, FILE_GROUP_MANAGER);
-
- data = getRestTestHelper().getJsonAsMap("groupprovider/" + FILE_GROUP_MANAGER + "?depth=1");
- getRestTestHelper().assertNumberOfGroups(data, 2);
- }
-
- public void testUpdateGroupAddMember() throws Exception
- {
- TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_GROUP + " UPDATE GROUP",
- "ACL DENY-LOG " + DENIED_GROUP + " UPDATE GROUP");
-
- //Start the broker with the custom config
- super.startDefaultBroker();
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- assertNumberOfGroupMembers(OTHER_GROUP, 1);
-
- getRestTestHelper().createNewGroupMember(FILE_GROUP_MANAGER, OTHER_GROUP, "newGroupMember", HttpServletResponse.SC_FORBIDDEN);
- assertNumberOfGroupMembers(OTHER_GROUP, 1);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
- getRestTestHelper().createNewGroupMember(FILE_GROUP_MANAGER, OTHER_GROUP, "newGroupMember");
- assertNumberOfGroupMembers(OTHER_GROUP, 2);
- }
-
- public void testUpdateGroupDeleteMember() throws Exception
- {
- TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_GROUP + " UPDATE GROUP",
- "ACL DENY-LOG " + DENIED_GROUP + " UPDATE GROUP");
-
- //Start the broker with the custom config
- super.startDefaultBroker();
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- assertNumberOfGroupMembers(OTHER_GROUP, 1);
-
- getRestTestHelper().removeMemberFromGroup(FILE_GROUP_MANAGER, OTHER_GROUP, OTHER_USER, HttpServletResponse.SC_FORBIDDEN);
- assertNumberOfGroupMembers(OTHER_GROUP, 1);
-
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
- getRestTestHelper().removeMemberFromGroup(FILE_GROUP_MANAGER, OTHER_GROUP, OTHER_USER);
- assertNumberOfGroupMembers(OTHER_GROUP, 0);
- }
-
- private void assertNumberOfGroupMembers(String groupName, int expectedNumberOfMembers) throws IOException
- {
- Map<String, Object> group = getRestTestHelper().getJsonAsMap("group/"
- + FILE_GROUP_MANAGER
- + "/"
- + groupName
- + "?depth=1");
- getRestTestHelper().assertNumberOfGroupMembers(group, expectedNumberOfMembers);
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/cec889db/systests/src/test/java/org/apache/qpid/systest/rest/acl/QueueRestACLTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/QueueRestACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/QueueRestACLTest.java
deleted file mode 100644
index e23b7d3..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/QueueRestACLTest.java
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest.acl;
-
-import static javax.servlet.http.HttpServletResponse.SC_CREATED;
-import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
-import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
-import static javax.servlet.http.HttpServletResponse.SC_OK;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.qpid.server.model.Queue;
-import org.apache.qpid.systest.rest.QpidRestTestCase;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.test.utils.TestUtils;
-
-public class QueueRestACLTest extends QpidRestTestCase
-{
- private static final String ALLOWED_USER = "user1";
- private static final String DENIED_USER = "user2";
- private String _queueUrl;
- private String _queueName;
-
- @Override
- public void setUp() throws Exception
- {
- super.setUp();
- _queueName = getTestName();
- _queueUrl = "queue/test/test/" + _queueName;
- }
-
- @Override
- protected void customizeConfiguration() throws Exception
- {
- super.customizeConfiguration();
- final TestBrokerConfiguration defaultBrokerConfiguration = getDefaultBrokerConfiguration();
- defaultBrokerConfiguration.configureTemporaryPasswordFile(ALLOWED_USER, DENIED_USER);
-
- TestUtils.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
- "ACL ALLOW-LOG " + ALLOWED_USER + " CREATE QUEUE",
- "ACL DENY-LOG " + DENIED_USER + " CREATE QUEUE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " UPDATE QUEUE",
- "ACL DENY-LOG " + DENIED_USER + " UPDATE QUEUE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " DELETE QUEUE",
- "ACL DENY-LOG " + DENIED_USER + " DELETE QUEUE",
- "ACL ALLOW-LOG " + ALLOWED_USER + " INVOKE QUEUE method_name=\"clearQueue\"",
- "ACL ALLOW-LOG " + ALLOWED_USER + " INVOKE QUEUE method_name=\"get*\"",
- "ACL DENY-LOG ALL ALL");
-
- }
-
- public void testCreateQueueAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createQueue(SC_CREATED);
-
- assertQueueExists();
- }
-
- public void testCreateQueueDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- createQueue(SC_FORBIDDEN);
-
- assertQueueDoesNotExist();
- }
-
- public void testDeleteQueueAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createQueue(SC_CREATED);
-
- assertQueueExists();
-
- getRestTestHelper().submitRequest(_queueUrl, "DELETE", SC_OK);
-
- assertQueueDoesNotExist();
- }
-
- public void testDeleteQueueDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createQueue(SC_CREATED);
-
- assertQueueExists();
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
- getRestTestHelper().submitRequest(_queueUrl, "DELETE", SC_FORBIDDEN);
-
- assertQueueExists();
- }
-
-
-
- public void testSetQueueAttributesAllowed() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createQueue(SC_CREATED);
-
- assertQueueExists();
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(Queue.NAME, _queueName);
- attributes.put(Queue.MAXIMUM_QUEUE_DEPTH_MESSAGES, 100000);
-
- getRestTestHelper().submitRequest(_queueUrl, "PUT", attributes, SC_OK);
-
- Map<String, Object> queueData = getRestTestHelper().getJsonAsMap(_queueUrl);
- assertEquals("Unexpected " + Queue.MAXIMUM_QUEUE_DEPTH_MESSAGES, 100000, queueData.get(Queue.MAXIMUM_QUEUE_DEPTH_MESSAGES));
- }
-
- public void testSetQueueAttributesDenied() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createQueue(SC_CREATED);
- assertQueueExists();
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- Map<String, Object> attributes = new HashMap<>();
- attributes.put(Queue.NAME, _queueName);
- attributes.put(Queue.MAXIMUM_QUEUE_DEPTH_MESSAGES, 100000);
-
- getRestTestHelper().submitRequest(_queueUrl, "PUT", attributes, SC_FORBIDDEN);
-
- Map<String, Object> queueData = getRestTestHelper().getJsonAsMap(_queueUrl);
- assertEquals("Unexpected " + Queue.MAXIMUM_QUEUE_DEPTH_MESSAGES, -1, queueData.get(Queue.MAXIMUM_QUEUE_DEPTH_MESSAGES));
- }
-
- public void testInvokeQueueOperation() throws Exception
- {
- getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
-
- createQueue(SC_CREATED);
-
- getRestTestHelper().submitRequest(_queueUrl + "/clearQueue", "POST", Collections.emptyMap(), SC_OK);
- getRestTestHelper().submitRequest(_queueUrl + "/getStatistics", "POST", Collections.emptyMap(), SC_OK);
-
- getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
-
- getRestTestHelper().submitRequest(_queueUrl + "/clearQueue", "POST", Collections.emptyMap(), SC_FORBIDDEN);
- }
-
- private void createQueue(final int expectedResponseCode) throws Exception
- {
- Map<String, Object> attributes = Collections.singletonMap(Queue.NAME, _queueName);
-
- getRestTestHelper().submitRequest(_queueUrl, "PUT", attributes, expectedResponseCode);
- }
-
- private void assertQueueDoesNotExist() throws Exception
- {
- assertQueueExistence(false);
- }
-
- private void assertQueueExists() throws Exception
- {
- assertQueueExistence(true);
- }
-
- private void assertQueueExistence(boolean exists) throws Exception
- {
- int expectedResponseCode = exists ? SC_OK : SC_NOT_FOUND;
- getRestTestHelper().submitRequest(_queueUrl, "GET", expectedResponseCode);
- }
-}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org