You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by je...@apache.org on 2016/02/11 16:27:25 UTC
[61/62] [abbrv] incubator-geode git commit: Merge branch 'develop'
into feature/GEODE-17
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/build.gradle
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/distributed/DistributedSystem.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/LauncherLifecycleCommands.java
----------------------------------------------------------------------
diff --cc gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/LauncherLifecycleCommands.java
index 9270363,570b6f5..2dfe6eb
--- a/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/LauncherLifecycleCommands.java
+++ b/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/LauncherLifecycleCommands.java
@@@ -112,14 -112,7 +112,9 @@@ import com.gemstone.gemfire.management.
import com.gemstone.gemfire.management.internal.configuration.domain.SharedConfigurationStatus;
import com.gemstone.gemfire.management.internal.configuration.messages.SharedConfigurationStatusRequest;
import com.gemstone.gemfire.management.internal.configuration.messages.SharedConfigurationStatusResponse;
-
+import com.gemstone.gemfire.management.internal.security.Resource;
+import com.gemstone.gemfire.management.internal.security.ResourceConstants;
+import com.gemstone.gemfire.management.internal.security.ResourceOperation;
- import com.gemstone.gemfire.security.GemFireSecurityException;
- //import com.gemstone.org.jgroups.stack.tcpserver.TcpClient;
- import com.sun.tools.attach.VirtualMachine;
- import com.sun.tools.attach.VirtualMachineDescriptor;
-
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
import org.springframework.shell.core.annotation.CliOption;
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
----------------------------------------------------------------------
diff --cc gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
index 0000000,ef98575..5455818
mode 000000,100644..100644
--- a/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
+++ b/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
@@@ -1,0 -1,308 +1,292 @@@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
+ package com.gemstone.gemfire.management.internal.security;
+
+ import java.io.File;
+ import java.io.FileReader;
+ import java.io.IOException;
+ import java.security.Principal;
+ import java.util.HashMap;
+ import java.util.HashSet;
+ import java.util.Map;
+ import java.util.Properties;
+ import java.util.Set;
+
+ import javax.management.remote.JMXPrincipal;
+
+ import org.json.JSONArray;
+ import org.json.JSONException;
+ import org.json.JSONObject;
+
+ import com.gemstone.gemfire.GemFireConfigException;
+ import com.gemstone.gemfire.LogWriter;
+ import com.gemstone.gemfire.cache.Cache;
+ import com.gemstone.gemfire.cache.operations.OperationContext;
+ import com.gemstone.gemfire.distributed.DistributedMember;
+ import com.gemstone.gemfire.internal.logging.LogService;
+ import com.gemstone.gemfire.management.internal.security.ResourceOperationContext.ResourceOperationCode;
+ import com.gemstone.gemfire.security.AccessControl;
+ import com.gemstone.gemfire.security.AuthenticationFailedException;
+ import com.gemstone.gemfire.security.Authenticator;
+ import com.gemstone.gemfire.security.NotAuthorizedException;
+
+ public class JSONAuthorization implements AccessControl, Authenticator {
+
+ public static class Role{
+ String[] permissions;
+ String name;
+ String regionName;
+ String serverGroup;
+ }
+
+ public static class User{
+ String name;
+ Role[] roles;
+ String pwd;
+ }
+
+ private static Map<String,User> acl = null;
+
+ public static JSONAuthorization create() throws IOException, JSONException {
+ if(acl==null){
+ readSecurityDescriptor(readDefault());
+ }
+ return new JSONAuthorization();
+ }
+
+ public JSONAuthorization() {
+ if (acl == null) {
+ try {
+ readSecurityDescriptor(readDefault());
+ } catch (IOException e) {
+ throw new GemFireConfigException("Error creating JSONAuth", e);
+ } catch (JSONException e) {
+ throw new GemFireConfigException("Error creating JSONAuth", e);
+ }
+ }
+ }
+
+ public static Set<ResourceOperationCode> getAuthorizedOps(User user, ResourceOperationContext context) {
+ Set<ResourceOperationCode> codeList = new HashSet<ResourceOperationCode>();
+ for(Role role : user.roles) {
+ for (String perm : role.permissions) {
+ ResourceOperationCode code = ResourceOperationCode.parse(perm);
+ if (role.regionName == null && role.serverGroup == null) {
+ addPermissions(code, codeList);
+ } else if (role.regionName != null) {
+ LogService.getLogger().info("This role requires region=" + role.regionName);
+ if (context instanceof CLIOperationContext) {
+ CLIOperationContext cliContext = (CLIOperationContext) context;
+ String region = cliContext.getCommandOptions().get("region");
+ if (region != null && region.equals(role.regionName)) {
+ addPermissions(code, codeList);
+ } else {
+ LogService.getLogger().info("Not adding permission " + code + " since region=" + region + " does not match");
+ }
+ }
+ }
+ // Same to be implemented for ServerGroup
+ }
+ }
+ LogService.getLogger().info("Final set of permisions " + codeList);
+ return codeList;
+ }
+
+ private static void addPermissions(ResourceOperationCode code, Set<ResourceOperationCode> codeList) {
+ if(code!=null) {
+ if(code.getChildren()==null)
+ codeList.add(code);
+ else {
+ for(ResourceOperationCode c : code.getChildren()){
+ codeList.add(c);
+ }
+ }
+ }
+ }
+
+ private static String readDefault() throws IOException, JSONException {
+ String str = System.getProperty(ResourceConstants.RESORUCE_SEC_DESCRIPTOR, ResourceConstants.RESORUCE_DEFAULT_SEC_DESCRIPTOR);
+ File file = new File(str);
+ FileReader reader = new FileReader(file);
+ char[] buffer = new char[(int) file.length()];
+ reader.read(buffer);
+ String json = new String(buffer);
+ reader.close();
+ return json;
+ }
+
+ public JSONAuthorization(String json) throws IOException, JSONException{
+ readSecurityDescriptor(json);
+ }
+
+
+ private static void readSecurityDescriptor(String json) throws IOException, JSONException {
+ JSONObject jsonBean = new JSONObject(json);
+ acl = new HashMap<String,User>();
+ Map<String,Role> roleMap = readRoles(jsonBean);
+ readUsers(acl,jsonBean,roleMap);
+ }
+
+ private static void readUsers(Map<String, User> acl, JSONObject jsonBean,
+ Map<String, Role> roleMap) throws JSONException {
+ JSONArray array = jsonBean.getJSONArray("users");
+ for(int i=0;i<array.length();i++){
+ JSONObject obj = array.getJSONObject(i);
+ User user = new User();
+ user.name = obj.getString("name");
+ if(obj.has("password"))
+ user.pwd = obj.getString("password");
+ else
+ user.pwd = user.name;
+
+ JSONArray ops = obj.getJSONArray("roles");
+ user.roles = new Role[ops.length()];
+ for(int j=0;j<ops.length();j++){
+ String roleName = ops.getString(j);
+ user.roles[j] = roleMap.get(roleName);
+ if(user.roles[j]==null){
+ throw new RuntimeException("Role not present " + roleName);
+ }
+ }
+ acl.put(user.name, user);
+ }
+ }
+
+ private static Map<String, Role> readRoles(JSONObject jsonBean) throws JSONException {
+ Map<String,Role> roleMap = new HashMap<String,Role>();
+ JSONArray array = jsonBean.getJSONArray("roles");
+ for(int i=0;i<array.length();i++){
+ JSONObject obj = array.getJSONObject(i);
+ Role role = new Role();
+ role.name = obj.getString("name");
+
+ if(obj.has("operationsAllowed")){
+ JSONArray ops = obj.getJSONArray("operationsAllowed");
+ role.permissions = new String[ops.length()];
+ for(int j=0;j<ops.length();j++){
+ role.permissions[j] = ops.getString(j);
+ }
+ }else {
+ if (!obj.has("inherit"))
+ throw new RuntimeException(
+ "Role "
+ + role.name
+ + " does not have any permission neither it inherits any parent role");
+ }
+
+ roleMap.put(role.name,role);
+
+ if(obj.has("region")){
+ role.regionName = obj.getString("region");
+ }
+
+ if(obj.has("serverGroup")){
+ role.serverGroup = obj.getString("serverGroup");
+ }
+ }
+
+ for(int i=0;i<array.length();i++){
+ JSONObject obj = array.getJSONObject(i);
+ String name = obj.getString("name");
+ Role role = roleMap.get(name);
+ if (role == null) {
+ throw new RuntimeException("Role not present "
+ + role);
+ }
+ if(obj.has("inherit")){
+ JSONArray parentRoles = obj.getJSONArray("inherit");
+ for (int m = 0; m < parentRoles.length(); m++) {
+ String parentRoleName = parentRoles.getString(m);
+ Role parentRole = roleMap.get(parentRoleName);
+ if (parentRole == null) {
+ throw new RuntimeException("Role not present "
+ + parentRoleName);
+ }
+ int oldLenth=0;
+ if(role.permissions!=null)
+ oldLenth = role.permissions.length;
+ int newLength = oldLenth + parentRole.permissions.length;
+ String[] str = new String[newLength];
+ int k = 0;
+ if(role.permissions!=null) {
+ for (; k < role.permissions.length; k++) {
+ str[k] = role.permissions[k];
+ }
+ }
+
+ for (int l = 0; l < parentRole.permissions.length; l++) {
+ str[k + l] = parentRole.permissions[l];
+ }
+ role.permissions = str;
+ }
+ }
+
+ }
+ return roleMap;
+ }
+
+ public static Map<String, User> getAcl() {
+ return acl;
+ }
+
+ private Principal principal=null;
+
+ @Override
+ public void close() {
+
+ }
+
+ @Override
+ public boolean authorizeOperation(String arg0, OperationContext context) {
+
+ if(principal!=null) {
+ User user = acl.get(principal.getName());
+ if(user!=null) {
+ LogService.getLogger().info("Context received " + context);
+ ResourceOperationContext ctx = (ResourceOperationContext)context;
+ LogService.getLogger().info("Checking for code " + ctx.getResourceOperationCode());
+
+ //TODO : This is for un-annotated commands
+ if(ctx.getResourceOperationCode()==null)
+ return true;
+
+ boolean found = false;
+ for(ResourceOperationCode code : getAuthorizedOps(user, (ResourceOperationContext) context)) {
+ if(ctx.getResourceOperationCode().equals(code)){
+ found =true;
+ LogService.getLogger().info("found code " + code.toString());
+ break;
+ }
+ }
+ if(found)
+ return true;
+ LogService.getLogger().info("Did not find code " + ctx.getResourceOperationCode());
+ return false;
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public void init(Principal principal, DistributedMember arg1, Cache arg2) throws NotAuthorizedException {
+ this.principal = principal;
+ }
+
+ @Override
+ public Principal authenticate(Properties props, DistributedMember arg1) throws AuthenticationFailedException {
- String user = props.getProperty(ManagementInterceptor.USER_NAME);
- String pwd = props.getProperty(ManagementInterceptor.PASSWORD);
++ String user = props.getProperty(ResourceConstants.USER_NAME);
++ String pwd = props.getProperty(ResourceConstants.PASSWORD);
+ User userObj = acl.get(user);
+ if(userObj==null)
+ throw new AuthenticationFailedException("Wrong username/password");
+ LogService.getLogger().info("User="+user + " pwd="+pwd);
+ if (user!=null && !userObj.pwd.equals(pwd) && !"".equals(user))
+ throw new AuthenticationFailedException("Wrong username/password");
+ LogService.getLogger().info("Authentication successful!! for " + user);
+ return new JMXPrincipal(user);
+ }
+
+ @Override
+ public void init(Properties arg0, LogWriter arg1, LogWriter arg2) throws AuthenticationFailedException {
+
+ }
+
+ }
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java
----------------------------------------------------------------------
diff --cc gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java
index aa972c5,c4e7dc5..aa5d194
--- a/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java
+++ b/gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java
@@@ -57,79 -38,46 +57,84 @@@ import javax.security.auth.Subject
import org.apache.logging.log4j.Logger;
import com.gemstone.gemfire.GemFireConfigException;
-import com.gemstone.gemfire.internal.logging.LogService;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.distributed.DistributedSystem;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.ClassLoadUtil;
+import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
+import com.gemstone.gemfire.internal.lang.StringUtils;
+import com.gemstone.gemfire.internal.logging.InternalLogWriter;
+import com.gemstone.gemfire.management.internal.ManagementConstants;
import com.gemstone.gemfire.security.AccessControl;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
import com.gemstone.gemfire.security.Authenticator;
-@SuppressWarnings("rawtypes")
+/**
+ *
+ * ManagementInterceptor is central go-to place for all M&M Clients Authentication and Authorization
+ * requests
+ *
+ * @author tushark
+ * @since 9.0
+ *
+ */
public class ManagementInterceptor implements JMXAuthenticator {
- public static final String USER_NAME = "security-username";
- public static final String PASSWORD = "security-password";
- public static final String OBJECT_NAME_ACCESSCONTROL = "GemFire:service=AccessControl,type=Distributed";
- private MBeanServerWrapper mBeanServerForwarder;
- private Logger logger;
++ // FIXME: Merged from GEODE-17. Are they necessary?
++ public static final String USER_NAME = "security-username";
++ public static final String PASSWORD = "security-password";
++ public static final String OBJECT_NAME_ACCESSCONTROL = "GemFire:service=AccessControl,type=Distributed";
+
- public ManagementInterceptor(Logger logger) {
- this.logger = logger;
- this.mBeanServerForwarder = new MBeanServerWrapper(this);
- registerAccessContorlMbean();
- LogService.getLogger().info("Starting management interceptor");
- }
+ private MBeanServerWrapper mBeanServerForwarder;
+ private Logger logger;
+ private ObjectName accessControlMBeanON;
+ private Cache cache;
+ private String authzFactoryName;
+ private String postAuthzFactoryName;
+ private String authenticatorFactoryName;
+ private ConcurrentMap<Principal, AccessControl> cachedAuthZCallback;
+ private ConcurrentMap<Principal, AccessControl> cachedPostAuthZCallback;
+
+ public ManagementInterceptor(Cache gemFireCacheImpl, Logger logger) {
+ this.cache = gemFireCacheImpl;
+ this.logger = logger;
+ this.mBeanServerForwarder = new MBeanServerWrapper(this);
+ DistributedSystem system = cache.getDistributedSystem();
+ Properties sysProps = system.getProperties();
+ this.authzFactoryName = sysProps.getProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME);
+ this.postAuthzFactoryName = sysProps.getProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_PP_NAME);
+ this.authenticatorFactoryName = sysProps.getProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME);
+ this.cachedAuthZCallback = new ConcurrentHashMap<Principal, AccessControl>();
+ this.cachedPostAuthZCallback = new ConcurrentHashMap<Principal, AccessControl>();
+ registerAccessContorlMbean();
+ logger.info("Started Management interceptor on JMX connector");
+ }
- private void registerAccessContorlMbean() {
+ /**
+ * This method registers an AccessControlMBean which allows any remote JMX Client (for example Pulse) to check for
+ * access allowed for given Operation Code.
+ */
+ private void registerAccessContorlMbean() {
try {
- com.gemstone.gemfire.management.internal.security.AccessControl acc = new com.gemstone.gemfire.management.internal.security.AccessControl(this);
- ObjectName name = new ObjectName(OBJECT_NAME_ACCESSCONTROL);
+ com.gemstone.gemfire.management.internal.security.AccessControl acc = new com.gemstone.gemfire.management.internal.security.AccessControl(
+ this);
+ accessControlMBeanON = new ObjectName(ResourceConstants.OBJECT_NAME_ACCESSCONTROL);
MBeanServer platformMBeanServer = ManagementFactory.getPlatformMBeanServer();
- Set<ObjectName> names = platformMBeanServer.queryNames(name, null);
- if(names.isEmpty()) {
+ Set<ObjectName> names = platformMBeanServer.queryNames(accessControlMBeanON, null);
+ if (names.isEmpty()) {
try {
- platformMBeanServer.registerMBean(acc, name);
- logger.info("Registered AccessContorlMBean on " + name);
+ platformMBeanServer.registerMBean(acc, accessControlMBeanON);
+ logger.info("Registered AccessContorlMBean on " + accessControlMBeanON);
} catch (InstanceAlreadyExistsException e) {
- throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource",e);
+ throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource", e);
} catch (MBeanRegistrationException e) {
- throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource",e);
+ throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource", e);
} catch (NotCompliantMBeanException e) {
- throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource",e);
+ throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource", e);
}
}
- } catch (MalformedObjectNameException e) {
- e.printStackTrace();
+ } catch (MalformedObjectNameException e) {
+ throw new GemFireConfigException("Error while configuring accesscontrol for jmx resource", e);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/GfshParserJUnitTest.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/HeadlessGfsh.java
----------------------------------------------------------------------
diff --cc gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/HeadlessGfsh.java
index 0000000,f8b3fd4..03dcd7d
mode 000000,100644..100644
--- a/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/HeadlessGfsh.java
+++ b/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/HeadlessGfsh.java
@@@ -1,0 -1,374 +1,374 @@@
+ /*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ package com.gemstone.gemfire.management.internal.cli;
+
+ import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
+ import com.gemstone.gemfire.management.internal.cli.shell.GfshConfig;
+ import com.gemstone.gemfire.management.internal.cli.shell.jline.GfshUnsupportedTerminal;
+ import jline.console.ConsoleReader;
+ import org.springframework.shell.core.ExitShellRequest;
+ import org.springframework.shell.event.ShellStatus.Status;
+
+ import java.io.BufferedWriter;
+ import java.io.ByteArrayOutputStream;
+ import java.io.File;
+ import java.io.FileDescriptor;
+ import java.io.FileInputStream;
+ import java.io.IOException;
+ import java.io.OutputStreamWriter;
+ import java.io.PrintStream;
+ import java.io.PrintWriter;
+ import java.io.Writer;
+ import java.util.Properties;
+ import java.util.concurrent.CountDownLatch;
+ import java.util.concurrent.LinkedBlockingQueue;
+ import java.util.concurrent.TimeUnit;
+ import java.util.concurrent.locks.Condition;
+ import java.util.concurrent.locks.Lock;
+ import java.util.concurrent.locks.ReentrantLock;
+ import java.util.logging.Level;
+
+
+ /**
+ * This is headless shell which can be used to submit random commands and get command-result It is used for commands
+ * testing but can be used as for anything like programmatically sending commands to operate on GemFire Distributed
+ * systems. TODO : Merge HeadlessGfsh and HeadlessGfshShell TODO : Provide constructor for optionally specifying
+ * GfshConfig to provide logDirectory and logLevel
+ *
+ * @author tushark
+ */
+ @SuppressWarnings("rawtypes")
+ public class HeadlessGfsh implements ResultHandler {
+
+ public static final String ERROR_RESULT = "_$_ERROR_RESULT";
+
+ private HeadlessGfshShell shell = null;
+ private LinkedBlockingQueue queue = new LinkedBlockingQueue<>();
+ private long timeout = 20;
+ public String outputString = null;
+
+ public HeadlessGfsh(String name, int timeout) throws ClassNotFoundException, IOException {
+ this(name, timeout, null);
+ }
+
+ public HeadlessGfsh(String name, int timeout, Properties envProps) throws ClassNotFoundException, IOException {
+ this.timeout = timeout;
+ System.setProperty("jline.terminal", GfshUnsupportedTerminal.class.getName());
+ this.shell = new HeadlessGfshShell(name, this);
+ this.shell.setEnvProperty(Gfsh.ENV_APP_RESULT_VIEWER, "non-basic");
+
+ if (envProps != null) {
+ for (String key : envProps.stringPropertyNames()) {
+ this.shell.setEnvProperty(key, envProps.getProperty(key));
+ }
+ }
+
+ // This allows us to avoid race conditions during startup - in particular a NPE on the ConsoleReader which is
+ // created in a separate thread during start()
+ CountDownLatch shellStarted = new CountDownLatch(1);
+ this.shell.addShellStatusListener((oldStatus, newStatus) -> {
+ if (newStatus.getStatus() == Status.STARTED) {
+ shellStarted.countDown();
+ }
+ });
+
+ this.shell.start();
+ this.setThreadLocalInstance();
+
+ try {
+ shellStarted.await();
+ } catch (InterruptedException e) {
+ e.printStackTrace(System.out);
+ }
+ }
+
+ public void setThreadLocalInstance() {
+ shell.setThreadLocalInstance();
+ }
+
+ //TODO : Have non-blocking method also where we move executeCommand call to separate thread-pool
+ public boolean executeCommand(String command) {
+ boolean status = false;
+ try {
+ outputString = null;
+ status = shell.executeScriptLine(command);
+ } catch (Exception e) {
+ outputString = e.getMessage();
+ }
+ return status;
+ }
+
- int getCommandExecutionStatus() {
++ public int getCommandExecutionStatus() {
+ return shell.getCommandExecutionStatus();
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public void handleExecutionResult(Object result, String sysout) {
+ queue.add(result);
+ outputString = sysout;
+ }
+
+ public Object getResult() throws InterruptedException {
+ //Dont wait for when some command calls gfsh.stop();
+ if (shell.stopCalledThroughAPI) return null;
+ try {
+ Object result = queue.poll(timeout, TimeUnit.SECONDS);
+ queue.clear();
+ return result;
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ throw e;
+ }
+ }
+
+ public void clear() {
+ queue.clear();
+ outputString = null;
+ }
+
+ public void clearEvents() {
+ queue.clear();
+ outputString = null;
+ }
+
+ public void terminate() {
+ shell.terminate();
+ }
+
+ public boolean isConnectedAndReady() {
+ return shell.isConnectedAndReady();
+ }
+
+ public String getErrorString() {
+ return shell.errorString;
+ }
+
+ public boolean hasError() {
+ return shell.hasError();
+ }
+
+ public String getError() {
+ return shell.errorString;
+ }
+
+ public static class HeadlessGfshShell extends Gfsh {
+
+ private ResultHandler handler = null;
+ private final Lock lock = new ReentrantLock();
+ private final Condition endOfShell = lock.newCondition();
+ private ByteArrayOutputStream output = null;
+ private String errorString = null;
+ private boolean hasError = false;
+ boolean stopCalledThroughAPI = false;
+
+ protected HeadlessGfshShell(String testName, ResultHandler handler) throws ClassNotFoundException, IOException {
+ super(false, new String[]{}, new HeadlessGfshConfig(testName));
+ this.handler = handler;
+ }
+
+ public void setThreadLocalInstance() {
+ gfshThreadLocal.set(this);
+ }
+
+ protected void handleExecutionResult(Object result) {
+ if (!result.equals(ERROR_RESULT)) {
+ super.handleExecutionResult(result);
+ handler.handleExecutionResult(result, output.toString());
+ output.reset();
+ } else {
+ //signal waiting queue with error condition with empty output
+ output.reset();
+ handler.handleExecutionResult(result, output.toString());
+ }
+ }
+
+ int getCommandExecutionStatus() {
+ return getLastExecutionStatus();
+ }
+
+ public void terminate() {
+ closeShell();
+ stopPromptLoop();
+ stop();
+ }
+
+ public void stop() {
+ stopCalledThroughAPI = true;
+ }
+
+ private void stopPromptLoop() {
+ lock.lock();
+ try {
+ endOfShell.signalAll();
+ } finally {
+ lock.unlock();
+ }
+ }
+
+ public String getErrorString() {
+ return errorString;
+ }
+
+ public boolean hasError() {
+ return hasError;
+ }
+
+ /**
+ * We override this method just to fool runner thread in reading from nothing. It waits for Condition endOfShell
+ * which is signalled when terminate is called. This achieves clean shutdown of runner thread.
+ */
+ @Override
+ public void promptLoop() {
+ lock.lock();
+ try {
+ while (true) {
+ try {
+ endOfShell.await();
+ } catch (InterruptedException e) {
+ //e.printStackTrace();
+ }
+ this.exitShellRequest = ExitShellRequest.NORMAL_EXIT;
+ setShellStatus(Status.SHUTTING_DOWN);
+ break;
+ }
+ } finally {
+ lock.unlock();
+ }
+ }
+
+ private static void setGfshOutErr(PrintStream outToUse) {
+ Gfsh.gfshout = outToUse;
+ Gfsh.gfsherr = outToUse;
+ }
+
+ /**
+ * This prints out error messages when Exceptions occur in shell. Capture it and set error flag=true and send
+ * ERROR_RESULT on the queue to signal thread waiting for CommandResult
+ */
+ @Override
+ public void logWarning(String message, Throwable t) {
+ super.logWarning(message, t);
+ errorString = message;
+ hasError = true;
+ //signal waiting queue with error condition
+ handleExecutionResult(ERROR_RESULT);
+ }
+
+ /**
+ * This prints out error messages when Exceptions occur in shell. Capture it and set error flag=true and send
+ * ERROR_RESULT on the queue to signal thread waiting for CommandResult
+ */
+ @Override
+ public void logSevere(String message, Throwable t) {
+ super.logSevere(message, t);
+ errorString = message;
+ hasError = true;
+ //signal waiting queue with error condition
+ handleExecutionResult(ERROR_RESULT);
+ }
+
+ /**
+ * Setup console-reader to capture Shell output
+ */
+ @Override
+ protected ConsoleReader createConsoleReader() {
+ try {
+ output = new ByteArrayOutputStream(1024 * 10);
+ PrintStream sysout = new PrintStream(output);
+ setGfshOutErr(sysout);
+ return new ConsoleReader(new FileInputStream(FileDescriptor.in), sysout);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+
+
+ /**
+ * HeadlessGfshConfig for tests. Taken from TestableGfsh
+ */
+ static class HeadlessGfshConfig extends GfshConfig {
+ {
+ // set vm as a gfsh vm
+ CliUtil.isGfshVM = true;
+ }
+
+ private File parentDir;
+ private String fileNamePrefix;
+ private String name;
+ private String generatedHistoryFileName = null;
+
+ public HeadlessGfshConfig(String name) {
+ this.name = name;
+
+ if (isDUnitTest(this.name)) {
+ fileNamePrefix = this.name;
+ } else {
+ fileNamePrefix = "non-hydra-client";
+ }
+
+ parentDir = new File("gfsh_files");
+ parentDir.mkdirs();
+ }
+
+ private static boolean isDUnitTest(String name) {
+ boolean isDUnitTest = false;
+ if (name != null) {
+ String[] split = name.split("_");
+ if (split.length != 0 && split[0].endsWith("DUnitTest")) {
+ isDUnitTest = true;
+ }
+ }
+ return isDUnitTest;
+ }
+
+ @Override
+ public String getLogFilePath() {
+ return new File(parentDir, getFileNamePrefix() + "-gfsh.log").getAbsolutePath();
+ }
+
+ private String getFileNamePrefix() {
+ String timeStamp = new java.sql.Time(System.currentTimeMillis()).toString();
+ timeStamp = timeStamp.replace(':', '_');
+ return fileNamePrefix + "-" + timeStamp;
+ }
+
+ @Override
+ public String getHistoryFileName() {
+ if (generatedHistoryFileName == null) {
+ String fileName = new File(parentDir, (getFileNamePrefix() + "-gfsh.history")).getAbsolutePath();
+ generatedHistoryFileName = fileName;
+ return fileName;
+ } else {
+ return generatedHistoryFileName;
+ }
+ }
+
+ @Override
+ public boolean isTestConfig() {
+ return true;
+ }
+
+ @Override
+ public Level getLogLevel() {
+ // Keep log level fine for tests
+ return Level.FINE;
+ }
+ }
+
+ }
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
----------------------------------------------------------------------
diff --cc gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
index 0000000,d63947b..c3f1658
mode 000000,100644..100644
--- a/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
+++ b/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
@@@ -1,0 -1,323 +1,325 @@@
+ /*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ package com.gemstone.gemfire.management.internal.security;
+
+ import static org.junit.Assert.*;
+ import static org.assertj.core.api.Assertions.assertThat;
+
+ import java.io.Serializable;
+ import java.security.Principal;
+ import java.util.HashMap;
+ import java.util.Map;
+ import java.util.Properties;
+
+ import javax.management.JMX;
+ import javax.management.MBeanServerConnection;
+ import javax.management.ObjectName;
+ import javax.management.remote.JMXConnector;
+ import javax.management.remote.JMXConnectorFactory;
+ import javax.management.remote.JMXServiceURL;
+
+ import org.junit.After;
+ import org.junit.Before;
+ import org.junit.Rule;
+ import org.junit.Test;
+ import org.junit.contrib.java.lang.system.RestoreSystemProperties;
+ import org.junit.experimental.categories.Category;
+ import org.junit.rules.TestName;
+
+ import com.gemstone.gemfire.LogWriter;
+ import com.gemstone.gemfire.cache.Cache;
+ import com.gemstone.gemfire.cache.CacheFactory;
+ import com.gemstone.gemfire.cache.operations.OperationContext;
+ import com.gemstone.gemfire.distributed.DistributedMember;
+ import com.gemstone.gemfire.distributed.DistributedSystem;
+ import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+ import com.gemstone.gemfire.internal.AvailablePort;
+ import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
+ import com.gemstone.gemfire.management.DistributedSystemMXBean;
+ import com.gemstone.gemfire.management.MemberMXBean;
+ import com.gemstone.gemfire.management.internal.MBeanJMXAdapter;
+ import com.gemstone.gemfire.management.internal.security.ResourceOperationContext.ResourceOperationCode;
+ import com.gemstone.gemfire.security.AccessControl;
+ import com.gemstone.gemfire.security.AuthenticationFailedException;
+ import com.gemstone.gemfire.security.Authenticator;
+ import com.gemstone.gemfire.security.NotAuthorizedException;
+ import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+
+ /**
+ * Tests <code>JSONAuthorization.authorizeOperation(...)</code> with GemFire MBeans.
+ */
+ @Category(IntegrationTest.class)
+ @SuppressWarnings("deprecation")
+ public class AuthorizeOperationForMBeansIntegrationTest {
+
+ private GemFireCacheImpl cache;
+ private DistributedSystem ds;
+ private int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+ private JMXConnector jmxConnector;
+ private MBeanServerConnection mbeanServer;
+
+ @Rule
+ public TestName testName = new TestName();
+
+ @Rule
+ public RestoreSystemProperties restoreSystemProperties = new RestoreSystemProperties();
+
+ @Before
+ public void setUp() throws Exception {
+ System.setProperty("resource-auth-accessor", TestAccessControl.class.getName());
+ System.setProperty("resource-authenticator", TestAuthenticator.class.getName());
+
+ Properties properties = new Properties();
+ properties.put("name", this.testName.getMethodName());
+ properties.put(DistributionConfig.LOCATORS_NAME, "");
+ properties.put(DistributionConfig.MCAST_PORT_NAME, "0");
+ properties.put(DistributionConfig.JMX_MANAGER_NAME, "true");
+ properties.put(DistributionConfig.JMX_MANAGER_START_NAME, "true");
+ properties.put(DistributionConfig.JMX_MANAGER_PORT_NAME, String.valueOf(this.jmxManagerPort));
+ properties.put(DistributionConfig.HTTP_SERVICE_PORT_NAME, "0");
+
+ this.ds = DistributedSystem.connect(properties);
+ this.cache = (GemFireCacheImpl) CacheFactory.create(ds);
+
+ this.jmxConnector = getGemfireMBeanServer(this.jmxManagerPort, "tushark", "tushark");
+ this.mbeanServer = this.jmxConnector.getMBeanServerConnection();
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ if (this.jmxConnector != null) {
+ this.jmxConnector.close();
+ this.jmxConnector = null;
+ }
+ if (this.cache != null) {
+ this.cache.close();
+ this.cache = null;
+ }
+ if (this.ds != null) {
+ this.ds.disconnect();
+ this.ds = null;
+ }
+ }
+
+ /**
+ * This is testing a sampling of operations for DistributedSystemMXBean and AccessControlMXBean
+ */
+ @Test
+ public void operationsShouldBeCoveredByAuthorization() throws Exception {
+ ObjectName objectName = MBeanJMXAdapter.getDistributedSystemName();
+
+ checkListCacheServerObjectNames(objectName);
+ checkAlertLevel(objectName);
+ checkAccessControlMXBean();
+ checkBackUpMembers(objectName);
+ checkShutDownAllMembers(objectName);
+ checkCLIContext(this.mbeanServer);
+ }
+
+ private void checkListCacheServerObjectNames(final ObjectName objectName) throws Exception {
+ Object cacheServerObjectNames = this.mbeanServer.invoke(objectName, "listCacheServerObjectNames", null, null);
+ assertThat(cacheServerObjectNames).isNotNull().isInstanceOf(ObjectName[].class);
+ assertThat((ObjectName[])cacheServerObjectNames).hasSize(0); // this isn't really testing much since there are no CacheServers
+ }
+
+ private void checkAlertLevel(final ObjectName objectName) throws Exception {
+ // attribute AlertLevel
+ String oldLevel = (String) this.mbeanServer.getAttribute(objectName, "AlertLevel");
+ assertThat(oldLevel).isEqualTo("severe");
+
+ // operation changeAlertLevel
+ this.mbeanServer.invoke(
+ objectName,
+ "changeAlertLevel",
+ new Object[] { "warning" },
+ new String[] { String.class.getName() }
+ );
+ String newLevel = (String) this.mbeanServer.getAttribute(objectName, "AlertLevel");
+ assertThat(newLevel).isEqualTo("warning");
+ }
+
+ private void checkAccessControlMXBean() throws Exception {
+ final ResourceOperationCode resourceOperationCodes[] = {
- ResourceOperationCode.LIST_DS,
- ResourceOperationCode.READ_DS,
- ResourceOperationCode.CHANGE_ALERT_LEVEL_DS,
- ResourceOperationCode.LOCATE_ENTRY_REGION
++ ResourceOperationCode.LIST_DS,
++// FIXME: what should this be?
++// ResourceOperationCode.READ_DS,
++ ResourceOperationCode.CHANGE_ALERT_LEVEL,
++ ResourceOperationCode.LOCATE_ENTRY
+ };
+
+ ObjectName objectName = new ObjectName(ManagementInterceptor.OBJECT_NAME_ACCESSCONTROL);
+ for (ResourceOperationCode resourceOperationCode : resourceOperationCodes) {
+ boolean isAuthorizedForOperation = (Boolean) this.mbeanServer.invoke(
+ objectName,
+ "authorize",
+ new Object[] { resourceOperationCode.toString() },
+ new String[] { String.class.getName() }
+ );
+ assertThat(isAuthorizedForOperation).isTrue();
+ }
+
+ boolean isAuthorizedForAllOperations = (Boolean) mbeanServer.invoke(
+ objectName,
+ "authorize",
- new Object[] { ResourceOperationCode.ADMIN_DS.toString() },
++ new Object[] { ResourceOperationCode.ADMIN.toString() },
+ new String[] { String.class.getName() }
+ );
+ assertThat(isAuthorizedForAllOperations).isFalse();
+ }
+
+ private void checkBackUpMembers(final ObjectName objectName) throws Exception {
+ try {
+ this.mbeanServer.invoke(
+ objectName,
+ "backupAllMembers",
+ new Object[] { "targetPath", "baseLinePath" },
+ new String[] { String.class.getCanonicalName(), String.class.getCanonicalName() });
+ fail("Should not be authorized for backupAllMembers");
+ } catch (SecurityException expected) {
+ // expected
+ }
+ }
+
+ private void checkShutDownAllMembers(final ObjectName objectName) throws Exception {
+ try {
+ this.mbeanServer.invoke(
+ objectName,
+ "shutDownAllMembers",
+ null,
+ null
+ );
+ fail("Should not be authorized for shutDownAllMembers");
+ } catch (SecurityException expected) {
+ // expected
+ }
+ }
+
+ private void checkCLIContext(MBeanServerConnection mbeanServer) {
+ ObjectName objectName = MBeanJMXAdapter.getDistributedSystemName();
+ DistributedSystemMXBean proxy = JMX.newMXBeanProxy(mbeanServer, objectName, DistributedSystemMXBean.class);
+ ObjectName managerMemberObjectName = proxy.getMemberObjectName();
+ MemberMXBean memberMXBeanProxy = JMX.newMXBeanProxy(mbeanServer, managerMemberObjectName, MemberMXBean.class);
+
+ Map<String, String> map = new HashMap<String, String>();
+ map.put("APP", "GFSH");
+ String result = memberMXBeanProxy.processCommand("locate entry --key=k1 --region=/region1", map);
+
+ assertThat(result).isNotNull().doesNotContain(SecurityException.class.getSimpleName());
+ }
+
+ private JMXConnector getGemfireMBeanServer(final int port, final String user, final String pwd) throws Exception {
+ JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + port + "/jmxrmi");
+ if (user != null) { // TODO: why isn't this deterministic? need to create 2nd test without a user?
+ Map<String, String[]> env = new HashMap<String, String[]>();
+ String[] creds = { user, pwd };
+ env.put(JMXConnector.CREDENTIALS, creds);
+ JMXConnector jmxc = JMXConnectorFactory.connect(url, env);
+ return jmxc;
+ } else {
+ JMXConnector jmxc = JMXConnectorFactory.connect(url, null);
+ return jmxc;
+ }
+ }
+
+ /**
+ * Fake Principal for testing.
+ */
+ @SuppressWarnings("serial")
+ public static class TestUsernamePrincipal implements Principal, Serializable {
+
+ private final String userName;
+
+ public TestUsernamePrincipal(final String userName) {
+ this.userName = userName;
+ }
+
+ @Override
+ public String getName() {
+ return this.userName;
+ }
+
+ @Override
+ public String toString() {
+ return this.userName;
+ }
+ }
+
+ /**
+ * Fake Authenticator for testing.
+ */
+ public static class TestAuthenticator implements Authenticator {
+
+ @Override
+ public void close() {
+ }
+
+ @Override
+ public void init(final Properties securityProps, final LogWriter systemLogger, final LogWriter securityLogger) throws AuthenticationFailedException {
+ }
+
+ @Override
+ public Principal authenticate(final Properties props, final DistributedMember member) throws AuthenticationFailedException {
+ String user = props.getProperty(ManagementInterceptor.USER_NAME);
+ String pwd = props.getProperty(ManagementInterceptor.PASSWORD);
+ if (user != null && !user.equals(pwd) && !"".equals(user)) {
+ throw new AuthenticationFailedException("Wrong username/password");
+ }
+ return new TestUsernamePrincipal(user);
+ }
+ }
+
+ /**
+ * Fake AccessControl for testing.
+ */
+ public static class TestAccessControl implements AccessControl {
+
+ private Principal principal;
+
+ @Override
+ public void close() {
+ }
+
+ @Override
+ public void init(final Principal principal, final DistributedMember remoteMember, final Cache cache) throws NotAuthorizedException {
+ this.principal = principal;
+ }
+
+ @Override
+ public boolean authorizeOperation(String regionName, OperationContext context) {
+ if (principal.getName().equals("tushark")) {
+ ResourceOperationCode authorizedOps[] = {
+ ResourceOperationCode.LIST_DS,
- ResourceOperationCode.READ_DS,
- ResourceOperationCode.CHANGE_ALERT_LEVEL_DS,
- ResourceOperationCode.LOCATE_ENTRY_REGION
++// FOXME: Is this necessary?
++// ResourceOperationCode.READ_DS,
++ ResourceOperationCode.CHANGE_ALERT_LEVEL,
++ ResourceOperationCode.LOCATE_ENTRY
+ };
+
+ ResourceOperationContext ctx = (ResourceOperationContext) context;
+ boolean found = false;
+ for (ResourceOperationCode code : authorizedOps) {
+ if (ctx.getResourceOperationCode().equals(code)) {
+ found = true;
+ break;
+ }
+ }
+ return found;
+ }
+ return false;
+ }
+ }
+ }
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c39f8a5f/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/CLISecurityDUnitTest.java
----------------------------------------------------------------------
diff --cc gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/CLISecurityDUnitTest.java
index 167b3dd,0000000..02912e8
mode 100644,000000..100644
--- a/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/CLISecurityDUnitTest.java
+++ b/gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/CLISecurityDUnitTest.java
@@@ -1,594 -1,0 +1,594 @@@
+package com.gemstone.gemfire.management.internal.security;
+
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Properties;
+
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
++import com.gemstone.gemfire.test.dunit.LogWriterUtils;
+
+public class CLISecurityDUnitTest extends CommandTestBase {
+
+ private static final long serialVersionUID = 1L;
+
+ public static final String ACCESS_DENIED = "Access Denied";
+
+ protected File tempSecFile;
+
+ protected String tempFilePath;
+
+ public CLISecurityDUnitTest(String name) {
+ super(name);
+
+ }
+
+ protected void writeToLog(String text, String resultAsString) {
- getLogWriter().info(testName + "\n");
- getLogWriter().info(resultAsString);
++ LogWriterUtils.getLogWriter().info(getTestMethodName() + "\n");
++ LogWriterUtils.getLogWriter().info(resultAsString);
+ }
+
+ public void setUp() throws Exception {
+ super.setUp();
+ createTempFile();
+ }
+
+ @Override
- public void tearDown2() throws Exception {
++ public void preTearDownCacheTestCase() throws Exception {
+ deleteTempFile();
- super.tearDown2();
+ }
+
+ private void createTempFile() {
+
+ try {
+ File current = new java.io.File(".");
+ tempSecFile = File.createTempFile("gemfire", "sec", current);
+ tempSecFile.deleteOnExit();
+ tempFilePath = tempSecFile.getCanonicalPath();
+ } catch (IOException e) {
+ fail("could not create temp file " + e);
+ }
+ }
+
+ private void deleteTempFile() {
+
+ try {
+ tempSecFile.delete();
+ } catch (Exception e) {
+ fail("could not delete temp file " + e);
+ }
+ }
+
+ protected void writeToFile(Properties props) {
+
+ try {
+
+ FileWriter fw = new FileWriter(tempSecFile, true);
+ Enumeration en = props.keys();
+ while (en.hasMoreElements()) {
+ String key = (String) en.nextElement();
+ String val = props.getProperty(key);
+ String line = key + "=" + val;
+ fw.append(line);
+ fw.append("\n");
+ }
+ fw.flush();
+
+ } catch (IOException x) {
+ fail("could not write to temp file " + x);
+ }
+
+ }
+
+ public class Assertor {
+
+ private String errString;
+
+ public Assertor() {
+ this.errString = null;
+ }
+
+ public Assertor(String errString) {
+ this.errString = errString;
+ }
+
+ public void assertTest() {
+ boolean hasErr = getDefaultShell().hasError();
+ // getLogWriter().info(testName + "hasErr = " +hasErr);
+ if (hasErr) {
+ String error = getDefaultShell().getError();
+ if (errString != null) {
+ assertTrue(error.contains(errString));
+ } else {
+ fail("Command should have passed but failed with error = " + error);
+ }
+
+ } else {
+ if (errString != null) {
+ fail("Command should have failed with error " + errString + " but it passed");
+ }
+ }
+
+ }
+ }
+
+ protected void createDefaultSetup(Properties props, String propertyFile) {
+ this.securityFile = propertyFile;
+ createDefaultSetup(props);
+ }
+
+ private void securityCheckForCommand(String command, String propertyFile, Assertor assertor) {
+ Properties props = new Properties();
+ props.setProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME,
+ "com.gemstone.gemfire.management.internal.security.CustomAuthenticator.create");
+ props.setProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME,
+ "com.gemstone.gemfire.management.internal.security.CustomAccessControl.create");
+ createDefaultSetup(props, propertyFile);
+ try {
+ executeCommandWithoutClear(command);
+ assertor.assertTest();
+ } catch (Exception e) {
+ fail("Test failed with exception " + e);
+ } finally {
+ getDefaultShell().clearEvents();
+ destroyDefaultSetup();
+ }
+
+ }
+
+ protected Properties getSecuredProperties(int authCode) {
+ Properties props = new Properties();
+ props.put(CommandBuilders.SEC_USER_NAME, "AUTHC_" + authCode);
+ props.put(CommandBuilders.SEC_USER_PWD, "AUTHC_" + authCode);
+ return props;
+ }
+
+ protected Assertor getAssertor() {
+ return new Assertor();
+ }
+
+ /**
+ * The below test is to test the framework for proper error.
+ */
+
+ /*
+ * public void _testCreateIndexParentOP() { String commandString =
+ * CommandBuilders.CREATE_INDEX();
+ * writeToFile(CommandBuilders.getSecuredAdminProperties
+ * (CommandBuilders.OP_CREATE_INDEX)); securityCheckForCommand(commandString,
+ * tempFilePath, getAssertor()); }
+ */
+
+ public void test_ALTER_RUNTIME() {
+ String commandString = CommandBuilders.ALTER_RUNTIME();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_ALTER_RUNTIME));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+
+ public void test_CHANGE_LOGLEVEL() {
+ String commandString = CommandBuilders.CHANGE_LOGLEVEL();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CHANGE_ALERT_LEVEL));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ //This test is disabled becoz only access level required for this command is LIST_DS
+ //which is the lowest access level
+ //ant test marked with _test is not really required here
+ public void _test_DESCRIBE_CONFIG() {
+ String commandString = CommandBuilders.DESCRIBE_CONFIG();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_EXPORT_CONFIG() {
+ String commandString = CommandBuilders.EXPORT_CONFIG();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_EXPORT_CONFIG));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_EXPORT_SHARED_CONFIG() {
+ String commandString = CommandBuilders.EXPORT_SHARED_CONFIG();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_EXPORT_CONFIG));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_IMPORT_SHARED_CONFIG() throws IOException {
+
+ String commandString = CommandBuilders.IMPORT_SHARED_CONFIG();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_IMPORT_CONFIG));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_STATUS_SHARED_CONFIG() {
+ String commandString = CommandBuilders.STATUS_SHARED_CONFIG();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_EXPORT_DATA() {
+ String commandString = CommandBuilders.EXPORT_DATA();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_EXPORT_DATA));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_GET() {
+ String commandString = CommandBuilders.GET();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_GET));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_IMPORT_DATA() {
+ String commandString = CommandBuilders.IMPORT_DATA();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_IMPORT_DATA));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_PUT() {
+ String commandString = CommandBuilders.PUT();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_PUT));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_QUERY(){
+ String commandString = CommandBuilders.QUERY();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_QUERY));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_REMOVE(){
+ String commandString = CommandBuilders.REMOVE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_REMOVE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_LOCATE_ENTRY() {
+ String commandString = CommandBuilders.LOCATE_ENTRY();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LOCATE_ENTRY));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_DEPLOY() throws IOException {
+ String commandString = CommandBuilders.DEPLOY();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_DEPLOY));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_DEPLOYED() {
+ String commandString = CommandBuilders.LIST_DEPLOYED();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_UNDEPLOY() {
+ String commandString = CommandBuilders.UNDEPLOY();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_UNDEPLOY));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void ISSUE_NO_OP_CODE_test_ALTER_DISK_STORE() {
+ String commandString = CommandBuilders.ALTER_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_UNDEPLOY));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_BACKUP_DISK_STORE() {
+ String commandString = CommandBuilders.BACKUP_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_BACKUP_DISKSTORE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_COMPACT_DISKSTORE() {
+ String commandString = CommandBuilders.COMPACT_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_COMPACT_DISKSTORE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_DISK_STORE() {
+ String commandString = CommandBuilders.CREATE_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_DISKSTORE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_DESCRIBE_DISK_STORE() {
+ String commandString = CommandBuilders.DESCRIBE_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_DESTROY_DISK_STORE() {
+ String commandString = CommandBuilders.DESTROY_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_DESTROY_DISKSTORE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_DISK_STORE() {
+ String commandString = CommandBuilders.LIST_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_REVOKE_MISSING_DISK_STORE() {
+ String commandString = CommandBuilders.REVOKE_MISSING_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_REVOKE_MISSING_DISKSTORE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void ISSUE_test_SHOW_MISSING_DISK_STORE() {
+ String commandString = CommandBuilders.SHOW_MISSING_DISK_STORE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_SHOW_MISSING_DISKSTORES));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_DURABLE_CQS() {
+ String commandString = CommandBuilders.LIST_DURABLE_CQS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CLOSE_DURABLE_CQS() {
+ String commandString = CommandBuilders.CLOSE_DURABLE_CQS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CLOSE_DURABLE_CQ));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void ISSUE_test_COUNT_DURABLE_CQ_EVENTS() {
+ String commandString = CommandBuilders.COUNT_DURABLE_CQ_EVENTS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_SHOW_SUBSCRIPTION_QUEUE_SIZE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CLOSE_DURABLE_CLIENTS() {
+ String commandString = CommandBuilders.CLOSE_DURABLE_CLIENTS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CLOSE_DURABLE_CLIENT));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_DESTROY_FUNCTION() {
+ String commandString = CommandBuilders.DESTROY_FUNCTION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_DESTROY_FUNCTION));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_EXECUTE_FUNCTION() {
+ String commandString = CommandBuilders.EXECUTE_FUNCTION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_EXECUTE_FUNCTION));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_FUNCTION() {
+ String commandString = CommandBuilders.LIST_FUNCTION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_ASYNC_EVENT_QUEUE() {
+ String commandString = CommandBuilders.CREATE_ASYNC_EVENT_QUEUE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_AEQ));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_GATEWAYRECEIVER() {
+ String commandString = CommandBuilders.CREATE_GATEWAYRECEIVER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_GW_RECEIVER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_GATEWAYSENDER() {
+ String commandString = CommandBuilders.CREATE_GATEWAYSENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_GW_SENDER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_ASYNC_EVENT_QUEUES() {
+ String commandString = CommandBuilders.LIST_ASYNC_EVENT_QUEUES();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_GATEWAY() {
+ String commandString = CommandBuilders.LIST_GATEWAY();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_LOAD_BALANCE_GW_SENDER() {
+ String commandString = CommandBuilders.LOAD_BALANCE_GW_SENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LOAD_BALANCE_GW_SENDER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_PAUSE_GATEWAYSENDER() {
+ String commandString = CommandBuilders.PAUSE_GATEWAYSENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_PAUSE_GW_SENDER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_RESUME_GATEWAYSENDER() {
+ String commandString = CommandBuilders.RESUME_GATEWAYSENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_RESUME_GW_SENDER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_START_GATEWAYRECEIVER() {
+ String commandString = CommandBuilders.START_GATEWAYRECEIVER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_START_GW_RECEIVER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_START_GATEWAYSENDER() {
+ String commandString = CommandBuilders.START_GATEWAYSENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_START_GW_SENDER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_STATUS_GATEWAYSENDER() {
+ String commandString = CommandBuilders.STATUS_GATEWAYSENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_STATUS_GATEWAYRECEIVER() {
+ String commandString = CommandBuilders.STATUS_GATEWAYRECEIVER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_STOP_GATEWAYRECEIVER() {
+ String commandString = CommandBuilders.STOP_GATEWAYRECEIVER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_STOP_GW_RECEIVER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_STOP_GATEWAYSENDER() {
+ String commandString = CommandBuilders.STOP_GATEWAYSENDER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_STOP_GW_SENDER));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_DESCRIBE_CLIENT() {
+ String commandString = CommandBuilders.DESCRIBE_CLIENT();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_DESCRIBE_MEMBER() {
+ String commandString = CommandBuilders.DESCRIBE_MEMBER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_EXPORT_LOGS() {
+ String commandString = CommandBuilders.EXPORT_LOGS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_EXPORT_LOGS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_EXPORT_STACKTRACE() {
+ String commandString = CommandBuilders.EXPORT_STACKTRACE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_EXPORT_STACKTRACE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_GC() {
+ String commandString = CommandBuilders.GC();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_GC));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_CLIENTS() {
+ String commandString = CommandBuilders.LIST_CLIENTS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_MEMBER() {
+ String commandString = CommandBuilders.LIST_MEMBER();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_NETSTAT() {
+ String commandString = CommandBuilders.NETSTAT();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_NETSTAT));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_SHOW_DEADLOCK() {
+ String commandString = CommandBuilders.SHOW_DEADLOCK();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_SHOW_DEADLOCKS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_SHOW_LOG() {
+ String commandString = CommandBuilders.SHOW_LOG();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_SHOW_LOG));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_SHOW_METRICS() {
+ String commandString = CommandBuilders.SHOW_METRICS();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_SHOW_METRICS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CLEAR_DEFINED_INDEXES() {
+ String commandString = CommandBuilders.CLEAR_DEFINED_INDEXES();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_INDEX));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_DEFINED_INDEXES() {
+ String commandString = CommandBuilders.CREATE_DEFINED_INDEXES();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_INDEX));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_INDEX() {
+ String commandString = CommandBuilders.CREATE_INDEX();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_INDEX));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_DEFINE_INDEX() {
+ String commandString = CommandBuilders.DEFINE_INDEX();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_INDEX));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_DESTROY_INDEX() {
+ String commandString = CommandBuilders.DESTROY_INDEX();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_DESTROY_INDEX));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_INDEX() {
+ String commandString = CommandBuilders.LIST_INDEX();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CONFIGURE_PDX() {
+ String commandString = CommandBuilders.CONFIGURE_PDX();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CONFIGURE_PDX));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_ALTER_REGION() {
+ String commandString = CommandBuilders.ALTER_REGION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_ALTER_REGION));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_CREATE_REGION() {
+ String commandString = CommandBuilders.CREATE_REGION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_CREATE_REGION));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_DESCRIBE_REGION() {
+ String commandString = CommandBuilders.DESCRIBE_REGION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_DESTROY_REGION() {
+ String commandString = CommandBuilders.DESTROY_REGION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_DESTROY_REGION));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void _test_LIST_REGION() {
+ String commandString = CommandBuilders.LIST_REGION();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_LIST_DS));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+ public void test_REBALANCE() {
+ String commandString = CommandBuilders.REBALANCE();
+ writeToFile(getSecuredProperties(CommandBuilders.OP_REBALANCE));
+ securityCheckForCommand(commandString, tempFilePath, getAssertor());
+ }
+
+}