You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/06/21 03:14:23 UTC
[2/9] incubator-geode git commit: GEODE-17: used new security
interface for integrated security.
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
index b9ffd02..7c82f8d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
@@ -16,6 +16,14 @@
*/
package com.gemstone.gemfire.management.internal.cli.commands;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.PrintStream;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.Arrays;
+import java.util.Collection;
+
import com.gemstone.gemfire.internal.cache.CacheConfig;
import com.gemstone.gemfire.internal.cache.DiskStoreImpl;
import com.gemstone.gemfire.internal.cache.xmlcache.CacheCreation;
@@ -33,27 +41,19 @@ import com.gemstone.gemfire.management.internal.security.ResourceOperation;
import com.gemstone.gemfire.pdx.ReflectionBasedAutoSerializer;
import com.gemstone.gemfire.pdx.internal.EnumInfo;
import com.gemstone.gemfire.pdx.internal.PdxType;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
+
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
import org.springframework.shell.core.annotation.CliOption;
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.io.StringWriter;
-import java.util.Arrays;
-import java.util.Collection;
-
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-
public class PDXCommands extends AbstractCommandsSupport{
@CliCommand (value = CliStrings.CONFIGURE_PDX, help = CliStrings.CONFIGURE_PDX__HELP)
@CliMetaData (relatedTopic = CliStrings.TOPIC_GEODE_REGION, writesToSharedConfiguration = true)
- @ResourceOperation( resource=Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation( resource= Resource.DATA, operation = Operation.MANAGE)
public Result configurePDX(
@CliOption (key = CliStrings.CONFIGURE_PDX__READ__SERIALIZED,
unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE,
@@ -174,8 +174,8 @@ public class PDXCommands extends AbstractCommandsSupport{
}
@CliCommand (value = CliStrings.PDX_RENAME, help = CliStrings.PDX_RENAME__HELP)
- @CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEODE_DISKSTORE })
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEODE_DISKSTORE})
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result pdxRename(
@CliOption (key = CliStrings.PDX_RENAME_OLD,
mandatory=true,
@@ -227,63 +227,7 @@ public class PDXCommands extends AbstractCommandsSupport{
}
}
-
- // The pdx delete-field command has been disabled until it has native client support.
-// @CliCommand (value = CliStrings.PDX_DELETE_FIELD, help = CliStrings.PDX_DELETE_FIELD__HELP)
-// @CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEODE_DISKSTORE})
-// public Result pdxDeleteField(
-// @CliOption (key = CliStrings.PDX_CLASS,
-// mandatory=true,
-// help = CliStrings.PDX_CLASS__HELP)
-// String className,
-//
-// @CliOption (key = CliStrings.PDX_FIELD,
-// mandatory=true,
-// help = CliStrings.PDX_FIELD__HELP)
-// String fieldName,
-//
-// @CliOption (key = CliStrings.PDX_DISKSTORE,
-// mandatory=true,
-// help = CliStrings.PDX_DISKSTORE__HELP)
-// String diskStore,
-//
-// @CliOption (key = CliStrings.PDX_DISKDIR,
-// mandatory=true,
-// help = CliStrings.PDX_DISKDIR__HELP)
-// @CliMetaData (valueSeparator = ",")
-// String[] diskDirs){
-//
-// try {
-// final File[] dirs = new File[diskDirs.length];
-// for (int i = 0; i < diskDirs.length; i++) {
-// dirs[i] = new File((diskDirs[i]));
-// }
-//
-// Collection<PdxType> results = DiskStoreImpl.pdxDeleteField(diskStore, dirs, className, fieldName);
-//
-// if(results.isEmpty()) {
-// return ResultBuilder.createGemFireErrorResult(CliStrings.format(CliStrings.PDX_DELETE__EMPTY));
-// }
-//
-// ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-// PrintStream printStream = new PrintStream(outputStream);
-// for(PdxType p : results) {
-// p.toStream(printStream, false);
-// }
-// String resultString = CliStrings.format(CliStrings.PDX_DELETE_FIELD__SUCCESS, outputStream.toString());
-// return ResultBuilder.createInfoResult(resultString);
-//
-// } catch (Exception e) {
-// return ResultBuilder.createGemFireErrorResult(CliStrings.format(CliStrings.PDX_DELETE_FIELD__ERROR, e.getMessage()));
-// }
-//
-// }
-//
-// @CliAvailabilityIndicator({CliStrings.PDX_DELETE_FIELD})
-// public boolean pdxDeleteFieldCommandsAvailable() {
-// return true;
-// }
-
+
@CliAvailabilityIndicator({CliStrings.PDX_RENAME})
public boolean pdxRenameCommandsAvailable() {
return true;
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
index c321a0d..466cb86 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
@@ -16,6 +16,11 @@
*/
package com.gemstone.gemfire.management.internal.cli.commands;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
import com.gemstone.gemfire.SystemFailure;
import com.gemstone.gemfire.cache.execute.ResultCollector;
import com.gemstone.gemfire.distributed.DistributedMember;
@@ -37,20 +42,14 @@ import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.configuration.SharedConfigurationWriter;
import com.gemstone.gemfire.management.internal.configuration.domain.XmlEntity;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
import org.springframework.shell.core.annotation.CliOption;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-
/**
* The QueueCommands class encapsulates all GemFire Queue commands in Gfsh.
* </p>
@@ -64,7 +63,7 @@ public class QueueCommands implements CommandMarker {
@CliCommand(value = CliStrings.CREATE_ASYNC_EVENT_QUEUE, help = CliStrings.CREATE_ASYNC_EVENT_QUEUE__HELP)
@CliMetaData(writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result createAsyncEventQueue(
@CliOption(key = CliStrings.CREATE_ASYNC_EVENT_QUEUE__ID,
mandatory = true,
@@ -216,7 +215,7 @@ public class QueueCommands implements CommandMarker {
}
@CliCommand(value = CliStrings.LIST_ASYNC_EVENT_QUEUES, help = CliStrings.LIST_ASYNC_EVENT_QUEUES__HELP)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result listAsyncEventQueues() {
try {
TabularResultData tabularData = ResultBuilder.createTabularResultData();
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
index 63f0ea2..d7fb1cc 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
@@ -16,8 +16,6 @@
*/
package com.gemstone.gemfire.management.internal.cli.commands;
-import static com.gemstone.gemfire.cache.operations.OperationContext.*;
-
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
@@ -52,6 +50,8 @@ import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.cli.util.RegionAttributesNames;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
@@ -77,7 +77,7 @@ public class RegionCommands implements CommandMarker {
@CliCommand(value = { CliStrings.LIST_REGION }, help = CliStrings.LIST_REGION__HELP)
@CliMetaData(shellOnly = false, relatedTopic = CliStrings.TOPIC_GEODE_REGION)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result listRegion(
@CliOption(key = { CliStrings.LIST_REGION__GROUP },
optionContext = ConverterHint.MEMBERGROUP,
@@ -155,7 +155,7 @@ public class RegionCommands implements CommandMarker {
@CliCommand(value = { CliStrings.DESCRIBE_REGION }, help = CliStrings.DESCRIBE_REGION__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEODE_REGION, CliStrings.TOPIC_GEODE_CONFIG } )
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result describeRegion(
@CliOption(key = CliStrings.DESCRIBE_REGION__NAME,
optionContext = ConverterHint.REGIONPATH,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
index ba4b0ac..5306aff 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
@@ -16,6 +16,10 @@
*/
package com.gemstone.gemfire.management.internal.cli.commands;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
import com.gemstone.gemfire.cache.execute.ResultCollector;
import com.gemstone.gemfire.distributed.DistributedMember;
import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
@@ -30,17 +34,13 @@ import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
import com.gemstone.gemfire.management.internal.configuration.domain.SharedConfigurationStatus;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
+
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-
public class StatusCommands extends AbstractCommandsSupport implements CommandMarker {
static final FetchSharedConfigurationStatusFunction fetchSharedConfigStatusFunction = new FetchSharedConfigurationStatusFunction();
@@ -48,7 +48,7 @@ public class StatusCommands extends AbstractCommandsSupport implements CommandMa
@SuppressWarnings("unchecked")
@CliCommand (value = CliStrings.STATUS_SHARED_CONFIG, help = CliStrings.STATUS_SHARED_CONFIG_HELP)
@CliMetaData (relatedTopic = CliStrings.TOPIC_GEODE_LOCATOR)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result statusSharedConfiguration() {
final GemFireCacheImpl cache = GemFireCacheImpl.getInstance();
final Set<DistributedMember> locators = new HashSet<DistributedMember>(cache.getDistributionManager().getAllHostedLocatorsWithSharedConfiguration().keySet());
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
index 47b547d..ccce8e4 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
@@ -16,6 +16,21 @@
*/
package com.gemstone.gemfire.management.internal.cli.commands;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeMap;
+import java.util.concurrent.Callable;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.ThreadFactory;
+import java.util.concurrent.atomic.AtomicInteger;
+import javax.management.ObjectName;
+
import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.CacheFactory;
import com.gemstone.gemfire.cache.execute.ResultCollector;
@@ -45,29 +60,14 @@ import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.configuration.SharedConfigurationWriter;
import com.gemstone.gemfire.management.internal.configuration.domain.XmlEntity;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
+
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
import org.springframework.shell.core.annotation.CliOption;
-import javax.management.ObjectName;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TreeMap;
-import java.util.concurrent.Callable;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.concurrent.ThreadFactory;
-import java.util.concurrent.atomic.AtomicInteger;
-
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-
public class WanCommands implements CommandMarker {
private Gfsh getGfsh() {
@@ -76,7 +76,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.CREATE_GATEWAYSENDER, help = CliStrings.CREATE_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN, writesToSharedConfiguration=true)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result createGatewaySender(
@CliOption(key = CliStrings.CREATE_GATEWAYSENDER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
@@ -193,7 +193,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.START_GATEWAYSENDER, help = CliStrings.START_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result startGatewaySender(
@CliOption(key = CliStrings.START_GATEWAYSENDER__ID,
mandatory = true,
@@ -336,7 +336,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.PAUSE_GATEWAYSENDER, help = CliStrings.PAUSE_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result pauseGatewaySender(
@CliOption(key = CliStrings.PAUSE_GATEWAYSENDER__ID,
mandatory = true,
@@ -429,7 +429,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.RESUME_GATEWAYSENDER, help = CliStrings.RESUME_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource=Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource=Resource.DATA, operation = Operation.MANAGE)
public Result resumeGatewaySender(
@CliOption(key = CliStrings.RESUME_GATEWAYSENDER__ID,
mandatory = true,
@@ -569,7 +569,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STOP_GATEWAYSENDER, help = CliStrings.STOP_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result stopGatewaySender(
@CliOption(key = CliStrings.STOP_GATEWAYSENDER__ID,
mandatory = true,
@@ -645,7 +645,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.CREATE_GATEWAYRECEIVER, help = CliStrings.CREATE_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation( resource=Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation( resource=Resource.DATA, operation = Operation.MANAGE)
public Result createGatewayReceiver(
@CliOption(key = CliStrings.CREATE_GATEWAYRECEIVER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
@@ -725,7 +725,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.LOAD_BALANCE_GATEWAYSENDER, help = CliStrings.LOAD_BALANCE_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result loadBalanceGatewaySender(
@CliOption(key = CliStrings.LOAD_BALANCE_GATEWAYSENDER__ID,
mandatory = true,
@@ -791,7 +791,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.START_GATEWAYRECEIVER, help = CliStrings.START_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result startGatewayReceiver(
@CliOption(key = CliStrings.START_GATEWAYRECEIVER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
@@ -853,7 +853,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STOP_GATEWAYRECEIVER, help = CliStrings.STOP_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource = Resource.DATA, operation = Operation.MANAGE)
public Result stopGatewayReceiver(
@CliOption(key = CliStrings.STOP_GATEWAYRECEIVER__GROUP,
@@ -927,7 +927,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.LIST_GATEWAY, help = CliStrings.LIST_GATEWAY__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result listGateway(
@CliOption(key = CliStrings.LIST_GATEWAY__MEMBER,
optionContext = ConverterHint.MEMBERIDNAME,
@@ -1018,7 +1018,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STATUS_GATEWAYSENDER, help = CliStrings.STATUS_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result statusGatewaySender(
@CliOption(key = CliStrings.STATUS_GATEWAYSENDER__ID,
mandatory = true,
@@ -1085,7 +1085,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STATUS_GATEWAYRECEIVER, help = CliStrings.STATUS_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEODE_WAN)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result statusGatewayReceiver(
@CliOption(key = CliStrings.STATUS_GATEWAYRECEIVER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
index efbc1f1..8943dfb 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
@@ -47,6 +47,7 @@ import javax.management.remote.MBeanServerForwarder;
import com.gemstone.gemfire.management.internal.ManagementConstants;
import com.gemstone.gemfire.security.GemFireSecurityException;
import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.security.GeodePermission;
/**
* This class intercepts all MBean requests for GemFire MBeans and passed it to
@@ -56,15 +57,8 @@ import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
*/
public class MBeanServerWrapper implements MBeanServerForwarder {
private MBeanServer mbs;
-
- public MBeanServerWrapper(){
- }
-
- private void doAuthorizationPost(ResourceOperationContext context){
- if(context == null)
- return;
- //interceptor.postAuthorize(context);
+ public MBeanServerWrapper(){
}
private void checkDomain(ObjectName name){
@@ -117,7 +111,7 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
}
@Override
- public ObjectInstance getObjectInstance(ObjectName name) throws InstanceNotFoundException {
+ public ObjectInstance getObjectInstance(ObjectName name) throws InstanceNotFoundException {
return mbs.getObjectInstance(name);
}
@@ -145,14 +139,14 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
}
@Override
- public Integer getMBeanCount() {
+ public Integer getMBeanCount() {
return mbs.getMBeanCount();
}
@Override
public Object getAttribute(ObjectName name, String attribute) throws MBeanException, InstanceNotFoundException,
ReflectionException {
- ResourceOperationContext ctx = getOperationContext(name, attribute, false);
+ GeodePermission ctx = getOperationContext(name, attribute, false);
GeodeSecurityUtil.authorize(ctx);
Object result;
try {
@@ -160,10 +154,6 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
} catch (AttributeNotFoundException nex) {
return null;
}
- if (ctx != null) {
- ctx.setPostOperationResult(result);
- }
- doAuthorizationPost(ctx);
return result;
}
@@ -186,7 +176,7 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
@Override
public void setAttribute(ObjectName name, Attribute attribute) throws InstanceNotFoundException,
AttributeNotFoundException, InvalidAttributeValueException, MBeanException, ReflectionException {
- ResourceOperationContext ctx = getOperationContext(name, attribute.getName(), false);
+ GeodePermission ctx = getOperationContext(name, attribute.getName(), false);
GeodeSecurityUtil.authorize(ctx);
mbs.setAttribute(name, attribute);
}
@@ -209,18 +199,16 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
public Object invoke(ObjectName name, String operationName, Object[] params, String[] signature)
throws InstanceNotFoundException, MBeanException, ReflectionException {
- ResourceOperationContext ctx = getOperationContext(name, operationName, true);
+ GeodePermission ctx = getOperationContext(name, operationName, true);
GeodeSecurityUtil.authorize(ctx);
Object result = mbs.invoke(name, operationName, params, signature);
- if(ctx!=null)
- ctx.setPostOperationResult(result);
- doAuthorizationPost(ctx);
+
return result;
}
// TODO: cache this
- private ResourceOperationContext getOperationContext(ObjectName objectName, String featureName, boolean isOp)
+ private GeodePermission getOperationContext(ObjectName objectName, String featureName, boolean isOp)
throws InstanceNotFoundException, ReflectionException {
MBeanInfo beanInfo = null;
try {
@@ -229,7 +217,7 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
throw new GemFireSecurityException("error getting beanInfo of "+objectName, e);
}
// If there is no annotation defined either in the class level or method level, we should consider this operation/attribute freely accessible
- ResourceOperationContext result = null;
+ GeodePermission result = null;
// find the context in the beanInfo if defined in the class level
result = getOperationContext(beanInfo.getDescriptor(), result);
@@ -252,11 +240,11 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
return result;
}
- private ResourceOperationContext getOperationContext(Descriptor descriptor, ResourceOperationContext defaultValue){
+ private GeodePermission getOperationContext(Descriptor descriptor, GeodePermission defaultValue){
String resource = (String)descriptor.getFieldValue("resource");
String operationCode = (String)descriptor.getFieldValue("operation");
if(resource!=null && operationCode!=null){
- return new ResourceOperationContext(resource, operationCode, null);
+ return new GeodePermission(resource, operationCode);
}
return defaultValue;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
index 8b50183..9f62d0d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
@@ -16,8 +16,6 @@
*/
package com.gemstone.gemfire.management.internal.security;
-import static com.gemstone.gemfire.cache.operations.OperationContext.*;
-
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
@@ -25,6 +23,9 @@ import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import javax.management.DescriptorKey;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
+
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@@ -33,5 +34,5 @@ public @interface ResourceOperation {
Resource resource() default Resource.NULL;
@DescriptorKey("operation")
- OperationCode operation() default OperationCode.NULL;
+ Operation operation() default Operation.NULL;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
deleted file mode 100644
index 99da1f1..0000000
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.cache.operations.OperationContext;
-
-/**
- * This is base class for OperationContext for resource (JMX and CLI) operations
- */
-public class ResourceOperationContext extends OperationContext {
-
- private boolean isPostOperation = false;
- private Object opResult = null;
-
- // these default values are used when creating a lock around an operation
- private Resource resource = Resource.NULL;
- private OperationCode operation = OperationCode.NULL;
- private String regionName = OperationContext.ALL_REGIONS;
-
- public ResourceOperationContext() {
- this(null, null, null);
- }
-
- // When only specified a resource and operation, it's assumed that you need access to all regions in order to perform the operations
- // guarded by this ResourceOperationConext
- public ResourceOperationContext(String resource, String operation) {
- this(resource, operation, OperationContext.ALL_REGIONS);
- }
-
- public ResourceOperationContext(String resource, String operation, String regionName) {
- if (resource != null) this.resource = Resource.valueOf(resource);
- if (operation != null) this.operation = OperationCode.valueOf(operation);
- if (regionName !=null ) this.regionName = regionName;
-
- setParts(this.resource.name()+":"+this.operation.name()+":"+this.regionName, true);
- }
-
- @Override
- public boolean isClientUpdate() {
- return false;
- }
-
- @Override
- public OperationCode getOperationCode() {
- return operation;
- }
-
- @Override
- public Resource getResource() {
- return resource;
- }
-
- @Override
- public String getRegionName(){
- return this.regionName;
- }
-
- @Override
- public boolean isPostOperation() {
- return isPostOperation;
- }
-
- public void setPostOperationResult(Object result) {
- this.isPostOperation = true;
- this.opResult = result;
- }
-
- public Object getOperationResult() {
- return this.opResult;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/security/AccessControl.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/AccessControl.java b/geode-core/src/main/java/com/gemstone/gemfire/security/AccessControl.java
index eff2a62..4faff72 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/AccessControl.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/AccessControl.java
@@ -17,14 +17,13 @@
package com.gemstone.gemfire.security;
+import java.security.Principal;
+
import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.CacheCallback;
-import com.gemstone.gemfire.cache.CacheFactory;
import com.gemstone.gemfire.cache.operations.OperationContext;
import com.gemstone.gemfire.distributed.DistributedMember;
-import java.security.Principal;
-
/**
* Specifies the interface to authorize operations at the cache or region level
* for clients or servers. Implementations should register name of the static
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/security/ExternalSecurity.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/ExternalSecurity.java b/geode-core/src/main/java/com/gemstone/gemfire/security/ExternalSecurity.java
new file mode 100644
index 0000000..133eba2
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/ExternalSecurity.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import java.security.Principal;
+import java.util.Properties;
+
+public interface ExternalSecurity {
+
+ void init(Properties securityProps);
+
+ Principal authenticate(Properties props) throws AuthenticationFailedException;
+
+ default boolean authorize(Principal principal, GeodePermission permission) {
+ return true;
+ }
+
+ //post-processing as well if we can find a good way to support it
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/security/GeodePermission.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/GeodePermission.java b/geode-core/src/main/java/com/gemstone/gemfire/security/GeodePermission.java
new file mode 100644
index 0000000..95ef2c8
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/GeodePermission.java
@@ -0,0 +1,93 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import org.apache.shiro.authz.permission.WildcardPermission;
+
+public class GeodePermission extends WildcardPermission {
+
+ public static String ALL_REGIONS = "*";
+
+ public enum Resource {
+ NULL,
+ CLUSTER,
+ DATA
+ }
+
+ public enum Operation {
+ NULL,
+ MANAGE,
+ WRITE,
+ READ;
+ }
+
+ public Resource getResource() {
+ return resource;
+ }
+
+ public Operation getOperation() {
+ return operation;
+ }
+
+ public String getRegionName() {
+ return regionName;
+ }
+
+ // these default values are used when creating a lock around an operation
+ private Resource resource = Resource.NULL;
+ private Operation operation = Operation.NULL;
+ private String regionName = ALL_REGIONS;
+
+ public GeodePermission() {
+ this(Resource.NULL, Operation.NULL);
+ }
+
+ public GeodePermission(String resource, String operation) {
+ this(Resource.valueOf(resource), Operation.valueOf(operation));
+ }
+
+ public GeodePermission(Resource resource, Operation operation){
+ this(resource, operation, ALL_REGIONS);
+ }
+
+ public GeodePermission(String resource, String operation, String regionName) {
+ if(resource != null) this.resource = Resource.valueOf(resource);
+ if(operation != null) this.operation = Operation.valueOf(operation);
+ if(regionName != null) this.regionName = regionName;
+
+ setParts(this.resource+":"+this.operation+":"+this.regionName, true);
+ }
+
+ public GeodePermission(Resource resource, Operation operation, String regionName){
+ if(resource != null) this.resource = resource;
+ if(operation != null) this.operation = operation;
+ if(regionName != null) this.regionName = regionName;
+
+ setParts(this.resource+":"+this.operation+":"+this.regionName, true);
+ }
+
+ @Override
+ public String toString() {
+ if (ALL_REGIONS.equals(getRegionName())) {
+ return getResource() + ":" + getOperation();
+ } else {
+ return getResource() + ":" + getOperation() + ":" + getRegionName();
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SampleJsonAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SampleJsonAuthorization.java b/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SampleJsonAuthorization.java
index 63c8536..3922d99 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SampleJsonAuthorization.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SampleJsonAuthorization.java
@@ -16,22 +16,6 @@
*/
package com.gemstone.gemfire.security.templates;
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.cache.Cache;
-import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
-import com.gemstone.gemfire.security.AccessControl;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-import com.gemstone.gemfire.security.NotAuthorizedException;
-import org.apache.commons.io.IOUtils;
-
-import javax.management.remote.JMXPrincipal;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
@@ -47,6 +31,21 @@ import java.util.Properties;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
+import javax.management.remote.JMXPrincipal;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.gemstone.gemfire.internal.logging.LogService;
+import com.gemstone.gemfire.management.internal.security.ResourceConstants;
+import com.gemstone.gemfire.security.AccessControl;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+import com.gemstone.gemfire.security.Authenticator;
+import com.gemstone.gemfire.security.ExternalSecurity;
+import com.gemstone.gemfire.security.GeodePermission;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.shiro.authz.Permission;
/**
* This class provides a sample implementation for authentication and authorization via the {@link AccessControl}
@@ -96,10 +95,10 @@ import java.util.stream.StreamSupport;
* }
* </pre>
*/
-public class SampleJsonAuthorization implements AccessControl, Authenticator {
+public class SampleJsonAuthorization implements ExternalSecurity {
public static class Role {
- List<OperationContext> permissions = new ArrayList<>();
+ List<GeodePermission> permissions = new ArrayList<>();
String name;
String serverGroup;
}
@@ -181,7 +180,7 @@ public class SampleJsonAuthorization implements AccessControl, Authenticator {
String resourcePart = (parts.length > 0) ? parts[0] : null;
String operationPart = (parts.length > 1) ? parts[1] : null;
String regionPart = (regionNames != null) ? regionNames : "*";
- role.permissions.add(new ResourceOperationContext(resourcePart, operationPart, regionPart));
+ role.permissions.add(new GeodePermission(resourcePart, operationPart, regionPart));
}
roleMap.put(role.name, role);
@@ -199,12 +198,9 @@ public class SampleJsonAuthorization implements AccessControl, Authenticator {
private Principal principal = null;
- @Override
- public void close() {
- }
@Override
- public boolean authorizeOperation(String region, OperationContext context) {
+ public boolean authorize(Principal principal, GeodePermission context) {
if (principal == null) return false;
User user = acl.get(principal.getName());
@@ -212,7 +208,7 @@ public class SampleJsonAuthorization implements AccessControl, Authenticator {
// check if the user has this permission defined in the context
for (Role role : acl.get(user.name).roles) {
- for (OperationContext permitted : role.permissions) {
+ for (Permission permitted : role.permissions) {
if (permitted.implies(context)) {
return true;
}
@@ -223,12 +219,11 @@ public class SampleJsonAuthorization implements AccessControl, Authenticator {
}
@Override
- public void init(Principal principal, DistributedMember arg1, Cache arg2) throws NotAuthorizedException {
- this.principal = principal;
+ public void init(Properties props) throws NotAuthorizedException {
}
@Override
- public Principal authenticate(Properties props, DistributedMember arg1) throws AuthenticationFailedException {
+ public Principal authenticate(Properties props) throws AuthenticationFailedException {
String user = props.getProperty(ResourceConstants.USER_NAME);
String pwd = props.getProperty(ResourceConstants.PASSWORD);
@@ -245,10 +240,6 @@ public class SampleJsonAuthorization implements AccessControl, Authenticator {
return new JMXPrincipal(user);
}
- @Override
- public void init(Properties arg0, LogWriter arg1, LogWriter arg2) throws AuthenticationFailedException {
- }
-
protected static String readFile(String name) throws IOException {
File file = new File(name);
FileReader reader = new FileReader(file);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
index 2c20e23..de57807 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
@@ -17,6 +17,9 @@
package com.gemstone.gemfire.internal.cache.extension.mock;
+import java.util.List;
+import java.util.Set;
+
import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.CacheFactory;
import com.gemstone.gemfire.cache.Region;
@@ -33,16 +36,13 @@ import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
import com.gemstone.gemfire.management.internal.configuration.SharedConfigurationWriter;
import com.gemstone.gemfire.management.internal.configuration.domain.XmlEntity;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
+
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliCommand;
import org.springframework.shell.core.annotation.CliOption;
-import java.util.List;
-import java.util.Set;
-
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-
/**
* Mock Extension gfsh commands.
*
@@ -81,7 +81,7 @@ public class MockExtensionCommands implements CommandMarker {
*/
@CliCommand(value = CREATE_MOCK_REGION_EXTENSION)
@CliMetaData(writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result createMockRegionExtension(@CliOption(key = OPTION_REGION_NAME, mandatory = true) final String regionName,
@CliOption(key = OPTION_VALUE, mandatory = true) final String value) {
return executeFunctionOnAllMembersTabulateResultPersist(CreateMockRegionExtensionFunction.INSTANCE, true,
@@ -102,7 +102,7 @@ public class MockExtensionCommands implements CommandMarker {
*/
@CliCommand(value = ALTER_MOCK_REGION_EXTENSION)
@CliMetaData(writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result alterMockRegionExtension(@CliOption(key = OPTION_REGION_NAME, mandatory = true) final String regionName,
@CliOption(key = OPTION_VALUE, mandatory = true) final String value) {
return executeFunctionOnAllMembersTabulateResultPersist(AlterMockRegionExtensionFunction.INSTANCE, true,
@@ -121,7 +121,7 @@ public class MockExtensionCommands implements CommandMarker {
*/
@CliCommand(value = DESTROY_MOCK_REGION_EXTENSION)
@CliMetaData(writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result destroyMockRegionExtension(@CliOption(key = OPTION_REGION_NAME, mandatory = true) final String regionName) {
return executeFunctionOnAllMembersTabulateResultPersist(DestroyMockRegionExtensionFunction.INSTANCE, true,
DestroyMockRegionExtensionFunction.toArgs(regionName));
@@ -138,7 +138,7 @@ public class MockExtensionCommands implements CommandMarker {
*/
@CliCommand(value = CREATE_MOCK_CACHE_EXTENSION)
@CliMetaData(writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result createMockCacheExtension(@CliOption(key = OPTION_VALUE, mandatory = true) final String value) {
return executeFunctionOnAllMembersTabulateResultPersist(CreateMockCacheExtensionFunction.INSTANCE, true, CreateMockCacheExtensionFunction.toArgs(value));
}
@@ -153,7 +153,7 @@ public class MockExtensionCommands implements CommandMarker {
* @since GemFire 8.1
*/
@CliCommand(value = ALTER_MOCK_CACHE_EXTENSION)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
@CliMetaData(writesToSharedConfiguration = true)
public Result alterMockCacheExtension(@CliOption(key = OPTION_VALUE, mandatory = true) final String value) {
return executeFunctionOnAllMembersTabulateResultPersist(AlterMockCacheExtensionFunction.INSTANCE, true, AlterMockCacheExtensionFunction.toArgs(value));
@@ -166,7 +166,7 @@ public class MockExtensionCommands implements CommandMarker {
* @since GemFire 8.1
*/
@CliCommand(value = DESTROY_MOCK_CACHE_EXTENSION)
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
@CliMetaData(writesToSharedConfiguration = true)
public Result destroyMockCacheExtension() {
return executeFunctionOnAllMembersTabulateResultPersist(DestroyMockCacheExtensionFunction.INSTANCE, false);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
index 69d99d8..dc2f497 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
@@ -16,7 +16,6 @@
*/
package com.gemstone.gemfire.management.internal.cli;
-import static com.gemstone.gemfire.cache.operations.OperationContext.*;
import static org.junit.Assert.*;
import java.lang.annotation.Annotation;
@@ -25,17 +24,6 @@ import java.util.ArrayList;
import java.util.List;
import java.util.Map;
-import org.junit.After;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-import org.springframework.shell.core.CommandMarker;
-import org.springframework.shell.core.Completion;
-import org.springframework.shell.core.Converter;
-import org.springframework.shell.core.MethodTarget;
-import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
-import org.springframework.shell.core.annotation.CliCommand;
-import org.springframework.shell.core.annotation.CliOption;
-
import com.gemstone.gemfire.management.cli.CliMetaData;
import com.gemstone.gemfire.management.cli.ConverterHint;
import com.gemstone.gemfire.management.cli.Result;
@@ -45,8 +33,21 @@ import com.gemstone.gemfire.management.internal.cli.parser.AvailabilityTarget;
import com.gemstone.gemfire.management.internal.cli.parser.CommandTarget;
import com.gemstone.gemfire.management.internal.cli.parser.Option;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
import com.gemstone.gemfire.test.junit.categories.UnitTest;
+import org.junit.After;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.shell.core.CommandMarker;
+import org.springframework.shell.core.Completion;
+import org.springframework.shell.core.Converter;
+import org.springframework.shell.core.MethodTarget;
+import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
+import org.springframework.shell.core.annotation.CliCommand;
+import org.springframework.shell.core.annotation.CliOption;
+
/**
* CommandManagerTest - Includes tests to check the CommandManager functions
*/
@@ -239,7 +240,7 @@ public class CommandManagerJUnitTest {
@CliCommand(value = { COMMAND1_NAME, COMMAND1_NAME_ALIAS }, help = COMMAND1_HELP)
@CliMetaData(shellOnly = true, relatedTopic = { "relatedTopicOfCommand1" })
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static String command1(
@CliArgument(name = ARGUMENT1_NAME, argumentContext = ARGUMENT1_CONTEXT, help = ARGUMENT1_HELP, mandatory = true)
String argument1,
@@ -255,13 +256,13 @@ public class CommandManagerJUnitTest {
}
@CliCommand(value = { COMMAND2_NAME })
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static String command2() {
return null;
}
@CliCommand(value = { "testParamConcat" })
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static Result testParamConcat(
@CliOption(key = { "string" })
String string,
@@ -278,7 +279,7 @@ public class CommandManagerJUnitTest {
}
@CliCommand(value = { "testMultiWordArg" })
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static Result testMultiWordArg(@CliArgument(name = "arg1")
String arg1, @CliArgument(name = "arg2")
String arg2) {
@@ -333,7 +334,7 @@ public class CommandManagerJUnitTest {
public static class MockPluginCommand implements CommandMarker {
@CliCommand(value = "mock plugin command")
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result mockPluginCommand() {
return null;
}
@@ -341,7 +342,7 @@ public class CommandManagerJUnitTest {
public static class MockPluginCommandUnlisted implements CommandMarker {
@CliCommand(value = "mock plugin command unlisted")
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public Result mockPluginCommandUnlisted() {
return null;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
index 088a6a1..c6ec2db 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
@@ -16,19 +16,10 @@
*/
package com.gemstone.gemfire.management.internal.cli.shell;
-import static com.gemstone.gemfire.cache.operations.OperationContext.*;
import static org.junit.Assert.*;
import java.util.List;
-import org.junit.After;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-import org.springframework.shell.core.CommandMarker;
-import org.springframework.shell.core.annotation.CliCommand;
-import org.springframework.shell.core.annotation.CliOption;
-import org.springframework.shell.event.ParseResult;
-
import com.gemstone.gemfire.management.cli.CliMetaData;
import com.gemstone.gemfire.management.cli.ConverterHint;
import com.gemstone.gemfire.management.cli.Result;
@@ -37,8 +28,18 @@ import com.gemstone.gemfire.management.internal.cli.GfshParser;
import com.gemstone.gemfire.management.internal.cli.annotation.CliArgument;
import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
import com.gemstone.gemfire.test.junit.categories.UnitTest;
+import org.junit.After;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.springframework.shell.core.CommandMarker;
+import org.springframework.shell.core.annotation.CliCommand;
+import org.springframework.shell.core.annotation.CliOption;
+import org.springframework.shell.event.ParseResult;
+
/**
* GfshExecutionStrategyTest - Includes tests to for GfshExecutionStrategyTest
*/
@@ -103,20 +104,20 @@ public class GfshExecutionStrategyJUnitTest {
@CliCommand(value = { COMMAND1_NAME, COMMAND1_NAME_ALIAS }, help = COMMAND1_HELP)
@CliMetaData(shellOnly = true )
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static Result command1() {
return ResultBuilder.createInfoResult(COMMAND1_SUCESS);
}
@CliCommand(value = { COMMAND2_NAME })
@CliMetaData(shellOnly = false )
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static Result command2() {
return ResultBuilder.createInfoResult(COMMAND2_SUCESS);
}
@CliCommand(value = { "testParamConcat" })
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static Result testParamConcat(
@CliOption(key = { "string" })
String string,
@@ -133,7 +134,7 @@ public class GfshExecutionStrategyJUnitTest {
}
@CliCommand(value = { "testMultiWordArg" })
- @ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+ @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
public static Result testMultiWordArg(@CliArgument(name = "arg1")
String arg1, @CliArgument(name = "arg2")
String arg2) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
index 6a12d70..cf2a739 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
@@ -47,7 +47,6 @@ public class CacheServerMBeanAuthenticationJUnitTest {
@JMXConnectionConfiguration(user = "data-admin", password = "1234567")
public void testAllAccess() throws Exception {
bean.removeIndex("foo");
- bean.executeContinuousQuery("bar");
bean.fetchLoadProbe();
bean.getActiveCQCount();
bean.stopContinuousQuery("bar");
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
new file mode 100644
index 0000000..1a74865
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
@@ -0,0 +1,94 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.management.internal.security;
+
+import static org.junit.Assert.*;
+
+import com.gemstone.gemfire.security.GeodePermission;
+import com.gemstone.gemfire.security.GeodePermission.Operation;
+import com.gemstone.gemfire.security.GeodePermission.Resource;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+import org.apache.shiro.authz.permission.WildcardPermission;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(UnitTest.class)
+public class GeodePermissionJUnitTest {
+
+ private GeodePermission context;
+
+ @Test
+ public void testEmptyConstructor(){
+ context = new GeodePermission();
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(Operation.NULL, context.getOperation());
+ assertEquals(GeodePermission.ALL_REGIONS, context.getRegionName());
+ }
+
+ @Test
+ public void testIsPermission(){
+ context = new GeodePermission();
+ assertTrue(context instanceof WildcardPermission);
+ }
+
+ @Test
+ public void testConstructor(){
+ context = new GeodePermission();
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(Operation.NULL, context.getOperation());
+ assertEquals(GeodePermission.ALL_REGIONS, context.getRegionName());
+
+ context = new GeodePermission();
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(Operation.NULL, context.getOperation());
+ assertEquals(GeodePermission.ALL_REGIONS, context.getRegionName());
+
+ context = new GeodePermission("DATA", null, null);
+ assertEquals(Resource.DATA, context.getResource());
+ assertEquals(Operation.NULL, context.getOperation());
+ assertEquals(GeodePermission.ALL_REGIONS, context.getRegionName());
+
+ context = new GeodePermission("CLUSTER", null, null);
+ assertEquals(Resource.CLUSTER, context.getResource());
+ assertEquals(Operation.NULL, context.getOperation());
+ assertEquals(GeodePermission.ALL_REGIONS, context.getRegionName());
+
+ context = new GeodePermission(null, "MANAGE", "REGIONA");
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(Operation.MANAGE, context.getOperation());
+ assertEquals("REGIONA", context.getRegionName());
+
+ context = new GeodePermission("DATA", "MANAGE", "REGIONA");
+ assertEquals(Resource.DATA, context.getResource());
+ assertEquals(Operation.MANAGE, context.getOperation());
+ assertEquals("REGIONA", context.getRegionName());
+ }
+
+ @Test
+ public void testToString(){
+ context = new GeodePermission();
+ assertEquals("NULL:NULL", context.toString());
+
+ context = new GeodePermission("DATA", "MANAGE");
+ assertEquals("DATA:MANAGE", context.toString());
+
+ context = new GeodePermission("DATA", "MANAGE", "REGIONA");
+ assertEquals("DATA:MANAGE:REGIONA", context.toString());
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
index edcf998..c44e364 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
@@ -17,22 +17,23 @@
package com.gemstone.gemfire.management.internal.security;
-import com.gemstone.gemfire.cache.operations.OperationContext;
+import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
+import static org.assertj.core.api.Assertions.*;
+
+import java.util.Properties;
+
import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
import com.gemstone.gemfire.security.GemFireSecurityException;
+import com.gemstone.gemfire.security.GeodePermission;
import com.gemstone.gemfire.test.junit.categories.SecurityTest;
import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
import org.apache.shiro.util.ThreadContext;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;
-import java.util.Properties;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
-
/**
* this test and ShiroUtilCustomRealmJUunitTest uses the same test body, but initialize the SecurityUtils differently.
* If you change shiro.ini, remmber to change the shiro-ini.json to match the changes as well.
@@ -139,7 +140,7 @@ public class GeodeSecurityUtilWithIniFileJUnitTest {
GeodeSecurityUtil.logout();
}
- private void assertNotAuthorized(OperationContext context){
+ private void assertNotAuthorized(GeodePermission context){
assertThatThrownBy(()-> GeodeSecurityUtil.authorize(context)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining("["+context.toString()+"]");
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java
deleted file mode 100644
index 46c0e1d..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.gemstone.gemfire.management.internal.security;
-
-import static org.junit.Assert.*;
-
-import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-import com.gemstone.gemfire.test.junit.categories.UnitTest;
-
-import org.apache.shiro.authz.permission.WildcardPermission;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category(UnitTest.class)
-public class ResourceOperationContextJUnitTest {
-
- private ResourceOperationContext context;
-
- @Test
- public void testEmptyConstructor(){
- context = new ResourceOperationContext();
- assertEquals(Resource.NULL, context.getResource());
- assertEquals(OperationCode.NULL, context.getOperationCode());
- assertEquals(OperationContext.ALL_REGIONS, context.getRegionName());
- }
-
- @Test
- public void testIsPermission(){
- context = new ResourceOperationContext();
- assertTrue(context instanceof WildcardPermission);
- }
-
- @Test
- public void testConstructor(){
- context = new ResourceOperationContext(null, null, null);
- assertEquals(Resource.NULL, context.getResource());
- assertEquals(OperationCode.NULL, context.getOperationCode());
- assertEquals(OperationContext.ALL_REGIONS, context.getRegionName());
-
- context = new ResourceOperationContext(null, null);
- assertEquals(Resource.NULL, context.getResource());
- assertEquals(OperationCode.NULL, context.getOperationCode());
- assertEquals(OperationContext.ALL_REGIONS, context.getRegionName());
-
- context = new ResourceOperationContext("DATA", null, null);
- assertEquals(Resource.DATA, context.getResource());
- assertEquals(OperationCode.NULL, context.getOperationCode());
- assertEquals(OperationContext.ALL_REGIONS, context.getRegionName());
-
- context = new ResourceOperationContext("CLUSTER", null, null);
- assertEquals(Resource.CLUSTER, context.getResource());
- assertEquals(OperationCode.NULL, context.getOperationCode());
- assertEquals(OperationContext.ALL_REGIONS, context.getRegionName());
-
- context = new ResourceOperationContext(null, "MANAGE", "REGIONA");
- assertEquals(Resource.NULL, context.getResource());
- assertEquals(OperationCode.MANAGE, context.getOperationCode());
- assertEquals("REGIONA", context.getRegionName());
-
- context = new ResourceOperationContext("DATA", "MANAGE", "REGIONA");
- assertEquals(Resource.DATA, context.getResource());
- assertEquals(OperationCode.MANAGE, context.getOperationCode());
- assertEquals("REGIONA", context.getRegionName());
- }
-
- @Test
- public void testToString(){
- context = new ResourceOperationContext();
- assertEquals("NULL:NULL", context.toString());
-
- context = new ResourceOperationContext("DATA", "MANAGE");
- assertEquals("DATA:MANAGE", context.toString());
-
- context = new ResourceOperationContext("DATA", "MANAGE", "REGIONA");
- assertEquals("DATA:MANAGE:REGIONA", context.toString());
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
index 2ddc6ee..f7ee8bb 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
@@ -20,49 +20,49 @@ package com.gemstone.gemfire.management.internal.security;
import java.util.ArrayList;
import java.util.List;
-import com.gemstone.gemfire.cache.operations.OperationContext;
+import com.gemstone.gemfire.security.GeodePermission;
import org.apache.shiro.authz.Permission;
public class TestCommand {
- public static OperationContext none = null;
- public static OperationContext everyOneAllowed = new ResourceOperationContext();
- public static OperationContext dataRead = new ResourceOperationContext("DATA", "READ");
- public static OperationContext dataWrite = new ResourceOperationContext("DATA", "WRITE");
- public static OperationContext dataManage = new ResourceOperationContext("DATA", "MANAGE");
+ public static GeodePermission none = null;
+ public static GeodePermission everyOneAllowed = new GeodePermission();
+ public static GeodePermission dataRead = new GeodePermission("DATA", "READ");
+ public static GeodePermission dataWrite = new GeodePermission("DATA", "WRITE");
+ public static GeodePermission dataManage = new GeodePermission("DATA", "MANAGE");
- public static OperationContext regionARead = new ResourceOperationContext("DATA", "READ", "RegionA");
- public static OperationContext regionAWrite = new ResourceOperationContext("DATA", "WRITE", "RegionA");
- public static OperationContext regionAManage = new ResourceOperationContext("DATA", "MANAGE", "RegionA");
+ public static GeodePermission regionARead = new GeodePermission("DATA", "READ", "RegionA");
+ public static GeodePermission regionAWrite = new GeodePermission("DATA", "WRITE", "RegionA");
+ public static GeodePermission regionAManage = new GeodePermission("DATA", "MANAGE", "RegionA");
- public static OperationContext clusterRead = new ResourceOperationContext("CLUSTER", "READ");
- public static OperationContext clusterWrite = new ResourceOperationContext("CLUSTER", "WRITE");
- public static OperationContext clusterManage = new ResourceOperationContext("CLUSTER", "MANAGE");
+ public static GeodePermission clusterRead = new GeodePermission("CLUSTER", "READ");
+ public static GeodePermission clusterWrite = new GeodePermission("CLUSTER", "WRITE");
+ public static GeodePermission clusterManage = new GeodePermission("CLUSTER", "MANAGE");
private static List<TestCommand> testCommands = new ArrayList<>();
static{
init();
}
-
+
private final String command;
- private final OperationContext permission;
-
- public TestCommand(String command, OperationContext permission) {
+ private final GeodePermission permission;
+
+ public TestCommand(String command, GeodePermission permission) {
this.command = command;
this.permission = permission;
}
-
- private static void createTestCommand(String command, OperationContext permission) {
+
+ private static void createTestCommand(String command, GeodePermission permission) {
TestCommand instance = new TestCommand(command, permission);
testCommands.add(instance);
}
-
+
public String getCommand() {
return this.command;
}
- public OperationContext getPermission() {
+ public GeodePermission getPermission() {
return this.permission;
}
@@ -72,8 +72,8 @@ public class TestCommand {
public static List<TestCommand> getPermittedCommands(Permission permission){
List<TestCommand> result = new ArrayList<>();
- for(TestCommand testCommand:testCommands){
- OperationContext cPerm = testCommand.getPermission();
+ for (TestCommand testCommand : testCommands) {
+ GeodePermission cPerm = testCommand.getPermission();
if(cPerm!=null && permission.implies(cPerm)){
result.add(testCommand);
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
index d98d962..dbc782f 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
@@ -18,14 +18,14 @@
*/
package com.gemstone.gemfire.security;
-import org.junit.Ignore;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
import com.gemstone.gemfire.test.junit.categories.DistributedTest;
import com.gemstone.gemfire.test.junit.categories.FlakyTest;
import com.gemstone.gemfire.test.junit.categories.SecurityTest;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
/**
* Test for authentication from client to server. This tests for both valid and
* invalid credentials/modules. It also checks for authentication
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
index 381bc33..f51431a 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
@@ -277,22 +277,7 @@ public abstract class ClientAuthenticationTestCase extends JUnit4DistributedTest
int locPort1 = getLocatorPort();
String locString = getAndClearLocatorString();
- int port1 = server1.invoke(() -> createCacheServer(locPort1, locString, "com.gemstone.gemfire.none", extraProps, javaProps));
-
- // Trying to create the region on client should throw a security exception
- Properties credentials2 = gen.getValidCredentials(1);
- Properties javaProps2 = gen.getJavaProperties();
- getLogWriter().info("testInvalidAuthenticator: For first client credentials: " + credentials2 + " : " + javaProps2);
-
- client1.invoke(() -> createCacheClient(authInit, credentials2, javaProps2, port1, 0, AUTHFAIL_EXCEPTION));
- client1.invoke(() -> closeCache());
-
- // Also test with invalid credentials
- Properties credentials3 = gen.getInvalidCredentials(1);
- Properties javaProps3 = gen.getJavaProperties();
- getLogWriter().info("testInvalidAuthenticator: For first client credentials: " + credentials3 + " : " + javaProps3);
-
- client1.invoke(() -> createCacheClient(authInit, credentials3, javaProps3, port1, 0, AUTHFAIL_EXCEPTION));
+ server1.invoke(() -> createCacheServer(locPort1, locString, "com.gemstone.gemfire.none", extraProps, javaProps, AUTHREQ_EXCEPTION));
}
protected void doTestNoAuthenticatorWithCredentials(final boolean multiUser) throws Exception {
@@ -494,21 +479,6 @@ public abstract class ClientAuthenticationTestCase extends JUnit4DistributedTest
// throw a security exception
client2.invoke(() -> createCacheClient("com.gemstone.none", credentials1, javaProps1, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
- // Now start the servers with invalid authenticator method.
- // Skip this test for a scheme which does not have an authInit in the
- // first place (e.g. SSL) since that will fail with AuthReqEx before
- // authenticator is even invoked.
- if (authInit != null && authInit.length() > 0) {
- server1.invoke(() -> createCacheServer(locPort1, locString, port1, "com.gemstone.gemfire.none", extraProps, javaProps));
- server2.invoke(() -> createCacheServer(locPort2, locString, port2, "com.gemstone.gemfire.none", extraProps, javaProps));
-
- createClient2WithException(multiUser, authInit, port1, port2, credentials1, javaProps1, zeroConns);
- createClient1WithException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
-
- } else {
- getLogWriter().info("testCredentialsForNotifications: Skipping invalid authenticator for scheme [" + gen.classCode() + "] which has no authInit");
- }
-
// Try connection with null auth-init on clients.
// Skip this test for a scheme which does not have an authInit in the
// first place (e.g. SSL).
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f447023e/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestUtils.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestUtils.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestUtils.java
index 8a7a470..3073705 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestUtils.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestUtils.java
@@ -16,13 +16,13 @@
*/
package com.gemstone.gemfire.security;
-import com.gemstone.gemfire.cache.Region;
+import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
+import static com.gemstone.gemfire.security.SecurityTestUtils.*;
+import static org.junit.Assert.*;
import java.util.Properties;
-import static com.gemstone.gemfire.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR;
-import static com.gemstone.gemfire.security.SecurityTestUtils.*;
-import static org.junit.Assert.assertNotNull;
+import com.gemstone.gemfire.cache.Region;
/**
* Extracted from ClientAuthenticationDUnitTest
@@ -33,21 +33,18 @@ public abstract class ClientAuthenticationTestUtils {
}
protected static Integer createCacheServer(final int locatorPort, final String locatorString, final String authenticator, final Properties extraProps, final Properties javaProps) {
- Properties authProps;
- if (extraProps == null) {
- authProps = new Properties();
- } else {
- authProps = extraProps;
- }
+ return createCacheServer(locatorPort, locatorString, 0, authenticator, extraProps, javaProps, NO_EXCEPTION);
+ }
- if (authenticator != null) {
- authProps.setProperty(SECURITY_CLIENT_AUTHENTICATOR, authenticator);
- }
+ protected static Integer createCacheServer(final int locatorPort, final String locatorString, final int serverPort, final String authenticator, final Properties extraProps, final Properties javaProps) {
+ return createCacheServer(locatorPort, locatorString, serverPort, authenticator, extraProps, javaProps, NO_EXCEPTION);
+ }
+ protected static Integer createCacheServer(final int locatorPort, final String locatorString, final String authenticator, final Properties extraProps, final Properties javaProps, final int expectedResult) {
- return SecurityTestUtils.createCacheServer(authProps, javaProps, locatorPort, locatorString, 0, NO_EXCEPTION);
+ return createCacheServer(locatorPort, locatorString, 0, authenticator, extraProps, javaProps, expectedResult);
}
- protected static void createCacheServer(final int locatorPort, final String locatorString, final int serverPort, final String authenticator, final Properties extraProps, final Properties javaProps) {
+ protected static Integer createCacheServer(final int locatorPort, final String locatorString, final int serverPort, final String authenticator, final Properties extraProps, final Properties javaProps, int expectedResult) {
Properties authProps;
if (extraProps == null) {
authProps = new Properties();
@@ -58,7 +55,7 @@ public abstract class ClientAuthenticationTestUtils {
if (authenticator != null) {
authProps.setProperty(SECURITY_CLIENT_AUTHENTICATOR, authenticator);
}
- SecurityTestUtils.createCacheServer(authProps, javaProps, locatorPort, locatorString, serverPort, NO_EXCEPTION);
+ return SecurityTestUtils.createCacheServer(authProps, javaProps, locatorPort, locatorString, serverPort, expectedResult);
}
protected static void createCacheClient(final String authInit, final Properties authProps, final Properties javaProps, final int[] ports, final int numConnections, final boolean multiUserMode, final boolean subscriptionEnabled, final int expectedResult) {