You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by je...@apache.org on 2016/03/04 21:04:39 UTC
incubator-geode git commit: GEODE-17: Convert OperationCode to enum
Repository: incubator-geode
Updated Branches:
refs/heads/feature/GEODE-17-2 ca89bcc05 -> 660d3bb2b
GEODE-17: Convert OperationCode to enum
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/660d3bb2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/660d3bb2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/660d3bb2
Branch: refs/heads/feature/GEODE-17-2
Commit: 660d3bb2bd9770b81cb0a45b186d917cf578706c
Parents: ca89bcc
Author: Jens Deppe <jd...@pivotal.io>
Authored: Fri Mar 4 12:04:22 2016 -0800
Committer: Jens Deppe <jd...@pivotal.io>
Committed: Fri Mar 4 12:04:22 2016 -0800
----------------------------------------------------------------------
.../cache/operations/OperationContext.java | 429 +++----------------
.../internal/security/MBeanServerWrapper.java | 2 +-
.../management/internal/security/Resource.java | 2 +
...horizeOperationForMBeansIntegrationTest.java | 7 +-
...erationForRegionCommandsIntegrationTest.java | 7 +-
.../CacheServerMBeanSecurityJUnitTest.java | 125 ++++++
.../internal/security/JSONAuthorization.java | 2 -
...tionCodesForDataCommandsIntegrationTest.java | 5 -
.../security/ClientAuthorizationDUnitTest.java | 5 +-
.../security/ClientAuthorizationTestBase.java | 8 +-
.../DeltaClientPostAuthorizationDUnitTest.java | 8 +-
.../templates/security/XmlAuthorization.java | 2 +-
.../internal/security/cacheServer.json | 34 ++
13 files changed, 245 insertions(+), 391 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
index 9d83064..fe8fbfb 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
@@ -17,21 +17,15 @@
package com.gemstone.gemfire.cache.operations;
-import java.util.HashMap;
-import java.util.Map;
-
-import com.gemstone.gemfire.cache.Cache;
-import com.gemstone.gemfire.cache.Region;
-
/**
* Encapsulates a cache operation and the data associated with it for both the
* pre-operation and post-operation cases. Implementations for specific
* operations will extend this with the specifics as required e.g. a getKey()
* method for a GET operation. Implementations for all the cache operations that
* require authorization are provided.
- *
+ *
* Implementations of this interface are <b>not</b> expected to be thread-safe.
- *
+ *
* @author Sumedh Wale
* @since 5.5
*/
@@ -40,486 +34,199 @@ public abstract class OperationContext {
/**
* Enumeration for various cache operations. Implementations for each of the
* supported operation listed here are provided.
- *
+ *
* @author Sumedh Wale
* @since 5.5
*/
- public static final class OperationCode {
-
- private static final byte OP_GET = 1;
-
- private static final byte OP_PUT = 2;
-
- private static final byte OP_DESTROY = 3;
-
- private static final byte OP_INVALIDATE = 4;
-
- private static final byte OP_REGISTER_INTEREST = 5;
-
- private static final byte OP_UNREGISTER_INTEREST = 6;
-
- private static final byte OP_CONTAINS_KEY = 7;
-
- private static final byte OP_KEY_SET = 8;
-
- private static final byte OP_QUERY = 9;
-
- private static final byte OP_EXECUTE_CQ = 10;
-
- private static final byte OP_STOP_CQ = 11;
-
- private static final byte OP_CLOSE_CQ = 12;
-
- private static final byte OP_REGION_CLEAR = 13;
-
- private static final byte OP_REGION_CREATE = 14;
-
- private static final byte OP_REGION_DESTROY = 15;
-
- private static final byte OP_PUTALL = 16;
-
- private static final byte OP_EXECUTE_FUNCTION = 17;
-
- private static final byte OP_GET_DURABLE_CQS = 18;
-
- private static final byte OP_REMOVEALL = 19;
-
- private static final byte OP_RESOURCE = 20;
-
- private static final byte OP_LIST = 21;
-
- private static final byte OP_CREATE_QUERY = 22;
-
- private static final byte OP_UPDATE_QUERY = 23;
-
- private static final byte OP_DELETE_QUERY = 24;
-
- private static final OperationCode[] VALUES = new OperationCode[25];
-
- private static final Map OperationNameMap = new HashMap();
-
- /**
- * A LIST operation.
- * LIST regions, registered functions, named queries in DS.
- */
- public static final OperationCode LIST = new OperationCode(
- "LIST", OP_LIST);
-
- /**
- * A create parameterized query operation with developer REST APIs.
- */
- public static final OperationCode CREATE_QUERY = new OperationCode(
- "CREATE_QUERY", OP_CREATE_QUERY);
-
- /**
- * A update parameterized query operation with developer REST APIs.
- */
- public static final OperationCode UPDATE_QUERY = new OperationCode(
- "UPDATE_QUERY", OP_UPDATE_QUERY);
-
- /**
- * A delete parameterized query operation with developer REST APIs.
- */
- public static final OperationCode DELETE_QUERY = new OperationCode(
- "DELETE_QUERY", OP_DELETE_QUERY);
-
- /**
- * An entry get operation.
- *
- * @see Region#get(Object)
- */
- public static final OperationCode GET = new OperationCode("GET", OP_GET);
-
- /**
- * An entry create/update operation.
- *
- * @see Region#put(Object, Object)
- */
- public static final OperationCode PUT = new OperationCode("PUT", OP_PUT);
-
- /**
- * An map putAll operation.
- *
- * @see Region#putAll(Map map)
- */
- public static final OperationCode PUTALL = new OperationCode("PUTALL", OP_PUTALL);
-
- /**
- * A region removeAll operation.
- *
- * @see Region#removeAll(java.util.Collection)
- * @since 8.1
- */
- public static final OperationCode REMOVEALL = new OperationCode("REMOVEALL", OP_REMOVEALL);
-
- /**
- * An entry destroy operation.
- *
- * @see Region#destroy(Object, Object)
- */
- public static final OperationCode DESTROY = new OperationCode("DESTROY",
- OP_DESTROY);
-
- /**
- * An entry invalidate operation.
- *
- * @see Region#invalidate(Object, Object)
- */
- public static final OperationCode INVALIDATE = new OperationCode(
- "INVALIDATE", OP_INVALIDATE);
-
- /**
- * A register interest operation.
- *
- * @see Region#registerInterest(Object)
- */
- public static final OperationCode REGISTER_INTEREST = new OperationCode(
- "REGISTER_INTEREST", OP_REGISTER_INTEREST);
-
- /**
- * An unregister interest operation.
- *
- * @see Region#unregisterInterest
- */
- public static final OperationCode UNREGISTER_INTEREST = new OperationCode(
- "UNREGISTER_INTEREST", OP_UNREGISTER_INTEREST);
-
- /**
- * A region <code>containsKey</code> operation.
- *
- * @see Region#containsKey
- */
- public static final OperationCode CONTAINS_KEY = new OperationCode(
- "CONTAINS_KEY", OP_CONTAINS_KEY);
-
- /**
- * A region <code>keySet</code> operation.
- *
- * @see Region#keySet
- */
- public static final OperationCode KEY_SET = new OperationCode("KEY_SET",
- OP_KEY_SET);
-
- /**
- * A cache query operation.
- *
- * @see Region#query
- */
- public static final OperationCode QUERY = new OperationCode("QUERY",
- OP_QUERY);
-
- /**
- * A continuous query execution operation.
- */
- public static final OperationCode EXECUTE_CQ = new OperationCode(
- "EXECUTE_CQ", OP_EXECUTE_CQ);
-
- /**
- * A continuous query stop operation.
- */
- public static final OperationCode STOP_CQ = new OperationCode("STOP_CQ",
- OP_STOP_CQ);
-
- /**
- * A continuous query close operation.
- */
- public static final OperationCode CLOSE_CQ = new OperationCode("CLOSE_CQ",
- OP_CLOSE_CQ);
-
- /**
- * A region clear operation.
- *
- * @see Region#clear
- */
- public static final OperationCode REGION_CLEAR = new OperationCode(
- "REGION_CLEAR", OP_REGION_CLEAR);
-
- /**
- * A region create operation.
- *
- * @see Region#createSubregion
- * @see Cache#createRegion
- */
- public static final OperationCode REGION_CREATE = new OperationCode(
- "REGION_CREATE", OP_REGION_CREATE);
-
- /**
- * A region destroy operation.
- *
- * @see Region#destroyRegion(Object)
- */
- public static final OperationCode REGION_DESTROY = new OperationCode(
- "REGION_DESTROY", OP_REGION_DESTROY);
-
- /**
- * A function execution operation
- */
- public static final OperationCode EXECUTE_FUNCTION = new OperationCode(
- "EXECUTE_FUNCTION", OP_EXECUTE_FUNCTION);
-
- /**
- * A get durable continuous query operation
- */
- public static final OperationCode GET_DURABLE_CQS = new OperationCode(
- "GET_DURABLE_CQS", OP_GET_DURABLE_CQS);
-
-
- /**
- * A resource operation. See ResourceOperationContext for more details
- */
- public static final OperationCode RESOURCE = new OperationCode(
- "RESOURCE", OP_RESOURCE);
-
- /** The name of this operation. */
- private final String name;
-
- /**
- * One of the following: OP_GET, OP_CREATE, OP_UPDATE, OP_INVALIDATE,
- * OP_DESTROY, OP_REGISTER_INTEREST, OP_REGISTER_INTEREST_REGEX,
- * OP_UNREGISTER_INTEREST, OP_UNREGISTER_INTEREST_REGEX, OP_QUERY,
- * OP_REGION_CREATE, OP_REGION_DESTROY, OP_PUTALL
- */
- private final byte opCode;
-
- /** Creates a new instance of Operation. */
- private OperationCode(String name, byte opCode) {
- this.name = name;
- this.opCode = opCode;
- VALUES[opCode] = this;
- OperationNameMap.put(name, this);
- }
+ public enum OperationCode {
+ GET,
+ PUT,
+ DESTROY,
+ INVALIDATE,
+ REGISTER_INTEREST,
+ UNREGISTER_INTEREST,
+ CONTAINS_KEY,
+ KEY_SET,
+ QUERY,
+ EXECUTE_CQ,
+ STOP_CQ,
+ CLOSE_CQ,
+ REGION_CLEAR,
+ REGION_CREATE,
+ REGION_DESTROY,
+ PUTALL,
+ EXECUTE_FUNCTION,
+ GET_DURABLE_CQS,
+ REMOVEALL,
+ RESOURCE,
+ LIST,
+ CREATE_QUERY,
+ UPDATE_QUERY,
+ DELETE_QUERY;
/**
* Returns true if this is a list operation for regions, functions and queries.
*/
public boolean isList() {
- return (this.opCode == OP_LIST);
+ return (this == LIST);
}
/**
* Returns true if this is a create named query operation.
*/
public boolean isCreateQuery() {
- return (this.opCode == OP_CREATE_QUERY);
+ return (this == CREATE_QUERY);
}
/**
* Returns true if this is a update named query operation.
*/
public boolean isUpdateQuery() {
- return (this.opCode == OP_UPDATE_QUERY);
+ return (this == UPDATE_QUERY);
}
/**
* Returns true if this is a delete named query operation.
*/
public boolean isDestroyQuery() {
- return (this.opCode == OP_DELETE_QUERY);
+ return (this == DELETE_QUERY);
}
/**
* Returns true if this is a entry get operation.
*/
public boolean isGet() {
- return (this.opCode == OP_GET);
+ return (this == GET);
}
/**
* Returns true if this is a entry create/update operation.
*/
public boolean isPut() {
- return (this.opCode == OP_PUT);
+ return (this == PUT);
}
-
+
/**
* Returns true if this is a map putAll operation.
*/
public boolean isPutAll() {
- return (this.opCode == OP_PUTALL);
+ return (this == PUTALL);
}
-
+
/**
* Returns true if this is a region removeAll operation.
* @since 8.1
*/
public boolean isRemoveAll() {
- return (this.opCode == OP_REMOVEALL);
+ return (this == REMOVEALL);
}
/**
* Returns true if this is an entry destroy operation.
*/
public boolean isDestroy() {
- return (this.opCode == OP_DESTROY);
+ return (this == DESTROY);
}
/**
* Returns true if this is an entry invalidate operation.
*/
public boolean isInvalidate() {
- return (this.opCode == OP_INVALIDATE);
+ return (this == INVALIDATE);
}
/**
* Returns true if this is a register interest operation.
*/
public boolean isRegisterInterest() {
- return (this.opCode == OP_REGISTER_INTEREST);
+ return (this == REGISTER_INTEREST);
}
/**
* Returns true if this is an unregister interest operation.
*/
public boolean isUnregisterInterest() {
- return (this.opCode == OP_UNREGISTER_INTEREST);
+ return (this == UNREGISTER_INTEREST);
}
/**
* Returns true if this is a region <code>containsKey</code> operation.
*/
public boolean isContainsKey() {
- return (this.opCode == OP_CONTAINS_KEY);
+ return (this == CONTAINS_KEY);
}
/**
* Returns true if this is a region <code>keySet</code> operation.
*/
public boolean isKeySet() {
- return (this.opCode == OP_KEY_SET);
+ return (this == KEY_SET);
}
/**
* Returns true if this is a cache query operation.
*/
public boolean isQuery() {
- return (this.opCode == OP_QUERY);
+ return (this == QUERY);
}
/**
* Returns true if this is a continuous query execution operation.
*/
public boolean isExecuteCQ() {
- return (this.opCode == OP_EXECUTE_CQ);
+ return (this == EXECUTE_CQ);
}
/**
* Returns true if this is a continuous query stop operation.
*/
public boolean isStopCQ() {
- return (this.opCode == OP_STOP_CQ);
+ return (this == STOP_CQ);
}
/**
* Returns true if this is a continuous query close operation.
*/
public boolean isCloseCQ() {
- return (this.opCode == OP_CLOSE_CQ);
+ return (this == CLOSE_CQ);
}
/**
* Returns true if this is a region clear operation.
*/
public boolean isRegionClear() {
- return (this.opCode == OP_REGION_CLEAR);
+ return (this == REGION_CLEAR);
}
/**
* Returns true if this is a region create operation.
*/
public boolean isRegionCreate() {
- return (this.opCode == OP_REGION_CREATE);
+ return (this == REGION_CREATE);
}
/**
* Returns true if this is a region destroy operation.
*/
public boolean isRegionDestroy() {
- return (this.opCode == OP_REGION_DESTROY);
+ return (this == REGION_DESTROY);
}
-
+
/**
* Returns true if this is a execute region function operation.
*/
public boolean isExecuteRegionFunction() {
- return (this.opCode == OP_EXECUTE_FUNCTION);
+ return (this == EXECUTE_FUNCTION);
}
/**
* Returns true if this is a get durable cqs operation.
*/
public boolean isGetDurableCQs() {
- return (this.opCode == OP_GET_DURABLE_CQS);
- }
-
- /**
- * Returns the <code>OperationCode</code> represented by specified byte.
- */
- public static OperationCode fromOrdinal(byte opCode) {
- return VALUES[opCode];
- }
-
- /**
- * Returns the <code>OperationCode</code> represented by specified string.
- */
- public static OperationCode parse(String operationName) {
- return (OperationCode)OperationNameMap.get(operationName);
+ return (this == GET_DURABLE_CQS);
}
- /**
- * Returns the byte representing this operation code.
- *
- * @return a byte representing this operation.
- */
- public byte toOrdinal() {
- return this.opCode;
- }
- /**
- * Returns a string representation for this operation.
- *
- * @return the name of this operation.
- */
- @Override
- final public String toString() {
- return this.name;
- }
-
- /**
- * Indicates whether other object is same as this one.
- *
- * @return true if other object is same as this one.
- */
- @Override
- final public boolean equals(final Object obj) {
- if (obj == this) {
- return true;
- }
- if (!(obj instanceof OperationCode)) {
- return false;
- }
- final OperationCode other = (OperationCode)obj;
- return (other.opCode == this.opCode);
- }
-
- /**
- * Indicates whether other <code>OperationCode</code> is same as this one.
- *
- * @return true if other <code>OperationCode</code> is same as this one.
- */
- final public boolean equals(final OperationCode opCode) {
- return (opCode != null && opCode.opCode == this.opCode);
- }
-
- /**
- * Returns a hash code value for this <code>OperationCode</code> which is
- * the same as the byte representing its operation type.
- *
- * @return the hashCode of this operation.
- */
- @Override
- final public int hashCode() {
- return this.opCode;
- }
}
@@ -531,7 +238,7 @@ public abstract class OperationContext {
/**
* True if the context is for post-operation.
- *
+ *
* The <code>OperationContext</code> interface encapsulates the data both
* before the operation is performed and after the operation is complete. For
* example, for a query operation the <code>Query</code> object as well as
@@ -547,20 +254,20 @@ public abstract class OperationContext {
* <code>isPut()</code>, <code>isPutAll()</code>, <code>isDestroy()</code>, <code>isRemoveAll()</code>,
* <code>isInvalidate()</code>, <code>isRegionCreate()</code>, <code>isRegionClear()</code>, <code>isRegionDestroy()</code>.
* Otherwise, returns false.
- *
+ *
* @since 6.6
*/
public boolean isClientUpdate() {
if (isPostOperation()) {
- switch (getOperationCode().opCode) {
- case OperationCode.OP_PUT:
- case OperationCode.OP_PUTALL:
- case OperationCode.OP_DESTROY:
- case OperationCode.OP_REMOVEALL:
- case OperationCode.OP_INVALIDATE:
- case OperationCode.OP_REGION_CREATE:
- case OperationCode.OP_REGION_DESTROY:
- case OperationCode.OP_REGION_CLEAR:
+ switch (getOperationCode()) {
+ case PUT:
+ case PUTALL:
+ case DESTROY:
+ case REMOVEALL:
+ case INVALIDATE:
+ case REGION_CREATE:
+ case REGION_DESTROY:
+ case REGION_CLEAR:
return true;
}
}
@@ -575,8 +282,8 @@ public abstract class OperationContext {
OperationCode opCode = context.getOperationCode();
return context.isPostOperation()
&& (opCode.isPut() || opCode.isPutAll() || opCode.isDestroy()
- || opCode.isRemoveAll()
- || opCode.isInvalidate() || opCode.isRegionCreate()
- || opCode.isRegionDestroy() || opCode.isRegionClear());
+ || opCode.isRemoveAll()
+ || opCode.isInvalidate() || opCode.isRegionCreate()
+ || opCode.isRegionDestroy() || opCode.isRegionClear());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
index 0c545bf..6c25102 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
@@ -184,7 +184,7 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
ReflectionException {
ResourceOperationContext ctx = doAuthorization(name, GET_ATTRIBUTES, new Object[]{attributes});
AttributeList result = mbs.getAttributes(name, attributes);
- doAuthorizationPost(name,GET_ATTRIBUTES, ctx, result);
+ doAuthorizationPost(name, GET_ATTRIBUTES, ctx, result);
return result;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/Resource.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/Resource.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/Resource.java
index 9dc9215..d5f30fd 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/Resource.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/Resource.java
@@ -23,4 +23,6 @@ public enum Resource {
DISKSTORE,
GATEWAY_SENDER,
GATEWAY_RECEIVER,
+ QUERY,
+ INDEX
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
index 59b60ac..c987380 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForMBeansIntegrationTest.java
@@ -80,9 +80,6 @@ public class AuthorizeOperationForMBeansIntegrationTest {
@Before
public void setUp() throws Exception {
- System.setProperty("gemfire.security-client-accessor", TestAccessControl.class.getName() + ".create");
- System.setProperty("gemfire.security-client-authenticator", TestAuthenticator.class.getName() + ".create");
-
Properties properties = new Properties();
properties.put("name", this.testName.getMethodName());
properties.put(DistributionConfig.LOCATORS_NAME, "");
@@ -91,7 +88,9 @@ public class AuthorizeOperationForMBeansIntegrationTest {
properties.put(DistributionConfig.JMX_MANAGER_START_NAME, "true");
properties.put(DistributionConfig.JMX_MANAGER_PORT_NAME, String.valueOf(this.jmxManagerPort));
properties.put(DistributionConfig.HTTP_SERVICE_PORT_NAME, "0");
-
+ properties.put(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, TestAccessControl.class.getName() + ".create");
+ properties.put(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, TestAuthenticator.class.getName() + ".create");
+
this.ds = DistributedSystem.connect(properties);
this.cache = (GemFireCacheImpl) CacheFactory.create(ds);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForRegionCommandsIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForRegionCommandsIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForRegionCommandsIntegrationTest.java
index 85dbee1..7b381d0 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForRegionCommandsIntegrationTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForRegionCommandsIntegrationTest.java
@@ -63,9 +63,6 @@ public class AuthorizeOperationForRegionCommandsIntegrationTest {
@Before
public void setUp() {
- System.setProperty("gemfire.security-client-accessor", JSONAuthorization.class.getName() + ".create");
- System.setProperty("gemfire.security-client-authenticator", JSONAuthorization.class.getName() + ".create");
-
Properties properties = new Properties();
properties.put("name", testName.getMethodName());
properties.put(DistributionConfig.LOCATORS_NAME, "");
@@ -74,7 +71,9 @@ public class AuthorizeOperationForRegionCommandsIntegrationTest {
properties.put(DistributionConfig.JMX_MANAGER_START_NAME, "true");
properties.put(DistributionConfig.JMX_MANAGER_PORT_NAME, String.valueOf(this.jmxManagerPort));
properties.put(DistributionConfig.HTTP_SERVICE_PORT_NAME, "0");
-
+ properties.put(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, JSONAuthorization.class.getName() + ".create");
+ properties.put(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, JSONAuthorization.class.getName() + ".create");
+
this.ds = DistributedSystem.connect(properties);
this.cache = (GemFireCacheImpl) CacheFactory.create(ds);
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
new file mode 100644
index 0000000..184823d
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
@@ -0,0 +1,125 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.security;
+
+import static com.gemstone.gemfire.management.internal.ManagementConstants.OBJECTNAME__CLIENTSERVICE_MXBEAN;
+import static javax.management.JMX.newMBeanProxy;
+import static org.assertj.core.api.Assertions.*;
+
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.CacheFactory;
+import com.gemstone.gemfire.distributed.DistributedSystem;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.management.CacheServerMXBean;
+import com.gemstone.gemfire.management.internal.beans.CacheServerMBean;
+import com.gemstone.gemfire.util.test.TestUtil;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.contrib.java.lang.system.RestoreSystemProperties;
+
+import javax.management.JMX;
+import javax.management.MBeanServerConnection;
+import javax.management.ObjectInstance;
+import javax.management.ObjectName;
+import javax.management.Query;
+import javax.management.QueryExp;
+import javax.management.remote.JMXConnector;
+import javax.management.remote.JMXConnectorFactory;
+import javax.management.remote.JMXServiceURL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+public class CacheServerMBeanSecurityJUnitTest {
+
+ private static Cache cache;
+ private static DistributedSystem ds;
+ private JMXConnector jmxConnector;
+ private MBeanServerConnection mbeanServer;
+ private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+ private CacheServerMXBean cacheServerMXBean;
+
+ @ClassRule
+ public static RestoreSystemProperties restoreSystemProperties = new RestoreSystemProperties();
+
+ @BeforeClass
+ public static void beforeClassSetUp() throws Exception {
+ System.setProperty(ResourceConstants.RESORUCE_SEC_DESCRIPTOR, TestUtil.getResourcePath(CacheServerMBeanSecurityJUnitTest.class, "cacheServer.json"));
+
+ Properties properties = new Properties();
+ properties.put(DistributionConfig.NAME_NAME, CacheServerMBeanSecurityJUnitTest.class.getSimpleName());
+ properties.put(DistributionConfig.LOCATORS_NAME, "");
+ properties.put(DistributionConfig.MCAST_PORT_NAME, "0");
+ properties.put(DistributionConfig.JMX_MANAGER_NAME, "true");
+ properties.put(DistributionConfig.JMX_MANAGER_START_NAME, "true");
+ properties.put(DistributionConfig.JMX_MANAGER_PORT_NAME, String.valueOf(jmxManagerPort));
+ properties.put(DistributionConfig.HTTP_SERVICE_PORT_NAME, "0");
+ properties.put(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, JSONAuthorization.class.getName() + ".create");
+ properties.put(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME,
+ JSONAuthorization.class.getName() + ".create");
+
+ cache = new CacheFactory(properties).create();
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ this.jmxConnector.close();
+ this.jmxConnector = null;
+ }
+
+ @AfterClass
+ public static void afterClassTearDown() throws Exception {
+ cache.close();
+ cache = null;
+ }
+
+ @Test
+ public void sanity() throws Exception {
+ createConnection("superuser", "1234567");
+ assertThat(cache.getCacheServers()).hasSize(1);
+
+ cacheServerMXBean.removeIndex("foo");
+ cacheServerMXBean.executeContinuousQuery("bar");
+ }
+
+ private void createConnection(String username, String password) throws Exception {
+ Map<String, String[]> env = new HashMap<>();
+ env.put(JMXConnector.CREDENTIALS, new String[] {username, password});
+ JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxManagerPort + "/jmxrmi");
+
+ this.jmxConnector = JMXConnectorFactory.connect(url, env);
+ this.mbeanServer = this.jmxConnector.getMBeanServerConnection();
+
+ cache.addCacheServer().start();
+
+ ObjectName objectNamePattern = ObjectName.getInstance("GemFire:service=CacheServer,*");
+ ObjectInstance bean = (ObjectInstance) this.mbeanServer.queryMBeans(objectNamePattern, null).toArray()[0];
+ ObjectName oName = bean.getObjectName();
+ cacheServerMXBean = JMX.newMBeanProxy(this.mbeanServer, oName, CacheServerMXBean.class);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
index 8f9aa92..c0088d7 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
@@ -43,8 +43,6 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
-import static org.jgroups.util.Util.readFile;
-
public class JSONAuthorization implements AccessControl, Authenticator {
public static class Role{
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/OperationCodesForDataCommandsIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/OperationCodesForDataCommandsIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/OperationCodesForDataCommandsIntegrationTest.java
index bda4642..91367fe 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/OperationCodesForDataCommandsIntegrationTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/OperationCodesForDataCommandsIntegrationTest.java
@@ -36,8 +36,6 @@ import com.gemstone.gemfire.distributed.DistributedSystem;
import com.gemstone.gemfire.distributed.internal.DistributionConfig;
import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
import com.gemstone.gemfire.management.internal.security.ResourceOperationContext.ResourceOperationCode;
-import com.gemstone.gemfire.management.internal.security.AuthorizeOperationForMBeansIntegrationTest.TestAccessControl;
-import com.gemstone.gemfire.management.internal.security.AuthorizeOperationForMBeansIntegrationTest.TestAuthenticator;
import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
/**
@@ -59,9 +57,6 @@ public class OperationCodesForDataCommandsIntegrationTest {
@Before
public void setUp() {
- System.setProperty("resource-auth-accessor", TestAccessControl.class.getName());
- System.setProperty("resource-authenticator", TestAuthenticator.class.getName());
-
Properties properties = new Properties();
properties.put("name", testName.getMethodName());
properties.put(DistributionConfig.LOCATORS_NAME, "");
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
index 0e46da5..a59b557 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
@@ -186,13 +186,12 @@ public class ClientAuthorizationDUnitTest extends ClientAuthorizationTestBase {
// Perform the operation from selected client
if (useThisVM) {
- doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), new Integer(
+ doOp(opCode, currentOp.getIndices(), new Integer(
opFlags), new Integer(expectedResult));
}
else {
- byte ordinal = opCode.toOrdinal();
int[] indices = currentOp.getIndices();
- clientVM.invoke(() -> ClientAuthorizationTestBase.doOp( new Byte(ordinal),
+ clientVM.invoke(() -> ClientAuthorizationTestBase.doOp(opCode,
indices, new Integer(opFlags),
new Integer(expectedResult) ));
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
index 55edaa1..552a212 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
@@ -201,10 +201,9 @@ public class ClientAuthorizationTestBase extends DistributedTestCase {
private static final int PAUSE = 5 * 1000;
- public static void doOp(Byte opCode, int[] indices, Integer flagsI,
+ public static void doOp(OperationCode op, int[] indices, Integer flagsI,
Integer expectedResult) {
- OperationCode op = OperationCode.fromOrdinal(opCode.byteValue());
boolean operationOmitted = false;
final int flags = flagsI.intValue();
Region region = getRegion();
@@ -794,13 +793,12 @@ public class ClientAuthorizationTestBase extends DistributedTestCase {
// Perform the operation from selected client
if (useThisVM) {
- doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), new Integer(
+ doOp(opCode, currentOp.getIndices(), new Integer(
opFlags), new Integer(expectedResult));
}
else {
- byte ordinal = opCode.toOrdinal();
int[] indices = currentOp.getIndices();
- clientVM.invoke(() -> ClientAuthorizationTestBase.doOp( new Byte(ordinal),
+ clientVM.invoke(() -> ClientAuthorizationTestBase.doOp(opCode,
indices, new Integer(opFlags),
new Integer(expectedResult) ));
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java
index ec1c692..69e32b7 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java
@@ -280,13 +280,12 @@ public class DeltaClientPostAuthorizationDUnitTest extends
// Perform the operation from selected client
if (useThisVM) {
- doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), new Integer(
+ doOp(opCode, currentOp.getIndices(), new Integer(
opFlags), new Integer(expectedResult));
}
else {
- byte ordinal = opCode.toOrdinal();
int[] indices = currentOp.getIndices();
- clientVM.invoke(() -> DeltaClientPostAuthorizationDUnitTest.doOp( new Byte(ordinal),
+ clientVM.invoke(() -> DeltaClientPostAuthorizationDUnitTest.doOp(opCode,
indices, new Integer(opFlags),
new Integer(expectedResult) ));
}
@@ -302,10 +301,9 @@ public class DeltaClientPostAuthorizationDUnitTest extends
return subregion;
}
- public static void doOp(Byte opCode, int[] indices, Integer flagsI,
+ public static void doOp(OperationCode op, int[] indices, Integer flagsI,
Integer expectedResult) {
- OperationCode op = OperationCode.fromOrdinal(opCode.byteValue());
boolean operationOmitted = false;
final int flags = flagsI.intValue();
Region region = getRegion();
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/java/templates/security/XmlAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/templates/security/XmlAuthorization.java b/geode-core/src/test/java/templates/security/XmlAuthorization.java
index 1ed0142..886b394 100644
--- a/geode-core/src/test/java/templates/security/XmlAuthorization.java
+++ b/geode-core/src/test/java/templates/security/XmlAuthorization.java
@@ -329,7 +329,7 @@ public class XmlAuthorization implements AccessControl {
Node operationNode = operationNodes.item(opIndex);
if (operationNode.getNodeName() == TAG_OP) {
String operationName = getNodeValue(operationNode);
- OperationCode code = OperationCode.parse(operationName);
+ OperationCode code = OperationCode.valueOf(operationName);
if (code == null) {
throw new SAXParseException("Unknown operation [" + operationName
+ ']', null);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/660d3bb2/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
new file mode 100644
index 0000000..325ed8c
--- /dev/null
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -0,0 +1,34 @@
+{
+ "roles": [
+ {
+ "name": "everything",
+ "operationsAllowed": [
+ "INDEX:DESTROY",
+ "LOCATE_ENTRY",
+ "QUERY:*"
+ ]
+ },
+ {
+ "name": "nothing",
+ "operationsAllowed": [
+ ],
+ "region": "secureRegion"
+ }
+ ],
+ "users": [
+ {
+ "name": "superuser",
+ "password": "1234567",
+ "roles": [
+ "everything"
+ ]
+ },
+ {
+ "name": "stranger",
+ "password": "1234567",
+ "roles": [
+ "nothing"
+ ]
+ }
+ ]
+}