You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2016/05/02 07:33:34 UTC
svn commit: r1741924 - in /qpid/java/trunk:
broker-core/src/main/java/org/apache/qpid/server/logging/messages/
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/
broker-plugins/management-http/src/main/java/reso...
Author: kwall
Date: Mon May 2 05:33:33 2016
New Revision: 1741924
URL: http://svn.apache.org/viewvc?rev=1741924&view=rev
Log:
QPID-7135: [Java Broker] Add operation to reload ACL file
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java
qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/accesscontrolprovider/showAclFile.html
qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java?rev=1741924&r1=1741923&r2=1741924&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java Mon May 2 05:33:33 2016
@@ -22,7 +22,6 @@ package org.apache.qpid.server.logging.m
import static org.apache.qpid.server.logging.AbstractMessageLogger.DEFAULT_LOG_HIERARCHY_PREFIX;
-import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.qpid.server.configuration.BrokerProperties;
import org.apache.qpid.server.logging.LogMessage;
@@ -51,6 +50,8 @@ public class AccessControlMessages
public static final String CLOSE_LOG_HIERARCHY = DEFAULT_LOG_HIERARCHY_PREFIX + "accesscontrol.close";
public static final String DENIED_LOG_HIERARCHY = DEFAULT_LOG_HIERARCHY_PREFIX + "accesscontrol.denied";
public static final String ALLOWED_LOG_HIERARCHY = DEFAULT_LOG_HIERARCHY_PREFIX + "accesscontrol.allowed";
+ public static final String LOADED_LOG_HIERARCHY = DEFAULT_LOG_HIERARCHY_PREFIX + "accesscontrol.loaded";
+
static
{
@@ -61,6 +62,7 @@ public class AccessControlMessages
LoggerFactory.getLogger(CLOSE_LOG_HIERARCHY);
LoggerFactory.getLogger(DENIED_LOG_HIERARCHY);
LoggerFactory.getLogger(ALLOWED_LOG_HIERARCHY);
+ LoggerFactory.getLogger(LOADED_LOG_HIERARCHY);
_messages = ResourceBundle.getBundle("org.apache.qpid.server.logging.messages.AccessControl_logmessages", _currentLocale);
}
@@ -376,6 +378,64 @@ public class AccessControlMessages
}
@Override
+ public boolean equals(final Object o)
+ {
+ if (this == o)
+ {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass())
+ {
+ return false;
+ }
+
+ final LogMessage that = (LogMessage) o;
+
+ return getLogHierarchy().equals(that.getLogHierarchy()) && toString().equals(that.toString());
+
+ }
+
+ @Override
+ public int hashCode()
+ {
+ int result = toString().hashCode();
+ result = 31 * result + getLogHierarchy().hashCode();
+ return result;
+ }
+ };
+ }
+
+ /**
+ * Log a AccessControl message of the Format:
+ * <pre>ACL-1015 : Rules loaded "{0}"</pre>
+ * Optional values are contained in [square brackets] and are numbered
+ * sequentially in the method call.
+ *
+ */
+ public static LogMessage LOADED(String param1)
+ {
+ String rawMessage = _messages.getString("LOADED");
+
+ final Object[] messageArguments = {param1};
+ // Create a new MessageFormat to ensure thread safety.
+ // Sharing a MessageFormat and using applyPattern is not thread safe
+ MessageFormat formatter = new MessageFormat(rawMessage, _currentLocale);
+
+ final String message = formatter.format(messageArguments);
+
+ return new LogMessage()
+ {
+ public String toString()
+ {
+ return message;
+ }
+
+ public String getLogHierarchy()
+ {
+ return LOADED_LOG_HIERARCHY;
+ }
+
+ @Override
public boolean equals(final Object o)
{
if (this == o)
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties?rev=1741924&r1=1741923&r2=1741924&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties Mon May 2 05:33:33 2016
@@ -29,4 +29,5 @@ CREATE = ACL-1011 : Create "{0}"
OPEN = ACL-1012 : Open
CLOSE = ACL-1013 : Close
DELETE = ACL-1014 : Delete "{0}"
+LOADED = ACL-1015 : Rules loaded : Source "{0}"
Modified: qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java?rev=1741924&r1=1741923&r2=1741924&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java (original)
+++ qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProvider.java Mon May 2 05:33:33 2016
@@ -23,10 +23,14 @@ package org.apache.qpid.server.security.
import org.apache.qpid.server.model.AccessControlProvider;
import org.apache.qpid.server.model.ManagedAttribute;
import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedOperation;
@ManagedObject( category = false, type="AclFile" )
public interface ACLFileAccessControlProvider<X extends ACLFileAccessControlProvider<X>> extends AccessControlProvider<X>
{
@ManagedAttribute( mandatory = true, description = "File location", oversize = true, oversizedAltText = OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT)
String getPath();
+
+ @ManagedOperation( description = "Causes the ACL rules to be reloaded. Changes are applied immediately.")
+ void reload();
}
Modified: qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java?rev=1741924&r1=1741923&r2=1741924&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java (original)
+++ qpid/java/trunk/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/plugins/ACLFileAccessControlProviderImpl.java Mon May 2 05:33:33 2016
@@ -20,14 +20,10 @@
*/
package org.apache.qpid.server.security.access.plugins;
-import java.util.Collection;
-import java.util.Collections;
import java.util.Map;
-import java.util.Set;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
-import com.google.common.util.concurrent.SettableFuture;
import org.apache.qpid.server.logging.EventLogger;
import org.apache.qpid.server.logging.messages.AccessControlMessages;
import org.slf4j.Logger;
@@ -36,7 +32,6 @@ import org.slf4j.LoggerFactory;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.model.AbstractConfiguredObject;
import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ManagedAttributeField;
import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
import org.apache.qpid.server.model.State;
@@ -55,8 +50,8 @@ public class ACLFileAccessControlProvide
Handler.register();
}
- protected DefaultAccessControl _accessControl;
- protected final Broker _broker;
+ private volatile DefaultAccessControl _accessControl;
+ private final Broker _broker;
private final EventLogger _eventLogger;
@ManagedAttributeField( afterSet = "reloadAclFile")
@@ -113,13 +108,20 @@ public class ACLFileAccessControlProvide
_accessControl = new DefaultAccessControl(getPath(), _broker);
}
- @SuppressWarnings("unused")
+ @Override
+ public void reload()
+ {
+ getSecurityManager().authoriseUpdate(this);
+ reloadAclFile();
+ }
+
private void reloadAclFile()
{
try
{
DefaultAccessControl accessControl = new DefaultAccessControl(getPath(), _broker);
accessControl.open();
+ _eventLogger.message(AccessControlMessages.LOADED(String.valueOf(getPath()).startsWith("data:") ? "data:..." : getPath()));
DefaultAccessControl oldAccessControl = _accessControl;
_accessControl = accessControl;
if(oldAccessControl != null)
@@ -139,14 +141,8 @@ public class ACLFileAccessControlProvide
return _path;
}
- @Override
- public <C extends ConfiguredObject> Collection<C> getChildren(Class<C> clazz)
- {
- return Collections.emptySet();
- }
-
-
@StateTransition(currentState = {State.UNINITIALIZED, State.QUIESCED, State.ERRORED}, desiredState = State.ACTIVE)
+ @SuppressWarnings("unused")
private ListenableFuture<Void> activate()
{
@@ -189,6 +185,7 @@ public class ACLFileAccessControlProvide
}
@StateTransition(currentState = State.UNINITIALIZED, desiredState = State.QUIESCED)
+ @SuppressWarnings("unused")
private ListenableFuture<Void> startQuiesced()
{
setState(State.QUIESCED);
@@ -196,6 +193,7 @@ public class ACLFileAccessControlProvide
}
@StateTransition(currentState = {State.ACTIVE, State.QUIESCED, State.ERRORED}, desiredState = State.DELETED)
+ @SuppressWarnings("unused")
private ListenableFuture<Void> doDelete()
{
return doAfterAlways(closeAsync(),
Modified: qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/accesscontrolprovider/showAclFile.html
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/accesscontrolprovider/showAclFile.html?rev=1741924&r1=1741923&r2=1741924&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/accesscontrolprovider/showAclFile.html (original)
+++ qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/accesscontrolprovider/showAclFile.html Mon May 2 05:33:33 2016
@@ -23,5 +23,10 @@
<div class="formLabel-labelCell">Path:</div>
<div class="path"></div>
</div>
+
+ <div class="clear">
+ <button data-dojo-type="dijit.form.Button" class="reload">Reload</button>
+ </div>
+
<div class="clear"></div>
</div>
Modified: qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js?rev=1741924&r1=1741923&r2=1741924&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js (original)
+++ qpid/java/trunk/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js Mon May 2 05:33:33 2016
@@ -84,11 +84,18 @@ define(["dojo/_base/xhr",
this.tabObject = tabObject;
var aclProviderObj = tabObject.modelObj;
var controller = tabObject.controller;
+ var that = this;
this.controller = controller;
this.modelObj = aclProviderObj;
this.management = controller.management;
this.name = aclProviderObj.name;
this.path = query(".path", node)[0];
+ this.reloadButton = registry.byNode(query(".reload", node)[0]);
+ this.reloadButton.on("click", function (e)
+ {
+ that.reload();
+ });
+
}
AclFileUpdater.prototype.update = function ()
@@ -116,5 +123,17 @@ define(["dojo/_base/xhr",
};
+ AclFileUpdater.prototype.reload = function ()
+ {
+ var parentModelObj = this.modelObj;
+ var modelObj = {
+ type: parentModelObj.type,
+ name: "reload",
+ parent: parentModelObj
+ };
+ var url = this.management.buildObjectURL(modelObj);
+ this.management.post({url: url}, {});
+ }
+
return AclFile;
});
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org