You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by mp...@apache.org on 2016/06/10 06:18:39 UTC
[1/2] ambari git commit: AMBARI-17158. Wrong username being returned
in from ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser().
(mpapirkovskyy)
Repository: ambari
Updated Branches:
refs/heads/branch-2.4 cb8380a02 -> d82176681
refs/heads/trunk b233c4314 -> d169d8c5c
AMBARI-17158. Wrong username being returned in from ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser(). (mpapirkovskyy)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/d169d8c5
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/d169d8c5
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/d169d8c5
Branch: refs/heads/trunk
Commit: d169d8c5cbf3bfbd1ce9a9ab068548a3097974cb
Parents: b233c43
Author: Myroslav Papirkovskyi <mp...@hortonworks.com>
Authored: Fri Jun 10 09:09:28 2016 +0300
Committer: Myroslav Papirkovskyi <mp...@hortonworks.com>
Committed: Fri Jun 10 09:09:28 2016 +0300
----------------------------------------------------------------------
.../server/security/SecurityHelperImpl.java | 3 +
.../server/security/SecurityHelperImplTest.java | 118 +++++++++++++++++++
2 files changed, 121 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/d169d8c5/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
index 519fd3a..6af5fb6 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
@@ -18,6 +18,7 @@
package org.apache.ambari.server.security;
+import org.apache.ambari.server.security.authorization.User;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
@@ -66,6 +67,8 @@ public class SecurityHelperImpl implements SecurityHelper {
String username;
if (principal instanceof UserDetails) {
username = ((UserDetails) principal).getUsername();
+ } else if (principal instanceof User) {
+ username = ((User) principal).getUserName();
} else {
username = principal == null ? "" : principal.toString();
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/d169d8c5/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
new file mode 100644
index 0000000..a509f54
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.security;
+
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.UserEntity;
+import org.apache.ambari.server.security.authorization.AmbariUserAuthentication;
+import org.apache.ambari.server.security.authorization.User;
+import org.junit.Assert;
+import org.junit.Test;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+
+public class SecurityHelperImplTest {
+
+ private final String USER_FROM_PRINCIPAL = "user from principal";
+ private final String USER_DETAILS_USER_NAME = "user details user name";
+
+ @Test
+ public void testSecurityHelperWithUser() {
+ SecurityContext ctx = SecurityContextHolder.getContext();
+ UserEntity userEntity = new UserEntity();
+ userEntity.setPrincipal(new PrincipalEntity());
+ userEntity.setUserName("userName");
+ userEntity.setUserId(1);
+ User user = new User(userEntity);
+ Authentication auth = new AmbariUserAuthentication(null, user, null);
+ ctx.setAuthentication(auth);
+
+ Assert.assertEquals("userName", SecurityHelperImpl.getInstance().getCurrentUserName());
+ }
+
+ @Test
+ public void testSecurityHelperWithUserDetails() {
+ SecurityContext ctx = SecurityContextHolder.getContext();
+ TestUserDetails userDetails = new TestUserDetails();
+ Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, null);
+ ctx.setAuthentication(auth);
+
+ Assert.assertEquals(USER_DETAILS_USER_NAME, SecurityHelperImpl.getInstance().getCurrentUserName());
+ }
+
+ @Test
+ public void testSecurityHelperWithUnknownPrincipal() {
+ SecurityContext ctx = SecurityContextHolder.getContext();
+ Authentication auth = new UsernamePasswordAuthenticationToken(new TestPrincipal(), null);
+ ctx.setAuthentication(auth);
+
+ Assert.assertEquals(USER_FROM_PRINCIPAL, SecurityHelperImpl.getInstance().getCurrentUserName());
+ }
+
+ class TestUserDetails implements UserDetails {
+
+ @Override
+ public Collection<? extends GrantedAuthority> getAuthorities() {
+ return null;
+ }
+
+ @Override
+ public String getPassword() {
+ return null;
+ }
+
+ @Override
+ public String getUsername() {
+ return USER_DETAILS_USER_NAME;
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return false;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return false;
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return false;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return false;
+ }
+ }
+
+ class TestPrincipal {
+ @Override
+ public String toString() {
+ return USER_FROM_PRINCIPAL;
+ }
+ }
+}
[2/2] ambari git commit: AMBARI-17158. Wrong username being returned
in from ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser().
(mpapirkovskyy)
Posted by mp...@apache.org.
AMBARI-17158. Wrong username being returned in from ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser(). (mpapirkovskyy)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/d8217668
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/d8217668
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/d8217668
Branch: refs/heads/branch-2.4
Commit: d821766814324b233323c6ddb0bc9a258ed3efd0
Parents: cb8380a
Author: Myroslav Papirkovskyi <mp...@hortonworks.com>
Authored: Fri Jun 10 09:09:28 2016 +0300
Committer: Myroslav Papirkovskyi <mp...@hortonworks.com>
Committed: Fri Jun 10 09:10:43 2016 +0300
----------------------------------------------------------------------
.../server/security/SecurityHelperImpl.java | 3 +
.../server/security/SecurityHelperImplTest.java | 118 +++++++++++++++++++
2 files changed, 121 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/d8217668/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
index 519fd3a..6af5fb6 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
@@ -18,6 +18,7 @@
package org.apache.ambari.server.security;
+import org.apache.ambari.server.security.authorization.User;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
@@ -66,6 +67,8 @@ public class SecurityHelperImpl implements SecurityHelper {
String username;
if (principal instanceof UserDetails) {
username = ((UserDetails) principal).getUsername();
+ } else if (principal instanceof User) {
+ username = ((User) principal).getUserName();
} else {
username = principal == null ? "" : principal.toString();
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/d8217668/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
new file mode 100644
index 0000000..a509f54
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.security;
+
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.UserEntity;
+import org.apache.ambari.server.security.authorization.AmbariUserAuthentication;
+import org.apache.ambari.server.security.authorization.User;
+import org.junit.Assert;
+import org.junit.Test;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+
+public class SecurityHelperImplTest {
+
+ private final String USER_FROM_PRINCIPAL = "user from principal";
+ private final String USER_DETAILS_USER_NAME = "user details user name";
+
+ @Test
+ public void testSecurityHelperWithUser() {
+ SecurityContext ctx = SecurityContextHolder.getContext();
+ UserEntity userEntity = new UserEntity();
+ userEntity.setPrincipal(new PrincipalEntity());
+ userEntity.setUserName("userName");
+ userEntity.setUserId(1);
+ User user = new User(userEntity);
+ Authentication auth = new AmbariUserAuthentication(null, user, null);
+ ctx.setAuthentication(auth);
+
+ Assert.assertEquals("userName", SecurityHelperImpl.getInstance().getCurrentUserName());
+ }
+
+ @Test
+ public void testSecurityHelperWithUserDetails() {
+ SecurityContext ctx = SecurityContextHolder.getContext();
+ TestUserDetails userDetails = new TestUserDetails();
+ Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, null);
+ ctx.setAuthentication(auth);
+
+ Assert.assertEquals(USER_DETAILS_USER_NAME, SecurityHelperImpl.getInstance().getCurrentUserName());
+ }
+
+ @Test
+ public void testSecurityHelperWithUnknownPrincipal() {
+ SecurityContext ctx = SecurityContextHolder.getContext();
+ Authentication auth = new UsernamePasswordAuthenticationToken(new TestPrincipal(), null);
+ ctx.setAuthentication(auth);
+
+ Assert.assertEquals(USER_FROM_PRINCIPAL, SecurityHelperImpl.getInstance().getCurrentUserName());
+ }
+
+ class TestUserDetails implements UserDetails {
+
+ @Override
+ public Collection<? extends GrantedAuthority> getAuthorities() {
+ return null;
+ }
+
+ @Override
+ public String getPassword() {
+ return null;
+ }
+
+ @Override
+ public String getUsername() {
+ return USER_DETAILS_USER_NAME;
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return false;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return false;
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return false;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return false;
+ }
+ }
+
+ class TestPrincipal {
+ @Override
+ public String toString() {
+ return USER_FROM_PRINCIPAL;
+ }
+ }
+}