You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ff...@apache.org on 2016/06/30 02:52:00 UTC
karaf git commit: [KARAF-4600] RBAC - MBean fails to resolve ACL if
the order of properties in object name differs
Repository: karaf
Updated Branches:
refs/heads/master d082f8239 -> ce1b77813
[KARAF-4600] RBAC - MBean fails to resolve ACL if the order of properties in object name differs
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/ce1b7781
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/ce1b7781
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/ce1b7781
Branch: refs/heads/master
Commit: ce1b778138d4eee7992b25386aa19c6a7edaf384
Parents: d082f82
Author: Tadayoshi Sato <sa...@gmail.com>
Authored: Thu Jun 30 11:22:17 2016 +0900
Committer: Tadayoshi Sato <sa...@gmail.com>
Committed: Thu Jun 30 11:22:17 2016 +0900
----------------------------------------------------------------------
.../karaf/management/KarafMBeanServerGuard.java | 4 ++--
.../management/KarafMBeanServerGuardTest.java | 21 ++++++++++++++++++++
2 files changed, 23 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/ce1b7781/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
----------------------------------------------------------------------
diff --git a/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java b/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
index 831ab47..7530d7d 100644
--- a/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
+++ b/management/server/src/main/java/org/apache/karaf/management/KarafMBeanServerGuard.java
@@ -405,7 +405,7 @@ public class KarafMBeanServerGuard implements InvocationHandler {
segments.add(objectName.getDomain());
// TODO can an ObjectName property contain a comma as key or value ?
// TODO support quoting as described in http://docs.oracle.com/javaee/1.4/api/javax/management/ObjectName.html
- for (String s : objectName.getKeyPropertyListString().split("[,]")) {
+ for (String s : objectName.getCanonicalKeyPropertyListString().split("[,]")) {
int index = s.indexOf('=');
if (index < 0) {
continue;
@@ -417,7 +417,7 @@ public class KarafMBeanServerGuard implements InvocationHandler {
segments.add(key);
}
}
-
+
return segments;
}
http://git-wip-us.apache.org/repos/asf/karaf/blob/ce1b7781/management/server/src/test/java/org/apache/karaf/management/KarafMBeanServerGuardTest.java
----------------------------------------------------------------------
diff --git a/management/server/src/test/java/org/apache/karaf/management/KarafMBeanServerGuardTest.java b/management/server/src/test/java/org/apache/karaf/management/KarafMBeanServerGuardTest.java
index 3f69158..318ec34 100644
--- a/management/server/src/test/java/org/apache/karaf/management/KarafMBeanServerGuardTest.java
+++ b/management/server/src/test/java/org/apache/karaf/management/KarafMBeanServerGuardTest.java
@@ -353,6 +353,27 @@ public class KarafMBeanServerGuardTest extends TestCase {
guard.getRequiredRoles(on3, "foo", new Object[]{}, new String[]{}));
}
+ public void testRequiredRolesHierarchyCanonical() throws Exception {
+ Dictionary<String, Object> conf = new Hashtable<String, Object>();
+ conf.put("foo", "viewer");
+ conf.put(Constants.SERVICE_PID, "jmx.acl.foo.bar.Test.AAA.BBB");
+ ConfigurationAdmin ca = getMockConfigAdmin2(conf);
+
+ KarafMBeanServerGuard guard = new KarafMBeanServerGuard();
+ guard.setConfigAdmin(ca);
+
+ // Canonical object name
+ ObjectName on1 = ObjectName.getInstance("foo.bar:prop1=AAA,prop2=BBB,type=Test");
+ assertEquals("Canonical ObjectName should work",
+ Collections.singletonList("viewer"),
+ guard.getRequiredRoles(on1, "foo", new String[]{}));
+ // Non-canonical object name
+ ObjectName on2 = ObjectName.getInstance("foo.bar:type=Test,prop2=BBB,prop1=AAA");
+ assertEquals("Non-canonical ObjectName should also work",
+ Collections.singletonList("viewer"),
+ guard.getRequiredRoles(on2, "foo", new String[]{}));
+ }
+
public void testRequiredRolesMethodNameWildcard() throws Exception {
Dictionary<String, Object> configuration = new Hashtable<String, Object>();
configuration.put("getFoo", "viewer");