You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/03/31 20:28:11 UTC

incubator-geode git commit: GEODE-17: adding more tests

Repository: incubator-geode
Updated Branches:
  refs/heads/feature/GEODE-17-2 b61c70d38 -> 0ba41deee


GEODE-17: adding more tests


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/0ba41dee
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/0ba41dee
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/0ba41dee

Branch: refs/heads/feature/GEODE-17-2
Commit: 0ba41deee1410ce8527a0e26d3aa246ba620ee78
Parents: b61c70d
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Thu Mar 31 11:27:53 2016 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Thu Mar 31 11:27:53 2016 -0700

----------------------------------------------------------------------
 .../security/MiscCommandsSecurityTest.java      | 61 ++++++++++++++++++
 .../security/PDXCommandsSecurityTest.java       | 67 ++++++++++++++++++++
 .../internal/security/cacheServer.json          | 13 +++-
 3 files changed, 140 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/0ba41dee/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java
new file mode 100644
index 0000000..65eb801
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.security;
+
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.management.MemberMXBean;
+import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(IntegrationTest.class)
+public class MiscCommandsSecurityTest {
+  private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+  private MemberMXBean bean;
+
+  @ClassRule
+  public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
+      jmxManagerPort, "cacheServer.json");
+
+  @Rule
+  public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
+
+  @Before
+  public void setUp() throws Exception {
+    bean = connectionRule.getProxyMBean(MemberMXBean.class);
+  }
+
+  private static String[] commands = {};
+
+  @JMXConnectionConfiguration(user = "superuser", password = "1234567")
+  @Test
+  public void testAllAccess(){
+    bean.processCommand("change loglevel --loglevel=severe --members=server1");
+    bean.processCommand("export logs --dir=data/logs");
+    bean.processCommand("export stack-traces --file=stack.txt");
+    bean.processCommand("gc");
+    bean.processCommand("netstat --member=server1");
+    bean.processCommand("show dead-locks --file=deadlocks.txt");
+    bean.processCommand("show log --member=locator1 --lines=5");
+    bean.processCommand("show metrics");
+    bean.processCommand("shutdown");
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/0ba41dee/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java
new file mode 100644
index 0000000..721f29d
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.security;
+
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.management.MemberMXBean;
+import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+@Category(IntegrationTest.class)
+public class PDXCommandsSecurityTest {
+  private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+  private MemberMXBean bean;
+
+  @ClassRule
+  public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
+      jmxManagerPort, "cacheServer.json");
+
+  @Rule
+  public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
+
+  @Before
+  public void setUp() throws Exception {
+    bean = connectionRule.getProxyMBean(MemberMXBean.class);
+  }
+
+  @JMXConnectionConfiguration(user = "superuser", password = "1234567")
+  @Test
+  public void testAllAccess(){
+    bean.processCommand("configure pdx --read-serialized=true");
+    bean.processCommand("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1");
+  }
+
+  // stranger has no permission granted
+  @JMXConnectionConfiguration(user = "stranger", password = "1234567")
+  @Test
+  public void testNoAccess(){
+    assertThatThrownBy(() -> bean.processCommand("configure pdx --read-serialized=true"))
+        .isInstanceOf(SecurityException.class)
+        .hasMessageContaining("PDX:CONFIGURE");
+    assertThatThrownBy(() -> bean.processCommand("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1"))
+        .isInstanceOf(SecurityException.class)
+        .hasMessageContaining("DISTRIBUTED_SYSTEM:RENAME");
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/0ba41dee/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
index 60052ac..e7404f9 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -30,6 +30,9 @@
         "CONTINUOUS_QUERY:STOP",
         "MEMBER:SHUTDOWN",
         "MEMBER:STATUS",
+        "MEMBER:EXPORT_LOGS",
+        "MEMBER:EXPORT_STACKTRACE",
+        "MEMBER:SHOW_LOG",
         "DISKSTORE:COMPACT",
         "DISKSTORE:FLUSH",
         "DISKSTORE:ROLL",
@@ -56,8 +59,16 @@
         "MANAGER:STOP",
         "CLUSTER_CONFIGURTION:STATUS",
         "DISTRIBUTED_SYSTEM:ALL",
+        "DISTRIBUTED_SYSTEM:RENAME",
+        "DISTRIBUTED_SYSTEM:GC",
+        "DISTRIBUTED_SYSTEM:ALTER_RUNTIME",
+        "DISTRIBUTED_SYSTEM:NETSTAT",
+        "DISTRIBUTED_SYSTEM:SHOW_DEADLOCKS",
+        "DISTRIBUTED_SYSTEM:SHOW_METRICS",
+        "DISTRIBUTED_SYSTEM:SHUTDOWN",
         "ASYNC_EVENT_QUEUE:CREATE",
-        "ASYNC_EVENT_QUEUE:LIST"
+        "ASYNC_EVENT_QUEUE:LIST",
+        "PDX:CONFIGURE"
       ]
     },
     {