You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by es...@apache.org on 2016/05/31 21:44:22 UTC
[20/50] [abbrv] incubator-geode git commit: GEODE-1454: Have "region"
attribute, in JSONAuthorization json file be an array
GEODE-1454: Have "region" attribute, in JSONAuthorization json file be an array
- Also converted to Jackson. Be gone org.json!!
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/03246b40
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/03246b40
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/03246b40
Branch: refs/heads/feature/GEODE-1400
Commit: 03246b404efd2161ec3d3b55ea319599de33ecd3
Parents: c427eb3
Author: Jens Deppe <jd...@pivotal.io>
Authored: Wed May 25 13:25:39 2016 -0700
Committer: Jens Deppe <jd...@pivotal.io>
Committed: Tue May 31 08:58:03 2016 -0700
----------------------------------------------------------------------
.../internal/security/JSONAuthorization.java | 118 ++++++++++---------
.../internal/security/cacheServer.json | 4 +-
2 files changed, 62 insertions(+), 60 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/03246b40/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
index e14d1de..ac81c76 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
@@ -16,19 +16,8 @@
*/
package com.gemstone.gemfire.management.internal.security;
-import java.io.File;
-import java.io.FileReader;
-import java.io.IOException;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-import javax.management.remote.JMXPrincipal;
-
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
import com.gemstone.gemfire.LogWriter;
import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.operations.OperationContext;
@@ -40,9 +29,20 @@ import com.gemstone.gemfire.security.Authenticator;
import com.gemstone.gemfire.security.NotAuthorizedException;
import com.gemstone.gemfire.util.test.TestUtil;
-import org.json.JSONArray;
-import org.json.JSONException;
-import org.json.JSONObject;
+import javax.management.remote.JMXPrincipal;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.StreamSupport;
public class JSONAuthorization implements AccessControl, Authenticator {
@@ -60,75 +60,78 @@ public class JSONAuthorization implements AccessControl, Authenticator {
private static Map<String, User> acl = null;
- public static JSONAuthorization create() throws IOException, JSONException {
+ public static JSONAuthorization create() throws IOException {
return new JSONAuthorization();
}
- public JSONAuthorization() throws IOException, JSONException {}
+ public JSONAuthorization() throws IOException {
+ }
- public JSONAuthorization(String jsonFileName) throws IOException, JSONException {
+ public JSONAuthorization(String jsonFileName) throws IOException {
setUpWithJsonFile(jsonFileName);
}
- public static void setUpWithJsonFile(String jsonFileName) throws IOException, JSONException {
+ public static void setUpWithJsonFile(String jsonFileName) throws IOException {
String json = readFile(TestUtil.getResourcePath(JSONAuthorization.class, jsonFileName));
readSecurityDescriptor(json);
}
- private static void readSecurityDescriptor(String json) throws IOException, JSONException {
- JSONObject jsonBean = new JSONObject(json);
+ private static void readSecurityDescriptor(String json) throws IOException {
+ ObjectMapper mapper = new ObjectMapper();
+ JsonNode jsonNode = mapper.readTree(json);
acl = new HashMap<>();
- Map<String, Role> roleMap = readRoles(jsonBean);
- readUsers(acl, jsonBean, roleMap);
+ Map<String, Role> roleMap = readRoles(jsonNode);
+ readUsers(acl, jsonNode, roleMap);
}
- private static void readUsers(Map<String, User> acl, JSONObject jsonBean, Map<String, Role> roleMap)
- throws JSONException {
- JSONArray array = jsonBean.getJSONArray("users");
- for (int i = 0; i < array.length(); i++) {
- JSONObject obj = array.getJSONObject(i);
+ private static void readUsers(Map<String, User> acl, JsonNode node, Map<String, Role> roleMap) {
+ for (JsonNode u : node.get("users")) {
User user = new User();
- user.name = obj.getString("name");
- if (obj.has("password")) {
- user.pwd = obj.getString("password");
+ user.name = u.get("name").asText();
+ if (u.has("password")) {
+ user.pwd = u.get("password").asText();
} else {
user.pwd = user.name;
}
- JSONArray ops = obj.getJSONArray("roles");
- for (int j = 0; j < ops.length(); j++) {
- String roleName = ops.getString(j);
- user.roles.add(roleMap.get(roleName));
+ for (JsonNode r : u.get("roles")) {
+ user.roles.add(roleMap.get(r.asText()));
}
acl.put(user.name, user);
}
}
- private static Map<String, Role> readRoles(JSONObject jsonBean) throws JSONException {
+ private static Map<String, Role> readRoles(JsonNode jsonNode) {
Map<String, Role> roleMap = new HashMap<>();
- JSONArray array = jsonBean.getJSONArray("roles");
- for (int i = 0; i < array.length(); i++) {
- JSONObject obj = array.getJSONObject(i);
+ for (JsonNode r : jsonNode.get("roles")) {
Role role = new Role();
- role.name = obj.getString("name");
+ role.name = r.get("name").asText();
String regionNames = null;
- if(obj.has("regions")) {
- regionNames = obj.getString("regions");
+
+ JsonNode regions = r.get("regions");
+ if (regions != null) {
+ if (regions.isArray()) {
+ regionNames = StreamSupport.stream(regions.spliterator(), false)
+ .map(JsonNode::asText)
+ .collect(Collectors.joining(","));
+ } else {
+ regionNames = regions.asText();
+ }
}
- JSONArray ops = obj.getJSONArray("operationsAllowed");
- for (int j = 0; j < ops.length(); j++) {
- String[] parts = ops.getString(j).split(":");
- if(regionNames!=null) {
+
+ for (JsonNode op : r.get("operationsAllowed")) {
+ String[] parts = op.asText().split(":");
+ if (regionNames == null) {
+ role.permissions.add(new ResourceOperationContext(parts[0], parts[1], "*"));
+ } else {
role.permissions.add(new ResourceOperationContext(parts[0], parts[1], regionNames));
}
- else
- role.permissions.add(new ResourceOperationContext(parts[0], parts[1], "*"));
}
roleMap.put(role.name, role);
- if (obj.has("serverGroup")) {
- role.serverGroup = obj.getString("serverGroup");
+ if (r.has("serverGroup")) {
+ role.serverGroup = r.get("serverGroup").asText();
}
}
@@ -148,15 +151,13 @@ public class JSONAuthorization implements AccessControl, Authenticator {
@Override
public boolean authorizeOperation(String region, OperationContext context) {
- if (principal == null)
- return false;
+ if (principal == null) return false;
User user = acl.get(principal.getName());
- if(user == null)
- return false; // this user is not authorized to do anything
+ if (user == null) return false; // this user is not authorized to do anything
// check if the user has this permission defined in the context
- for(Role role:acl.get(user.name).roles) {
+ for (Role role : acl.get(user.name).roles) {
for (OperationContext permitted : role.permissions) {
if (permitted.implies(context)) {
return true;
@@ -179,8 +180,9 @@ public class JSONAuthorization implements AccessControl, Authenticator {
User userObj = acl.get(user);
if (userObj == null) throw new AuthenticationFailedException("Wrong username/password");
LogService.getLogger().info("User=" + user + " pwd=" + pwd);
- if (user != null && !userObj.pwd.equals(pwd) && !"".equals(user))
+ if (user != null && !userObj.pwd.equals(pwd) && !"".equals(user)) {
throw new AuthenticationFailedException("Wrong username/password");
+ }
return new JMXPrincipal(user);
}
@@ -189,7 +191,7 @@ public class JSONAuthorization implements AccessControl, Authenticator {
}
- private static String readFile(String name) throws IOException, JSONException {
+ private static String readFile(String name) throws IOException {
File file = new File(name);
FileReader reader = new FileReader(file);
char[] buffer = new char[(int) file.length()];
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/03246b40/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
index fbbda8d..3bb3e2f 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -79,7 +79,7 @@
"DATA:READ",
"DATA:WRITE"
],
- "regions": "null,region1"
+ "regions": ["region1"]
},
{
"name": "regionA-manage",
@@ -108,7 +108,7 @@
"DATA:READ",
"DATA:WRITE"
],
- "regions": "null,region1,secureRegion"
+ "regions": ["region1", "secureRegion"]
}
],
"users": [