You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ff...@apache.org on 2014/05/07 07:35:28 UTC
git commit: [KARAF-2934]Role-based security for Shell/Console
commands - backport to 2.x branch-add FeaturesSshCommandSecurityTest
Repository: karaf
Updated Branches:
refs/heads/karaf-2.x 1bcd032e8 -> 21c1d8d74
[KARAF-2934]Role-based security for Shell/Console commands - backport to 2.x branch-add FeaturesSshCommandSecurityTest
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/21c1d8d7
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/21c1d8d7
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/21c1d8d7
Branch: refs/heads/karaf-2.x
Commit: 21c1d8d74d378bb5014cb372a14dacb6fbc060a7
Parents: 1bcd032
Author: Freeman Fang <fr...@gmail.com>
Authored: Wed May 7 13:35:10 2014 +0800
Committer: Freeman Fang <fr...@gmail.com>
Committed: Wed May 7 13:35:10 2014 +0800
----------------------------------------------------------------------
.../itests/FeaturesSshCommandSecurityTest.java | 54 ++++++++++++++++++++
1 file changed, 54 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/21c1d8d7/itests/src/test/java/org/apache/karaf/itests/FeaturesSshCommandSecurityTest.java
----------------------------------------------------------------------
diff --git a/itests/src/test/java/org/apache/karaf/itests/FeaturesSshCommandSecurityTest.java b/itests/src/test/java/org/apache/karaf/itests/FeaturesSshCommandSecurityTest.java
new file mode 100644
index 0000000..af8ecbf
--- /dev/null
+++ b/itests/src/test/java/org/apache/karaf/itests/FeaturesSshCommandSecurityTest.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.karaf.itests;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ * This test exercises the Shell Command ACL for the features scope commands as defined in
+ * apache-karaf/src/main/distribution/text/etc/org.apache.karaf.command.acl.features.cfg
+ */
+public class FeaturesSshCommandSecurityTest extends SshCommandTestBase {
+ @Test
+ public void testFeatureCommandSecurityViaSsh() throws Exception {
+ String vieweruser = "viewer" + System.nanoTime() + "_features";
+
+ addViewer(vieweruser);
+
+ String r = assertCommand(vieweruser, "features:list -i", Result.OK);
+ Assert.assertFalse("Precondition failed, this test uses the eventadmin subsystem to test features with...",
+ r.contains("eventadmin"));
+
+ assertCommand(vieweruser, "features:install eventadmin", Result.NOT_FOUND);
+ String r2 = assertCommand("karaf", "features:list -i", Result.OK);
+ Assert.assertFalse("eventadmin features should not have been installed, as viewer doesn't have credentials",
+ r2.contains("eventadmin"));
+
+ assertCommand("karaf", "features:install eventadmin", Result.OK);
+ String r3 = assertCommand(vieweruser, "features:list -i", Result.OK);
+ Assert.assertTrue("eventadmin feature should have been installed by 'karaf' user",
+ r3.contains("eventadmin"));
+
+ assertCommand(vieweruser, "features:uninstall eventadmin", Result.NOT_FOUND);
+ String r4 = assertCommand("karaf", "features:list -i", Result.OK);
+ Assert.assertTrue("eventadmin feature should still be there, as viewer doesn't have credentials",
+ r4.contains("eventadmin"));
+
+ assertCommand("karaf", "features:uninstall eventadmin", Result.OK);
+ String r5 = assertCommand(vieweruser, "features:list -i", Result.OK);
+ Assert.assertFalse("The eventadmin subsystem should have been uninstalled",
+ r5.contains("eventadmin"));
+ }
+}