You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by mp...@apache.org on 2016/06/10 06:18:40 UTC

[2/2] ambari git commit: AMBARI-17158. Wrong username being returned in from ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser(). (mpapirkovskyy)

AMBARI-17158. Wrong username being returned in from ViewContextImpl.getUsername() and ViewContextImpl.getLoggedinUser(). (mpapirkovskyy)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/d8217668
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/d8217668
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/d8217668

Branch: refs/heads/branch-2.4
Commit: d821766814324b233323c6ddb0bc9a258ed3efd0
Parents: cb8380a
Author: Myroslav Papirkovskyi <mp...@hortonworks.com>
Authored: Fri Jun 10 09:09:28 2016 +0300
Committer: Myroslav Papirkovskyi <mp...@hortonworks.com>
Committed: Fri Jun 10 09:10:43 2016 +0300

----------------------------------------------------------------------
 .../server/security/SecurityHelperImpl.java     |   3 +
 .../server/security/SecurityHelperImplTest.java | 118 +++++++++++++++++++
 2 files changed, 121 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/d8217668/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
index 519fd3a..6af5fb6 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/SecurityHelperImpl.java
@@ -18,6 +18,7 @@
 
 package org.apache.ambari.server.security;
 
+import org.apache.ambari.server.security.authorization.User;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContext;
@@ -66,6 +67,8 @@ public class SecurityHelperImpl implements SecurityHelper {
     String username;
     if (principal instanceof UserDetails) {
       username = ((UserDetails) principal).getUsername();
+    } else if (principal instanceof User) {
+      username = ((User) principal).getUserName();
     } else {
       username = principal == null ? "" : principal.toString();
     }

http://git-wip-us.apache.org/repos/asf/ambari/blob/d8217668/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
new file mode 100644
index 0000000..a509f54
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.security;
+
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.UserEntity;
+import org.apache.ambari.server.security.authorization.AmbariUserAuthentication;
+import org.apache.ambari.server.security.authorization.User;
+import org.junit.Assert;
+import org.junit.Test;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+
+public class SecurityHelperImplTest {
+
+  private final String USER_FROM_PRINCIPAL = "user from principal";
+  private final String USER_DETAILS_USER_NAME = "user details user name";
+
+  @Test
+  public void testSecurityHelperWithUser() {
+    SecurityContext ctx = SecurityContextHolder.getContext();
+    UserEntity userEntity = new UserEntity();
+    userEntity.setPrincipal(new PrincipalEntity());
+    userEntity.setUserName("userName");
+    userEntity.setUserId(1);
+    User user = new User(userEntity);
+    Authentication auth = new AmbariUserAuthentication(null, user, null);
+    ctx.setAuthentication(auth);
+
+    Assert.assertEquals("userName", SecurityHelperImpl.getInstance().getCurrentUserName());
+  }
+
+  @Test
+  public void testSecurityHelperWithUserDetails() {
+    SecurityContext ctx = SecurityContextHolder.getContext();
+    TestUserDetails userDetails = new TestUserDetails();
+    Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, null);
+    ctx.setAuthentication(auth);
+
+    Assert.assertEquals(USER_DETAILS_USER_NAME, SecurityHelperImpl.getInstance().getCurrentUserName());
+  }
+
+  @Test
+  public void testSecurityHelperWithUnknownPrincipal() {
+    SecurityContext ctx = SecurityContextHolder.getContext();
+    Authentication auth = new UsernamePasswordAuthenticationToken(new TestPrincipal(), null);
+    ctx.setAuthentication(auth);
+
+    Assert.assertEquals(USER_FROM_PRINCIPAL, SecurityHelperImpl.getInstance().getCurrentUserName());
+  }
+
+  class TestUserDetails implements UserDetails {
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+      return null;
+    }
+
+    @Override
+    public String getPassword() {
+      return null;
+    }
+
+    @Override
+    public String getUsername() {
+      return USER_DETAILS_USER_NAME;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+      return false;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+      return false;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+      return false;
+    }
+
+    @Override
+    public boolean isEnabled() {
+      return false;
+    }
+  }
+
+  class TestPrincipal {
+    @Override
+    public String toString() {
+      return USER_FROM_PRINCIPAL;
+    }
+  }
+}