You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by je...@apache.org on 2016/04/01 16:05:22 UTC
[1/3] incubator-geode git commit: GEODE-17: Reduce nouns and verbs
for WanCommands
Repository: incubator-geode
Updated Branches:
refs/heads/feature/GEODE-17-2 0ba41deee -> 65635fe4d
GEODE-17: Reduce nouns and verbs for WanCommands
- Nouns are now just GATEWAY
- Verbs are MANAGE and LIST
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/7f0310e7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/7f0310e7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/7f0310e7
Branch: refs/heads/feature/GEODE-17-2
Commit: 7f0310e74b38844c7f5ca881fecf05b82882dd6b
Parents: 0ba41de
Author: Jens Deppe <jd...@pivotal.io>
Authored: Thu Mar 31 10:49:30 2016 -0700
Committer: Jens Deppe <jd...@pivotal.io>
Committed: Thu Mar 31 11:40:43 2016 -0700
----------------------------------------------------------------------
.../cache/operations/OperationContext.java | 3 +--
.../management/GatewayReceiverMXBean.java | 4 +--
.../gemfire/management/GatewaySenderMXBean.java | 10 ++++----
.../internal/cli/commands/WanCommands.java | 24 ++++++++---------
.../GatewayReceiverMBeanSecurityTest.java | 4 +--
.../GatewaySenderMBeanSecurityTest.java | 10 ++++----
.../security/WanCommandsSecurityTest.java | 27 ++++++++++++--------
.../internal/security/cacheServer.json | 20 +++------------
8 files changed, 47 insertions(+), 55 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
index 9e56632..d0a37a6 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
@@ -40,8 +40,7 @@ public abstract class OperationContext {
DISKSTORE_OFFLINE,
DISTRIBUTED_SYSTEM,
FUNCTION,
- GATEWAY_RECEIVER,
- GATEWAY_SENDER,
+ GATEWAY,
INDEX,
JMX,
LOCATOR,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/main/java/com/gemstone/gemfire/management/GatewayReceiverMXBean.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/GatewayReceiverMXBean.java b/geode-core/src/main/java/com/gemstone/gemfire/management/GatewayReceiverMXBean.java
index 317be87..9b52300 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/GatewayReceiverMXBean.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/GatewayReceiverMXBean.java
@@ -92,13 +92,13 @@ public interface GatewayReceiverMXBean {
/**
* Starts the gateway receiver.
*/
- @ResourceOperation(resource = Resource.GATEWAY_RECEIVER, operation = OperationCode.START)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public void start() throws Exception;
/**
* Stops the gateway receiver.
*/
- @ResourceOperation(resource = Resource.GATEWAY_RECEIVER, operation = OperationCode.STOP)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public void stop() throws Exception;
/**
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/main/java/com/gemstone/gemfire/management/GatewaySenderMXBean.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/GatewaySenderMXBean.java b/geode-core/src/main/java/com/gemstone/gemfire/management/GatewaySenderMXBean.java
index 2340119..c50b4d3 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/GatewaySenderMXBean.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/GatewaySenderMXBean.java
@@ -175,31 +175,31 @@ public interface GatewaySenderMXBean {
* configuration cannot be changed.
*
*/
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.START)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public void start();
/**
* Stops this GatewaySender.
*/
- @ResourceOperation(resource=Resource.GATEWAY_SENDER, operation=OperationCode.STOP)
+ @ResourceOperation(resource=Resource.GATEWAY, operation=OperationCode.MANAGE)
public void stop();
/**
* Pauses this GatewaySender.
*/
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.PAUSE)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public void pause();
/**
* Resumes this paused GatewaySender.
*/
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.RESUME)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public void resume();
/**
* Rebalances this GatewaySender.
*/
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.REBALANCE)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public void rebalance();
/**
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
index c847618..197e3e2 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
@@ -76,7 +76,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.CREATE_GATEWAYSENDER, help = CliStrings.CREATE_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN, writesToSharedConfiguration=true)
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.CREATE)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result createGatewaySender(
@CliOption(key = CliStrings.CREATE_GATEWAYSENDER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
@@ -193,7 +193,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.START_GATEWAYSENDER, help = CliStrings.START_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.START)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result startGatewaySender(
@CliOption(key = CliStrings.START_GATEWAYSENDER__ID,
mandatory = true,
@@ -336,7 +336,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.PAUSE_GATEWAYSENDER, help = CliStrings.PAUSE_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.PAUSE)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result pauseGatewaySender(
@CliOption(key = CliStrings.PAUSE_GATEWAYSENDER__ID,
mandatory = true,
@@ -429,7 +429,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.RESUME_GATEWAYSENDER, help = CliStrings.RESUME_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource=Resource.GATEWAY_SENDER, operation = OperationCode.RESUME)
+ @ResourceOperation(resource=Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result resumeGatewaySender(
@CliOption(key = CliStrings.RESUME_GATEWAYSENDER__ID,
mandatory = true,
@@ -569,7 +569,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STOP_GATEWAYSENDER, help = CliStrings.STOP_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.STOP)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result stopGatewaySender(
@CliOption(key = CliStrings.STOP_GATEWAYSENDER__ID,
mandatory = true,
@@ -645,7 +645,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.CREATE_GATEWAYRECEIVER, help = CliStrings.CREATE_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation( resource=Resource.GATEWAY_RECEIVER, operation = OperationCode.CREATE)
+ @ResourceOperation( resource=Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result createGatewayReceiver(
@CliOption(key = CliStrings.CREATE_GATEWAYRECEIVER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
@@ -725,7 +725,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.LOAD_BALANCE_GATEWAYSENDER, help = CliStrings.LOAD_BALANCE_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_SENDER, operation = OperationCode.REBALANCE)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result loadBalanceGatewaySender(
@CliOption(key = CliStrings.LOAD_BALANCE_GATEWAYSENDER__ID,
mandatory = true,
@@ -791,7 +791,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.START_GATEWAYRECEIVER, help = CliStrings.START_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_RECEIVER, operation = OperationCode.START)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result startGatewayReceiver(
@CliOption(key = CliStrings.START_GATEWAYRECEIVER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
@@ -853,7 +853,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STOP_GATEWAYRECEIVER, help = CliStrings.STOP_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_RECEIVER, operation = OperationCode.STOP)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.MANAGE)
public Result stopGatewayReceiver(
@CliOption(key = CliStrings.STOP_GATEWAYRECEIVER__GROUP,
@@ -927,7 +927,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.LIST_GATEWAY, help = CliStrings.LIST_GATEWAY__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.LIST)
public Result listGateway(
@CliOption(key = CliStrings.LIST_GATEWAY__MEMBER,
optionContext = ConverterHint.MEMBERIDNAME,
@@ -1018,7 +1018,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STATUS_GATEWAYSENDER, help = CliStrings.STATUS_GATEWAYSENDER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.STATUS)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.LIST)
public Result statusGatewaySender(
@CliOption(key = CliStrings.STATUS_GATEWAYSENDER__ID,
mandatory = true,
@@ -1085,7 +1085,7 @@ public class WanCommands implements CommandMarker {
@CliCommand(value = CliStrings.STATUS_GATEWAYRECEIVER, help = CliStrings.STATUS_GATEWAYRECEIVER__HELP)
@CliMetaData(relatedTopic = CliStrings.TOPIC_GEMFIRE_WAN)
- @ResourceOperation(resource = Resource.GATEWAY_RECEIVER, operation = OperationCode.STATUS)
+ @ResourceOperation(resource = Resource.GATEWAY, operation = OperationCode.LIST)
public Result statusGatewayReceiver(
@CliOption(key = CliStrings.STATUS_GATEWAYRECEIVER__GROUP,
optionContext = ConverterHint.MEMBERGROUP,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
index a191eda..049f6cb 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
@@ -82,8 +82,8 @@ public class GatewayReceiverMBeanSecurityTest {
@JMXConnectionConfiguration(user = "stranger", password = "1234567")
public void testNoAccess() throws Exception {
assertThatThrownBy(() -> bean.getTotalConnectionsTimedOut()).hasMessageStartingWith("Access Denied: Not authorized for JMX:GET");
- assertThatThrownBy(() -> bean.start()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_RECEIVER:START");
- assertThatThrownBy(() -> bean.stop()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_RECEIVER:STOP");
+ assertThatThrownBy(() -> bean.start()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
+ assertThatThrownBy(() -> bean.stop()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
index a934a09..72551a9 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
@@ -95,11 +95,11 @@ public class GatewaySenderMBeanSecurityTest {
assertThatThrownBy(() -> bean.getOrderPolicy()).hasMessageStartingWith("Access Denied: Not authorized for JMX:GET");
assertThatThrownBy(() -> bean.isBatchConflationEnabled()).hasMessageStartingWith("Access Denied: Not authorized for JMX:GET");
assertThatThrownBy(() -> bean.isManualStart()).hasMessageStartingWith("Access Denied: Not authorized for JMX:GET");
- assertThatThrownBy(() -> bean.pause()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:PAUSE");
- assertThatThrownBy(() -> bean.rebalance()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:REBALANCE");
- assertThatThrownBy(() -> bean.resume()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:RESUME");
- assertThatThrownBy(() -> bean.start()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:START");
- assertThatThrownBy(() -> bean.stop()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:STOP");
+ assertThatThrownBy(() -> bean.pause()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
+ assertThatThrownBy(() -> bean.rebalance()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
+ assertThatThrownBy(() -> bean.resume()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
+ assertThatThrownBy(() -> bean.start()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
+ assertThatThrownBy(() -> bean.stop()).hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
index 771458c..8c73e8a 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
@@ -53,6 +53,7 @@ public class WanCommandsSecurityTest {
bean.processCommand("pause gateway-sender --id=sender1");
bean.processCommand("resume gateway-sender --id=sender1");
bean.processCommand("stop gateway-sender --id=sender1");
+ bean.processCommand("load-balance gateway-sender --id=sender1");
bean.processCommand("list gateways");
bean.processCommand("create gateway-receiver");
bean.processCommand("start gateway-receiver");
@@ -66,41 +67,47 @@ public class WanCommandsSecurityTest {
public void testNoAccess(){
assertThatThrownBy(() -> bean.processCommand("create gateway-sender --id=sender1 --remote-distributed-system-id=2"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:CREATE");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("start gateway-sender --id=sender1"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:START");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("pause gateway-sender --id=sender1"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:PAUSE");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("resume gateway-sender --id=sender1"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:RESUME");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("stop gateway-sender --id=sender1"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_SENDER:STOP");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
- bean.processCommand("list gateways");
+ assertThatThrownBy(() -> bean.processCommand("load-balance gateway-sender --id=sender1"))
+ .isInstanceOf(SecurityException.class)
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
+
+ assertThatThrownBy(() -> bean.processCommand("list gateways"))
+ .isInstanceOf(SecurityException.class)
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:LIST");
assertThatThrownBy(() -> bean.processCommand("create gateway-receiver"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_RECEIVER:CREATE");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("start gateway-receiver"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_RECEIVER:START");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("stop gateway-receiver"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_RECEIVER:STOP");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
assertThatThrownBy(() -> bean.processCommand("status gateway-receiver"))
.isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY_RECEIVER:STATUS");
+ .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:LIST");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7f0310e7/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
index e7404f9..0f8df37 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -3,16 +3,8 @@
{
"name": "admin",
"operationsAllowed": [
- "DISTRIBUTED_SYSTEM:LIST",
- "GATEWAY_RECEIVER:CREATE",
- "GATEWAY_RECEIVER:START",
- "GATEWAY_RECEIVER:STOP",
- "GATEWAY_RECEIVER:STATUS",
- "GATEWAY_SENDER:CREATE",
- "GATEWAY_SENDER:START",
- "GATEWAY_SENDER:PAUSE",
- "GATEWAY_SENDER:RESUME",
- "GATEWAY_SENDER:STOP"
+ "GATEWAY:LIST",
+ "GATEWAY:MANAGE"
]
},
{
@@ -47,13 +39,7 @@
"REGION:DELETE",
"LOCK_SERVICE:BECOME_LOCK_GRANTOR",
"JMX:GET",
- "GATEWAY_SENDER:PAUSE",
- "GATEWAY_SENDER:REBALANCE",
- "GATEWAY_SENDER:RESUME",
- "GATEWAY_SENDER:START",
- "GATEWAY_SENDER:STOP",
- "GATEWAY_RECEIVER:START",
- "GATEWAY_RECEIVER:STOP",
+ "GATEWAY:MANAGE",
"MANAGER:SET_PULSE_URL",
"MANAGER:START",
"MANAGER:STOP",
[2/3] incubator-geode git commit: GEODE-17: Test for DiskStoreCommands
Posted by je...@apache.org.
GEODE-17: Test for DiskStoreCommands
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/2a817e15
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/2a817e15
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/2a817e15
Branch: refs/heads/feature/GEODE-17-2
Commit: 2a817e15551058bf4c482454caea56beddc2dfda
Parents: 7f0310e
Author: Jens Deppe <jd...@pivotal.io>
Authored: Thu Mar 31 11:39:45 2016 -0700
Committer: Jens Deppe <jd...@pivotal.io>
Committed: Thu Mar 31 11:40:44 2016 -0700
----------------------------------------------------------------------
.../cache/operations/OperationContext.java | 1 -
.../cli/commands/DiskStoreCommands.java | 28 ++++++++++----------
2 files changed, 14 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/2a817e15/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
index d0a37a6..f272fda 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
@@ -37,7 +37,6 @@ public abstract class OperationContext {
CLUSTER_CONFIGURTION,
CONTINUOUS_QUERY,
DISKSTORE,
- DISKSTORE_OFFLINE,
DISTRIBUTED_SYSTEM,
FUNCTION,
GATEWAY,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/2a817e15/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
index dd2210a..acf4c20 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
@@ -120,7 +120,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.BACKUP_DISK_STORE, help=CliStrings.BACKUP_DISK_STORE__HELP)
@CliMetaData(relatedTopic={ CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.BACKUP)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result backupDiskStore(
@CliOption(key=CliStrings.BACKUP_DISK_STORE__DISKDIRS,
@@ -215,7 +215,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value = CliStrings.LIST_DISK_STORE, help = CliStrings.LIST_DISK_STORE__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.LIST)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
public Result listDiskStore() {
try {
Set<DistributedMember> dataMembers = getNormalMembers(getCache());
@@ -284,7 +284,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.CREATE_DISK_STORE, help=CliStrings.CREATE_DISK_STORE__HELP)
@CliMetaData(shellOnly=false, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE}, writesToSharedConfiguration=true)
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.CREATE)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result createDiskStore(@CliOption(key=CliStrings.CREATE_DISK_STORE__NAME,
mandatory=true,
optionContext = ConverterHint.DISKSTORE_ALL,
@@ -425,7 +425,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.COMPACT_DISK_STORE, help=CliStrings.COMPACT_DISK_STORE__HELP)
@CliMetaData(shellOnly=false, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.COMPACT)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result compactDiskStore(@CliOption(key=CliStrings.COMPACT_DISK_STORE__NAME,
mandatory=true,
optionContext = ConverterHint.DISKSTORE_ALL,
@@ -555,7 +555,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.COMPACT_OFFLINE_DISK_STORE, help=CliStrings.COMPACT_OFFLINE_DISK_STORE__HELP)
@CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISKSTORE_OFFLINE, operation = OperationCode.COMPACT)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result compactOfflineDiskStore(
@CliOption(key=CliStrings.COMPACT_OFFLINE_DISK_STORE__NAME,
mandatory=true,
@@ -699,7 +699,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.UPGRADE_OFFLINE_DISK_STORE, help=CliStrings.UPGRADE_OFFLINE_DISK_STORE__HELP)
@CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISKSTORE_OFFLINE, operation = OperationCode.ALL)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result upgradeOfflineDiskStore(
@CliOption(key=CliStrings.UPGRADE_OFFLINE_DISK_STORE__NAME,
mandatory=true,
@@ -869,7 +869,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value = CliStrings.DESCRIBE_DISK_STORE, help = CliStrings.DESCRIBE_DISK_STORE__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.LIST)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
public Result describeDiskStore(@CliOption(key = CliStrings.DESCRIBE_DISK_STORE__MEMBER, mandatory = true, optionContext = ConverterHint.MEMBERIDNAME, help = CliStrings.DESCRIBE_DISK_STORE__MEMBER__HELP)
final String memberName,
@CliOption(key = CliStrings.DESCRIBE_DISK_STORE__NAME, mandatory = true, optionContext = ConverterHint.DISKSTORE_ALL, help = CliStrings.DESCRIBE_DISK_STORE__NAME__HELP)
@@ -996,7 +996,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value = CliStrings.REVOKE_MISSING_DISK_STORE, help = CliStrings.REVOKE_MISSING_DISK_STORE__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.REVOKE_MISSING)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result revokeMissingDiskStore(
@CliOption(key = CliStrings.REVOKE_MISSING_DISK_STORE__ID, mandatory = true, help = CliStrings.REVOKE_MISSING_DISK_STORE__ID__HELP)
String id) {
@@ -1023,7 +1023,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value = CliStrings.SHOW_MISSING_DISK_STORE, help = CliStrings.SHOW_MISSING_DISK_STORE__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.SHOW_MISSING)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result showMissingDiskStore() {
try {
@@ -1062,7 +1062,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.DESCRIBE_OFFLINE_DISK_STORE, help=CliStrings.DESCRIBE_OFFLINE_DISK_STORE__HELP)
@CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISKSTORE_OFFLINE, operation = OperationCode.LIST)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.LIST)
public Result describeOfflineDiskStore(
@CliOption (key=CliStrings.DESCRIBE_OFFLINE_DISK_STORE__DISKSTORENAME,
mandatory=true,
@@ -1111,7 +1111,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.EXPORT_OFFLINE_DISK_STORE, help=CliStrings.EXPORT_OFFLINE_DISK_STORE__HELP)
@CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISKSTORE_OFFLINE, operation = OperationCode.EXPORT)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result exportOfflineDiskStore(
@CliOption (key=CliStrings.EXPORT_OFFLINE_DISK_STORE__DISKSTORENAME,
mandatory=true,
@@ -1160,7 +1160,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.VALIDATE_DISK_STORE, help=CliStrings.VALIDATE_DISK_STORE__HELP)
@CliMetaData(shellOnly=true, relatedTopic = {CliStrings.TOPIC_GEMFIRE_DISKSTORE}) //offline command
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.VALIDATE)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result validateDiskStore(
@CliOption(key=CliStrings.VALIDATE_DISK_STORE__NAME, mandatory=true,
help=CliStrings.VALIDATE_DISK_STORE__NAME__HELP)
@@ -1242,7 +1242,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.ALTER_DISK_STORE, help=CliStrings.ALTER_DISK_STORE__HELP)
@CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISKSTORE_OFFLINE, operation = OperationCode.ALTER)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result alterOfflineDiskStore(
@CliOption (key=CliStrings.ALTER_DISK_STORE__DISKSTORENAME,
mandatory=true,
@@ -1374,7 +1374,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value=CliStrings.DESTROY_DISK_STORE, help=CliStrings.DESTROY_DISK_STORE__HELP)
@CliMetaData(shellOnly=false, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE}, writesToSharedConfiguration=true)
- @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.DESTROY)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.MANAGE)
public Result destroyDiskStore(
@CliOption (key=CliStrings.DESTROY_DISK_STORE__NAME,
mandatory=true,
[3/3] incubator-geode git commit: GEODE-17: WIP adding security tests
for CLI commands
Posted by je...@apache.org.
GEODE-17: WIP adding security tests for CLI commands
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/65635fe4
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/65635fe4
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/65635fe4
Branch: refs/heads/feature/GEODE-17-2
Commit: 65635fe4d67c09c822bed515b3672e25b689e6bb
Parents: 2a817e1
Author: Jens Deppe <jd...@pivotal.io>
Authored: Thu Mar 31 13:56:17 2016 -0700
Committer: Jens Deppe <jd...@pivotal.io>
Committed: Fri Apr 1 07:04:43 2016 -0700
----------------------------------------------------------------------
.../cache/operations/OperationContext.java | 2 +-
.../internal/cli/commands/ConfigCommands.java | 4 +-
.../cli/commands/DiskStoreCommands.java | 4 +-
...ExportImportSharedConfigurationCommands.java | 4 +-
.../cli/commands/MiscellaneousCommands.java | 18 +-
.../internal/cli/commands/PDXCommands.java | 4 +-
.../internal/cli/commands/QueueCommands.java | 2 +-
.../internal/cli/commands/StatusCommands.java | 2 +-
.../security/AllCliCommandsSecurityTest.java | 178 +++++++++++++++++++
.../security/MiscCommandsSecurityTest.java | 61 -------
.../security/PDXCommandsSecurityTest.java | 67 -------
.../security/QueueCommandsSecurityTest.java | 65 -------
.../security/ShellCommandsSecurityTest.java | 77 --------
.../security/StatusCommandsSecurityTest.java | 61 -------
.../security/WanCommandsSecurityTest.java | 113 ------------
.../internal/security/cacheServer.json | 14 +-
16 files changed, 209 insertions(+), 467 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
index f272fda..1708917 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
@@ -34,7 +34,7 @@ public abstract class OperationContext {
ASYNC_EVENT_QUEUE,
CLIENT,
CLIENT_SERVER,
- CLUSTER_CONFIGURTION,
+ CLUSTER_CONFIGURATION,
CONTINUOUS_QUERY,
DISKSTORE,
DISTRIBUTED_SYSTEM,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ConfigCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ConfigCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ConfigCommands.java
index 735b522..d5350e0 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ConfigCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ConfigCommands.java
@@ -83,7 +83,7 @@ public class ConfigCommands implements CommandMarker {
@CliCommand(value = { CliStrings.DESCRIBE_CONFIG }, help = CliStrings.DESCRIBE_CONFIG__HELP)
@CliMetaData(shellOnly = false, relatedTopic = {CliStrings.TOPIC_GEMFIRE_CONFIG})
- @ResourceOperation(resource = Resource.CLUSTER_CONFIGURTION, operation= OperationCode.LIST)
+ @ResourceOperation(resource = Resource.CLUSTER_CONFIGURATION, operation= OperationCode.LIST)
public Result describeConfig(
@CliOption (key = CliStrings.DESCRIBE_CONFIG__MEMBER,
optionContext = ConverterHint.ALL_MEMBER_IDNAME,
@@ -197,7 +197,7 @@ public class ConfigCommands implements CommandMarker {
*/
@CliCommand(value = { CliStrings.EXPORT_CONFIG }, help = CliStrings.EXPORT_CONFIG__HELP)
@CliMetaData(interceptor = "com.gemstone.gemfire.management.internal.cli.commands.ConfigCommands$Interceptor", relatedTopic = {CliStrings.TOPIC_GEMFIRE_CONFIG})
- @ResourceOperation(resource = Resource.CLUSTER_CONFIGURTION, operation = OperationCode.EXPORT)
+ @ResourceOperation(resource = Resource.CLUSTER_CONFIGURATION, operation = OperationCode.EXPORT)
public Result exportConfig(
@CliOption(key = { CliStrings.EXPORT_CONFIG__MEMBER },
optionContext = ConverterHint.ALL_MEMBER_IDNAME,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
index acf4c20..82eeaf4 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
@@ -215,7 +215,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value = CliStrings.LIST_DISK_STORE, help = CliStrings.LIST_DISK_STORE__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.LIST)
public Result listDiskStore() {
try {
Set<DistributedMember> dataMembers = getNormalMembers(getCache());
@@ -869,7 +869,7 @@ public class DiskStoreCommands extends AbstractCommandsSupport {
@CliCommand(value = CliStrings.DESCRIBE_DISK_STORE, help = CliStrings.DESCRIBE_DISK_STORE__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DISKSTORE })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
+ @ResourceOperation(resource = Resource.DISKSTORE, operation = OperationCode.LIST)
public Result describeDiskStore(@CliOption(key = CliStrings.DESCRIBE_DISK_STORE__MEMBER, mandatory = true, optionContext = ConverterHint.MEMBERIDNAME, help = CliStrings.DESCRIBE_DISK_STORE__MEMBER__HELP)
final String memberName,
@CliOption(key = CliStrings.DESCRIBE_DISK_STORE__NAME, mandatory = true, optionContext = ConverterHint.DISKSTORE_ALL, help = CliStrings.DESCRIBE_DISK_STORE__NAME__HELP)
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ExportImportSharedConfigurationCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ExportImportSharedConfigurationCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ExportImportSharedConfigurationCommands.java
index 19b93cf..a5316d8 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ExportImportSharedConfigurationCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ExportImportSharedConfigurationCommands.java
@@ -64,7 +64,7 @@ public class ExportImportSharedConfigurationCommands extends AbstractCommandsSup
@CliCommand(value = { CliStrings.EXPORT_SHARED_CONFIG }, help = CliStrings.EXPORT_SHARED_CONFIG__HELP)
@CliMetaData(interceptor = "com.gemstone.gemfire.management.internal.cli.commands.ExportImportSharedConfigurationCommands$ExportInterceptor", readsSharedConfiguration=true, relatedTopic = {CliStrings.TOPIC_GEMFIRE_CONFIG})
- @ResourceOperation(resource = Resource.CLUSTER_CONFIGURTION, operation = OperationCode.EXPORT)
+ @ResourceOperation(resource = Resource.CLUSTER_CONFIGURATION, operation = OperationCode.EXPORT)
public Result exportSharedConfig(
@CliOption(key = { CliStrings.EXPORT_SHARED_CONFIG__FILE},
mandatory = true,
@@ -115,7 +115,7 @@ public class ExportImportSharedConfigurationCommands extends AbstractCommandsSup
@CliCommand(value = { CliStrings.IMPORT_SHARED_CONFIG }, help = CliStrings.IMPORT_SHARED_CONFIG__HELP)
@CliMetaData(interceptor = "com.gemstone.gemfire.management.internal.cli.commands.ExportImportSharedConfigurationCommands$ImportInterceptor", writesToSharedConfiguration=true, relatedTopic = {CliStrings.TOPIC_GEMFIRE_CONFIG})
- @ResourceOperation(resource = Resource.CLUSTER_CONFIGURTION, operation = OperationCode.IMPORT)
+ @ResourceOperation(resource = Resource.CLUSTER_CONFIGURATION, operation = OperationCode.IMPORT)
@SuppressWarnings("unchecked")
public Result importSharedConfig(
@CliOption(key = { CliStrings.IMPORT_SHARED_CONFIG__ZIP},
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MiscellaneousCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MiscellaneousCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MiscellaneousCommands.java
index 00ebf94..632c719 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MiscellaneousCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MiscellaneousCommands.java
@@ -185,7 +185,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.SHUTDOWN, help = CliStrings.SHUTDOWN__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_LIFECYCLE },
interceptor = "com.gemstone.gemfire.management.internal.cli.commands.MiscellaneousCommands$Interceptor")
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.SHUTDOWN)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.MANAGE)
public Result shutdown(
@CliOption(key = CliStrings.SHUTDOWN__TIMEOUT, unspecifiedDefaultValue = DEFAULT_TIME_OUT,
help = CliStrings.SHUTDOWN__TIMEOUT__HELP) int userSpecifiedTimeout,
@@ -326,7 +326,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.GC, help = CliStrings.GC__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_DEBUG_UTIL })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.GC)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.MANAGE)
public Result gc(
@CliOption(key = CliStrings.GC__GROUP, unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE, help = CliStrings.GC__GROUP__HELP)
String[] groups,
@@ -417,7 +417,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.NETSTAT, help = CliStrings.NETSTAT__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_DEBUG_UTIL })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.NETSTAT)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.MANAGE)
//TODO : Verify the auto-completion for multiple values.
public Result netstat(
@CliOption(key = CliStrings.NETSTAT__MEMBER,
@@ -571,7 +571,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.SHOW_DEADLOCK, help = CliStrings.SHOW_DEADLOCK__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DEBUG_UTIL })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.SHOW_DEADLOCKS)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
public Result showDeadlock(
@CliOption(key = CliStrings.SHOW_DEADLOCK__DEPENDENCIES__FILE,
help = CliStrings.SHOW_DEADLOCK__DEPENDENCIES__FILE__HELP,
@@ -621,7 +621,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.SHOW_LOG, help = CliStrings.SHOW_LOG_HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DEBUG_UTIL })
- @ResourceOperation(resource = Resource.MEMBER, operation = OperationCode.SHOW_LOG)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
public Result showLog(
@CliOption(key = CliStrings.SHOW_LOG_MEMBER, optionContext = ConverterHint.ALL_MEMBER_IDNAME, unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE, help = CliStrings.SHOW_LOG_MEMBER_HELP, mandatory = true) String memberNameOrId,
@CliOption(key = CliStrings.SHOW_LOG_LINE_NUM, unspecifiedDefaultValue = "0", help = CliStrings.SHOW_LOG_LINE_NUM_HELP, mandatory = false) int numberOfLines) {
@@ -769,7 +769,7 @@ public class MiscellaneousCommands implements CommandMarker {
}
@CliCommand(value = CliStrings.EXPORT_LOGS, help = CliStrings.EXPORT_LOGS__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_SERVER, CliStrings.TOPIC_GEMFIRE_DEBUG_UTIL })
- @ResourceOperation(resource = Resource.MEMBER, operation = OperationCode.EXPORT_LOGS)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
public Result exportLogs(
@CliOption(key = CliStrings.EXPORT_LOGS__DIR,
help = CliStrings.EXPORT_LOGS__DIR__HELP, mandatory=true) String dirName,
@@ -991,7 +991,7 @@ public class MiscellaneousCommands implements CommandMarker {
*/
@CliCommand(value = CliStrings.EXPORT_STACKTRACE, help = CliStrings.EXPORT_STACKTRACE__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_DEBUG_UTIL })
- @ResourceOperation(resource = Resource.MEMBER, operation = OperationCode.EXPORT_STACKTRACE)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.LIST)
public Result exportStackTrace(
@CliOption(key = CliStrings.EXPORT_STACKTRACE__MEMBER,
optionContext = ConverterHint.ALL_MEMBER_IDNAME,
@@ -1092,7 +1092,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.SHOW_METRICS, help = CliStrings.SHOW_METRICS__HELP)
@CliMetaData(shellOnly = false, relatedTopic = { CliStrings.TOPIC_GEMFIRE_STATISTICS })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation= OperationCode.SHOW_METRICS)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation= OperationCode.LIST)
public Result showMetrics(
@CliOption(key = { CliStrings.SHOW_METRICS__MEMBER }, optionContext = ConverterHint.ALL_MEMBER_IDNAME, help = CliStrings.SHOW_METRICS__MEMBER__HELP) String memberNameOrId,
@CliOption(key = { CliStrings.SHOW_METRICS__REGION }, optionContext = ConverterHint.REGIONPATH, help = CliStrings.SHOW_METRICS__REGION__HELP) String regionName,
@@ -1996,7 +1996,7 @@ public class MiscellaneousCommands implements CommandMarker {
@CliCommand(value = CliStrings.CHANGE_LOGLEVEL, help = CliStrings.CHANGE_LOGLEVEL__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_CHANGELOGLEVEL })
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.ALTER_RUNTIME)
+ @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.MANAGE)
public Result changeLogLevel(
@CliOption(key = CliStrings.CHANGE_LOGLEVEL__MEMBER, unspecifiedDefaultValue = "", help = CliStrings.CHANGE_LOGLEVEL__MEMBER__HELP) String[] memberIds,
@CliOption(key = CliStrings.CHANGE_LOGLEVEL__GROUPS, unspecifiedDefaultValue = "", help = CliStrings.CHANGE_LOGLEVEL__GROUPS__HELP) String[] grps,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
index d4b709b..1c3dd84 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
@@ -53,7 +53,7 @@ public class PDXCommands extends AbstractCommandsSupport{
@CliCommand (value = CliStrings.CONFIGURE_PDX, help = CliStrings.CONFIGURE_PDX__HELP)
@CliMetaData (relatedTopic = CliStrings.TOPIC_GEMFIRE_REGION, writesToSharedConfiguration = true)
- @ResourceOperation( resource=Resource.PDX, operation = OperationCode.CONFIGURE)
+ @ResourceOperation( resource=Resource.PDX, operation = OperationCode.MANAGE)
public Result configurePDX(
@CliOption (key = CliStrings.CONFIGURE_PDX__READ__SERIALIZED,
unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE,
@@ -175,7 +175,7 @@ public class PDXCommands extends AbstractCommandsSupport{
@CliCommand (value = CliStrings.PDX_RENAME, help = CliStrings.PDX_RENAME__HELP)
@CliMetaData(shellOnly=true, relatedTopic={CliStrings.TOPIC_GEMFIRE_DISKSTORE})
- @ResourceOperation(resource = Resource.DISTRIBUTED_SYSTEM, operation = OperationCode.RENAME)
+ @ResourceOperation(resource = Resource.PDX, operation = OperationCode.MANAGE)
public Result pdxRename(
@CliOption (key = CliStrings.PDX_RENAME_OLD,
mandatory=true,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
index 1693a37..f77c4c0 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
@@ -62,7 +62,7 @@ public class QueueCommands implements CommandMarker {
@CliCommand(value = CliStrings.CREATE_ASYNC_EVENT_QUEUE, help = CliStrings.CREATE_ASYNC_EVENT_QUEUE__HELP)
@CliMetaData(writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.ASYNC_EVENT_QUEUE, operation = OperationCode.CREATE)
+ @ResourceOperation(resource = Resource.ASYNC_EVENT_QUEUE, operation = OperationCode.MANAGE)
public Result createAsyncEventQueue(
@CliOption(key = CliStrings.CREATE_ASYNC_EVENT_QUEUE__ID,
mandatory = true,
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
index cab80fe..2671ba4 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
@@ -48,7 +48,7 @@ public class StatusCommands extends AbstractCommandsSupport implements CommandMa
@SuppressWarnings("unchecked")
@CliCommand (value = CliStrings.STATUS_SHARED_CONFIG, help = CliStrings.STATUS_SHARED_CONFIG_HELP)
@CliMetaData (relatedTopic = CliStrings.TOPIC_GEMFIRE_LOCATOR)
- @ResourceOperation(resource = Resource.CLUSTER_CONFIGURTION, operation = OperationCode.STATUS)
+ @ResourceOperation(resource = Resource.CLUSTER_CONFIGURATION, operation = OperationCode.STATUS)
public Result statusSharedConfiguration() {
final GemFireCacheImpl cache = GemFireCacheImpl.getInstance();
final Set<DistributedMember> locators = new HashSet<DistributedMember>(cache.getDistributionManager().getAllHostedLocatorsWithSharedConfiguration().keySet());
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AllCliCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AllCliCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AllCliCommandsSecurityTest.java
new file mode 100644
index 0000000..99364a4
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AllCliCommandsSecurityTest.java
@@ -0,0 +1,178 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.security;
+
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.management.MemberMXBean;
+import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.junit.Assert.assertNull;
+
+@Category(IntegrationTest.class)
+public class AllCliCommandsSecurityTest {
+ private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+ private MemberMXBean bean;
+
+ private static class Permission {
+ private final Resource resource;
+ private final OperationCode operationCode;
+
+ Permission(Resource resource, OperationCode operationCode) {
+ this.resource = resource;
+ this.operationCode = operationCode;
+ }
+
+ @Override
+ public String toString() {
+ String result = resource.toString() + ":" + operationCode.toString();
+ return result;
+ }
+ }
+
+ private static final Permission ASYNC_EVENT_QUEUE_MANAGE = new Permission(Resource.ASYNC_EVENT_QUEUE, OperationCode.MANAGE);
+ private static final Permission ASYNC_EVENT_QUEUE_LIST = new Permission(Resource.ASYNC_EVENT_QUEUE, OperationCode.LIST);
+ private static final Permission CLUSTER_CONFIGURATION_STATUS = new Permission(Resource.CLUSTER_CONFIGURATION, OperationCode.STATUS);
+ private static final Permission DISKSTORE_MANAGE = new Permission(Resource.DISKSTORE, OperationCode.MANAGE);
+ private static final Permission DISKSTORE_LIST = new Permission(Resource.DISKSTORE, OperationCode.LIST);
+ private static final Permission DISTRIBUTED_SYSTEM_ALL = new Permission(Resource.DISTRIBUTED_SYSTEM, OperationCode.ALL);
+ private static final Permission DISTRIBUTED_SYSTEM_LIST = new Permission(Resource.DISTRIBUTED_SYSTEM, OperationCode.LIST);
+ private static final Permission DISTRIBUTED_SYSTEM_MANAGE = new Permission(Resource.DISTRIBUTED_SYSTEM, OperationCode.MANAGE);
+ private static final Permission GATEWAY_MANAGE = new Permission(Resource.GATEWAY, OperationCode.MANAGE);
+ private static final Permission GATEWAY_LIST = new Permission(Resource.GATEWAY, OperationCode.LIST);
+ private static final Permission PDX_MANAGE = new Permission(Resource.PDX, OperationCode.MANAGE);
+
+ private Map<String, Permission> commandPermission = new HashMap<>();
+
+
+ public AllCliCommandsSecurityTest() {
+
+ // Config Commands
+ commandPermission.put("status cluster-config-service", CLUSTER_CONFIGURATION_STATUS);
+
+ // Diskstore Commands
+ commandPermission.put("backup disk-store --dir=foo", DISKSTORE_MANAGE);
+ commandPermission.put("list disk-stores", DISKSTORE_LIST);
+ commandPermission.put("create disk-store --name=foo --dir=bar", DISKSTORE_MANAGE);
+ commandPermission.put("compact disk-store --name=foo", DISKSTORE_MANAGE);
+ commandPermission.put("compact offline-disk-store --name=foo --disk-dirs=bar", DISKSTORE_MANAGE);
+ commandPermission.put("upgrade offline-disk-store --name=foo --disk-dirs=bar", DISKSTORE_MANAGE);
+ commandPermission.put("describe disk-store --name=foo --member=baz", DISKSTORE_LIST);
+ commandPermission.put("revoke missing-disk-store --id=foo", DISKSTORE_MANAGE);
+ commandPermission.put("show missing-disk-stores", DISKSTORE_MANAGE);
+ commandPermission.put("describe offline-disk-store --name=foo --disk-dirs=bar", DISKSTORE_LIST);
+ commandPermission.put("export offline-disk-store --name=foo --disk-dirs=bar --dir=baz", DISKSTORE_MANAGE);
+ commandPermission.put("validate offline-disk-store --name=foo --disk-dirs=bar", DISKSTORE_MANAGE);
+// commandPermission.put("alter offline-disk-store --name=foo --region=xyz --disk-dirs=bar", DISKSTORE_MANAGE);
+ commandPermission.put("destroy disk-store --name=foo", DISKSTORE_MANAGE);
+
+ // Misc Commands
+ commandPermission.put("change loglevel --loglevel=severe --member=server1", DISTRIBUTED_SYSTEM_MANAGE);
+ commandPermission.put("export logs --dir=data/logs", DISTRIBUTED_SYSTEM_LIST);
+ commandPermission.put("export stack-traces --file=stack.txt", DISTRIBUTED_SYSTEM_LIST);
+ commandPermission.put("gc", DISTRIBUTED_SYSTEM_MANAGE);
+ commandPermission.put("netstat --member=server1", DISTRIBUTED_SYSTEM_MANAGE);
+ commandPermission.put("show dead-locks --file=deadlocks.txt", DISTRIBUTED_SYSTEM_LIST);
+ commandPermission.put("show log --member=locator1 --lines=5", DISTRIBUTED_SYSTEM_LIST);
+ commandPermission.put("show metrics", DISTRIBUTED_SYSTEM_LIST);
+// commandPermission.put("shutdown", DISTRIBUTED_SYSTEM_MANAGE);
+
+ // PDX Commands
+ commandPermission.put("configure pdx --read-serialized=true", PDX_MANAGE);
+ commandPermission.put("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1", PDX_MANAGE);
+
+ // Queue Commands
+ commandPermission.put("create async-event-queue --id=myAEQ --listener=myApp.myListener", ASYNC_EVENT_QUEUE_MANAGE);
+ commandPermission.put("list async-event-queues", ASYNC_EVENT_QUEUE_LIST);
+
+ // Shell Commands
+ commandPermission.put("connect", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("debug --state=on", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("describe connection", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("echo --string=\"Hello World!\"", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("encrypt password --password=value", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("version", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("sleep", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("sh ls", DISTRIBUTED_SYSTEM_ALL);
+ commandPermission.put("disconnect", DISTRIBUTED_SYSTEM_ALL);
+
+ // WAN Commands
+ commandPermission.put("create gateway-sender --id=sender1 --remote-distributed-system-id=2", GATEWAY_MANAGE);
+ commandPermission.put("start gateway-sender --id=sender1", GATEWAY_MANAGE);
+ commandPermission.put("pause gateway-sender --id=sender1", GATEWAY_MANAGE);
+ commandPermission.put("resume gateway-sender --id=sender1", GATEWAY_MANAGE);
+ commandPermission.put("stop gateway-sender --id=sender1", GATEWAY_MANAGE);
+ commandPermission.put("load-balance gateway-sender --id=sender1", GATEWAY_MANAGE);
+ commandPermission.put("list gateways", GATEWAY_LIST);
+ commandPermission.put("create gateway-receiver", GATEWAY_MANAGE);
+ commandPermission.put("start gateway-receiver", GATEWAY_MANAGE);
+ commandPermission.put("stop gateway-receiver", GATEWAY_MANAGE);
+ commandPermission.put("status gateway-receiver", GATEWAY_LIST);
+ }
+
+ @ClassRule
+ public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
+ jmxManagerPort, "cacheServer.json");
+
+ @Rule
+ public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
+
+ @Before
+ public void setUp() throws Exception {
+ bean = connectionRule.getProxyMBean(MemberMXBean.class);
+ }
+
+ @Test
+ @JMXConnectionConfiguration(user = "adminUser", password = "1234567")
+ public void testAdminUser() throws Exception {
+ for (String cmd : commandPermission.keySet()) {
+ try {
+ bean.processCommand(cmd);
+ } catch (Throwable t) {
+ assertNull(String.format("Error evaluating command: '%s'", cmd), t);
+ }
+ }
+ }
+
+ // dataUser has all the permissions granted, but not to region2 (only to region1)
+ @Test
+ @JMXConnectionConfiguration(user = "dataUser", password = "1234567")
+ public void testNoAccess(){
+ for (Map.Entry<String, Permission> e : commandPermission.entrySet()) {
+ try {
+ assertThatThrownBy(() -> bean.processCommand(e.getKey()))
+ .hasMessageStartingWith("Access Denied: Not authorized for " + e.getValue())
+ .isInstanceOf(SecurityException.class);
+ } catch (Throwable t) {
+ assertNull(String.format("Command should have failed: '%s'", e.getKey(), t));
+ }
+ }
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java
deleted file mode 100644
index 65eb801..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MiscCommandsSecurityTest.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.MemberMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category(IntegrationTest.class)
-public class MiscCommandsSecurityTest {
- private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
-
- private MemberMXBean bean;
-
- @ClassRule
- public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
- jmxManagerPort, "cacheServer.json");
-
- @Rule
- public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
-
- @Before
- public void setUp() throws Exception {
- bean = connectionRule.getProxyMBean(MemberMXBean.class);
- }
-
- private static String[] commands = {};
-
- @JMXConnectionConfiguration(user = "superuser", password = "1234567")
- @Test
- public void testAllAccess(){
- bean.processCommand("change loglevel --loglevel=severe --members=server1");
- bean.processCommand("export logs --dir=data/logs");
- bean.processCommand("export stack-traces --file=stack.txt");
- bean.processCommand("gc");
- bean.processCommand("netstat --member=server1");
- bean.processCommand("show dead-locks --file=deadlocks.txt");
- bean.processCommand("show log --member=locator1 --lines=5");
- bean.processCommand("show metrics");
- bean.processCommand("shutdown");
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java
deleted file mode 100644
index 721f29d..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/PDXCommandsSecurityTest.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.MemberMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-@Category(IntegrationTest.class)
-public class PDXCommandsSecurityTest {
- private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
-
- private MemberMXBean bean;
-
- @ClassRule
- public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
- jmxManagerPort, "cacheServer.json");
-
- @Rule
- public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
-
- @Before
- public void setUp() throws Exception {
- bean = connectionRule.getProxyMBean(MemberMXBean.class);
- }
-
- @JMXConnectionConfiguration(user = "superuser", password = "1234567")
- @Test
- public void testAllAccess(){
- bean.processCommand("configure pdx --read-serialized=true");
- bean.processCommand("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1");
- }
-
- // stranger has no permission granted
- @JMXConnectionConfiguration(user = "stranger", password = "1234567")
- @Test
- public void testNoAccess(){
- assertThatThrownBy(() -> bean.processCommand("configure pdx --read-serialized=true"))
- .isInstanceOf(SecurityException.class)
- .hasMessageContaining("PDX:CONFIGURE");
- assertThatThrownBy(() -> bean.processCommand("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1"))
- .isInstanceOf(SecurityException.class)
- .hasMessageContaining("DISTRIBUTED_SYSTEM:RENAME");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/QueueCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/QueueCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/QueueCommandsSecurityTest.java
deleted file mode 100644
index e9baa41..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/QueueCommandsSecurityTest.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.MemberMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-@Category(IntegrationTest.class)
-public class QueueCommandsSecurityTest {
- private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
-
- private MemberMXBean bean;
-
- @ClassRule
- public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
- jmxManagerPort, "cacheServer.json");
-
- @Rule
- public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
-
- @Before
- public void setUp() throws Exception {
- bean = connectionRule.getProxyMBean(MemberMXBean.class);
- }
-
- @JMXConnectionConfiguration(user = "superuser", password = "1234567")
- @Test
- public void testAllAccess(){
- bean.processCommand("create async-event-queue --id=myAEQ --listener=myApp.myListener");
- bean.processCommand("list async-event-queues");
- }
-
- // stranger has no permission granted
- @JMXConnectionConfiguration(user = "stranger", password = "1234567")
- @Test
- public void testNoAccess(){
- assertThatThrownBy(() -> bean.processCommand("create async-event-queue --id=myAEQ --listener=myApp.myListener"))
- .isInstanceOf(SecurityException.class).hasMessageContaining("ASYNC_EVENT_QUEUE:CREATE");
- assertThatThrownBy(() -> bean.processCommand("list async-event-queues"))
- .isInstanceOf(SecurityException.class).hasMessageContaining("ASYNC_EVENT_QUEUE:LIST");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShellCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShellCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShellCommandsSecurityTest.java
deleted file mode 100644
index 4d08d1a..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShellCommandsSecurityTest.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.MemberMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-@Category(IntegrationTest.class)
-public class ShellCommandsSecurityTest {
- private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
-
- private MemberMXBean bean;
-
- @ClassRule
- public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
- jmxManagerPort, "cacheServer.json");
-
- @Rule
- public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
-
- @Before
- public void setUp() throws Exception {
- bean = connectionRule.getProxyMBean(MemberMXBean.class);
- }
-
- @JMXConnectionConfiguration(user = "superuser", password = "1234567")
- @Test
- public void testAllAccess(){
- bean.processCommand("connect");
- bean.processCommand("debug --state=on");
- bean.processCommand("describe connection");
- bean.processCommand("echo --string=\"Hello World!\"");
- bean.processCommand("encrypt password --password=value");
- bean.processCommand("version");
- bean.processCommand("sleep");
- bean.processCommand("sh ls");
- bean.processCommand("disconnect");
- }
-
- // stranger has no permission granted
- @JMXConnectionConfiguration(user = "stranger", password = "1234567")
- @Test
- public void testNoAccess(){
- assertThatThrownBy(() -> bean.processCommand("connect")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("debug --state=on")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("describe connection")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("disconnect")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("echo --string=\"Hello World!\"")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("encrypt password --password=value")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("version")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("sleep")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- assertThatThrownBy(() -> bean.processCommand("sh ls")).isInstanceOf(SecurityException.class).hasMessageContaining("DISTRIBUTED_SYSTEM:ALL");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/StatusCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/StatusCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/StatusCommandsSecurityTest.java
deleted file mode 100644
index 10101dd..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/StatusCommandsSecurityTest.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.MemberMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-@Category(IntegrationTest.class)
-public class StatusCommandsSecurityTest {
- private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
-
- private MemberMXBean bean;
-
- @ClassRule
- public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
- jmxManagerPort, "cacheServer.json");
-
- @Rule
- public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
-
- @Before
- public void setUp() throws Exception {
- bean = connectionRule.getProxyMBean(MemberMXBean.class);
- }
-
- @JMXConnectionConfiguration(user = "superuser", password = "1234567")
- @Test
- public void testAllAccess(){
- bean.processCommand("status cluster-config-service");
- }
-
- // stranger has no permission granted
- @JMXConnectionConfiguration(user = "stranger", password = "1234567")
- @Test
- public void testNoAccess(){
- assertThatThrownBy(() -> bean.processCommand("status cluster-config-service")).isInstanceOf(SecurityException.class).hasMessageContaining("CLUSTER_CONFIGURTION:STATUS");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
deleted file mode 100644
index 8c73e8a..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/WanCommandsSecurityTest.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.MemberMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-@Category(IntegrationTest.class)
-public class WanCommandsSecurityTest {
- private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
-
- private MemberMXBean bean;
-
- @ClassRule
- public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
- jmxManagerPort, "cacheServer.json");
-
- @Rule
- public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
-
- @Before
- public void setUp() throws Exception {
- bean = connectionRule.getProxyMBean(MemberMXBean.class);
- }
-
- @Test
- @JMXConnectionConfiguration(user = "adminUser", password = "1234567")
- public void testAdminUser() throws Exception {
- bean.processCommand("create gateway-sender --id=sender1 --remote-distributed-system-id=2");
- bean.processCommand("start gateway-sender --id=sender1");
- bean.processCommand("pause gateway-sender --id=sender1");
- bean.processCommand("resume gateway-sender --id=sender1");
- bean.processCommand("stop gateway-sender --id=sender1");
- bean.processCommand("load-balance gateway-sender --id=sender1");
- bean.processCommand("list gateways");
- bean.processCommand("create gateway-receiver");
- bean.processCommand("start gateway-receiver");
- bean.processCommand("stop gateway-receiver");
- bean.processCommand("status gateway-receiver");
- }
-
- // dataUser has all the permissions granted, but not to region2 (only to region1)
- @Test
- @JMXConnectionConfiguration(user = "dataUser", password = "1234567")
- public void testNoAccess(){
- assertThatThrownBy(() -> bean.processCommand("create gateway-sender --id=sender1 --remote-distributed-system-id=2"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("start gateway-sender --id=sender1"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("pause gateway-sender --id=sender1"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("resume gateway-sender --id=sender1"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("stop gateway-sender --id=sender1"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("load-balance gateway-sender --id=sender1"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("list gateways"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:LIST");
-
- assertThatThrownBy(() -> bean.processCommand("create gateway-receiver"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("start gateway-receiver"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("stop gateway-receiver"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:MANAGE");
-
- assertThatThrownBy(() -> bean.processCommand("status gateway-receiver"))
- .isInstanceOf(SecurityException.class)
- .hasMessageStartingWith("Access Denied: Not authorized for GATEWAY:LIST");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/65635fe4/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
index 0f8df37..dc613e0 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -3,8 +3,17 @@
{
"name": "admin",
"operationsAllowed": [
+ "ASYNC_EVENT_QUEUE:LIST",
+ "ASYNC_EVENT_QUEUE:MANAGE",
+ "CLUSTER_CONFIGURATION:STATUS",
+ "DISKSTORE:LIST",
+ "DISKSTORE:MANAGE",
+ "DISTRIBUTED_SYSTEM:ALL",
+ "DISTRIBUTED_SYSTEM:LIST",
+ "DISTRIBUTED_SYSTEM:MANAGE",
"GATEWAY:LIST",
- "GATEWAY:MANAGE"
+ "GATEWAY:MANAGE",
+ "PDX:MANAGE"
]
},
{
@@ -43,7 +52,7 @@
"MANAGER:SET_PULSE_URL",
"MANAGER:START",
"MANAGER:STOP",
- "CLUSTER_CONFIGURTION:STATUS",
+ "CLUSTER_CONFIGURATION:STATUS",
"DISTRIBUTED_SYSTEM:ALL",
"DISTRIBUTED_SYSTEM:RENAME",
"DISTRIBUTED_SYSTEM:GC",
@@ -72,7 +81,6 @@
{
"name": "dataUsers",
"operationsAllowed": [
- "DISTRIBUTED_SYSTEM:LIST",
"REGION:GET",
"REGION:REBALANCE",
"REGION:EXPORT",