diff options
Diffstat (limited to 'qpid/java/broker/src/test/java/org/apache/qpid/server/management/AMQUserManagementMBeanTest.java')
-rw-r--r-- | qpid/java/broker/src/test/java/org/apache/qpid/server/management/AMQUserManagementMBeanTest.java | 202 |
1 files changed, 154 insertions, 48 deletions
diff --git a/qpid/java/broker/src/test/java/org/apache/qpid/server/management/AMQUserManagementMBeanTest.java b/qpid/java/broker/src/test/java/org/apache/qpid/server/management/AMQUserManagementMBeanTest.java index f3ee2707b0..a6c17e042e 100644 --- a/qpid/java/broker/src/test/java/org/apache/qpid/server/management/AMQUserManagementMBeanTest.java +++ b/qpid/java/broker/src/test/java/org/apache/qpid/server/management/AMQUserManagementMBeanTest.java @@ -21,26 +21,22 @@ package org.apache.qpid.server.management; +import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.File; +import java.io.FileReader; import java.io.FileWriter; import java.io.IOException; -import javax.management.openmbean.CompositeData; -import javax.management.openmbean.TabularData; - - -import org.apache.commons.lang.NotImplementedException; -import org.apache.qpid.management.common.mbeans.UserManagement; +import org.apache.commons.configuration.ConfigurationException; import org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase; import org.apache.qpid.server.security.auth.management.AMQUserManagementMBean; import org.apache.qpid.server.util.InternalBrokerBaseCase; -/** - * - * Tests the AMQUserManagementMBean and its interaction with the PrincipalDatabase. - * +/* Note: The main purpose is to test the jmx access rights file manipulation + * within AMQUserManagementMBean. The Principal Databases are tested by their own tests, + * this test just exercises their usage in AMQUserManagementMBean. */ public class AMQUserManagementMBeanTest extends InternalBrokerBaseCase { @@ -48,6 +44,7 @@ public class AMQUserManagementMBeanTest extends InternalBrokerBaseCase private AMQUserManagementMBean _amqumMBean; private File _passwordFile; + private File _accessFile; private static final String TEST_USERNAME = "testuser"; private static final String TEST_PASSWORD = "password"; @@ -60,6 +57,7 @@ public class AMQUserManagementMBeanTest extends InternalBrokerBaseCase _database = new PlainPasswordFilePrincipalDatabase(); _amqumMBean = new AMQUserManagementMBean(); loadFreshTestPasswordFile(); + loadFreshTestAccessFile(); } @Override @@ -67,67 +65,142 @@ public class AMQUserManagementMBeanTest extends InternalBrokerBaseCase { //clean up test password/access files File _oldPasswordFile = new File(_passwordFile.getAbsolutePath() + ".old"); + File _oldAccessFile = new File(_accessFile.getAbsolutePath() + ".old"); _oldPasswordFile.delete(); + _oldAccessFile.delete(); _passwordFile.delete(); + _accessFile.delete(); super.tearDown(); } public void testDeleteUser() { - assertEquals("Unexpected number of users before test", 1,_amqumMBean.viewUsers().size()); - assertTrue("Delete should return true to flag successful delete", _amqumMBean.deleteUser(TEST_USERNAME)); - assertEquals("Unexpected number of users after test", 0,_amqumMBean.viewUsers().size()); - } - - public void testDeleteUserWhereUserDoesNotExist() - { - assertEquals("Unexpected number of users before test", 1,_amqumMBean.viewUsers().size()); - assertFalse("Delete should return false to flag unsuccessful delete", _amqumMBean.deleteUser("made.up.username")); - assertEquals("Unexpected number of users after test", 1,_amqumMBean.viewUsers().size()); + loadFreshTestPasswordFile(); + loadFreshTestAccessFile(); + //try deleting a non existant user + assertFalse(_amqumMBean.deleteUser("made.up.username")); + + assertTrue(_amqumMBean.deleteUser(TEST_USERNAME)); } - public void testCreateUser() + public void testDeleteUserIsSavedToAccessFile() { - assertEquals("Unexpected number of users before test", 1,_amqumMBean.viewUsers().size()); - assertTrue("Create should return true to flag successful create", _amqumMBean.createUser("newuser", "mypass")); - assertEquals("Unexpected number of users before test", 2,_amqumMBean.viewUsers().size()); - } + loadFreshTestPasswordFile(); + loadFreshTestAccessFile(); - public void testCreateUserWhereUserAlreadyExists() - { - assertEquals("Unexpected number of users before test", 1,_amqumMBean.viewUsers().size()); - assertFalse("Create should return false to flag unsuccessful create", _amqumMBean.createUser(TEST_USERNAME, "mypass")); - assertEquals("Unexpected number of users before test", 1,_amqumMBean.viewUsers().size()); + assertTrue(_amqumMBean.deleteUser(TEST_USERNAME)); + + //check the access rights were actually deleted from the file + try{ + BufferedReader reader = new BufferedReader(new FileReader(_accessFile)); + + //check the 'generated by' comment line is present + assertTrue("File has no content", reader.ready()); + assertTrue("'Generated by' comment line was missing",reader.readLine().contains("Generated by " + + "AMQUserManagementMBean Console : Last edited by user:")); + + //there should also be a modified date/time comment line + assertTrue("File has no modified date/time comment line", reader.ready()); + assertTrue("Modification date/time comment line was missing",reader.readLine().startsWith("#")); + + //the access file should not contain any further data now as we just deleted the only user + assertFalse("User access data was present when it should have been deleted", reader.ready()); + } + catch (IOException e) + { + fail("Unable to valdate file contents due to:" + e.getMessage()); + } + } - public void testSetPassword() + public void testSetRights() { - assertTrue("Set password should return true to flag successful change", _amqumMBean.setPassword(TEST_USERNAME, "newpassword")); + loadFreshTestPasswordFile(); + loadFreshTestAccessFile(); + + assertFalse(_amqumMBean.setRights("made.up.username", true, false, false)); + + assertTrue(_amqumMBean.setRights(TEST_USERNAME, true, false, false)); + assertTrue(_amqumMBean.setRights(TEST_USERNAME, false, true, false)); + assertTrue(_amqumMBean.setRights(TEST_USERNAME, false, false, true)); } - public void testSetPasswordWhereUserDoesNotExist() + public void testSetRightsIsSavedToAccessFile() { - assertFalse("Set password should return false to flag successful change", _amqumMBean.setPassword("made.up.username", "newpassword")); + loadFreshTestPasswordFile(); + loadFreshTestAccessFile(); + + assertTrue(_amqumMBean.setRights(TEST_USERNAME, false, false, true)); + + //check the access rights were actually updated in the file + try{ + BufferedReader reader = new BufferedReader(new FileReader(_accessFile)); + + //check the 'generated by' comment line is present + assertTrue("File has no content", reader.ready()); + assertTrue("'Generated by' comment line was missing",reader.readLine().contains("Generated by " + + "AMQUserManagementMBean Console : Last edited by user:")); + + //there should also be a modified date/time comment line + assertTrue("File has no modified date/time comment line", reader.ready()); + assertTrue("Modification date/time comment line was missing",reader.readLine().startsWith("#")); + + //the access file should not contain any further data now as we just deleted the only user + assertTrue("User access data was not updated in the access file", + reader.readLine().equals(TEST_USERNAME + "=" + MBeanInvocationHandlerImpl.ADMIN)); + + //the access file should not contain any further data now as we just deleted the only user + assertFalse("Additional user access data was present when there should be no more", reader.ready()); + } + catch (IOException e) + { + fail("Unable to valdate file contents due to:" + e.getMessage()); + } } - public void testViewUsers() + public void testSetAccessFileWithMissingFile() { - TabularData userList = _amqumMBean.viewUsers(); + try + { + _amqumMBean.setAccessFile("made.up.filename"); + } + catch (IOException e) + { + fail("Should not have been an IOE." + e.getMessage()); + } + catch (ConfigurationException e) + { + assertTrue(e.getMessage(), e.getMessage().endsWith("does not exist")); + } + } - assertNotNull(userList); - assertEquals("Unexpected number of users in user list", 1, userList.size()); - assertTrue(userList.containsKey(new Object[]{TEST_USERNAME})); - - // Check the deprecated read, write and admin items continue to exist but return false. - CompositeData userRec = userList.get(new Object[]{TEST_USERNAME}); - assertTrue(userRec.containsKey(UserManagement.RIGHTS_READ_ONLY)); - assertEquals(false, userRec.get(UserManagement.RIGHTS_READ_ONLY)); - assertEquals(false, userRec.get(UserManagement.RIGHTS_READ_WRITE)); - assertTrue(userRec.containsKey(UserManagement.RIGHTS_READ_WRITE)); - assertTrue(userRec.containsKey(UserManagement.RIGHTS_ADMIN)); - assertEquals(false, userRec.get(UserManagement.RIGHTS_ADMIN)); + public void testSetAccessFileWithReadOnlyFile() + { + File testFile = null; + try + { + testFile = File.createTempFile(this.getClass().getName(),".access.readonly"); + BufferedWriter passwordWriter = new BufferedWriter(new FileWriter(testFile, false)); + passwordWriter.write(TEST_USERNAME + ":" + TEST_PASSWORD); + passwordWriter.newLine(); + passwordWriter.flush(); + passwordWriter.close(); + + testFile.setReadOnly(); + _amqumMBean.setAccessFile(testFile.getPath()); + } + catch (IOException e) + { + fail("Access file was not created." + e.getMessage()); + } + catch (ConfigurationException e) + { + fail("There should not have been a configuration exception." + e.getMessage()); + } + + testFile.delete(); } // ============================ Utility methods ========================= @@ -154,4 +227,37 @@ public class AMQUserManagementMBeanTest extends InternalBrokerBaseCase fail("Unable to create test password file: " + e.getMessage()); } } + + private void loadFreshTestAccessFile() + { + try + { + if(_accessFile == null) + { + _accessFile = File.createTempFile(this.getClass().getName(),".access"); + } + + BufferedWriter accessWriter = new BufferedWriter(new FileWriter(_accessFile,false)); + accessWriter.write("#Last Updated By comment"); + accessWriter.newLine(); + accessWriter.write("#Date/time comment"); + accessWriter.newLine(); + accessWriter.write(TEST_USERNAME + "=" + MBeanInvocationHandlerImpl.READONLY); + accessWriter.newLine(); + accessWriter.flush(); + accessWriter.close(); + } + catch (IOException e) + { + fail("Unable to create test access file: " + e.getMessage()); + } + + try{ + _amqumMBean.setAccessFile(_accessFile.toString()); + } + catch (Exception e) + { + fail("Unable to set access file: " + e.getMessage()); + } + } } |