summaryrefslogtreecommitdiff
path: root/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java')
-rw-r--r--qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java155
1 files changed, 155 insertions, 0 deletions
diff --git a/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java
new file mode 100644
index 0000000000..4809962f24
--- /dev/null
+++ b/qpid/java/systests/src/test/java/org/apache/qpid/systest/rest/acl/VirtualHostNodeACLTest.java
@@ -0,0 +1,155 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.qpid.systest.rest.acl;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.codehaus.jackson.JsonGenerationException;
+import org.codehaus.jackson.map.JsonMappingException;
+
+import org.apache.qpid.server.management.plugin.HttpManagement;
+import org.apache.qpid.server.model.AccessControlProvider;
+import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.ExternalFileBasedAuthenticationManager;
+import org.apache.qpid.server.model.GroupProvider;
+import org.apache.qpid.server.model.KeyStore;
+import org.apache.qpid.server.model.Plugin;
+import org.apache.qpid.server.model.Port;
+import org.apache.qpid.server.model.Protocol;
+import org.apache.qpid.server.model.TrustStore;
+import org.apache.qpid.server.model.VirtualHostNode;
+import org.apache.qpid.server.model.adapter.FileBasedGroupProvider;
+import org.apache.qpid.server.model.adapter.FileBasedGroupProviderImpl;
+import org.apache.qpid.server.security.FileKeyStore;
+import org.apache.qpid.server.security.FileTrustStore;
+import org.apache.qpid.server.security.access.FileAccessControlProviderConstants;
+import org.apache.qpid.server.security.acl.AbstractACLTestCase;
+import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
+import org.apache.qpid.server.security.auth.manager.PlainPasswordDatabaseAuthenticationManager;
+import org.apache.qpid.server.virtualhost.memory.MemoryVirtualHost;
+import org.apache.qpid.server.virtualhostnode.JsonVirtualHostNode;
+import org.apache.qpid.systest.rest.QpidRestTestCase;
+import org.apache.qpid.test.utils.TestBrokerConfiguration;
+import org.apache.qpid.test.utils.TestFileUtils;
+import org.apache.qpid.test.utils.TestSSLConstants;
+
+public class VirtualHostNodeACLTest extends QpidRestTestCase
+{
+ private static final String TEST_VIRTUAL_HOST_NODE = "myTestVirtualHostNode";
+ private static final String ALLOWED_USER = "user1";
+ private static final String DENIED_USER = "user2";
+
+ @Override
+ protected void customizeConfiguration() throws IOException
+ {
+ super.customizeConfiguration();
+ getRestTestHelper().configureTemporaryPasswordFile(this, ALLOWED_USER, DENIED_USER);
+
+ AbstractACLTestCase.writeACLFileUtil(this, "ACL ALLOW-LOG ALL ACCESS MANAGEMENT",
+ "ACL ALLOW-LOG " + ALLOWED_USER + " ALL VIRTUALHOSTNODE",
+ "ACL DENY-LOG " + DENIED_USER + " ALL VIRTUALHOSTNODE",
+ "ACL DENY-LOG ALL ALL");
+
+ getBrokerConfiguration().setObjectAttribute(Plugin.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT,
+ HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED, true);
+
+ Map<String, Object> virtualHostNodeAttributes = new HashMap<>();
+ virtualHostNodeAttributes.put(VirtualHostNode.NAME, TEST_VIRTUAL_HOST_NODE);
+ virtualHostNodeAttributes.put(VirtualHostNode.TYPE, getTestProfileVirtualHostNodeType());
+ // TODO need better way to determine the VHN's optional attributes
+ virtualHostNodeAttributes.put(JsonVirtualHostNode.STORE_PATH, getStoreLocation(TEST_VIRTUAL_HOST_NODE));
+
+
+ getBrokerConfiguration().addObjectConfiguration(VirtualHostNode.class, virtualHostNodeAttributes);
+ }
+
+ public void testCreateVirtualHostNodeAllowed() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(ALLOWED_USER, ALLOWED_USER);
+
+ String hostName = getTestName();
+
+ int responseCode = createVirtualHostNode(hostName);
+ assertEquals("Virtual host node creation should be allowed", HttpServletResponse.SC_CREATED, responseCode);
+
+ assertVirtualHostNodeExists(hostName);
+ }
+
+ public void testCreateVirtualHostNodeDenied() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
+
+ String hostName = getTestName();
+
+ int responseCode = createVirtualHostNode(hostName);
+ assertEquals("Virtual host node creation should be denied", HttpServletResponse.SC_FORBIDDEN, responseCode);
+
+ assertVirtualHostNodeDoesNotExist(hostName);
+ }
+
+ public void testDeleteVirtualHostNodeDenied() throws Exception
+ {
+ getRestTestHelper().setUsernameAndPassword(DENIED_USER, DENIED_USER);
+ getRestTestHelper().submitRequest("virtualhostnode/" + TEST_VIRTUAL_HOST_NODE, "DELETE", HttpServletResponse.SC_FORBIDDEN);
+
+ assertVirtualHostNodeExists(TEST_VIRTUAL_HOST_NODE);
+ }
+
+ /* === Utility Methods === */
+
+ private int createVirtualHostNode(String virtualHostNodeName) throws Exception
+ {
+ Map<String, Object> data = new HashMap<>();
+ data.put(VirtualHostNode.NAME, virtualHostNodeName);
+ data.put(VirtualHostNode.TYPE, getTestProfileVirtualHostNodeType());
+ data.put(JsonVirtualHostNode.STORE_PATH, getStoreLocation(virtualHostNodeName));
+
+ return getRestTestHelper().submitRequest("virtualhostnode/" + virtualHostNodeName, "PUT", data);
+ }
+
+ private void assertVirtualHostNodeDoesNotExist(String name) throws Exception
+ {
+ assertVirtualHostNodeExistence(name, false);
+ }
+
+ private void assertVirtualHostNodeExists(String name) throws Exception
+ {
+ assertVirtualHostNodeExistence(name, true);
+ }
+
+ private void assertVirtualHostNodeExistence(String name, boolean exists) throws Exception
+ {
+ List<Map<String, Object>> hosts = getRestTestHelper().getJsonAsList("virtualhostnode/" + name);
+ assertEquals("Node " + name + (exists ? " does not exist" : " exists"), exists, !hosts.isEmpty());
+ }
+
+ private String getStoreLocation(String hostName)
+ {
+ return new File(TMP_FOLDER, "store-" + hostName + "-" + System.currentTimeMillis()).getAbsolutePath();
+ }
+
+}
View Lorry Controller Status