qpid/java/broker-plugins/simple-xml/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209

/*
 *
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 *
 */
package org.apache.qpid.server.security.access;

import org.apache.qpid.AMQException;
import org.apache.qpid.framing.AMQShortString;
import org.apache.qpid.server.security.Result;
import org.apache.qpid.server.security.access.config.PrincipalPermissions;
import org.apache.qpid.server.security.access.config.PrincipalPermissions.Permission;
import org.apache.qpid.test.utils.QpidTestCase;

public class PrincipalPermissionsTest extends QpidTestCase
{
    private String _user = "user";
    private PrincipalPermissions _perms;

    // Common things that are passed to frame constructors
    private AMQShortString _queueName = new AMQShortString(this.getClass().getName() + "queue");
    private AMQShortString _tempQueueName = new AMQShortString(this.getClass().getName() + "tempqueue");
    private AMQShortString _exchangeName = new AMQShortString("amq.direct");
    private AMQShortString _routingKey = new AMQShortString(this.getClass().getName() + "route");
    private boolean _autoDelete = false;
    private AMQShortString _exchangeType = new AMQShortString("direct");
    private Boolean _temporary = false;
    private Boolean _ownQueue = false;

    @Override
    public void setUp() throws Exception
    {
        super.setUp();

        _perms = new PrincipalPermissions(_user);
    }


    public void testPrincipalPermissions()
    {
        assertNotNull(_perms);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.ACCESS, (String[]) null));
    }

    // FIXME: test has been disabled since the permissions assume that the user has tried to create
    // the queue first. QPID-1597
    public void disableTestBind() throws Exception
    {
        String[] args = new String[]{null, _exchangeName.asString(), _queueName.asString(), _routingKey.asString()};

        assertEquals(Result.DENIED, _perms.authorise(Permission.BIND, args));
        _perms.grant(Permission.BIND, (Object[]) null);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.BIND, args));
    }

    public void testQueueCreate()
    {
        Object[] grantArgs = new Object[]{_temporary , _queueName, _exchangeName, _routingKey};
        String[] authArgs = new String[]{Boolean.toString(_autoDelete), _queueName.asString()};

        assertEquals(Result.DENIED, _perms.authorise(Permission.CREATEQUEUE, authArgs));
        _perms.grant(Permission.CREATEQUEUE, grantArgs);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CREATEQUEUE, authArgs));
    }

     public void testQueueCreateWithNullRoutingKey()
    {
        Object[] grantArgs = new Object[]{_temporary , _queueName, _exchangeName, null};
        String[] authArgs = new String[]{Boolean.toString(_autoDelete), _queueName.asString()};
        
        assertEquals(Result.DENIED, _perms.authorise(Permission.CREATEQUEUE, authArgs));
        _perms.grant(Permission.CREATEQUEUE, grantArgs);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CREATEQUEUE, authArgs));
    }

    // FIXME disabled, this fails due to grant putting the grant into the wrong map QPID-1598
    public void disableTestExchangeCreate()
    {
        String[] authArgs = new String[]{_exchangeName.asString()};
        Object[] grantArgs = new Object[]{_exchangeName, _exchangeType};

        assertEquals(Result.DENIED, _perms.authorise(Permission.CREATEEXCHANGE, authArgs));
        _perms.grant(Permission.CREATEEXCHANGE, grantArgs);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CREATEEXCHANGE, authArgs));
    }

    public void testConsume()
    {
        String[] authArgs = new String[]{_queueName.asString(), Boolean.toString(_autoDelete), _user};
        Object[] grantArgs = new Object[]{_queueName, _ownQueue};

        // FIXME: This throws a null pointer exception QPID-1599
        // assertFalse(_perms.authorise(Permission.CONSUME, authArgs));
        _perms.grant(Permission.CONSUME, grantArgs);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CONSUME, authArgs));
    }

    public void testPublish() throws AMQException
    {
        String[] authArgs = new String[]{_exchangeName.asString(), _routingKey.asString()};
        Object[] grantArgs = new Object[]{_exchangeName, _routingKey};

        assertEquals(Result.DENIED, _perms.authorise(Permission.PUBLISH, authArgs));
        _perms.grant(Permission.PUBLISH, grantArgs);
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.PUBLISH, authArgs));
    }

    public void testVhostAccess()
    {
        //Tests that granting a user Virtualhost level access allows all authorisation requests
        //where previously they would be denied

        //QPID-2133 createExchange rights currently allow all exchange creation unless rights for creating some
        //specific exchanges are granted. Grant a specific exchange creation to cause all others to be denied.
        Object[] createArgsCreateExchange = new Object[]{new AMQShortString("madeup"), _exchangeType};
        String[] authArgsCreateExchange = new String[]{_exchangeName.asString()};
        assertEquals("Exchange creation was not allowed", Result.ALLOWED, _perms.authorise(Permission.CREATEEXCHANGE, authArgsCreateExchange));
        _perms.grant(Permission.CREATEEXCHANGE, createArgsCreateExchange);

        String[] authArgsPublish = new String[]{_exchangeName.asString(), _routingKey.asString()};
        String[] authArgsConsume = new String[]{_queueName.asString(), Boolean.toString(_autoDelete), _user};
        String[] authArgsCreateQueue = new String[]{Boolean.toString(_autoDelete), _queueName.asString()};
//        QueueBindBodyImpl bind = new QueueBindBodyImpl(_ticket, _queueName, _exchangeName, _routingKey, _nowait, _arguments);
        String[] authArgsBind = new String[]{ null, _exchangeName.asString(), _queueName.asString(), _routingKey.asString()};

        assertEquals("Exchange creation was not denied", Result.DENIED, _perms.authorise(Permission.CREATEEXCHANGE, authArgsCreateExchange));
        assertEquals("Publish was not denied", Result.DENIED, _perms.authorise(Permission.PUBLISH, authArgsPublish));
        assertEquals("Consume creation was not denied", Result.DENIED, _perms.authorise(Permission.CONSUME, authArgsConsume));
        assertEquals("Queue creation was not denied", Result.DENIED, _perms.authorise(Permission.CREATEQUEUE, authArgsCreateQueue));
        //BIND pre-grant authorise check disabled due to QPID-1597
        //assertEquals("Binding creation was not denied", Result.DENIED, _perms.authorise(Permission.BIND, authArgsBind));

        _perms.grant(Permission.ACCESS);

        assertEquals("Exchange creation was not allowed", Result.ALLOWED, _perms.authorise(Permission.CREATEEXCHANGE, authArgsCreateExchange));
        assertEquals("Publish was not allowed", Result.ALLOWED, _perms.authorise(Permission.PUBLISH, authArgsPublish));
        assertEquals("Consume creation was not allowed", Result.ALLOWED, _perms.authorise(Permission.CONSUME, authArgsConsume));
        assertEquals("Queue creation was not allowed", Result.ALLOWED, _perms.authorise(Permission.CREATEQUEUE, authArgsCreateQueue));
        assertEquals("Binding creation was not allowed", Result.ALLOWED, _perms.authorise(Permission.BIND, authArgsBind));
    }

    /**
     * If the consume permission for temporary queues is for an unnamed queue then is should
     * be global for any temporary queue but not for any non-temporary queue
     */
    public void testTemporaryUnnamedQueueConsume()
    {
        String[] authNonTempQArgs = new String[]{_queueName.asString(), Boolean.toString(_autoDelete), _user};
        String[] authTempQArgs = new String[]{_tempQueueName.asString(), Boolean.TRUE.toString(), _user};
        Object[] grantArgs = new Object[]{true};

        _perms.grant(Permission.CONSUME, grantArgs);

        //Next line shows up bug - non temp queue should be denied
        assertEquals(Result.DENIED, _perms.authorise(Permission.CONSUME, authNonTempQArgs));
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CONSUME, authTempQArgs));
    }

    /**
     * Test that temporary queue permissions before queue perms in the ACL config work correctly
     */
    public void testTemporaryQueueFirstConsume()
    {
        String[] authNonTempQArgs = new String[]{_queueName.asString(), Boolean.toString(_autoDelete), _user};
        String[] authTempQArgs = new String[]{_tempQueueName.asString(), Boolean.TRUE.toString(), _user};
        Object[] grantArgs = new Object[]{true};
        Object[] grantNonTempQArgs = new Object[]{_queueName, _ownQueue};

        //should not matter if the temporary permission is processed first or last
        _perms.grant(Permission.CONSUME, grantNonTempQArgs);
        _perms.grant(Permission.CONSUME, grantArgs);

        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CONSUME, authNonTempQArgs));
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CONSUME, authTempQArgs));
    }

    /**
     * Test that temporary queue permissions after queue perms in the ACL config work correctly
     */
    public void testTemporaryQueueLastConsume()
    {
        String[] authNonTempQArgs = new String[]{_queueName.asString(), Boolean.toString(_autoDelete), _user};
        String[] authTempQArgs = new String[]{_tempQueueName.asString(), Boolean.TRUE.toString(), _user};
        Object[] grantArgs = new Object[]{true};
        Object[] grantNonTempQArgs = new Object[]{_queueName, _ownQueue};

        //should not matter if the temporary permission is processed first or last
        _perms.grant(Permission.CONSUME, grantArgs);
        _perms.grant(Permission.CONSUME, grantNonTempQArgs);

        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CONSUME, authNonTempQArgs));
        assertEquals(Result.ALLOWED, _perms.authorise(Permission.CONSUME, authTempQArgs));
    }
}