提交 be83a9a3 编写于 作者: D dongeforever

Polish acl names

上级 1a80c5ba
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.apache.rocketmq.acl.common;//package com.aliyun.openservices.ons.api.impl.rocketmq.spas; package org.apache.rocketmq.acl.common;
public enum SigningAlgorithm { public enum SigningAlgorithm {
HmacSHA1, HmacSHA1,
......
...@@ -18,6 +18,7 @@ package org.apache.rocketmq.acl.plain; ...@@ -18,6 +18,7 @@ package org.apache.rocketmq.acl.plain;
import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.nio.file.FileSystems; import java.nio.file.FileSystems;
import java.nio.file.Path; import java.nio.file.Path;
...@@ -66,21 +67,21 @@ public class PlainPermissionLoader { ...@@ -66,21 +67,21 @@ public class PlainPermissionLoader {
} }
public void initialize() { public void initialize() {
JSONObject accessControlTransport = AclUtils.getYamlDataObject(fileHome + fileName, JSONObject plainAclConfData = AclUtils.getYamlDataObject(fileHome + File.separator + fileName,
JSONObject.class); JSONObject.class);
if (accessControlTransport == null || accessControlTransport.isEmpty()) { if (plainAclConfData == null || plainAclConfData.isEmpty()) {
throw new AclException(String.format("%s file is not data", fileHome + fileName)); throw new AclException(String.format("%s file is not data", fileHome + File.separator + fileName));
} }
log.info("BorkerAccessControlTransport data is : ", accessControlTransport.toString()); log.info("Broker plain acl conf data is : ", plainAclConfData.toString());
JSONArray globalWhiteRemoteAddressesList = accessControlTransport.getJSONArray("globalWhiteRemoteAddresses"); JSONArray globalWhiteRemoteAddressesList = plainAclConfData.getJSONArray("globalWhiteRemoteAddresses");
if (globalWhiteRemoteAddressesList != null && !globalWhiteRemoteAddressesList.isEmpty()) { if (globalWhiteRemoteAddressesList != null && !globalWhiteRemoteAddressesList.isEmpty()) {
for (int i = 0; i < globalWhiteRemoteAddressesList.size(); i++) { for (int i = 0; i < globalWhiteRemoteAddressesList.size(); i++) {
addGlobalWhiteRemoteAddress(globalWhiteRemoteAddressesList.getString(i)); addGlobalWhiteRemoteAddress(globalWhiteRemoteAddressesList.getString(i));
} }
} }
JSONArray accounts = accessControlTransport.getJSONArray("accounts"); JSONArray accounts = plainAclConfData.getJSONArray("accounts");
if (accounts != null && !accounts.isEmpty()) { if (accounts != null && !accounts.isEmpty()) {
List<PlainAccessConfig> plainAccessList = accounts.toJavaList(PlainAccessConfig.class); List<PlainAccessConfig> plainAccessList = accounts.toJavaList(PlainAccessConfig.class);
for (PlainAccessConfig plainAccess : plainAccessList) { for (PlainAccessConfig plainAccess : plainAccessList) {
...@@ -101,10 +102,10 @@ public class PlainPermissionLoader { ...@@ -101,10 +102,10 @@ public class PlainPermissionLoader {
int fileIndex = fileName.lastIndexOf("/") + 1; int fileIndex = fileName.lastIndexOf("/") + 1;
String watchDirectory = fileName.substring(0, fileIndex); String watchDirectory = fileName.substring(0, fileIndex);
final String watchFileName = fileName.substring(fileIndex); final String watchFileName = fileName.substring(fileIndex);
log.info("watch directory is {} , watch directory file name is {} ", fileHome + watchDirectory, watchFileName); log.info("watch directory is {} , watch directory file name is {} ", fileHome + File.separator + watchDirectory, watchFileName);
final WatchService watcher = FileSystems.getDefault().newWatchService(); final WatchService watcher = FileSystems.getDefault().newWatchService();
Path p = Paths.get(fileHome + watchDirectory); Path p = Paths.get(fileHome + File.separator + watchDirectory);
p.register(watcher, StandardWatchEventKinds.ENTRY_MODIFY, StandardWatchEventKinds.ENTRY_CREATE); p.register(watcher, StandardWatchEventKinds.ENTRY_MODIFY, StandardWatchEventKinds.ENTRY_CREATE);
ServiceThread watcherServcie = new ServiceThread() { ServiceThread watcherServcie = new ServiceThread() {
......
...@@ -28,6 +28,7 @@ import org.apache.commons.lang3.reflect.FieldUtils; ...@@ -28,6 +28,7 @@ import org.apache.commons.lang3.reflect.FieldUtils;
import org.apache.rocketmq.acl.common.AclException; import org.apache.rocketmq.acl.common.AclException;
import org.apache.rocketmq.acl.common.Permission; import org.apache.rocketmq.acl.common.Permission;
import org.apache.rocketmq.acl.plain.PlainPermissionLoader.PlainAccessConfig; import org.apache.rocketmq.acl.plain.PlainPermissionLoader.PlainAccessConfig;
import org.apache.rocketmq.common.UtilAll;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
...@@ -61,9 +62,8 @@ public class PlainPermissionLoaderTest { ...@@ -61,9 +62,8 @@ public class PlainPermissionLoaderTest {
ANYPlainAccessResource = clonePlainAccessResource(Permission.ANY); ANYPlainAccessResource = clonePlainAccessResource(Permission.ANY);
DENYPlainAccessResource = clonePlainAccessResource(Permission.DENY); DENYPlainAccessResource = clonePlainAccessResource(Permission.DENY);
System.setProperty("java.version", "1.6.11");
System.setProperty("rocketmq.home.dir", "src/test/resources"); System.setProperty("rocketmq.home.dir", "src/test/resources");
System.setProperty("romcketmq.acl.plain.fileName", "/conf/plain_acl.yml"); System.setProperty("rocketmq.acl.plain.file", "/conf/plain_acl.yml");
plainPermissionLoader = new PlainPermissionLoader(); plainPermissionLoader = new PlainPermissionLoader();
} }
...@@ -211,46 +211,56 @@ public class PlainPermissionLoaderTest { ...@@ -211,46 +211,56 @@ public class PlainPermissionLoaderTest {
Assert.assertFalse(plainPermissionLoader.isWatchStart()); Assert.assertFalse(plainPermissionLoader.isWatchStart());
} }
@SuppressWarnings("unchecked")
@Test @Test
public void watchTest() throws IOException, IllegalAccessException { public void testWatch() throws IOException, IllegalAccessException {
System.setProperty("java.version", "1.7.11"); System.setProperty("java.version", "1.7.11");
System.setProperty("rocketmq.home.dir", "src/test/resources/watch"); System.setProperty("rocketmq.home.dir", "src/test/resources/conf");
File file = new File("src/test/resources/watch/conf"); System.setProperty("rocketmq.acl.plain.file", "watch/plain_acl_watch.yml");
file.mkdirs(); String fileName = "src/test/resources/conf/watch/plain_acl_watch.yml";
File transport = new File("src/test/resources/watch/conf/plain_acl.yml"); File transport = new File(fileName);
transport.delete(); transport.delete();
transport.createNewFile(); transport.createNewFile();
FileWriter writer = new FileWriter(transport); FileWriter writer = new FileWriter(transport);
writer.write("accounts:\r\n"); writer.write("accounts:\r\n");
writer.write("- accessKey: rokcetmq\r\n"); writer.write("- accessKey: rocketmq\r\n");
writer.write(" secretKey: aliyun11\r\n"); writer.write(" secretKey: 12345678\r\n");
writer.write(" whiteRemoteAddress: 127.0.0.1\r\n"); writer.write(" whiteRemoteAddress: 127.0.0.1\r\n");
writer.write(" admin: true\r\n"); writer.write(" admin: true\r\n");
writer.flush(); writer.flush();
writer.close(); writer.close();
System.out.println(System.getProperty("rocketmq.acl.plain.file"));
PlainPermissionLoader plainPermissionLoader = new PlainPermissionLoader(); PlainPermissionLoader plainPermissionLoader = new PlainPermissionLoader();
Assert.assertTrue(plainPermissionLoader.isWatchStart());
Map<String, List<PlainAccessResource>> plainAccessResourceMap = (Map<String, List<PlainAccessResource>>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true); {
Assert.assertNotNull(plainAccessResourceMap.get("rokcetmq")); Map<String, PlainAccessResource> plainAccessResourceMap = (Map<String, PlainAccessResource>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
PlainAccessResource accessResource = plainAccessResourceMap.get("rocketmq");
Assert.assertNotNull(accessResource);
Assert.assertEquals(accessResource.getSecretKey(), "12345678");
Assert.assertTrue(accessResource.isAdmin());
}
writer = new FileWriter(new File("src/test/resources/watch/conf/plain_acl.yml"), true); writer = new FileWriter(new File(fileName), true);
writer.write("- accessKey: rokcet1\r\n"); writer.write("- accessKey: rocketmq1\r\n");
writer.write(" secretKey: aliyun1\r\n"); writer.write(" secretKey: 88888888\r\n");
writer.write(" whiteRemoteAddress: 127.0.0.1\r\n"); writer.write(" whiteRemoteAddress: 127.0.0.1\r\n");
writer.write(" admin: true\r\n"); writer.write(" admin: false\r\n");
writer.flush(); writer.flush();
writer.close(); writer.close();
try { UtilAll.sleep(1000);
Thread.sleep(100); {
} catch (InterruptedException e) { Map<String, PlainAccessResource> plainAccessResourceMap = (Map<String, PlainAccessResource>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
e.printStackTrace(); PlainAccessResource accessResource = plainAccessResourceMap.get("rocketmq1");
} Assert.assertNotNull(accessResource);
plainAccessResourceMap = (Map<String, List<PlainAccessResource>>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true); Assert.assertEquals(accessResource.getSecretKey(), "88888888");
Assert.assertNotNull(plainAccessResourceMap.get("rokcet1")); Assert.assertFalse(accessResource.isAdmin());
}
transport.delete();
} }
@Test(expected = AclException.class) @Test(expected = AclException.class)
......
...@@ -36,7 +36,7 @@ accounts: ...@@ -36,7 +36,7 @@ accounts:
- groupB=SUB - groupB=SUB
- groupC=SUB - groupC=SUB
- accessKey: aliyun.com - accessKey: rocketmq2
secretKey: 12345678 secretKey: 12345678
whiteRemoteAddress: 192.168.1.* whiteRemoteAddress: 192.168.1.*
# if it is admin, it could access all resources # if it is admin, it could access all resources
......
...@@ -32,7 +32,7 @@ accounts: ...@@ -32,7 +32,7 @@ accounts:
- groupB=PUB|SUB - groupB=PUB|SUB
- groupC=SUB - groupC=SUB
- accessKey: aliyun.com - accessKey: rocketmq2
secretKey: 12345678 secretKey: 12345678
whiteRemoteAddress: 192.168.1.* whiteRemoteAddress: 192.168.1.*
# if it is admin, it could access all resources # if it is admin, it could access all resources
......
...@@ -14,6 +14,6 @@ ...@@ -14,6 +14,6 @@
# limitations under the License. # limitations under the License.
accessKey: aliyun.com accessKey: rocketmq
secretKey: 12345678 secretKey: 12345678
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册