diff --git a/acl/pom.xml b/acl/pom.xml
index 9a072269efffa20b3a4a5d093fd1d01d6f5d0233..03ce95cd07f3693d472d7ab7fdf4628feab6cc54 100644
--- a/acl/pom.xml
+++ b/acl/pom.xml
@@ -49,17 +49,5 @@
org.apache.commons
commons-lang3
-
- org.powermock
- powermock-module-junit4
- 1.7.1
- test
-
-
- org.powermock
- powermock-api-mockito2
- 1.7.1
- test
-
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/AclClientRPCHook.java b/acl/src/main/java/org/apache/rocketmq/acl/common/AclClientRPCHook.java
index 65c45f076f77281ea43e8aa38658055ef4be7f8c..dd8ce1e204d80075607f7e979654a05f45db2729 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/common/AclClientRPCHook.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/common/AclClientRPCHook.java
@@ -24,9 +24,9 @@ import org.apache.rocketmq.remoting.CommandCustomHeader;
import org.apache.rocketmq.remoting.RPCHook;
import org.apache.rocketmq.remoting.protocol.RemotingCommand;
-import static org.apache.rocketmq.acl.common.SessionCredentials.AccessKey;
-import static org.apache.rocketmq.acl.common.SessionCredentials.SecurityToken;
-import static org.apache.rocketmq.acl.common.SessionCredentials.Signature;
+import static org.apache.rocketmq.acl.common.SessionCredentials.ACCESS_KEY;
+import static org.apache.rocketmq.acl.common.SessionCredentials.SECURITY_TOKEN;
+import static org.apache.rocketmq.acl.common.SessionCredentials.SIGNATURE;
public class AclClientRPCHook implements RPCHook {
private final SessionCredentials sessionCredentials;
@@ -42,11 +42,11 @@ public class AclClientRPCHook implements RPCHook {
byte[] total = AclUtils.combineRequestContent(request,
parseRequestContent(request, sessionCredentials.getAccessKey(), sessionCredentials.getSecurityToken()));
String signature = AclUtils.calSignature(total, sessionCredentials.getSecretKey());
- request.addExtField(Signature, signature);
- request.addExtField(AccessKey, sessionCredentials.getAccessKey());
+ request.addExtField(SIGNATURE, signature);
+ request.addExtField(ACCESS_KEY, sessionCredentials.getAccessKey());
if (sessionCredentials.getSecurityToken() != null) {
- request.addExtField(SecurityToken, sessionCredentials.getSecurityToken());
+ request.addExtField(SECURITY_TOKEN, sessionCredentials.getSecurityToken());
}
}
@@ -59,9 +59,9 @@ public class AclClientRPCHook implements RPCHook {
CommandCustomHeader header = request.readCustomHeader();
// sort property
SortedMap map = new TreeMap();
- map.put(AccessKey, ak);
+ map.put(ACCESS_KEY, ak);
if (securityToken != null) {
- map.put(SecurityToken, securityToken);
+ map.put(SECURITY_TOKEN, securityToken);
}
try {
// add header properties
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/AclSigner.java b/acl/src/main/java/org/apache/rocketmq/acl/common/AclSigner.java
index 7a71104ef60d98de020cc674abb528ab00501812..61e9350663f645cc8a20f365c51ecb0723b200e6 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/common/AclSigner.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/common/AclSigner.java
@@ -25,14 +25,14 @@ import org.apache.rocketmq.logging.InternalLogger;
import org.apache.rocketmq.logging.InternalLoggerFactory;
public class AclSigner {
- public static final Charset defaultCharset = Charset.forName("UTF-8");
- public static final SigningAlgorithm defaultAlgorithm = SigningAlgorithm.HmacSHA1;
+ public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
+ public static final SigningAlgorithm DEFAULT_ALGORITHM = SigningAlgorithm.HmacSHA1;
private static final InternalLogger log = InternalLoggerFactory.getLogger(LoggerName.ROCKETMQ_AUTHORIZE_LOGGER_NAME);
private static final int CAL_SIGNATURE_FAILED = 10015;
private static final String CAL_SIGNATURE_FAILED_MSG = "[%s:signature-failed] unable to calculate a request signature. error=%s";
public static String calSignature(String data, String key) throws AclException {
- return calSignature(data, key, defaultAlgorithm, defaultCharset);
+ return calSignature(data, key, DEFAULT_ALGORITHM, DEFAULT_CHARSET);
}
public static String calSignature(String data, String key, SigningAlgorithm algorithm,
@@ -44,7 +44,7 @@ public class AclSigner {
throws AclException {
try {
byte[] signature = sign(data.getBytes(charset), key.getBytes(charset), algorithm);
- return new String(Base64.encodeBase64(signature), defaultCharset);
+ return new String(Base64.encodeBase64(signature), DEFAULT_CHARSET);
} catch (Exception e) {
String message = String.format(CAL_SIGNATURE_FAILED_MSG, CAL_SIGNATURE_FAILED, e.getMessage());
log.error(message, e);
@@ -65,7 +65,7 @@ public class AclSigner {
}
public static String calSignature(byte[] data, String key) throws AclException {
- return calSignature(data, key, defaultAlgorithm, defaultCharset);
+ return calSignature(data, key, DEFAULT_ALGORITHM, DEFAULT_CHARSET);
}
public static String calSignature(byte[] data, String key, SigningAlgorithm algorithm,
@@ -77,7 +77,7 @@ public class AclSigner {
throws AclException {
try {
byte[] signature = sign(data, key.getBytes(charset), algorithm);
- return new String(Base64.encodeBase64(signature), defaultCharset);
+ return new String(Base64.encodeBase64(signature), DEFAULT_CHARSET);
} catch (Exception e) {
String message = String.format(CAL_SIGNATURE_FAILED_MSG, CAL_SIGNATURE_FAILED, e.getMessage());
log.error(message, e);
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/AclUtils.java b/acl/src/main/java/org/apache/rocketmq/acl/common/AclUtils.java
index a3aab1ca7ccd4315acd6650fc86325c8f050d2c7..1a618456f405caed137033a4d6cb1d7074550d09 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/common/AclUtils.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/common/AclUtils.java
@@ -33,7 +33,7 @@ public class AclUtils {
try {
StringBuilder sb = new StringBuilder("");
for (Map.Entry entry : fieldsMap.entrySet()) {
- if (!SessionCredentials.Signature.equals(entry.getKey())) {
+ if (!SessionCredentials.SIGNATURE.equals(entry.getKey())) {
sb.append(entry.getValue());
}
}
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/Permission.java b/acl/src/main/java/org/apache/rocketmq/acl/common/Permission.java
index 1b225c3852b519ee3b931a353639d6fde650b831..b5e9be20f1d4aa445f18223f91c14dad9fb591af 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/common/Permission.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/common/Permission.java
@@ -16,11 +16,12 @@
*/
package org.apache.rocketmq.acl.common;
-import com.alibaba.fastjson.JSONArray;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.rocketmq.acl.plain.PlainAccessResource;
+import org.apache.rocketmq.common.protocol.RequestCode;
public class Permission {
@@ -33,15 +34,15 @@ public class Permission {
static {
// UPDATE_AND_CREATE_TOPIC
- ADMIN_CODE.add(17);
+ ADMIN_CODE.add(RequestCode.UPDATE_AND_CREATE_TOPIC);
// UPDATE_BROKER_CONFIG
- ADMIN_CODE.add(25);
+ ADMIN_CODE.add(RequestCode.UPDATE_BROKER_CONFIG);
// DELETE_TOPIC_IN_BROKER
- ADMIN_CODE.add(215);
+ ADMIN_CODE.add(RequestCode.DELETE_TOPIC_IN_BROKER);
// UPDATE_AND_CREATE_SUBSCRIPTIONGROUP
- ADMIN_CODE.add(200);
+ ADMIN_CODE.add(RequestCode.UPDATE_AND_CREATE_SUBSCRIPTIONGROUP);
// DELETE_SUBSCRIPTIONGROUP
- ADMIN_CODE.add(207);
+ ADMIN_CODE.add(RequestCode.DELETE_SUBSCRIPTIONGROUP);
}
public static boolean checkPermission(byte neededPerm, byte ownedPerm) {
@@ -76,16 +77,16 @@ public class Permission {
}
}
- public static void setTopicPerm(PlainAccessResource plainAccessResource, Boolean isTopic, JSONArray topicArray) {
+ public static void setTopicPerm(PlainAccessResource plainAccessResource, Boolean isTopic, List topicArray) {
if (topicArray == null || topicArray.isEmpty()) {
return;
}
- for (int i = 0; i < topicArray.size(); i++) {
- String[] topicPrem = StringUtils.split(topicArray.getString(i), "=");
+ for (String topic : topicArray) {
+ String[] topicPrem = StringUtils.split(topic, "=");
if (topicPrem.length == 2) {
plainAccessResource.addResourceAndPerm(isTopic ? topicPrem[0] : PlainAccessResource.getRetryTopic(topicPrem[0]), fromStringGetPermission(topicPrem[1]));
} else {
- throw new AclException(String.format("%s Permission config erron %s", isTopic ? "topic" : "group", topicArray.getString(i)));
+ throw new AclException(String.format("%s Permission config erron %s", isTopic ? "topic" : "group", topic));
}
}
}
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/SessionCredentials.java b/acl/src/main/java/org/apache/rocketmq/acl/common/SessionCredentials.java
index 62523d058df59d3fea56b250857124def1c5900e..a637e36808410fa5ba8bc718ddb0b7747ce248a2 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/common/SessionCredentials.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/common/SessionCredentials.java
@@ -24,12 +24,12 @@ import org.apache.rocketmq.common.MixAll;
public class SessionCredentials {
public static final Charset CHARSET = Charset.forName("UTF-8");
- public static final String AccessKey = "AccessKey";
- public static final String SecretKey = "SecretKey";
- public static final String Signature = "Signature";
- public static final String SecurityToken = "SecurityToken";
+ public static final String ACCESS_KEY = "AccessKey";
+ public static final String SECRET_KEY = "SecretKey";
+ public static final String SIGNATURE = "Signature";
+ public static final String SECURITY_TOKEN = "SecurityToken";
- public static final String KeyFile = System.getProperty("rocketmq.client.keyFile",
+ public static final String KEY_FILE = System.getProperty("rocketmq.client.keyFile",
System.getProperty("user.home") + File.separator + "onskey");
private String accessKey;
@@ -40,7 +40,7 @@ public class SessionCredentials {
public SessionCredentials() {
String keyContent = null;
try {
- keyContent = MixAll.file2String(KeyFile);
+ keyContent = MixAll.file2String(KEY_FILE);
} catch (IOException ignore) {
}
if (keyContent != null) {
@@ -63,19 +63,19 @@ public class SessionCredentials {
public void updateContent(Properties prop) {
{
- String value = prop.getProperty(AccessKey);
+ String value = prop.getProperty(ACCESS_KEY);
if (value != null) {
this.accessKey = value.trim();
}
}
{
- String value = prop.getProperty(SecretKey);
+ String value = prop.getProperty(SECRET_KEY);
if (value != null) {
this.secretKey = value.trim();
}
}
{
- String value = prop.getProperty(SecurityToken);
+ String value = prop.getProperty(SECURITY_TOKEN);
if (value != null) {
this.securityToken = value.trim();
}
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessResource.java b/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessResource.java
index 74d7526fb0d101a8ee61640018babcd059d7b073..0b2f417c67986419079f01f26b6fe1a82336e376 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessResource.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessResource.java
@@ -56,7 +56,7 @@ public class PlainAccessResource implements AccessResource {
}
public static boolean isRetryTopic(String topic) {
- return (null != topic && topic.startsWith(MixAll.RETRY_GROUP_TOPIC_PREFIX));
+ return null != topic && topic.startsWith(MixAll.RETRY_GROUP_TOPIC_PREFIX);
}
public static String getRetryTopic(String group) {
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessValidator.java b/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessValidator.java
index 150ccca26f7e1d94ca4bdaa4c307306d5c0567cf..8a80757a3dfc36a6683ef2793a3d292f6d0624bc 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessValidator.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainAccessValidator.java
@@ -49,12 +49,11 @@ public class PlainAccessValidator implements AccessValidator {
PlainAccessResource accessResource = new PlainAccessResource();
accessResource.setWhiteRemoteAddress(remoteAddr);
accessResource.setRequestCode(request.getCode());
- accessResource.setAccessKey(request.getExtFields().get(SessionCredentials.AccessKey));
- accessResource.setSignature(request.getExtFields().get(SessionCredentials.Signature));
- accessResource.setSecretToken(request.getExtFields().get(SessionCredentials.SecurityToken));
+ accessResource.setAccessKey(request.getExtFields().get(SessionCredentials.ACCESS_KEY));
+ accessResource.setSignature(request.getExtFields().get(SessionCredentials.SIGNATURE));
+ accessResource.setSecretToken(request.getExtFields().get(SessionCredentials.SECURITY_TOKEN));
try {
- // resource 和 permission 转换
switch (request.getCode()) {
case RequestCode.SEND_MESSAGE:
accessResource.addResourceAndPerm(request.getExtFields().get("topic"), Permission.PUB);
@@ -111,7 +110,7 @@ public class PlainAccessValidator implements AccessValidator {
// content
SortedMap map = new TreeMap();
for (Map.Entry entry : request.getExtFields().entrySet()) {
- if (!SessionCredentials.Signature.equals(entry.getKey())) {
+ if (!SessionCredentials.SIGNATURE.equals(entry.getKey())) {
map.put(entry.getKey(), entry.getValue());
}
}
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainPermissionLoader.java b/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainPermissionLoader.java
index 7d40f877e7ed0c6d1d8f1dd430e4d4a5f7796ecb..469c161205dda8a1c961dd1693af7604a40b80c7 100644
--- a/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainPermissionLoader.java
+++ b/acl/src/main/java/org/apache/rocketmq/acl/plain/PlainPermissionLoader.java
@@ -70,7 +70,7 @@ public class PlainPermissionLoader {
JSONObject.class);
if (accessControlTransport == null || accessControlTransport.isEmpty()) {
- throw new AclException("transport.yml file is not data");
+ throw new AclException(String.format("%s file is not data", fileHome + fileName));
}
log.info("BorkerAccessControlTransport data is : ", accessControlTransport.toString());
JSONArray globalWhiteRemoteAddressesList = accessControlTransport.getJSONArray("globalWhiteRemoteAddresses");
@@ -81,9 +81,10 @@ public class PlainPermissionLoader {
}
JSONArray accounts = accessControlTransport.getJSONArray("accounts");
- if (accounts != null && !accounts.isEmpty()) {
- for (int i = 0; i < accounts.size(); i++) {
- this.setPlainAccessResource(getPlainAccessResource(accounts.getJSONObject(i)));
+ List plainAccessList = accounts.toJavaList(PlainAccess.class);
+ if (plainAccessList != null && !plainAccessList.isEmpty()) {
+ for (PlainAccess plainAccess : plainAccessList) {
+ this.setPlainAccessResource(getPlainAccessResource(plainAccess));
}
}
}
@@ -139,19 +140,19 @@ public class PlainPermissionLoader {
}
}
- PlainAccessResource getPlainAccessResource(JSONObject account) {
+ PlainAccessResource getPlainAccessResource(PlainAccess plainAccess) {
PlainAccessResource plainAccessResource = new PlainAccessResource();
- plainAccessResource.setAccessKey(account.getString("accessKey"));
- plainAccessResource.setSecretKey(account.getString("secretKey"));
- plainAccessResource.setWhiteRemoteAddress(account.getString("whiteRemoteAddress"));
+ plainAccessResource.setAccessKey(plainAccess.getAccessKey());
+ plainAccessResource.setSecretKey(plainAccess.getSecretKey());
+ plainAccessResource.setWhiteRemoteAddress(plainAccess.getWhiteRemoteAddress());
- plainAccessResource.setAdmin(account.containsKey("admin") ? account.getBoolean("admin") : false);
+ plainAccessResource.setAdmin(plainAccess.isAdmin());
- plainAccessResource.setDefaultGroupPerm(Permission.fromStringGetPermission(account.getString("defaultGroupPerm")));
- plainAccessResource.setDefaultTopicPerm(Permission.fromStringGetPermission(account.getString("defaultTopicPerm")));
+ plainAccessResource.setDefaultGroupPerm(Permission.fromStringGetPermission(plainAccess.getDefaultGroupPerm()));
+ plainAccessResource.setDefaultTopicPerm(Permission.fromStringGetPermission(plainAccess.getDefaultTopicPerm()));
- Permission.setTopicPerm(plainAccessResource, true, account.getJSONArray("groups"));
- Permission.setTopicPerm(plainAccessResource, true, account.getJSONArray("topics"));
+ Permission.setTopicPerm(plainAccessResource, false, plainAccess.getGroups());
+ Permission.setTopicPerm(plainAccessResource, true, plainAccess.getTopics());
return plainAccessResource;
}
@@ -250,4 +251,88 @@ public class PlainPermissionLoader {
return isWatchStart;
}
+ static class PlainAccess {
+
+ private String accessKey;
+
+ private String secretKey;
+
+ private String whiteRemoteAddress;
+
+ private boolean admin;
+
+ private String defaultTopicPerm;
+
+ private String defaultGroupPerm;
+
+ private List topics;
+
+ private List groups;
+
+ public String getAccessKey() {
+ return accessKey;
+ }
+
+ public void setAccessKey(String accessKey) {
+ this.accessKey = accessKey;
+ }
+
+ public String getSecretKey() {
+ return secretKey;
+ }
+
+ public void setSecretKey(String secretKey) {
+ this.secretKey = secretKey;
+ }
+
+ public String getWhiteRemoteAddress() {
+ return whiteRemoteAddress;
+ }
+
+ public void setWhiteRemoteAddress(String whiteRemoteAddress) {
+ this.whiteRemoteAddress = whiteRemoteAddress;
+ }
+
+ public boolean isAdmin() {
+ return admin;
+ }
+
+ public void setAdmin(boolean admin) {
+ this.admin = admin;
+ }
+
+ public String getDefaultTopicPerm() {
+ return defaultTopicPerm;
+ }
+
+ public void setDefaultTopicPerm(String defaultTopicPerm) {
+ this.defaultTopicPerm = defaultTopicPerm;
+ }
+
+ public String getDefaultGroupPerm() {
+ return defaultGroupPerm;
+ }
+
+ public void setDefaultGroupPerm(String defaultGroupPerm) {
+ this.defaultGroupPerm = defaultGroupPerm;
+ }
+
+ public List getTopics() {
+ return topics;
+ }
+
+ public void setTopics(List topics) {
+ this.topics = topics;
+ }
+
+ public List getGroups() {
+ return groups;
+ }
+
+ public void setGroups(List groups) {
+ this.groups = groups;
+ }
+
+ }
+
}
diff --git a/acl/src/test/java/org/apache/rocketmq/acl/common/PermissionTest.java b/acl/src/test/java/org/apache/rocketmq/acl/common/PermissionTest.java
index 7678e4b27c69e35969922a821f86898b64e58135..04a3f8f2c32b2545339f23081015bbe1fb0a5b63 100644
--- a/acl/src/test/java/org/apache/rocketmq/acl/common/PermissionTest.java
+++ b/acl/src/test/java/org/apache/rocketmq/acl/common/PermissionTest.java
@@ -16,8 +16,9 @@
*/
package org.apache.rocketmq.acl.common;
-import com.alibaba.fastjson.JSONArray;
+import java.util.ArrayList;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.rocketmq.acl.plain.PlainAccessResource;
@@ -93,7 +94,7 @@ public class PermissionTest {
Permission.setTopicPerm(plainAccessResource, false, null);
Assert.assertNull(resourcePermMap);
- JSONArray groups = new JSONArray();
+ List groups = new ArrayList<>();
Permission.setTopicPerm(plainAccessResource, false, groups);
Assert.assertNull(resourcePermMap);
@@ -112,7 +113,7 @@ public class PermissionTest {
perm = resourcePermMap.get(PlainAccessResource.getRetryTopic("groupC"));
Assert.assertEquals(perm, Permission.PUB);
- JSONArray topics = new JSONArray();
+ List topics = new ArrayList<>();
topics.add("topicA=DENY");
topics.add("topicB=PUB|SUB");
topics.add("topicC=PUB");
@@ -128,7 +129,7 @@ public class PermissionTest {
perm = resourcePermMap.get("topicC");
Assert.assertEquals(perm, Permission.PUB);
- JSONArray erron = new JSONArray();
+ List erron = new ArrayList<>();
erron.add("");
Permission.setTopicPerm(plainAccessResource, false, erron);
}
diff --git a/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainAccessValidatorTest.java b/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainAccessValidatorTest.java
index 83e98708b6cf41b1df31821bf036be924bfc01ad..12e47afdcd8ff3c580afc5ca90488ef768d96c5e 100644
--- a/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainAccessValidatorTest.java
+++ b/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainAccessValidatorTest.java
@@ -70,7 +70,7 @@ public class PlainAccessValidatorTest {
AclClientRPCHook aclClient = new AclClientRPCHook(sessionCredentials);
SendMessageRequestHeader messageRequestHeader = new SendMessageRequestHeader();
- messageRequestHeader.setTopic("topicA");
+ messageRequestHeader.setTopic("topicB");
RemotingCommand remotingCommand = RemotingCommand.createRequestCommand(RequestCode.SEND_MESSAGE, messageRequestHeader);
aclClient.doBeforeRequest("", remotingCommand);
diff --git a/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java b/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java
index f1974a0904950dceeb6afe5592d8d40e07277e11..45004ec2ede046a88089de90b2a3a75b37741543 100644
--- a/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java
+++ b/acl/src/test/java/org/apache/rocketmq/acl/plain/PlainPermissionLoaderTest.java
@@ -16,30 +16,22 @@
*/
package org.apache.rocketmq.acl.plain;
-import com.alibaba.fastjson.JSONArray;
-import com.alibaba.fastjson.JSONObject;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
+import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.reflect.FieldUtils;
import org.apache.rocketmq.acl.common.AclException;
-import org.apache.rocketmq.acl.common.AclUtils;
import org.apache.rocketmq.acl.common.Permission;
-import org.apache.rocketmq.common.MixAll;
+import org.apache.rocketmq.acl.plain.PlainPermissionLoader.PlainAccess;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.powermock.api.mockito.PowerMockito;
-import org.powermock.core.classloader.annotations.PrepareForTest;
-import org.powermock.modules.junit4.PowerMockRunner;
-@RunWith(PowerMockRunner.class)
-@PrepareForTest({AclUtils.class})
public class PlainPermissionLoaderTest {
PlainPermissionLoader plainPermissionLoader;
@@ -50,10 +42,6 @@ public class PlainPermissionLoaderTest {
PlainAccessResource plainAccessResource = new PlainAccessResource();
PlainAccessResource plainAccessResourceTwo = new PlainAccessResource();
Set adminCode = new HashSet<>();
- private String fileName = System.getProperty("romcketmq.acl.plain.fileName", "/conf/transport.yml");
- private Map> plainAccessResourceMap;
- private List globalWhiteRemoteAddressStrategy;
@Before
public void init() throws NoSuchFieldException, SecurityException, IOException {
@@ -75,6 +63,7 @@ public class PlainPermissionLoaderTest {
System.setProperty("java.version", "1.6.11");
System.setProperty("rocketmq.home.dir", "src/test/resources");
+ System.setProperty("romcketmq.acl.plain.fileName", "/conf/transport.yml");
plainPermissionLoader = new PlainPermissionLoader();
}
@@ -98,85 +87,56 @@ public class PlainPermissionLoaderTest {
return painAccessResource;
}
- @SuppressWarnings("unchecked")
- private void getField(PlainPermissionLoader plainPermissionLoader) {
- try {
- this.globalWhiteRemoteAddressStrategy = (List) FieldUtils.readDeclaredField(plainPermissionLoader, "globalWhiteRemoteAddressStrategy", true);
- this.plainAccessResourceMap = (Map>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
- } catch (IllegalAccessException e) {
- e.printStackTrace();
- }
- }
-
- @Test(expected = AclException.class)
- public void initializeTest() {
- System.setProperty("romcketmq.acl.plain.fileName", "/conf/transport-null.yml");
- new PlainPermissionLoader();
-
- }
-
- @Test
- public void initializeIngetYamlDataObject() {
- String fileHome = System.getProperty(MixAll.ROCKETMQ_HOME_PROPERTY, System.getenv(MixAll.ROCKETMQ_HOME_ENV));
- PowerMockito.mockStatic(AclUtils.class);
- JSONObject json = new JSONObject();
- json.put("", "");
- PowerMockito.when(AclUtils.getYamlDataObject(fileHome + "/conf/transport.yml", JSONObject.class)).thenReturn(json);
- PlainPermissionLoader plainPermissionLoader = new PlainPermissionLoader();
- getField(plainPermissionLoader);
- Assert.assertTrue(globalWhiteRemoteAddressStrategy.isEmpty());
- Assert.assertTrue(plainAccessResourceMap.isEmpty());
- }
-
@Test
public void getPlainAccessResourceTest() {
PlainAccessResource plainAccessResource = new PlainAccessResource();
- JSONObject account = new JSONObject();
- account.put("accessKey", "RocketMQ");
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ PlainAccess plainAccess = new PlainAccess();
+
+ plainAccess.setAccessKey("RocketMQ");
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Assert.assertEquals(plainAccessResource.getAccessKey(), "RocketMQ");
- account.put("secretKey", "12345678");
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setSecretKey("12345678");
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Assert.assertEquals(plainAccessResource.getSecretKey(), "12345678");
- account.put("whiteRemoteAddress", "127.0.0.1");
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setWhiteRemoteAddress("127.0.0.1");
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Assert.assertEquals(plainAccessResource.getWhiteRemoteAddress(), "127.0.0.1");
- account.put("admin", true);
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setAdmin(true);
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Assert.assertEquals(plainAccessResource.isAdmin(), true);
- account.put("defaultGroupPerm", "ANY");
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setDefaultGroupPerm("ANY");
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Assert.assertEquals(plainAccessResource.getDefaultGroupPerm(), Permission.ANY);
- account.put("defaultTopicPerm", "ANY");
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setDefaultTopicPerm("ANY");
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Assert.assertEquals(plainAccessResource.getDefaultTopicPerm(), Permission.ANY);
- JSONArray groups = new JSONArray();
+ List groups = new ArrayList();
groups.add("groupA=DENY");
groups.add("groupB=PUB|SUB");
groups.add("groupC=PUB");
- account.put("groups", groups);
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setGroups(groups);
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
Map resourcePermMap = plainAccessResource.getResourcePermMap();
Assert.assertEquals(resourcePermMap.size(), 3);
- Assert.assertEquals(resourcePermMap.get("groupA").byteValue(), Permission.DENY);
- Assert.assertEquals(resourcePermMap.get("groupB").byteValue(), Permission.ANY);
- Assert.assertEquals(resourcePermMap.get("groupC").byteValue(), Permission.PUB);
+ Assert.assertEquals(resourcePermMap.get(PlainAccessResource.getRetryTopic("groupA")).byteValue(), Permission.DENY);
+ Assert.assertEquals(resourcePermMap.get(PlainAccessResource.getRetryTopic("groupB")).byteValue(), Permission.ANY);
+ Assert.assertEquals(resourcePermMap.get(PlainAccessResource.getRetryTopic("groupC")).byteValue(), Permission.PUB);
- JSONArray topics = new JSONArray();
+ List topics = new ArrayList();
topics.add("topicA=DENY");
topics.add("topicB=PUB|SUB");
topics.add("topicC=PUB");
- account.put("topics", topics);
- plainAccessResource = plainPermissionLoader.getPlainAccessResource(account);
+ plainAccess.setTopics(topics);
+ plainAccessResource = plainPermissionLoader.getPlainAccessResource(plainAccess);
resourcePermMap = plainAccessResource.getResourcePermMap();
- Assert.assertEquals(resourcePermMap.size(), 3);
+ Assert.assertEquals(resourcePermMap.size(), 6);
Assert.assertEquals(resourcePermMap.get("topicA").byteValue(), Permission.DENY);
Assert.assertEquals(resourcePermMap.get("topicB").byteValue(), Permission.ANY);
@@ -237,17 +197,21 @@ public class PlainPermissionLoaderTest {
new PlainPermissionLoader().initialize();
}
+ @SuppressWarnings("unchecked")
@Test
- public void cleanAuthenticationInfoTest() {
- plainPermissionLoader.setPlainAccessResource(plainAccessResource);
- plainAccessResource.setRequestCode(202);
- plainPermissionLoader.eachCheckPlainAccessResource(plainAccessResource);
+ public void cleanAuthenticationInfoTest() throws IllegalAccessException {
+ //plainPermissionLoader.setPlainAccessResource(plainAccessResource);
+ Map> plainAccessResourceMap = (Map>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
+ Assert.assertFalse(plainAccessResourceMap.isEmpty());
+
plainPermissionLoader.cleanAuthenticationInfo();
- plainPermissionLoader.eachCheckPlainAccessResource(plainAccessResource);
+ plainAccessResourceMap = (Map>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
+ Assert.assertTrue(plainAccessResourceMap.isEmpty());
}
@Test
public void isWatchStartTest() {
+ System.setProperty("java.version", "1.7.11");
PlainPermissionLoader plainPermissionLoader = new PlainPermissionLoader();
Assert.assertTrue(plainPermissionLoader.isWatchStart());
System.setProperty("java.version", "1.6.11");
@@ -255,8 +219,10 @@ public class PlainPermissionLoaderTest {
Assert.assertFalse(plainPermissionLoader.isWatchStart());
}
+ @SuppressWarnings("unchecked")
@Test
- public void watchTest() throws IOException {
+ public void watchTest() throws IOException, IllegalAccessException {
+ System.setProperty("java.version", "1.7.11");
System.setProperty("rocketmq.home.dir", "src/test/resources/watch");
File file = new File("src/test/resources/watch/conf");
file.mkdirs();
@@ -264,30 +230,33 @@ public class PlainPermissionLoaderTest {
transport.createNewFile();
FileWriter writer = new FileWriter(transport);
- writer.write("list:\r\n");
- writer.write("- account: rokcetmq\r\n");
- writer.write(" password: aliyun11\r\n");
- writer.write(" netaddress: 127.0.0.1\r\n");
+ writer.write("accounts:\r\n");
+ writer.write("- accessKey: rokcetmq\r\n");
+ writer.write(" secretKey: aliyun11\r\n");
+ writer.write(" whiteRemoteAddress: 127.0.0.1\r\n");
+ writer.write(" admin: true\r\n");
writer.flush();
writer.close();
PlainPermissionLoader plainPermissionLoader = new PlainPermissionLoader();
- plainAccessResource.setRequestCode(203);
- plainPermissionLoader.eachCheckPlainAccessResource(plainAccessResource);
+
+ Map> plainAccessResourceMap = (Map>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
+ Assert.assertEquals(plainAccessResourceMap.get("rokcetmq").size(), 1);
writer = new FileWriter(new File("src/test/resources/watch/conf/transport.yml"), true);
- writer.write("- account: rokcet1\r\n");
- writer.write(" password: aliyun1\r\n");
- writer.write(" netaddress: 127.0.0.1\r\n");
+ writer.write("- accessKey: rokcet1\r\n");
+ writer.write(" secretKey: aliyun1\r\n");
+ writer.write(" whiteRemoteAddress: 127.0.0.1\r\n");
+ writer.write(" admin: true\r\n");
writer.flush();
writer.close();
+
try {
Thread.sleep(100);
} catch (InterruptedException e) {
- // TODO Auto-generated catch block
e.printStackTrace();
}
- plainAccessResourceTwo.setRequestCode(203);
- plainPermissionLoader.eachCheckPlainAccessResource(plainAccessResourceTwo);
+ plainAccessResourceMap = (Map>) FieldUtils.readDeclaredField(plainPermissionLoader, "plainAccessResourceMap", true);
+ Assert.assertEquals(plainAccessResourceMap.get("rokcet1").size(), 1);
transport.delete();
file.delete();
@@ -296,4 +265,11 @@ public class PlainPermissionLoaderTest {
}
+ @Test(expected = AclException.class)
+ public void initializeTest() {
+ System.setProperty("romcketmq.acl.plain.fileName", "/conf/transport-null.yml");
+ new PlainPermissionLoader();
+
+ }
+
}