diff --git a/acl/src/main/java/org/apache/rocketmq/acl/PlainAccessValidator.java b/acl/src/main/java/org/apache/rocketmq/acl/PlainAccessValidator.java index b8de0d345a09d66bda1a8064c72e382e52a0b456..f8bf668b8f7b336c04218c24c409eb8cc2615bbd 100644 --- a/acl/src/main/java/org/apache/rocketmq/acl/PlainAccessValidator.java +++ b/acl/src/main/java/org/apache/rocketmq/acl/PlainAccessValidator.java @@ -17,42 +17,21 @@ package org.apache.rocketmq.acl; import java.util.HashMap; + import org.apache.commons.lang3.StringUtils; -import org.apache.rocketmq.acl.AccessResource; -import org.apache.rocketmq.acl.AccessValidator; -import org.apache.rocketmq.acl.plug.AclRemotingService; -import org.apache.rocketmq.acl.plug.engine.AclPlugEngine; import org.apache.rocketmq.acl.plug.engine.PlainAclPlugEngine; import org.apache.rocketmq.acl.plug.entity.AccessControl; import org.apache.rocketmq.acl.plug.entity.AuthenticationResult; -import org.apache.rocketmq.acl.plug.entity.ControllerParameters; import org.apache.rocketmq.acl.plug.exception.AclPlugRuntimeException; import org.apache.rocketmq.remoting.protocol.RemotingCommand; -public class PlainAccessValidator implements AclRemotingService, AccessValidator { +public class PlainAccessValidator implements AccessValidator { - private AclPlugEngine aclPlugEngine; + + private PlainAclPlugEngine aclPlugEngine; public PlainAccessValidator() { - ControllerParameters controllerParameters = new ControllerParameters(); - this.aclPlugEngine = new PlainAclPlugEngine(controllerParameters); - this.aclPlugEngine.initialize(); - } - - public PlainAccessValidator(AclPlugEngine aclPlugEngine) { - this.aclPlugEngine = aclPlugEngine; - } - - @Override - public AuthenticationResult check(AccessControl accessControl) { - AuthenticationResult authenticationResult = aclPlugEngine.eachCheckLoginAndAuthentication(accessControl); - if (authenticationResult.getException() != null) { - throw new AclPlugRuntimeException(String.format("eachCheck the inspection appear exception, accessControl data is %s", accessControl.toString()), authenticationResult.getException()); - } - if (authenticationResult.getAccessControl() == null || !authenticationResult.isSucceed()) { - throw new AclPlugRuntimeException(String.format("%s accessControl data is %s", authenticationResult.getResultString(), accessControl.toString())); - } - return authenticationResult; + aclPlugEngine = new PlainAclPlugEngine(); } @Override diff --git a/acl/src/main/java/org/apache/rocketmq/acl/plug/AclUtils.java b/acl/src/main/java/org/apache/rocketmq/acl/plug/AclUtils.java index df997b59df2865b59561b9bd212d21e18309ab65..19f2b234df652ce303d292f99f4e30ac4feead9d 100644 --- a/acl/src/main/java/org/apache/rocketmq/acl/plug/AclUtils.java +++ b/acl/src/main/java/org/apache/rocketmq/acl/plug/AclUtils.java @@ -16,8 +16,13 @@ */ package org.apache.rocketmq.acl.plug; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; + import org.apache.commons.lang3.StringUtils; import org.apache.rocketmq.acl.plug.exception.AclPlugRuntimeException; +import org.yaml.snakeyaml.Yaml; public class AclUtils { @@ -79,4 +84,24 @@ public class AclUtils { return minus.indexOf('-') > -1; } + + + public static T getYamlDataObject(String path ,Class clazz) { + Yaml ymal = new Yaml(); + FileInputStream fis = null; + try { + fis = new FileInputStream(new File(path)); + return ymal.loadAs(fis, clazz); + } catch (Exception e) { + throw new AclPlugRuntimeException(String.format("The transport.yml file for Plain mode was not found , paths %s", path), e); + } finally { + if (fis != null) { + try { + fis.close(); + } catch (IOException e) { + throw new AclPlugRuntimeException("close transport fileInputStream Exception", e); + } + } + } + } } diff --git a/acl/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java b/acl/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java index bcb89b8fa288c463d190457f95882edb04a263a9..c5aadbf0b3c5529043e75106e1f367f393594cc8 100644 --- a/acl/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java +++ b/acl/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java @@ -16,45 +16,264 @@ */ package org.apache.rocketmq.acl.plug.engine; -import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport; -import org.apache.rocketmq.acl.plug.entity.ControllerParameters; +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.apache.commons.lang3.StringUtils; +import org.apache.rocketmq.acl.plug.AclUtils; +import org.apache.rocketmq.acl.plug.entity.AccessControl; +import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo; +import org.apache.rocketmq.acl.plug.entity.AuthenticationResult; +import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl; import org.apache.rocketmq.acl.plug.exception.AclPlugRuntimeException; -import org.yaml.snakeyaml.Yaml; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; - -public class PlainAclPlugEngine extends LoginInfoAclPlugEngine { - - public PlainAclPlugEngine( - ControllerParameters controllerParameters) throws AclPlugRuntimeException { - super(controllerParameters); - } - - public void initialize() throws AclPlugRuntimeException { - String filePath = controllerParameters.getFileHome() + "/conf/transport.yml"; - Yaml ymal = new Yaml(); - FileInputStream fis = null; - BorkerAccessControlTransport transport; - try { - fis = new FileInputStream(new File(filePath)); - transport = ymal.loadAs(fis, BorkerAccessControlTransport.class); - } catch (Exception e) { - throw new AclPlugRuntimeException(String.format("The transport.yml file for Plain mode was not found , paths %s", filePath), e); - } finally { - if (fis != null) { - try { - fis.close(); - } catch (IOException e) { - throw new AclPlugRuntimeException("close transport fileInputStream Exception", e); - } - } - } - if (transport == null) { - throw new AclPlugRuntimeException("transport.yml file is no data"); - } - super.setBorkerAccessControlTransport(transport); - } +import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategy; +import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategyFactory; +import org.apache.rocketmq.common.MixAll; +import org.apache.rocketmq.common.constant.LoggerName; +import org.apache.rocketmq.common.protocol.RequestCode; +import org.apache.rocketmq.logging.InternalLogger; +import org.apache.rocketmq.logging.InternalLoggerFactory; + +public class PlainAclPlugEngine { + + private static final InternalLogger log = InternalLoggerFactory.getLogger(LoggerName.ACL_PLUG_LOGGER_NAME); + + private String fileHome = System.getProperty(MixAll.ROCKETMQ_HOME_PROPERTY, + System.getenv(MixAll.ROCKETMQ_HOME_ENV)); + + private Map> accessControlMap = new HashMap<>(); + + private AuthenticationInfo authenticationInfo; + + private NetaddressStrategyFactory netaddressStrategyFactory = new NetaddressStrategyFactory(); + + private AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis(); + + private Class accessContralAnalysisClass = RequestCode.class; + + + public PlainAclPlugEngine() { + initialize(); + } + + public void initialize() { + BorkerAccessControlTransport accessControlTransport = AclUtils.getYamlDataObject(fileHome + "/conf/transport.yml", BorkerAccessControlTransport.class); + if (accessControlTransport == null) { + throw new AclPlugRuntimeException("transport.yml file is no data"); + } + accessContralAnalysis.analysisClass(accessContralAnalysisClass); + setBorkerAccessControlTransport(accessControlTransport); + } + + public void setAccessControl(AccessControl accessControl) throws AclPlugRuntimeException { + if (accessControl.getAccount() == null || accessControl.getPassword() == null + || accessControl.getAccount().length() <= 6 || accessControl.getPassword().length() <= 6) { + throw new AclPlugRuntimeException(String.format( + "The account password cannot be null and is longer than 6, account is %s password is %s", + accessControl.getAccount(), accessControl.getPassword())); + } + try { + NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl); + List accessControlAddressList = accessControlMap.get(accessControl.getAccount()); + if (accessControlAddressList == null) { + accessControlAddressList = new ArrayList<>(); + accessControlMap.put(accessControl.getAccount(), accessControlAddressList); + } + AuthenticationInfo authenticationInfo = new AuthenticationInfo( + accessContralAnalysis.analysis(accessControl), accessControl, netaddressStrategy); + accessControlAddressList.add(authenticationInfo); + log.info("authenticationInfo is {}", authenticationInfo.toString()); + } catch (Exception e) { + throw new AclPlugRuntimeException( + String.format("Exception info %s %s", e.getMessage(), accessControl.toString()), e); + } + } + + public void setAccessControlList(List accessControlList) throws AclPlugRuntimeException { + for (AccessControl accessControl : accessControlList) { + setAccessControl(accessControl); + } + } + + public void setNetaddressAccessControl(AccessControl accessControl) throws AclPlugRuntimeException { + try { + authenticationInfo = new AuthenticationInfo(accessContralAnalysis.analysis(accessControl), accessControl,netaddressStrategyFactory.getNetaddressStrategy(accessControl)); + log.info("default authenticationInfo is {}", authenticationInfo.toString()); + } catch (Exception e) { + throw new AclPlugRuntimeException(accessControl.toString(), e); + } + + } + + public AuthenticationInfo getAccessControl(AccessControl accessControl) { + if (accessControl.getAccount() == null && authenticationInfo != null) { + return authenticationInfo.getNetaddressStrategy().match(accessControl) ? authenticationInfo : null; + } else { + List accessControlAddressList = accessControlMap.get(accessControl.getAccount()); + if (accessControlAddressList != null) { + for (AuthenticationInfo ai : accessControlAddressList) { + if (ai.getNetaddressStrategy().match(accessControl)&& ai.getAccessControl().getPassword().equals(accessControl.getPassword())) { + return ai; + } + } + } + } + return null; + } + + public AuthenticationResult eachCheckAuthentication(AccessControl accessControl) { + AuthenticationResult authenticationResult = new AuthenticationResult(); + AuthenticationInfo authenticationInfo = getAccessControl(accessControl); + if (authenticationInfo != null) { + boolean boo = authentication(authenticationInfo, accessControl, authenticationResult); + authenticationResult.setSucceed(boo); + authenticationResult.setAccessControl(authenticationInfo.getAccessControl()); + } else { + authenticationResult.setResultString("accessControl is null, Please check login, password, IP\""); + } + return authenticationResult; + } + + void setBorkerAccessControlTransport(BorkerAccessControlTransport transport) { + if (transport.getOnlyNetAddress() == null && (transport.getList() == null || transport.getList().size() == 0)) { + throw new AclPlugRuntimeException("onlyNetAddress and list can't be all empty"); + } + + if (transport.getOnlyNetAddress() != null) { + this.setNetaddressAccessControl(transport.getOnlyNetAddress()); + } + if (transport.getList() != null || transport.getList().size() > 0) { + for (AccessControl accessControl : transport.getList()) { + this.setAccessControl(accessControl); + } + } + } + + public boolean authentication(AuthenticationInfo authenticationInfo, AccessControl accessControl, + AuthenticationResult authenticationResult) { + int code = accessControl.getCode(); + if (!authenticationInfo.getAuthority().get(code)) { + authenticationResult.setResultString(String.format("code is %d Authentication failed", code)); + return false; + } + if (!(authenticationInfo.getAccessControl() instanceof BorkerAccessControl)) { + return true; + } + BorkerAccessControl borker = (BorkerAccessControl) authenticationInfo.getAccessControl(); + String topicName = accessControl.getTopic(); + if (code == 10 || code == 310 || code == 320) { + if (borker.getPermitSendTopic().contains(topicName)) { + return true; + } + if (borker.getNoPermitSendTopic().contains(topicName)) { + authenticationResult.setResultString(String.format("noPermitSendTopic include %s", topicName)); + return false; + } + return borker.getPermitSendTopic().isEmpty() ? true : false; + } else if (code == 11) { + if (borker.getPermitPullTopic().contains(topicName)) { + return true; + } + if (borker.getNoPermitPullTopic().contains(topicName)) { + authenticationResult.setResultString(String.format("noPermitPullTopic include %s", topicName)); + return false; + } + return borker.getPermitPullTopic().isEmpty() ? true : false; + } + return true; + } + + + public static class AccessContralAnalysis { + + private Map, Map> classTocodeAndMentod = new HashMap<>(); + + private Map fieldNameAndCode = new HashMap<>(); + + public void analysisClass(Class clazz) { + Field[] fields = clazz.getDeclaredFields(); + try { + for (Field field : fields) { + if (field.getType().equals(int.class)) { + String name = StringUtils.replace(field.getName(), "_", "").toLowerCase(); + fieldNameAndCode.put(name, (Integer) field.get(null)); + } + } + } catch (IllegalArgumentException | IllegalAccessException e) { + throw new AclPlugRuntimeException(String.format("analysis on failure Class is %s", clazz.getName()), e); + } + } + + public Map analysis(AccessControl accessControl) { + Class clazz = accessControl.getClass(); + Map codeAndField = classTocodeAndMentod.get(clazz); + if (codeAndField == null) { + codeAndField = new HashMap<>(); + Field[] fields = clazz.getDeclaredFields(); + for (Field field : fields) { + if (!field.getType().equals(boolean.class)) + continue; + Integer code = fieldNameAndCode.get(field.getName().toLowerCase()); + if (code == null) { + throw new AclPlugRuntimeException( + String.format("field nonexistent in code fieldName is %s", field.getName())); + } + field.setAccessible(true); + codeAndField.put(code, field); + + } + if (codeAndField.isEmpty()) { + throw new AclPlugRuntimeException(String.format("AccessControl nonexistent code , name %s", + accessControl.getClass().getName())); + } + classTocodeAndMentod.put(clazz, codeAndField); + } + Iterator> it = codeAndField.entrySet().iterator(); + Map authority = new HashMap<>(); + try { + while (it.hasNext()) { + Entry e = it.next(); + authority.put(e.getKey(), (Boolean) e.getValue().get(accessControl)); + } + } catch (IllegalArgumentException | IllegalAccessException e) { + throw new AclPlugRuntimeException( + String.format("analysis on failure AccessControl is %s", AccessControl.class.getName()), e); + } + return authority; + } + + } + + public static class BorkerAccessControlTransport { + + private BorkerAccessControl onlyNetAddress; + + private List list; + + public BorkerAccessControl getOnlyNetAddress() { + return onlyNetAddress; + } + + public void setOnlyNetAddress(BorkerAccessControl onlyNetAddress) { + this.onlyNetAddress = onlyNetAddress; + } + + public List getList() { + return list; + } + + public void setList(List list) { + this.list = list; + } + @Override + public String toString() { + return "BorkerAccessControlTransport [onlyNetAddress=" + onlyNetAddress + ", list=" + list + "]"; + } + } } diff --git a/acl/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java b/acl/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java index 83004bc2c269f93ba774bbee184f625f2f54bbd6..616cb5c3bb184a749c3aeabe017f1476c28f7490 100644 --- a/acl/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java +++ b/acl/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java @@ -16,245 +16,282 @@ */ package org.apache.rocketmq.acl.plug.engine; -import java.io.File; -import java.io.FileInputStream; import java.io.IOException; -import java.io.InputStream; -import java.net.URL; import java.util.ArrayList; +import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; +import java.util.Set; + +import org.apache.rocketmq.acl.plug.AccessContralAnalysis; +import org.apache.rocketmq.acl.plug.engine.PlainAclPlugEngine.BorkerAccessControlTransport; import org.apache.rocketmq.acl.plug.entity.AccessControl; import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo; import org.apache.rocketmq.acl.plug.entity.AuthenticationResult; import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl; -import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport; -import org.apache.rocketmq.acl.plug.entity.ControllerParameters; -import org.apache.rocketmq.acl.plug.entity.LoginInfo; import org.apache.rocketmq.acl.plug.exception.AclPlugRuntimeException; -import org.apache.rocketmq.common.MixAll; +import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategyFactory; +import org.apache.rocketmq.common.protocol.RequestCode; import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.internal.util.reflection.FieldSetter; import org.mockito.junit.MockitoJUnitRunner; -import org.yaml.snakeyaml.Yaml; @RunWith(MockitoJUnitRunner.class) public class PlainAclPlugEngineTest { + + PlainAclPlugEngine plainAclPlugEngine; + + AccessControl accessControl; + + AccessControl accessControlTwo; + + AuthenticationInfo authenticationInfo; + + BorkerAccessControl borkerAccessControl; + + @Before + public void init() throws NoSuchFieldException, SecurityException, IOException { + + borkerAccessControl = new BorkerAccessControl(); + // 321 + borkerAccessControl.setQueryConsumeQueue(false); + + Set permitSendTopic = new HashSet<>(); + permitSendTopic.add("permitSendTopic"); + borkerAccessControl.setPermitSendTopic(permitSendTopic); + + Set noPermitSendTopic = new HashSet<>(); + noPermitSendTopic.add("noPermitSendTopic"); + borkerAccessControl.setNoPermitSendTopic(noPermitSendTopic); + + Set permitPullTopic = new HashSet<>(); + permitPullTopic.add("permitPullTopic"); + borkerAccessControl.setPermitPullTopic(permitPullTopic); - PlainAclPlugEngine plainAclPlugEngine; - - BorkerAccessControlTransport transport; - - AccessControl accessControl; - - AccessControl accessControlTwo; - - Map loginInfoMap; + Set noPermitPullTopic = new HashSet<>(); + noPermitPullTopic.add("noPermitPullTopic"); + borkerAccessControl.setNoPermitPullTopic(noPermitPullTopic); - @Before - public void init() throws NoSuchFieldException, SecurityException, IOException { - System.setProperty("rocketmq.home.dir", "src/test/resources"); - ControllerParameters controllerParametersEntity = new ControllerParameters(); - Yaml ymal = new Yaml(); - transport = ymal.loadAs(new FileInputStream(new File(controllerParametersEntity.getFileHome()+"/conf/transport.yml")), BorkerAccessControlTransport.class); - - plainAclPlugEngine = new PlainAclPlugEngine(controllerParametersEntity); - plainAclPlugEngine.initialize(); + AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis(); + accessContralAnalysis.analysisClass(RequestCode.class); + Map map = accessContralAnalysis.analysis(borkerAccessControl); - - accessControl = new BorkerAccessControl(); - accessControl.setAccount("rokcetmq"); - accessControl.setPassword("aliyun11"); - accessControl.setNetaddress("127.0.0.1"); - accessControl.setRecognition("127.0.0.1:1"); - - accessControlTwo = new BorkerAccessControl(); - accessControlTwo.setAccount("rokcet1"); - accessControlTwo.setPassword("aliyun1"); - accessControlTwo.setNetaddress("127.0.0.1"); - accessControlTwo.setRecognition("127.0.0.1:2"); + authenticationInfo = new AuthenticationInfo(map, borkerAccessControl,NetaddressStrategyFactory.NULL_NET_ADDRESS_STRATEGY); - loginInfoMap = new ConcurrentHashMap<>(); - FieldSetter.setField(plainAclPlugEngine, plainAclPlugEngine.getClass().getSuperclass().getDeclaredField("loginInfoMap"), loginInfoMap); - - } + System.setProperty("rocketmq.home.dir", "src/test/resources"); + plainAclPlugEngine = new PlainAclPlugEngine(); + plainAclPlugEngine.initialize(); - @Test(expected = AclPlugRuntimeException.class) - public void accountNullTest() { - accessControl.setAccount(null); - plainAclPlugEngine.setAccessControl(accessControl); - } + accessControl = new BorkerAccessControl(); + accessControl.setAccount("rokcetmq"); + accessControl.setPassword("aliyun11"); + accessControl.setNetaddress("127.0.0.1"); + accessControl.setRecognition("127.0.0.1:1"); - @Test(expected = AclPlugRuntimeException.class) - public void accountThanTest() { - accessControl.setAccount("123"); - plainAclPlugEngine.setAccessControl(accessControl); - } + accessControlTwo = new BorkerAccessControl(); + accessControlTwo.setAccount("rokcet1"); + accessControlTwo.setPassword("aliyun1"); + accessControlTwo.setNetaddress("127.0.0.1"); + accessControlTwo.setRecognition("127.0.0.1:2"); - @Test(expected = AclPlugRuntimeException.class) - public void passWordtNullTest() { - accessControl.setAccount(null); - plainAclPlugEngine.setAccessControl(accessControl); - } - - @Test(expected = AclPlugRuntimeException.class) - public void passWordThanTest() { - accessControl.setAccount("123"); - plainAclPlugEngine.setAccessControl(accessControl); - } - - @Test(expected = AclPlugRuntimeException.class) - public void testPlainAclPlugEngineInit() { - ControllerParameters controllerParametersEntity = new ControllerParameters(); - controllerParametersEntity.setFileHome(""); - new PlainAclPlugEngine(controllerParametersEntity).initialize(); - - } - - @Test - public void authenticationInfoOfSetAccessControl() { - AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; - aclPlugEngine.setAccessControl(accessControl); - - AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl); - - AccessControl getAccessControl = authenticationInfo.getAccessControl(); - Assert.assertEquals(accessControl, getAccessControl); - - AccessControl testAccessControl = new AccessControl(); - testAccessControl.setAccount("rokcetmq"); - testAccessControl.setPassword("aliyun11"); - testAccessControl.setNetaddress("127.0.0.1"); - testAccessControl.setRecognition("127.0.0.1:1"); - - testAccessControl.setAccount("rokcetmq1"); - authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl); - Assert.assertNull(authenticationInfo); - - testAccessControl.setAccount("rokcetmq"); - testAccessControl.setPassword("1234567"); - authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl); - Assert.assertNull(authenticationInfo); - - testAccessControl.setNetaddress("127.0.0.2"); - authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl); - Assert.assertNull(authenticationInfo); - } - - @Test - public void setAccessControlList() { - List accessControlList = new ArrayList<>(); - accessControlList.add(accessControl); - - accessControlList.add(accessControlTwo); - - plainAclPlugEngine.setAccessControlList(accessControlList); - - AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; - AuthenticationInfo newAccessControl = aclPlugEngine.getAccessControl(accessControl); - Assert.assertEquals(accessControl, newAccessControl.getAccessControl()); - - newAccessControl = aclPlugEngine.getAccessControl(accessControlTwo); - Assert.assertEquals(accessControlTwo, newAccessControl.getAccessControl()); - - } - - @Test - public void setNetaddressAccessControl() { - AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; - AccessControl accessControl = new BorkerAccessControl(); - accessControl.setAccount("RocketMQ"); - accessControl.setPassword("RocketMQ"); - accessControl.setNetaddress("127.0.0.1"); - aclPlugEngine.setAccessControl(accessControl); - aclPlugEngine.setNetaddressAccessControl(accessControl); - - AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl); - - AccessControl getAccessControl = authenticationInfo.getAccessControl(); - Assert.assertEquals(accessControl, getAccessControl); - - accessControl.setNetaddress("127.0.0.2"); - authenticationInfo = aclPlugEngine.getAccessControl(accessControl); - Assert.assertNull(authenticationInfo); - } - - public void eachCheckLoginAndAuthentication() { - - } - - @Test(expected = AclPlugRuntimeException.class) - public void borkerAccessControlTransportTestNull() { - plainAclPlugEngine.setBorkerAccessControlTransport(new BorkerAccessControlTransport()); - } - - @Test - public void borkerAccessControlTransportTest() { - BorkerAccessControlTransport borkerAccessControlTransprt = new BorkerAccessControlTransport(); - borkerAccessControlTransprt.setOnlyNetAddress((BorkerAccessControl) this.accessControl); - List list = new ArrayList<>(); - list.add((BorkerAccessControl) this.accessControlTwo); - borkerAccessControlTransprt.setList(list); - plainAclPlugEngine.setBorkerAccessControlTransport(borkerAccessControlTransprt); - - AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine; - AccessControl accessControl = new BorkerAccessControl(); - accessControl.setAccount("RocketMQ"); - accessControl.setPassword("RocketMQ"); - accessControl.setNetaddress("127.0.0.1"); - aclPlugEngine.setAccessControl(accessControl); - AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl); - Assert.assertNotNull(authenticationInfo.getAccessControl()); - - authenticationInfo = aclPlugEngine.getAccessControl(accessControlTwo); - Assert.assertEquals(accessControlTwo, authenticationInfo.getAccessControl()); + } - } + @Test(expected = AclPlugRuntimeException.class) + public void accountNullTest() { + accessControl.setAccount(null); + plainAclPlugEngine.setAccessControl(accessControl); + } - @Test - public void getLoginInfo() { - plainAclPlugEngine.setAccessControl(accessControl); - LoginInfo loginInfo = plainAclPlugEngine.getLoginInfo(accessControl); - Assert.assertNotNull(loginInfo); - - loginInfo = plainAclPlugEngine.getLoginInfo(accessControlTwo); - Assert.assertNull(loginInfo); - - } - - @Test - public void deleteLoginInfo() { - plainAclPlugEngine.setAccessControl(accessControl); - plainAclPlugEngine.getLoginInfo(accessControl); + @Test(expected = AclPlugRuntimeException.class) + public void accountThanTest() { + accessControl.setAccount("123"); + plainAclPlugEngine.setAccessControl(accessControl); + } - LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition()); - Assert.assertNotNull(loginInfo); - - plainAclPlugEngine.deleteLoginInfo(accessControl.getRecognition()); - - loginInfo = loginInfoMap.get(accessControl.getRecognition()); - Assert.assertNull(loginInfo); - } + @Test(expected = AclPlugRuntimeException.class) + public void passWordtNullTest() { + accessControl.setAccount(null); + plainAclPlugEngine.setAccessControl(accessControl); + } + + @Test(expected = AclPlugRuntimeException.class) + public void passWordThanTest() { + accessControl.setAccount("123"); + plainAclPlugEngine.setAccessControl(accessControl); + } + + @Test(expected = AclPlugRuntimeException.class) + public void testPlainAclPlugEngineInit() { + System.setProperty("rocketmq.home.dir", ""); + new PlainAclPlugEngine().initialize(); + } + + @Test + public void authenticationInfoOfSetAccessControl() { + plainAclPlugEngine.setAccessControl(accessControl); + + AuthenticationInfo authenticationInfo = plainAclPlugEngine.getAccessControl(accessControl); - @Test - public void getAuthenticationInfo() { - AccessControl newAccessControl = new AccessControl(); - newAccessControl.setAccount("rokcetmq"); - newAccessControl.setPassword("aliyun11"); - newAccessControl.setNetaddress("127.0.0.1"); - newAccessControl.setRecognition("127.0.0.1:1"); + AccessControl getAccessControl = authenticationInfo.getAccessControl(); + Assert.assertEquals(accessControl, getAccessControl); - AuthenticationResult authenticationResult = new AuthenticationResult(); - plainAclPlugEngine.getAuthenticationInfo(newAccessControl, authenticationResult); - Assert.assertEquals("Login information does not exist, Please check login, password, IP", authenticationResult.getResultString()); + AccessControl testAccessControl = new AccessControl(); + testAccessControl.setAccount("rokcetmq"); + testAccessControl.setPassword("aliyun11"); + testAccessControl.setNetaddress("127.0.0.1"); + testAccessControl.setRecognition("127.0.0.1:1"); - plainAclPlugEngine.setAccessControl(accessControl); - AuthenticationInfo authenticationInfo = plainAclPlugEngine.getAuthenticationInfo(newAccessControl, authenticationResult); - Assert.assertNotNull(authenticationInfo); - - } + testAccessControl.setAccount("rokcetmq1"); + authenticationInfo = plainAclPlugEngine.getAccessControl(testAccessControl); + Assert.assertNull(authenticationInfo); + + testAccessControl.setAccount("rokcetmq"); + testAccessControl.setPassword("1234567"); + authenticationInfo = plainAclPlugEngine.getAccessControl(testAccessControl); + Assert.assertNull(authenticationInfo); + + testAccessControl.setNetaddress("127.0.0.2"); + authenticationInfo = plainAclPlugEngine.getAccessControl(testAccessControl); + Assert.assertNull(authenticationInfo); + } + + @Test + public void setAccessControlList() { + List accessControlList = new ArrayList<>(); + accessControlList.add(accessControl); + + accessControlList.add(accessControlTwo); + + plainAclPlugEngine.setAccessControlList(accessControlList); + + AuthenticationInfo newAccessControl = plainAclPlugEngine.getAccessControl(accessControl); + Assert.assertEquals(accessControl, newAccessControl.getAccessControl()); + + newAccessControl = plainAclPlugEngine.getAccessControl(accessControlTwo); + Assert.assertEquals(accessControlTwo, newAccessControl.getAccessControl()); + + } + + @Test + public void setNetaddressAccessControl() { + AccessControl accessControl = new BorkerAccessControl(); + accessControl.setAccount("RocketMQ"); + accessControl.setPassword("RocketMQ"); + accessControl.setNetaddress("127.0.0.1"); + plainAclPlugEngine.setAccessControl(accessControl); + plainAclPlugEngine.setNetaddressAccessControl(accessControl); + + AuthenticationInfo authenticationInfo = plainAclPlugEngine.getAccessControl(accessControl); + + AccessControl getAccessControl = authenticationInfo.getAccessControl(); + Assert.assertEquals(accessControl, getAccessControl); + + accessControl.setNetaddress("127.0.0.2"); + authenticationInfo = plainAclPlugEngine.getAccessControl(accessControl); + Assert.assertNull(authenticationInfo); + } + + public void eachCheckLoginAndAuthentication() { + + } + + @Test(expected = AclPlugRuntimeException.class) + public void borkerAccessControlTransportTestNull() { + BorkerAccessControlTransport accessControlTransport = new BorkerAccessControlTransport(); + plainAclPlugEngine.setBorkerAccessControlTransport(accessControlTransport); + } + + @Test + public void borkerAccessControlTransportTest() { + BorkerAccessControlTransport accessControlTransport = new BorkerAccessControlTransport(); + List list = new ArrayList<>(); + list.add((BorkerAccessControl) this.accessControlTwo); + accessControlTransport.setOnlyNetAddress((BorkerAccessControl) this.accessControl); + accessControlTransport.setList(list); + plainAclPlugEngine.setBorkerAccessControlTransport(accessControlTransport); + + AccessControl accessControl = new BorkerAccessControl(); + accessControl.setAccount("RocketMQ"); + accessControl.setPassword("RocketMQ"); + accessControl.setNetaddress("127.0.0.1"); + plainAclPlugEngine.setAccessControl(accessControl); + AuthenticationInfo authenticationInfo = plainAclPlugEngine.getAccessControl(accessControl); + Assert.assertNotNull(authenticationInfo.getAccessControl()); + + authenticationInfo = plainAclPlugEngine.getAccessControl(accessControlTwo); + Assert.assertEquals(accessControlTwo, authenticationInfo.getAccessControl()); + + } + + @Test + public void authenticationTest() { + AuthenticationResult authenticationResult = new AuthenticationResult(); + accessControl.setCode(317); + + boolean isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + + accessControl.setCode(321); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + accessControl.setCode(10); + accessControl.setTopic("permitSendTopic"); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + + accessControl.setCode(310); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + + accessControl.setCode(320); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + + accessControl.setTopic("noPermitSendTopic"); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + accessControl.setTopic("nopermitSendTopic"); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + accessControl.setCode(11); + accessControl.setTopic("permitPullTopic"); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + + accessControl.setTopic("noPermitPullTopic"); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + accessControl.setTopic("nopermitPullTopic"); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + } + + @Test + public void isEmptyTest() { + AuthenticationResult authenticationResult = new AuthenticationResult(); + accessControl.setCode(10); + accessControl.setTopic("absentTopic"); + boolean isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + Set permitSendTopic = new HashSet<>(); + borkerAccessControl.setPermitSendTopic(permitSendTopic); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + + accessControl.setCode(11); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertFalse(isReturn); + + borkerAccessControl.setPermitPullTopic(permitSendTopic); + isReturn = plainAclPlugEngine.authentication(authenticationInfo, accessControl, authenticationResult); + Assert.assertTrue(isReturn); + } }