Skip to content

R
Rocketmq

小包包007 / Rocketmq
与 Fork 源项目一致

Fork自 Apache RocketMQ / Rocketmq

通知 1
Star 0
Fork 0
R
Rocketmq

体验新版 GitCode,发现更多精彩内容 >>

提交 994e29df 编写于 作者: H hujie
浏览文件
操作

add unit test

上级 7a030209
隐藏空白更改
内联 并排
Showing with 745 addition and 84 deletion
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/AuthenticationInfoManagementAclPlugEngine.java
浏览文件 @ 994e29df
......@@ -25,6 +25,7 @@ import org.apache.rocketmq.acl.plug.Authentication;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport;
import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
import org.apache.rocketmq.acl.plug.strategy.NetaddressStrategy;
......@@ -87,6 +88,8 @@ public abstract class AuthenticationInfoManagementAclPlugEngine implements AclPl
Map<String, AuthenticationInfo> accessControlAddressMap = accessControlMap.get(accessControl.getAccount());
if (accessControlAddressMap != null) {
existing = accessControlAddressMap.get(accessControl.getNetaddress());
if (existing == null)
return null;
if (existing.getAccessControl().getPassword().equals(accessControl.getPassword())) {
if (existing.getNetaddressStrategy().match(accessControl)) {
return existing;
......@@ -113,6 +116,21 @@ public abstract class AuthenticationInfoManagementAclPlugEngine implements AclPl
return authenticationResult;
}
void setBorkerAccessControlTransport(BorkerAccessControlTransport transport) {
if (transport.getOnlyNetAddress() == null && (transport.getList() == null || transport.getList().size() == 0)) {
throw new AclPlugAccountAnalysisException("onlyNetAddress and list can't be all empty");
}
if (transport.getOnlyNetAddress() != null) {
this.setNetaddressAccessControl(transport.getOnlyNetAddress());
}
if (transport.getList() != null || transport.getList().size() > 0) {
for (AccessControl accessControl : transport.getList()) {
this.setAccessControl(accessControl);
}
}
}
protected abstract AuthenticationInfo getAuthenticationInfo(LoginOrRequestAccessControl accessControl,
AuthenticationResult authenticationResult);
}
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/LoginInfoAclPlugEngine.java
浏览文件 @ 994e29df
......@@ -29,21 +29,15 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen
private Map<String, LoginInfo> loginInfoMap = new ConcurrentHashMap<>();
@Override
public AuthenticationInfo getAccessControl(AccessControl accessControl) {
AuthenticationInfo authenticationInfo = super.getAccessControl(accessControl);
if (authenticationInfo != null) {
LoginInfo loginInfo = new LoginInfo();
loginInfo.setAuthenticationInfo(authenticationInfo);
loginInfoMap.put(accessControl.getRecognition(), loginInfo);
}
return authenticationInfo;
}
public LoginInfo getLoginInfo(AccessControl accessControl) {
LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition());
if (loginInfo == null && getAccessControl(accessControl) != null) {
loginInfo = loginInfoMap.get(accessControl.getRecognition());
if (loginInfo == null) {
AuthenticationInfo authenticationInfo = super.getAccessControl(accessControl);
if (authenticationInfo != null) {
loginInfo = new LoginInfo();
loginInfo.setAuthenticationInfo(authenticationInfo);
loginInfoMap.put(accessControl.getRecognition(), loginInfo);
}
}
if (loginInfo != null) {
loginInfo.setOperationTime(System.currentTimeMillis());
......@@ -60,9 +54,8 @@ public abstract class LoginInfoAclPlugEngine extends AuthenticationInfoManagemen
LoginInfo anthenticationInfo = getLoginInfo(accessControl);
if (anthenticationInfo != null && anthenticationInfo.getAuthenticationInfo() != null) {
return anthenticationInfo.getAuthenticationInfo();
} else {
authenticationResult.setResultString("Login information does not exist, Please check login, password, IP");
}
authenticationResult.setResultString("Login information does not exist, Please check login, password, IP");
return null;
}
......
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngine.java
浏览文件 @ 994e29df
......@@ -18,9 +18,8 @@ package org.apache.rocketmq.acl.plug.engine;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport;
import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
......@@ -39,17 +38,26 @@ public class PlainAclPlugEngine extends LoginInfoAclPlugEngine {
void init() throws AclPlugAccountAnalysisException {
String filePath = controllerParametersEntity.getFileHome() + "/conf/transport.yml";
Yaml ymal = new Yaml();
FileInputStream fis;
FileInputStream fis = null;
BorkerAccessControlTransport transport;
try {
fis = new FileInputStream(new File(filePath));
BorkerAccessControlTransport transport = ymal.loadAs(fis, BorkerAccessControlTransport.class);
super.setNetaddressAccessControl(transport.getOnlyNetAddress());
for (AccessControl accessControl : transport.getList()) {
super.setAccessControl(accessControl);
}
} catch (FileNotFoundException e) {
transport = ymal.loadAs(fis, BorkerAccessControlTransport.class);
} catch (Exception e) {
throw new AclPlugAccountAnalysisException("The transport.yml file for Plain mode was not found", e);
} finally {
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
throw new AclPlugAccountAnalysisException("close transport fileInputStream Exception", e);
}
}
}
if (transport == null) {
throw new AclPlugAccountAnalysisException("transport.yml file is no data");
}
super.setBorkerAccessControlTransport(transport);
}
}
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/entity/BorkerAccessControl.java
浏览文件 @ 994e29df
......@@ -21,7 +21,6 @@ import java.util.Set;
import org.apache.rocketmq.acl.plug.annotation.RequestCode;
public class BorkerAccessControl extends AccessControl {
public BorkerAccessControl() {
......
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/AbstractNetaddressStrategy.java
浏览文件 @ 994e29df
......@@ -17,11 +17,14 @@
package org.apache.rocketmq.acl.plug.strategy;
import org.apache.rocketmq.acl.plug.AclUtils;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
public abstract class AbstractNetaddressStrategy implements NetaddressStrategy {
public void verify(String netaddress, int index) {
AclUtils.isScope(netaddress, index);
if (!AclUtils.isScope(netaddress, index)) {
throw new AclPlugAccountAnalysisException(String.format("netaddress examine scope Exception netaddress is %s", netaddress));
}
}
}
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyFactory.java
浏览文件 @ 994e29df
......@@ -19,6 +19,7 @@ package org.apache.rocketmq.acl.plug.strategy;
import org.apache.commons.lang3.StringUtils;
import org.apache.rocketmq.acl.plug.AclUtils;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
public class NetaddressStrategyFactory {
......@@ -28,14 +29,14 @@ public class NetaddressStrategyFactory {
return NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY;
}
if (netaddress.endsWith("}")) {
String[] strArray = StringUtils.split(netaddress);
String[] strArray = StringUtils.split(netaddress, ".");
String four = strArray[3];
if (!four.startsWith("{")) {
throw new AclPlugAccountAnalysisException(String.format("MultipleNetaddressStrategy netaddress examine scope Exception netaddress", netaddress));
}
return new MultipleNetaddressStrategy(AclUtils.getAddreeStrArray(netaddress, four));
} else if (AclUtils.isColon(netaddress)) {
return new MultipleNetaddressStrategy(StringUtils.split(","));
return new MultipleNetaddressStrategy(StringUtils.split(netaddress, ","));
} else if (AclUtils.isAsterisk(netaddress) || AclUtils.isMinus(netaddress)) {
return new RangeNetaddressStrategy(netaddress);
}
......
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/OneNetaddressStrategy.java
浏览文件 @ 994e29df
......@@ -24,6 +24,7 @@ public class OneNetaddressStrategy extends AbstractNetaddressStrategy {
public OneNetaddressStrategy(String netaddress) {
this.netaddress = netaddress;
verify(netaddress, 4);
}
@Override
......
acl-plug/src/main/java/org/apache/rocketmq/acl/plug/strategy/RangeNetaddressStrategy.java
浏览文件 @ 994e29df
......@@ -19,6 +19,7 @@ package org.apache.rocketmq.acl.plug.strategy;
import org.apache.commons.lang3.StringUtils;
import org.apache.rocketmq.acl.plug.AclUtils;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
public class RangeNetaddressStrategy extends AbstractNetaddressStrategy {
......@@ -33,7 +34,7 @@ public class RangeNetaddressStrategy extends AbstractNetaddressStrategy {
public RangeNetaddressStrategy(String netaddress) {
String[] strArray = StringUtils.split(netaddress, ".");
if (analysis(strArray, 2) || analysis(strArray, 3)) {
verify(netaddress, index);
verify(netaddress, index - 1);
StringBuffer sb = new StringBuffer().append(strArray[0].trim()).append(".").append(strArray[1].trim()).append(".");
if (index == 3) {
sb.append(strArray[2].trim()).append(".");
......@@ -48,11 +49,15 @@ public class RangeNetaddressStrategy extends AbstractNetaddressStrategy {
if ("*".equals(value)) {
setValue(0, 255);
} else if (AclUtils.isMinus(value)) {
if (value.indexOf("-") == 0) {
throw new AclPlugAccountAnalysisException(String.format("RangeNetaddressStrategy netaddress examine scope Exception value %s ", value));
}
String[] valueArray = StringUtils.split(value, "-");
this.start = Integer.valueOf(valueArray[0]);
this.end = Integer.valueOf(valueArray[1]);
if (!(AclUtils.isScope(end) && AclUtils.isScope(start) && start <= end)) {
throw new AclPlugAccountAnalysisException(String.format("RangeNetaddressStrategy netaddress examine scope Exception start is %s , end is %s", start, end));
}
}
return this.end > 0 ? true : false;
......
acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AccessContralAnalysisTest.java
浏览文件 @ 994e29df
package org.apache.rocketmq.acl.plug;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
import org.junit.Assert;
import org.junit.Test;
public class AccessContralAnalysisTest {
......@@ -10,8 +13,21 @@ public class AccessContralAnalysisTest {
@Test
public void analysisTest() {
AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
Map<Integer, Boolean> map = accessContralAnalysis.analysis(new BorkerAccessControl());
System.out.println(map);
BorkerAccessControl accessControl = new BorkerAccessControl();
accessControl.setSendMessage(false);
Map<Integer, Boolean> map = accessContralAnalysis.analysis(accessControl);
Iterator<Entry<Integer, Boolean>> it = map.entrySet().iterator();
long num = 0;
while (it.hasNext()) {
Entry<Integer, Boolean> e = it.next();
if (!e.getValue()) {
Assert.assertEquals(e.getKey(), Integer.valueOf(10));
num++;
}
}
Assert.assertEquals(num, 1);
}
}
acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclPlugControllerTest.java 0 → 100644
浏览文件 @ 994e29df
package org.apache.rocketmq.acl.plug;
public class AclPlugControllerTest {
}
acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AclUtilsTest.java 0 → 100644
浏览文件 @ 994e29df
package org.apache.rocketmq.acl.plug;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.junit.MockitoJUnitRunner;
@RunWith(MockitoJUnitRunner.class)
public class AclUtilsTest {
@Test
public void getAddreeStrArray() {
String address = "1.1.1.{1,2,3,4}";
String[] addressArray = AclUtils.getAddreeStrArray(address, "{1,2,3,4}");
List<String> newAddressList = new ArrayList<>();
for (String a : addressArray) {
newAddressList.add(a);
}
List<String> addressList = new ArrayList<>();
addressList.add("1.1.1.1");
addressList.add("1.1.1.2");
addressList.add("1.1.1.3");
addressList.add("1.1.1.4");
Assert.assertEquals(newAddressList, addressList);
}
@Test
public void isScopeStringArray() {
String adderss = "12";
for (int i = 0; i < 6; i++) {
boolean isScope = AclUtils.isScope(adderss, 4);
if (i == 3) {
Assert.assertTrue(isScope);
} else {
Assert.assertFalse(isScope);
}
adderss = adderss + ".12";
}
}
@Test
public void isScopeArray() {
String[] adderss = StringUtils.split("12.12.12.12", ".");
boolean isScope = AclUtils.isScope(adderss, 4);
Assert.assertTrue(isScope);
isScope = AclUtils.isScope(adderss, 3);
Assert.assertTrue(isScope);
adderss = StringUtils.split("12.12.1222.1222", ".");
isScope = AclUtils.isScope(adderss, 4);
Assert.assertFalse(isScope);
isScope = AclUtils.isScope(adderss, 3);
Assert.assertFalse(isScope);
}
@Test
public void isScopeStringTest() {
for (int i = 0; i < 256; i++) {
boolean isScope = AclUtils.isScope(i + "");
Assert.assertTrue(isScope);
}
boolean isScope = AclUtils.isScope("-1");
Assert.assertFalse(isScope);
isScope = AclUtils.isScope("256");
Assert.assertFalse(isScope);
}
@Test
public void isScopeTest() {
for (int i = 0; i < 256; i++) {
boolean isScope = AclUtils.isScope(i);
Assert.assertTrue(isScope);
}
boolean isScope = AclUtils.isScope(-1);
Assert.assertFalse(isScope);
isScope = AclUtils.isScope(256);
Assert.assertFalse(isScope);
}
@Test
public void isAsteriskTest() {
boolean isAsterisk = AclUtils.isAsterisk("*");
Assert.assertTrue(isAsterisk);
isAsterisk = AclUtils.isAsterisk(",");
Assert.assertFalse(isAsterisk);
}
@Test
public void isColonTest() {
boolean isColon = AclUtils.isColon(",");
Assert.assertTrue(isColon);
isColon = AclUtils.isColon("-");
Assert.assertFalse(isColon);
}
@Test
public void isMinusTest() {
boolean isMinus = AclUtils.isMinus("-");
Assert.assertTrue(isMinus);
isMinus = AclUtils.isMinus("*");
Assert.assertFalse(isMinus);
}
}
acl-plug/src/test/java/org/apache/rocketmq/acl/plug/AuthenticationTest.java 0 → 100644
浏览文件 @ 994e29df
package org.apache.rocketmq.acl.plug;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
import org.apache.rocketmq.acl.plug.strategy.OneNetaddressStrategy;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
public class AuthenticationTest {
Authentication authentication = new Authentication();
AuthenticationInfo authenticationInfo;
@Before
public void init() {
OneNetaddressStrategy netaddressStrategy = new OneNetaddressStrategy("127.0.0.1");
BorkerAccessControl borkerAccessControl = new BorkerAccessControl();
//321
borkerAccessControl.setQueryConsumeQueue(false);
Set<String> permitSendTopic = new HashSet<>();
permitSendTopic.add("permitSendTopic");
borkerAccessControl.setPermitSendTopic(permitSendTopic);
Set<String> noPermitSendTopic = new HashSet<>();
noPermitSendTopic.add("noPermitSendTopic");
borkerAccessControl.setNoPermitSendTopic(noPermitSendTopic);
Set<String> permitPullTopic = new HashSet<>();
permitPullTopic.add("permitPullTopic");
borkerAccessControl.setPermitPullTopic(permitPullTopic);
Set<String> noPermitPullTopic = new HashSet<>();
noPermitPullTopic.add("noPermitPullTopic");
borkerAccessControl.setNoPermitPullTopic(noPermitPullTopic);
AccessContralAnalysis accessContralAnalysis = new AccessContralAnalysis();
Map<Integer, Boolean> map = accessContralAnalysis.analysis(borkerAccessControl);
authenticationInfo = new AuthenticationInfo(map, borkerAccessControl, netaddressStrategy);
}
@Test
public void authenticationTest() {
AuthenticationResult authenticationResult = new AuthenticationResult();
LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl();
loginOrRequestAccessControl.setCode(317);
boolean isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(321);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
loginOrRequestAccessControl.setCode(10);
loginOrRequestAccessControl.setTopic("permitSendTopic");
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(310);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(320);
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setTopic("noPermitSendTopic");
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
loginOrRequestAccessControl.setTopic("nopermitSendTopic");
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setCode(11);
loginOrRequestAccessControl.setTopic("permitPullTopic");
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
loginOrRequestAccessControl.setTopic("noPermitPullTopic");
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertFalse(isReturn);
loginOrRequestAccessControl.setTopic("nopermitPullTopic");
isReturn = authentication.authentication(authenticationInfo, loginOrRequestAccessControl, authenticationResult);
Assert.assertTrue(isReturn);
}
}
acl-plug/src/test/java/org/apache/rocketmq/acl/plug/engine/PlainAclPlugEngineTest.java
浏览文件 @ 994e29df
package org.apache.rocketmq.acl.plug.engine;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.entity.AuthenticationInfo;
import org.apache.rocketmq.acl.plug.entity.AuthenticationResult;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControl;
import org.apache.rocketmq.acl.plug.entity.BorkerAccessControlTransport;
import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity;
import org.apache.rocketmq.acl.plug.entity.LoginInfo;
import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
import org.apache.rocketmq.common.MixAll;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.internal.util.reflection.FieldSetter;
import org.mockito.junit.MockitoJUnitRunner;
import org.yaml.snakeyaml.Yaml;
@RunWith(MockitoJUnitRunner.class)
public class PlainAclPlugEngineTest {
@Test
PlainAclPlugEngine plainAclPlugEngine;
BorkerAccessControlTransport transport;
AccessControl accessControl;
AccessControl accessControlTwo;
Map<String, LoginInfo> loginInfoMap;
@Before
public void init() throws FileNotFoundException, NoSuchFieldException, SecurityException {
String home = System.getProperty(MixAll.ROCKETMQ_HOME_PROPERTY, System.getenv(MixAll.ROCKETMQ_HOME_ENV));
Yaml ymal = new Yaml();
String filePath = home + "/conf/transport.yml";
FileInputStream fis = new FileInputStream(new File(filePath));
transport = ymal.loadAs(fis, BorkerAccessControlTransport.class);
ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity();
controllerParametersEntity.setFileHome(home);
plainAclPlugEngine = new PlainAclPlugEngine(controllerParametersEntity);
accessControl = new BorkerAccessControl();
accessControl.setAccount("rokcetmq");
accessControl.setPassword("aliyun");
accessControl.setNetaddress("127.0.0.1");
accessControl.setRecognition("127.0.0.1:1");
accessControlTwo = new BorkerAccessControl();
accessControlTwo.setAccount("rokcet");
accessControlTwo.setPassword("aliyun");
accessControlTwo.setNetaddress("127.0.0.1");
accessControlTwo.setRecognition("127.0.0.1:2");
loginInfoMap = new ConcurrentHashMap<>();
FieldSetter.setField(plainAclPlugEngine, plainAclPlugEngine.getClass().getSuperclass().getDeclaredField("loginInfoMap"), loginInfoMap);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void testPlainAclPlugEngineInit() {
//PlainAclPlugEngine plainAclPlugEngine = new PlainAclPlugEngine();
//plainAclPlugEngine.init();
ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity();
new PlainAclPlugEngine(controllerParametersEntity);
}
@Test
public void authenticationInfoOfSetAccessControl() {
AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine;
aclPlugEngine.setAccessControl(accessControl);
AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl);
AccessControl getAccessControl = authenticationInfo.getAccessControl();
Assert.assertEquals(accessControl, getAccessControl);
AccessControl testAccessControl = new AccessControl();
testAccessControl.setAccount("rokcetmq");
testAccessControl.setPassword("aliyun");
testAccessControl.setNetaddress("127.0.0.1");
testAccessControl.setRecognition("127.0.0.1:1");
testAccessControl.setAccount("rokcetmq1");
authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl);
Assert.assertNull(authenticationInfo);
testAccessControl.setAccount("rokcetmq");
testAccessControl.setPassword("1");
authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl);
Assert.assertNull(authenticationInfo);
testAccessControl.setNetaddress("127.0.0.2");
authenticationInfo = aclPlugEngine.getAccessControl(testAccessControl);
Assert.assertNull(authenticationInfo);
}
@Test
public void setAccessControlList() {
List<AccessControl> accessControlList = new ArrayList<>();
accessControlList.add(accessControl);
accessControlList.add(accessControlTwo);
plainAclPlugEngine.setAccessControlList(accessControlList);
AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine;
AuthenticationInfo newAccessControl = aclPlugEngine.getAccessControl(accessControl);
Assert.assertEquals(accessControl, newAccessControl.getAccessControl());
newAccessControl = aclPlugEngine.getAccessControl(accessControlTwo);
Assert.assertEquals(accessControlTwo, newAccessControl.getAccessControl());
}
@Test
public void setNetaddressAccessControl() {
AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine;
AccessControl accessControl = new BorkerAccessControl();
accessControl.setNetaddress("127.0.0.1");
aclPlugEngine.setAccessControl(accessControl);
aclPlugEngine.setNetaddressAccessControl(accessControl);
AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl);
AccessControl getAccessControl = authenticationInfo.getAccessControl();
Assert.assertEquals(accessControl, getAccessControl);
accessControl.setNetaddress("127.0.0.2");
authenticationInfo = aclPlugEngine.getAccessControl(accessControl);
Assert.assertNull(authenticationInfo);
}
public void eachCheckLoginAndAuthentication() {
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void borkerAccessControlTransportTestNull() {
plainAclPlugEngine.setBorkerAccessControlTransport(new BorkerAccessControlTransport());
}
@Test
public void borkerAccessControlTransportTest() {
BorkerAccessControlTransport borkerAccessControlTransprt = new BorkerAccessControlTransport();
borkerAccessControlTransprt.setOnlyNetAddress((BorkerAccessControl) this.accessControl);
List<BorkerAccessControl> list = new ArrayList<>();
list.add((BorkerAccessControl) this.accessControlTwo);
borkerAccessControlTransprt.setList(list);
plainAclPlugEngine.setBorkerAccessControlTransport(borkerAccessControlTransprt);
AuthenticationInfoManagementAclPlugEngine aclPlugEngine = (AuthenticationInfoManagementAclPlugEngine) plainAclPlugEngine;
AccessControl accessControl = new BorkerAccessControl();
accessControl.setNetaddress("127.0.0.1");
aclPlugEngine.setAccessControl(accessControl);
AuthenticationInfo authenticationInfo = aclPlugEngine.getAccessControl(accessControl);
Assert.assertNotNull(authenticationInfo.getAccessControl());
authenticationInfo = aclPlugEngine.getAccessControl(accessControlTwo);
Assert.assertEquals(accessControlTwo, authenticationInfo.getAccessControl());
}
@Test
public void getLoginInfo() {
plainAclPlugEngine.setAccessControl(accessControl);
LoginInfo loginInfo = plainAclPlugEngine.getLoginInfo(accessControl);
Assert.assertNotNull(loginInfo);
loginInfo = plainAclPlugEngine.getLoginInfo(accessControlTwo);
Assert.assertNull(loginInfo);
}
@Test
public void deleteLoginInfo() {
plainAclPlugEngine.setAccessControl(accessControl);
plainAclPlugEngine.getLoginInfo(accessControl);
LoginInfo loginInfo = loginInfoMap.get(accessControl.getRecognition());
Assert.assertNotNull(loginInfo);
plainAclPlugEngine.deleteLoginInfo(accessControl.getRecognition());
loginInfo = loginInfoMap.get(accessControl.getRecognition());
Assert.assertNull(loginInfo);
}
@Test
public void getAuthenticationInfo() {
LoginOrRequestAccessControl loginOrRequestAccessControl = new LoginOrRequestAccessControl();
loginOrRequestAccessControl.setAccount("rokcetmq");
loginOrRequestAccessControl.setPassword("aliyun");
loginOrRequestAccessControl.setNetaddress("127.0.0.1");
loginOrRequestAccessControl.setRecognition("127.0.0.1:1");
AuthenticationResult authenticationResult = new AuthenticationResult();
plainAclPlugEngine.getAuthenticationInfo(loginOrRequestAccessControl, authenticationResult);
Assert.assertEquals("Login information does not exist, Please check login, password, IP", authenticationResult.getResultString());
plainAclPlugEngine.setAccessControl(accessControl);
AuthenticationInfo authenticationInfo = plainAclPlugEngine.getAuthenticationInfo(loginOrRequestAccessControl, authenticationResult);
Assert.assertNotNull(authenticationInfo);
}
}
acl-plug/src/test/java/org/apache/rocketmq/acl/plug/strategy/NetaddressStrategyTest.java 0 → 100644
浏览文件 @ 994e29df
package org.apache.rocketmq.acl.plug.strategy;
import org.apache.rocketmq.acl.plug.entity.AccessControl;
import org.apache.rocketmq.acl.plug.exception.AclPlugAccountAnalysisException;
import org.junit.Assert;
import org.junit.Test;
public class NetaddressStrategyTest {
NetaddressStrategyFactory netaddressStrategyFactory = new NetaddressStrategyFactory();
@Test
public void NetaddressStrategyFactoryTest() {
AccessControl accessControl = new AccessControl();
NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy, NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY);
accessControl.setNetaddress("*");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy, NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY);
accessControl.setNetaddress("127.0.0.1");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy.getClass(), OneNetaddressStrategy.class);
accessControl.setNetaddress("127.0.0.1,127.0.0.2,127.0.0.3");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy.getClass(), MultipleNetaddressStrategy.class);
accessControl.setNetaddress("127.0.0.{1,2,3}");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy.getClass(), MultipleNetaddressStrategy.class);
accessControl.setNetaddress("127.0.0.1-200");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy.getClass(), RangeNetaddressStrategy.class);
accessControl.setNetaddress("127.0.0.*");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy.getClass(), RangeNetaddressStrategy.class);
accessControl.setNetaddress("127.0.1-20.*");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
Assert.assertEquals(netaddressStrategy.getClass(), RangeNetaddressStrategy.class);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void verifyTest() {
new OneNetaddressStrategy("127.0.0.1");
new OneNetaddressStrategy("256.0.0.1");
}
@Test
public void nullNetaddressStrategyTest() {
boolean isMatch = NullNetaddressStrategy.NULL_NET_ADDRESS_STRATEGY.match(new AccessControl());
Assert.assertTrue(isMatch);
}
public void oneNetaddressStrategyTest() {
OneNetaddressStrategy netaddressStrategy = new OneNetaddressStrategy("127.0.0.1");
AccessControl accessControl = new AccessControl();
boolean match = netaddressStrategy.match(accessControl);
Assert.assertFalse(match);
accessControl.setNetaddress("127.0.0.2");
match = netaddressStrategy.match(accessControl);
Assert.assertFalse(match);
accessControl.setNetaddress("127.0.0.1");
match = netaddressStrategy.match(accessControl);
Assert.assertTrue(match);
}
@Test
public void multipleNetaddressStrategyTest() {
AccessControl accessControl = new AccessControl();
accessControl.setNetaddress("127.0.0.1,127.0.0.2,127.0.0.3");
NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
multipleNetaddressStrategyTest(netaddressStrategy);
accessControl.setNetaddress("127.0.0.{1,2,3}");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
multipleNetaddressStrategyTest(netaddressStrategy);
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void multipleNetaddressStrategyExceptionTest() {
AccessControl accessControl = new AccessControl();
accessControl.setNetaddress("127.0.0.1,2,3}");
netaddressStrategyFactory.getNetaddressStrategy(accessControl);
}
private void multipleNetaddressStrategyTest(NetaddressStrategy netaddressStrategy) {
AccessControl accessControl = new AccessControl();
accessControl.setNetaddress("127.0.0.1");
boolean match = netaddressStrategy.match(accessControl);
Assert.assertTrue(match);
accessControl.setNetaddress("127.0.0.2");
match = netaddressStrategy.match(accessControl);
Assert.assertTrue(match);
accessControl.setNetaddress("127.0.0.3");
match = netaddressStrategy.match(accessControl);
Assert.assertTrue(match);
accessControl.setNetaddress("127.0.0.4");
match = netaddressStrategy.match(accessControl);
Assert.assertFalse(match);
accessControl.setNetaddress("127.0.0.0");
match = netaddressStrategy.match(accessControl);
Assert.assertFalse(match);
}
@Test
public void rangeNetaddressStrategyTest() {
String head = "127.0.0.";
AccessControl accessControl = new AccessControl();
accessControl.setNetaddress("127.0.0.1-200");
NetaddressStrategy netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
rangeNetaddressStrategyTest(netaddressStrategy, head, 1, 200, true);
accessControl.setNetaddress("127.0.0.*");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
rangeNetaddressStrategyTest(netaddressStrategy, head, 0, 255, true);
accessControl.setNetaddress("127.0.1-200.*");
netaddressStrategy = netaddressStrategyFactory.getNetaddressStrategy(accessControl);
rangeNetaddressStrategyThirdlyTest(netaddressStrategy, head, 1, 200);
}
private void rangeNetaddressStrategyTest(NetaddressStrategy netaddressStrategy, String head, int start, int end,
boolean isFalse) {
AccessControl accessControl = new AccessControl();
for (int i = -10; i < 300; i++) {
accessControl.setNetaddress(head + i);
boolean match = netaddressStrategy.match(accessControl);
if (isFalse && i >= start && i <= end) {
Assert.assertTrue(match);
continue;
}
Assert.assertFalse(match);
}
}
private void rangeNetaddressStrategyThirdlyTest(NetaddressStrategy netaddressStrategy, String head, int start,
int end) {
String newHead;
for (int i = -10; i < 300; i++) {
newHead = head + i;
if (i >= start && i <= end) {
rangeNetaddressStrategyTest(netaddressStrategy, newHead, 0, 255, false);
}
}
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void rangeNetaddressStrategyExceptionStartGreaterEndTest() {
rangeNetaddressStrategyExceptionTest("127.0.0.2-1");
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void rangeNetaddressStrategyExceptionScopeTest() {
rangeNetaddressStrategyExceptionTest("127.0.0.-1-200");
}
@Test(expected = AclPlugAccountAnalysisException.class)
public void rangeNetaddressStrategyExceptionScopeTwoTest() {
rangeNetaddressStrategyExceptionTest("127.0.0.0-256");
}
private void rangeNetaddressStrategyExceptionTest(String netaddress) {
AccessControl accessControl = new AccessControl();
accessControl.setNetaddress(netaddress);
netaddressStrategyFactory.getNetaddressStrategy(accessControl);
}
}
broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java
浏览文件 @ 994e29df
......@@ -32,10 +32,10 @@ import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.StringUtils;
import org.apache.rocketmq.acl.plug.AclPlugController;
import org.apache.rocketmq.acl.plug.AclRemotingServer;
import org.apache.rocketmq.acl.plug.entity.ControllerParametersEntity;
import org.apache.rocketmq.acl.plug.entity.LoginOrRequestAccessControl;
import org.apache.rocketmq.broker.client.ClientHousekeepingService;
import org.apache.rocketmq.broker.client.ConsumerIdsChangeListener;
......@@ -107,7 +107,6 @@ import org.apache.rocketmq.store.config.MessageStoreConfig;
import org.apache.rocketmq.store.stats.BrokerStats;
import org.apache.rocketmq.store.stats.BrokerStatsManager;
public class BrokerController {
private static final InternalLogger log = InternalLoggerFactory.getLogger(LoggerName.BROKER_LOGGER_NAME);
private static final InternalLogger LOG_PROTECTION = InternalLoggerFactory.getLogger(LoggerName.PROTECTION_LOGGER_NAME);
......@@ -163,6 +162,8 @@ public class BrokerController {
private TransactionalMessageService transactionalMessageService;
private AbstractTransactionalMessageCheckListener transactionalMessageCheckListener;
private AclPlugController aclPlugController;
public BrokerController(
final BrokerConfig brokerConfig,
final NettyServerConfig nettyServerConfig,
......@@ -298,7 +299,6 @@ public class BrokerController {
this.heartbeatThreadPoolQueue,
new ThreadFactoryImpl("HeartbeatThread_",true));
this.consumerManageExecutor =
Executors.newFixedThreadPool(this.brokerConfig.getConsumerManageThreadPoolNums(), new ThreadFactoryImpl(
"ConsumerManageThread_"));
......@@ -486,41 +486,46 @@ public class BrokerController {
}
private void initialAclPlug() {
try {
if(!this.brokerConfig.isAclPlug()) {
return;
}
AclPlugController aclPlugController = new AclPlugController(null);
if(!aclPlugController.isStartSucceed()) {
return;
}
final AclRemotingServer aclRemotingServe = aclPlugController.getAclRemotingServer();
this.registerServerRPCHook(new RPCHook() {
@Override
public void doBeforeRequest(String remoteAddr, RemotingCommand request) {
HashMap<String, String> extFields = request.getExtFields();
LoginOrRequestAccessControl accessControl = new LoginOrRequestAccessControl();
accessControl.setCode(request.getCode());
accessControl.setRecognition(remoteAddr);
if( extFields != null ) {
accessControl.setAccount(extFields.get("account"));
accessControl.setPassword(extFields.get("password"));
accessControl.setNetaddress(StringUtils.split(remoteAddr,":")[0]);
accessControl.setTopic(extFields.get("topic"));
}
aclRemotingServe.eachCheck(accessControl);
}
@Override
public void doAfterResponse(String remoteAddr, RemotingCommand request, RemotingCommand response) {}
});
}catch(Exception e) {
}
}
try {
if (!this.brokerConfig.isAclPlug()) {
log.info("Default does not start acl plug");
return;
}
ControllerParametersEntity controllerParametersEntity = new ControllerParametersEntity();
controllerParametersEntity.setFileHome(brokerConfig.getRocketmqHome());
aclPlugController = new AclPlugController(controllerParametersEntity);
if (!aclPlugController.isStartSucceed()) {
log.error("start acl plug failure");
return;
}
final AclRemotingServer aclRemotingServe = aclPlugController.getAclRemotingServer();
this.registerServerRPCHook(new RPCHook() {
@Override
public void doBeforeRequest(String remoteAddr, RemotingCommand request) {
HashMap<String, String> extFields = request.getExtFields();
LoginOrRequestAccessControl accessControl = new LoginOrRequestAccessControl();
accessControl.setCode(request.getCode());
accessControl.setRecognition(remoteAddr);
if (extFields != null) {
accessControl.setAccount(extFields.get("account"));
accessControl.setPassword(extFields.get("password"));
accessControl.setNetaddress(StringUtils.split(remoteAddr, ":")[0]);
accessControl.setTopic(extFields.get("topic"));
}
aclRemotingServe.eachCheck(accessControl);
}
@Override
public void doAfterResponse(String remoteAddr, RemotingCommand request, RemotingCommand response) {
}
});
} catch (Exception e) {
log.error(e.getMessage(), e);
}
}
public void registerProcessor() {
/**
* SendMessageProcessor
......@@ -1071,4 +1076,8 @@ public class BrokerController {
AbstractTransactionalMessageCheckListener transactionalMessageCheckListener) {
this.transactionalMessageCheckListener = transactionalMessageCheckListener;
}
public AclPlugController getAclPlugController() {
return this.aclPlugController;
}
}
broker/src/main/java/org/apache/rocketmq/broker/client/ClientHousekeepingService.java
浏览文件 @ 994e29df
......@@ -72,6 +72,7 @@ public class ClientHousekeepingService implements ChannelEventListener {
this.brokerController.getProducerManager().doChannelCloseEvent(remoteAddr, channel);
this.brokerController.getConsumerManager().doChannelCloseEvent(remoteAddr, channel);
this.brokerController.getFilterServerManager().doChannelCloseEvent(remoteAddr, channel);
this.brokerController.getAclPlugController().doChannelCloseEvent(remoteAddr);
}
@Override
......
common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java
浏览文件 @ 994e29df
......@@ -63,7 +63,7 @@ public class BrokerConfig {
private int adminBrokerThreadPoolNums = 16;
private int clientManageThreadPoolNums = 32;
private int consumerManageThreadPoolNums = 32;
private int heartbeatThreadPoolNums = Math.min(32,Runtime.getRuntime().availableProcessors());
private int heartbeatThreadPoolNums = Math.min(32, Runtime.getRuntime().availableProcessors());
private int flushConsumerOffsetInterval = 1000 * 5;
......@@ -163,8 +163,7 @@ public class BrokerConfig {
*/
@ImportantField
private long transactionCheckInterval = 60 * 1000;
private boolean isAclPlug;
public boolean isTraceOn() {
......@@ -705,12 +704,12 @@ public class BrokerConfig {
this.transactionCheckInterval = transactionCheckInterval;
}
public boolean isAclPlug() {
return isAclPlug;
}
public boolean isAclPlug() {
return isAclPlug;
}
public void setAclPlug(boolean isAclPlug) {
this.isAclPlug = isAclPlug;
}
public void setAclPlug(boolean isAclPlug) {
this.isAclPlug = isAclPlug;
}
}
common/src/main/java/org/apache/rocketmq/common/constant/LoggerName.java
浏览文件 @ 994e29df
......@@ -36,4 +36,5 @@ public class LoggerName {
public static final String PROTECTION_LOGGER_NAME = "RocketmqProtection";
public static final String WATER_MARK_LOGGER_NAME = "RocketmqWaterMark";
public static final String FILTER_LOGGER_NAME = "RocketmqFilter";
public static final String ACL_PLUG_LOGGER_NAME = "RocketmqAclPlug";
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册