Mailing-List: contact commits-help@aurora.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@aurora.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: kevints@apache.org
To: commits@aurora.apache.org
Message-Id: <27bb1cef39e04c218a5295b47ab7f5a3@git.apache.org>
Subject: aurora git commit: Relax requirement for .ini file sections.
Date: Mon,  8 Jun 2015 21:49:31 +0000 (UTC)

Repository: aurora
Updated Branches:
  refs/heads/master 65739bb71 -> cb7831850


Relax requirement for .ini file sections.

Testing Done:
./gradlew -Pq build

Bugs closed: AURORA-1342

Reviewed at https://reviews.apache.org/r/35219/


Project: http://git-wip-us.apache.org/repos/asf/aurora/repo
Commit: http://git-wip-us.apache.org/repos/asf/aurora/commit/cb783185
Tree: http://git-wip-us.apache.org/repos/asf/aurora/tree/cb783185
Diff: http://git-wip-us.apache.org/repos/asf/aurora/diff/cb783185

Branch: refs/heads/master
Commit: cb783185098378014a269a68f09b43006803ceb3
Parents: 65739bb
Author: Kevin Sweeney <kevints@apache.org>
Authored: Mon Jun 8 14:49:16 2015 -0700
Committer: Kevin Sweeney <kevints@apache.org>
Committed: Mon Jun 8 14:49:16 2015 -0700

----------------------------------------------------------------------
 .../http/api/security/ShiroIniParser.java       | 28 ++++++++++----------
 .../http/api/security/ShiroIniParserTest.java   | 19 ++++++++++---
 .../shiro-malformed-missing-sections.ini        | 21 ---------------
 .../security/shiro-malformed-no-sections.ini    | 17 ++++++++++++
 .../api/security/shiro-missing-sections.ini     | 20 ++++++++++++++
 5 files changed, 67 insertions(+), 38 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/aurora/blob/cb783185/src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParser.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParser.java b/src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParser.java
index 671b14f..ff8063c 100644
--- a/src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParser.java
+++ b/src/main/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParser.java
@@ -16,6 +16,7 @@ package org.apache.aurora.scheduler.http.api.security;
 import java.util.Set;
 
 import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Joiner;
 import com.google.common.collect.ImmutableSortedSet;
 import com.google.common.collect.Sets;
 import com.twitter.common.args.ArgParser;
@@ -27,28 +28,28 @@ import org.apache.shiro.realm.text.IniRealm;
 
 /**
  * Parser for shiro.ini files. Accepts any string that {@link Ini#fromResourcePath(String)} does.
- * The provided ini file must have only the sections required for configuration
+ * The provided ini file may have only the sections required for configuration
  * ({@link IniRealm.ROLES_SECTION_NAME} and {@link IniRealm.USERS_SECTION_NAME}) and no extras -
- * Aurora uses Guice in to configure those sections in
- * {@link HttpSecurityModule}}.
+ * Aurora uses Guice in to configure those sections in {@link HttpSecurityModule}}.
  */
 @ArgParser
 public class ShiroIniParser extends NonParameterizedTypeParser<Ini> {
   @VisibleForTesting
-  static final Set<String> REQUIRED_SECTION_NAMES =
+  static final Set<String> ALLOWED_SECTION_NAMES =
       ImmutableSortedSet.of(IniRealm.ROLES_SECTION_NAME, IniRealm.USERS_SECTION_NAME);
 
   @VisibleForTesting
-  static class MissingSectionsException extends IllegalArgumentException {
-    MissingSectionsException(Set<String> missingSections) {
-      super("Missing required sections: " + missingSections);
+  static class ExtraSectionsException extends IllegalArgumentException {
+    ExtraSectionsException(Set<String> extraSections) {
+      super("Extra sections present: " + extraSections);
     }
   }
 
   @VisibleForTesting
-  static class ExtraSectionsException extends IllegalArgumentException {
-    ExtraSectionsException(Set<String> extraSections) {
-      super("Extra sections present: " + extraSections);
+  static class MissingSectionsException extends IllegalArgumentException {
+    MissingSectionsException() {
+      super("No sections present. Allowed sections are: "
+          + Joiner.on(",").join(ALLOWED_SECTION_NAMES));
     }
   }
 
@@ -69,12 +70,11 @@ public class ShiroIniParser extends NonParameterizedTypeParser<Ini> {
     }
 
     Set<String> presentSections = ImmutableSortedSet.copyOf(ini.getSectionNames());
-    Set<String> missingSections = Sets.difference(REQUIRED_SECTION_NAMES, presentSections);
-    if (!missingSections.isEmpty()) {
-      throw new MissingSectionsException(missingSections);
+    if (presentSections.isEmpty()) {
+      throw new MissingSectionsException();
     }
 
-    Set<String> extraSections = Sets.difference(presentSections, REQUIRED_SECTION_NAMES);
+    Set<String> extraSections = Sets.difference(presentSections, ALLOWED_SECTION_NAMES);
     if (!extraSections.isEmpty()) {
       throw new ExtraSectionsException(extraSections);
     }

http://git-wip-us.apache.org/repos/asf/aurora/blob/cb783185/src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParserTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParserTest.java b/src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParserTest.java
index cb8b1ad..3ca8c86 100644
--- a/src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParserTest.java
+++ b/src/test/java/org/apache/aurora/scheduler/http/api/security/ShiroIniParserTest.java
@@ -13,10 +13,13 @@
  */
 package org.apache.aurora.scheduler.http.api.security;
 
+import com.google.common.collect.ImmutableSet;
+
 import org.apache.aurora.scheduler.http.api.security.ShiroIniParser.ExtraSectionsException;
 import org.apache.aurora.scheduler.http.api.security.ShiroIniParser.MissingSectionsException;
 import org.apache.aurora.scheduler.http.api.security.ShiroIniParser.ShiroConfigurationException;
 import org.apache.shiro.io.ResourceUtils;
+import org.apache.shiro.realm.text.IniRealm;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -27,8 +30,9 @@ public class ShiroIniParserTest {
 
   private static final String EXAMPLE_RESOURCE = "shiro-example.ini";
   private static final String EXTRA_SECTIONS_SHIRO_INI = "shiro-malformed-extra-sections.ini";
-  private static final String MISSING_SECTIONS_SHIRO_INI = "shiro-malformed-missing-sections.ini";
+  private static final String MISSING_SECTIONS_SHIRO_INI = "shiro-missing-sections.ini";
   private static final String NONEXISTENT_RESOURCE = "shiro-nonexistent.ini";
+  private static final String NO_SECTIONS_SHURO_INI = "shiro-malformed-no-sections.ini";
 
   @Before
   public void setUp() {
@@ -38,11 +42,20 @@ public class ShiroIniParserTest {
   @Test
   public void testDoParseSuccess() {
     assertEquals(
-        ShiroIniParser.REQUIRED_SECTION_NAMES,
+        ShiroIniParser.ALLOWED_SECTION_NAMES,
         parser.doParse(
             ShiroIniParserTest.class.getResource(EXAMPLE_RESOURCE).toString()).getSectionNames());
   }
 
+  @Test
+  public void testDoParseOptionalSections() {
+    assertEquals(
+        ImmutableSet.of(IniRealm.ROLES_SECTION_NAME),
+        parser
+            .doParse(ShiroIniParserTest.class.getResource(MISSING_SECTIONS_SHIRO_INI).toString())
+            .getSectionNames());
+  }
+
   @Test(expected = ShiroConfigurationException.class)
   public void testDoParseNonexistent() {
     parser.doParse(ResourceUtils.CLASSPATH_PREFIX + NONEXISTENT_RESOURCE);
@@ -55,6 +68,6 @@ public class ShiroIniParserTest {
 
   @Test(expected = MissingSectionsException.class)
   public void testDoParseMissingSections() {
-    parser.doParse(getClass().getResource(MISSING_SECTIONS_SHIRO_INI).toString());
+    parser.doParse(getClass().getResource(NO_SECTIONS_SHURO_INI).toString());
   }
 }

http://git-wip-us.apache.org/repos/asf/aurora/blob/cb783185/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-missing-sections.ini
----------------------------------------------------------------------
diff --git a/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-missing-sections.ini b/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-missing-sections.ini
deleted file mode 100644
index 5303c6e..0000000
--- a/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-missing-sections.ini
+++ /dev/null
@@ -1,21 +0,0 @@
-;
-; Licensed under the Apache License, Version 2.0 (the "License");
-; you may not use this file except in compliance with the License.
-; You may obtain a copy of the License at
-;
-;     http://www.apache.org/licenses/LICENSE-2.0
-;
-; Unless required by applicable law or agreed to in writing, software
-; distributed under the License is distributed on an "AS IS" BASIS,
-; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-; See the License for the specific language governing permissions and
-; limitations under the License.
-;
-
-; Malformed shiro.ini for test
-[users]
-root = secret, admin
-
-; This section should be present.
-;[roles]
-;admin = *

http://git-wip-us.apache.org/repos/asf/aurora/blob/cb783185/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-no-sections.ini
----------------------------------------------------------------------
diff --git a/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-no-sections.ini b/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-no-sections.ini
new file mode 100644
index 0000000..8212039
--- /dev/null
+++ b/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-malformed-no-sections.ini
@@ -0,0 +1,17 @@
+;
+; Licensed under the Apache License, Version 2.0 (the "License");
+; you may not use this file except in compliance with the License.
+; You may obtain a copy of the License at
+;
+;     http://www.apache.org/licenses/LICENSE-2.0
+;
+; Unless required by applicable law or agreed to in writing, software
+; distributed under the License is distributed on an "AS IS" BASIS,
+; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+; See the License for the specific language governing permissions and
+; limitations under the License.
+;
+
+;; Oops, forgot to uncomment this.
+;[users]
+;root = secret
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/aurora/blob/cb783185/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-missing-sections.ini
----------------------------------------------------------------------
diff --git a/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-missing-sections.ini b/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-missing-sections.ini
new file mode 100644
index 0000000..1fbbd13
--- /dev/null
+++ b/src/test/resources/org/apache/aurora/scheduler/http/api/security/shiro-missing-sections.ini
@@ -0,0 +1,20 @@
+;
+; Licensed under the Apache License, Version 2.0 (the "License");
+; you may not use this file except in compliance with the License.
+; You may obtain a copy of the License at
+;
+;     http://www.apache.org/licenses/LICENSE-2.0
+;
+; Unless required by applicable law or agreed to in writing, software
+; distributed under the License is distributed on an "AS IS" BASIS,
+; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+; See the License for the specific language governing permissions and
+; limitations under the License.
+;
+
+; This section could be provided by another Realm.
+;[users]
+;root = secret, admin
+
+[roles]
+admin = *