geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jinmeil...@apache.org
Subject [18/50] [abbrv] incubator-geode git commit: Extract tests to their own distributed test classes
Date Mon, 27 Jun 2016 21:21:08 GMT
Extract tests to their own distributed test classes


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/6a45ca0c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/6a45ca0c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/6a45ca0c

Branch: refs/heads/feature/GEODE-1571
Commit: 6a45ca0cc8cd9283a84cc43f52c54bc4c17e95b9
Parents: 46017f9 2b32829
Author: gmeilen <gracemeilen@gmail.com>
Authored: Thu Jun 23 15:20:23 2016 -0700
Committer: gmeilen <gracemeilen@gmail.com>
Committed: Thu Jun 23 15:20:23 2016 -0700

----------------------------------------------------------------------
 .../asyncqueue/AsyncEventQueueFactory.java      |   2 +-
 .../cache/tier/sockets/BaseCommand.java         |   7 -
 .../cache/tier/sockets/BaseCommandQuery.java    |  11 +-
 .../tier/sockets/command/CloseConnection.java   |  13 +-
 .../tier/sockets/command/CreateRegion.java      | 122 +++++++-------
 .../tier/sockets/command/DestroyRegion.java     | 167 +++++++++----------
 .../security/IntegratedClientAuthDUnitTest.java | 167 -------------------
 ...entDestroyInvalidateAuthDistributedTest.java |  78 +++++++++
 ...dClientDestroyRegionAuthDistributedTest.java |  50 ++++++
 ...tegratedClientGetPutAuthDistributedTest.java | 116 +++++++++++++
 ...ntegratedClientQueryAuthDistributedTest.java |  45 +++++
 ...tedClientRegionClearAuthDistributedTest.java |  54 ++++++
 .../internal/security/clientServer.json         |   7 +
 13 files changed, 507 insertions(+), 332 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/BaseCommand.java
----------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java
index 506a171,4b7b573..10a8f73
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java
@@@ -14,23 -14,22 +14,10 @@@
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
--
  package com.gemstone.gemfire.security;
  
 -import static com.gemstone.gemfire.security.SecurityTestUtils.*;
 -import static org.assertj.core.api.Assertions.*;
--import static org.junit.Assert.*;
--
--import java.util.ArrayList;
--import java.util.HashMap;
--import java.util.List;
--import java.util.Map;
--import java.util.Set;
- 
- import com.gemstone.gemfire.cache.Cache;
- import com.gemstone.gemfire.cache.Region;
- import com.gemstone.gemfire.test.dunit.AsyncInvocation;
- import com.gemstone.gemfire.test.dunit.SerializableRunnable;
 +import com.gemstone.gemfire.test.junit.categories.DistributedTest;
  
 -import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
 -import org.junit.After;
 -import org.junit.Before;
  import org.junit.Test;
  import org.junit.experimental.categories.Category;
  
@@@ -48,160 -90,193 +35,6 @@@ public class IntegratedClientAuthDUnitT
        SecurityTestUtils.createCacheClient("super-user", "wrong", port, SecurityTestUtils.AUTHFAIL_EXCEPTION);
      });
    }
- 
-   @Test
-   public void testGetPutAuthorization() throws InterruptedException {
-     Map<String, String> allValues = new HashMap<String, String>();
-     allValues.put("key1", "value1");
-     allValues.put("key2", "value2");
- 
-     List<String> keys = new ArrayList<>();
-     keys.add("key1");
-     keys.add("key2");
- 
-     // client1 connects to server as a user not authorized to do any operations
-     AsyncInvocation ai1 =  client1.invokeAsync(()->{
-       Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-       final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
- 
-       assertNotAuthorized(()->region.put("key3", "value3"), "DATA:WRITE:AuthRegion:key3");
-       assertNotAuthorized(()->region.get("key3"), "DATA:READ:AuthRegion:key3");
- 
-       //putall
-       assertNotAuthorized(()->region.putAll(allValues), "DATA:WRITE:AuthRegion");
- 
-       // not authorized for either keys, get no record back
-       Map keyValues =  region.getAll(keys);
-       assertEquals(0, keyValues.size());
- 
-       Set keySet = region.keySet();
-       assertEquals(0, keySet.size());
- 
- //      Query query = cache.getQueryService().newQuery("select * from /AuthRegion");
- //      Object result = query.execute();
- 
-       cache.close();
-     });
- 
- 
-     // client2 connects to user as a user authorized to use AuthRegion region
-     AsyncInvocation ai2 =  client2.invokeAsync(()->{
-       Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-       final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
- 
-       region.put("key3", "value3");
-       assertEquals("value3", region.get("key3"));
- 
-       // put all
-       region.putAll(allValues);
- 
-       // get all
-       Map keyValues =  region.getAll(keys);
-       assertEquals(2, keyValues.size());
- 
-       // keyset
-       Set keySet = region.keySet();
-       assertEquals(3, keySet.size());
-     });
- 
-     // client3 connects to user as a user authorized to use key1 in AuthRegion region
-     AsyncInvocation ai3 =  client3.invokeAsync(()->{
-       Cache cache = SecurityTestUtils.createCacheClient("key1User", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-       final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
- 
-       assertNotAuthorized(()->region.put("key2", "value1"), "DATA:WRITE:AuthRegion:key2");
-       assertNotAuthorized(()->region.get("key2"), "DATA:READ:AuthRegion:key2");
- 
-       assertNotAuthorized(()->region.putAll(allValues), "DATA:WRITE:AuthRegion");
- 
-       // only authorized for one recrod
-       Map keyValues =  region.getAll(keys);
-       assertEquals(1, keyValues.size());
- 
-       // keyset
-       Set keySet = region.keySet();
-       assertEquals(1, keySet.size());
-     });
- 
-     ai1.join();
-     ai2.join();
-     ai3.join();
- 
-     ai1.checkException();
-     ai2.checkException();
-     ai3.checkException();
-   }
- 
-   @Test
-   public void testDestroyInvalidate() throws InterruptedException {
- 
-     // Delete one key and invalidate another key with an authorized user.
-     AsyncInvocation ai1 = client1.invokeAsync(() -> {
-       Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-       final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
- 
-       assertEquals(region.get("key1"), "value1");
-       assertTrue(region.containsKey("key1")); // will only be true after we first get it,
then it's cached locally
- 
-       // Destroy key1
-       region.destroy("key1");
-       assertFalse(region.containsKey("key1"));
- 
-       // Invalidate key2
-       assertNotNull("Value of key2 should not be null", region.get("key2"));
-       region.invalidate("key2");
-       assertNull("Value of key2 should have been null", region.get("key2"));
- 
-     });
- 
-     // Delete one key and invalidate another key with an unauthorized user.
-     AsyncInvocation ai2 = client2.invokeAsync(() -> {
-       Cache cache = SecurityTestUtils.createCacheClient("authRegionReader", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-       final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
- 
-       assertEquals(region.get("key3"), "value3");
-       assertTrue(region.containsKey("key3")); // will only be true after we first get it,
then it's cached locally
- 
-       // Destroy key1
-       assertNotAuthorized(() -> region.destroy("key3"), "DATA:WRITE:AuthRegion");
-       assertTrue(region.containsKey("key3"));
- 
-       // Invalidate key2
-       assertNotNull("Value of key4 should not be null", region.get("key4"));
-       assertNotAuthorized(() -> region.invalidate("key4"), "DATA:WRITE:AuthRegion");
-       assertNotNull("Value of key4 should not be null", region.get("key4"));
-       cache.close();
-     });
-     ai1.join();
-     ai2.join();
-     ai1.checkException();
-     ai2.checkException();
-   }
- 
-   @Test
-   public void testRegionClear() throws InterruptedException {
-     // Verify that an unauthorized user can't clear the region
-     SerializableRunnable clearUnauthorized = new SerializableRunnable() {
-       @Override
-       public void run() {
-         Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-         final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
-         assertNotAuthorized(() -> region.clear(), "DATA:WRITE:AuthRegion");
-       }
-     };
-     client1.invoke(clearUnauthorized);
- 
-     // Verify that an authorized user can clear the region
-     SerializableRunnable clearAuthorized = new SerializableRunnable() {
-       @Override
-       public void run() {
-         Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
-         final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
-         region.clear();
-       }
-     };
-     client2.invoke(clearAuthorized);
-   }
 +}
  
 -  @Test
 -  public void testGetPutAuthorization() throws InterruptedException {
 -    Map<String, String> allValues = new HashMap<String, String>();
 -    allValues.put("key1", "value1");
 -    allValues.put("key2", "value2");
 -
 -    List<String> keys = new ArrayList<>();
 -    keys.add("key1");
 -    keys.add("key2");
 -
 -    // client1 connects to server as a user not authorized to do any operations
 -    AsyncInvocation ai1 =  client1.invokeAsync(()->{
 -      Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -
 -      assertNotAuthorized(()->region.put("key3", "value3"), "DATA:WRITE:AuthRegion:key3");
 -      assertNotAuthorized(()->region.get("key3"), "DATA:READ:AuthRegion:key3");
 -
 -      //putall
 -      assertNotAuthorized(()->region.putAll(allValues), "DATA:WRITE:AuthRegion");
 -
 -      // not authorized for either keys, get no record back
 -      Map keyValues =  region.getAll(keys);
 -      assertEquals(0, keyValues.size());
 -
 -      Set keySet = region.keySet();
 -      assertEquals(0, keySet.size());
 -    });
 -
 -
 -    // client2 connects to user as a user authorized to use AuthRegion region
 -    AsyncInvocation ai2 =  client2.invokeAsync(()->{
 -      Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -
 -      region.put("key3", "value3");
 -      assertEquals("value3", region.get("key3"));
 -
 -      // put all
 -      region.putAll(allValues);
 -
 -      // get all
 -      Map keyValues =  region.getAll(keys);
 -      assertEquals(2, keyValues.size());
 -
 -      // keyset
 -      Set keySet = region.keySet();
 -      assertEquals(3, keySet.size());
 -    });
 -
 -    // client3 connects to user as a user authorized to use key1 in AuthRegion region
 -    AsyncInvocation ai3 =  client3.invokeAsync(()->{
 -      Cache cache = SecurityTestUtils.createCacheClient("key1User", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -
 -      assertNotAuthorized(()->region.put("key2", "value1"), "DATA:WRITE:AuthRegion:key2");
 -      assertNotAuthorized(()->region.get("key2"), "DATA:READ:AuthRegion:key2");
 -
 -      assertNotAuthorized(()->region.putAll(allValues), "DATA:WRITE:AuthRegion");
 -
 -      // only authorized for one recrod
 -      Map keyValues =  region.getAll(keys);
 -      assertEquals(1, keyValues.size());
 -
 -      // keyset
 -      Set keySet = region.keySet();
 -      assertEquals(1, keySet.size());
 -    });
 -
 -    ai1.join();
 -    ai2.join();
 -    ai3.join();
 -
 -    ai1.checkException();
 -    ai2.checkException();
 -    ai3.checkException();
 -  }
 -
 -  @Test
 -  public void testQuery(){
 -    client1.invoke(()-> {
 -      Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -
 -      String query = "select * from /AuthRegion";
 -      assertNotAuthorized(()->region.query(query), "DATA:READ:AuthRegion");
 -
 -      Pool pool = PoolManager.find(region);
 -      assertNotAuthorized(()->pool.getQueryService().newQuery(query).execute(), "DATA:READ:AuthRegion");
 -    });
 -  }
 -
 -  @Test
 -  public void testDestroyRegion() throws InterruptedException {
 -    client1.invoke(()-> {
 -      Cache cache = SecurityTestUtils.createCacheClient("dataWriter", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -      assertNotAuthorized(()->region.destroyRegion(), "DATA:MANAGE");
 -    });
 -
 -    client2.invoke(()-> {
 -      Cache cache = SecurityTestUtils.createCacheClient("authRegionManager", "1234567",
serverPort, SecurityTestUtils.NO_EXCEPTION);
 -      Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -      assertNotAuthorized(()->region.destroyRegion(), "DATA:MANAGE");
 -    });
 -
 -    client3.invoke(()-> {
 -      Cache cache = SecurityTestUtils.createCacheClient("super-user", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -      region.destroyRegion();
 -    });
 -  }
 -
 -  @Test
 -  public void testDestroyInvalidate() throws InterruptedException {
 -
 -    // Delete one key and invalidate another key with an authorized user.
 -    AsyncInvocation ai1 = client1.invokeAsync(() -> {
 -      Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -
 -      assertEquals(region.get("key1"), "value1");
 -      assertTrue(region.containsKey("key1")); // will only be true after we first get it,
then it's cached locally
 -
 -      // Destroy key1
 -      region.destroy("key1");
 -      assertFalse(region.containsKey("key1"));
 -
 -      // Invalidate key2
 -      assertNotNull("Value of key2 should not be null", region.get("key2"));
 -      region.invalidate("key2");
 -      assertNull("Value of key2 should have been null", region.get("key2"));
 -
 -    });
 -
 -    // Delete one key and invalidate another key with an unauthorized user.
 -    AsyncInvocation ai2 = client2.invokeAsync(() -> {
 -      Cache cache = SecurityTestUtils.createCacheClient("authRegionReader", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -
 -      assertEquals(region.get("key3"), "value3");
 -      assertTrue(region.containsKey("key3")); // will only be true after we first get it,
then it's cached locally
 -
 -      // Destroy key1
 -      assertNotAuthorized(() -> region.destroy("key3"), "DATA:WRITE:AuthRegion");
 -      assertTrue(region.containsKey("key3"));
 -
 -      // Invalidate key2
 -      assertNotNull("Value of key4 should not be null", region.get("key4"));
 -      assertNotAuthorized(() -> region.invalidate("key4"), "DATA:WRITE:AuthRegion");
 -      assertNotNull("Value of key4 should not be null", region.get("key4"));
 -      cache.close();
 -    });
 -    ai1.join();
 -    ai2.join();
 -    ai1.checkException();
 -    ai2.checkException();
 -  }
 -
 -  public static void assertNotAuthorized(ThrowingCallable shouldRaiseThrowable, String permString)
{
 -    assertThatThrownBy(shouldRaiseThrowable).hasMessageContaining(permString);
 -  }
 -
 -  @Test
 -  public void testRegionClear() throws InterruptedException {
 -    // Verify that an unauthorized user can't clear the region
 -    SerializableRunnable clearUnauthorized = new SerializableRunnable() {
 -      @Override
 -      public void run() {
 -        Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -        final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -        assertNotAuthorized(() -> region.clear(), "DATA:WRITE:AuthRegion");
 -      }
 -    };
 -    client1.invoke(clearUnauthorized);
 -
 -    // Verify that an authorized user can clear the region
 -    SerializableRunnable clearAuthorized = new SerializableRunnable() {
 -      @Override
 -      public void run() {
 -        Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
 -        final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
 -        region.clear();
 -      }
 -    };
 -    client2.invoke(clearAuthorized);
 -  }
  
 -}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java
index 0000000,0000000..e78ed62
new file mode 100644
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java
@@@ -1,0 -1,0 +1,78 @@@
++/*
++ * Licensed to the Apache Software Foundation (ASF) under one or more
++ * contributor license agreements.  See the NOTICE file distributed with
++ * this work for additional information regarding copyright ownership.
++ * The ASF licenses this file to You under the Apache License, Version 2.0
++ * (the "License"); you may not use this file except in compliance with
++ * the License.  You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++package com.gemstone.gemfire.security;
++
++import static org.junit.Assert.*;
++
++import com.gemstone.gemfire.cache.Cache;
++import com.gemstone.gemfire.cache.Region;
++import com.gemstone.gemfire.test.dunit.AsyncInvocation;
++import com.gemstone.gemfire.test.junit.categories.DistributedTest;
++
++import org.junit.Test;
++import org.junit.experimental.categories.Category;
++
++@Category(DistributedTest.class)
++public class IntegratedClientDestroyInvalidateAuthDistributedTest extends AbstractIntegratedClientAuthDistributedTest
{
++
++  @Test
++  public void testDestroyInvalidate() throws InterruptedException {
++
++    // Delete one key and invalidate another key with an authorized user.
++    AsyncInvocation ai1 = client1.invokeAsync(() -> {
++      Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++
++      assertEquals(region.get("key1"), "value1");
++      assertTrue(region.containsKey("key1")); // will only be true after we first get it,
then it's cached locally
++
++      // Destroy key1
++      region.destroy("key1");
++      assertFalse(region.containsKey("key1"));
++
++      // Invalidate key2
++      assertNotNull("Value of key2 should not be null", region.get("key2"));
++      region.invalidate("key2");
++      assertNull("Value of key2 should have been null", region.get("key2"));
++
++    });
++
++    // Delete one key and invalidate another key with an unauthorized user.
++    AsyncInvocation ai2 = client2.invokeAsync(() -> {
++      Cache cache = SecurityTestUtils.createCacheClient("authRegionReader", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++
++      assertEquals(region.get("key3"), "value3");
++      assertTrue(region.containsKey("key3")); // will only be true after we first get it,
then it's cached locally
++
++      // Destroy key1
++      assertNotAuthorized(() -> region.destroy("key3"), "DATA:WRITE:AuthRegion");
++      assertTrue(region.containsKey("key3"));
++
++      // Invalidate key2
++      assertNotNull("Value of key4 should not be null", region.get("key4"));
++      assertNotAuthorized(() -> region.invalidate("key4"), "DATA:WRITE:AuthRegion");
++      assertNotNull("Value of key4 should not be null", region.get("key4"));
++      cache.close();
++    });
++    ai1.join();
++    ai2.join();
++    ai1.checkException();
++    ai2.checkException();
++  }
++
++}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java
index 0000000,0000000..a9cc354
new file mode 100644
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java
@@@ -1,0 -1,0 +1,50 @@@
++/*
++ * Licensed to the Apache Software Foundation (ASF) under one or more
++ * contributor license agreements.  See the NOTICE file distributed with
++ * this work for additional information regarding copyright ownership.
++ * The ASF licenses this file to You under the Apache License, Version 2.0
++ * (the "License"); you may not use this file except in compliance with
++ * the License.  You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++package com.gemstone.gemfire.security;
++
++import com.gemstone.gemfire.cache.Cache;
++import com.gemstone.gemfire.cache.Region;
++import com.gemstone.gemfire.test.junit.categories.DistributedTest;
++
++import org.junit.Test;
++import org.junit.experimental.categories.Category;
++
++@Category(DistributedTest.class)
++public class IntegratedClientDestroyRegionAuthDistributedTest extends AbstractIntegratedClientAuthDistributedTest
{
++
++  @Test
++  public void testDestroyRegion() throws InterruptedException {
++    client1.invoke(()-> {
++      Cache cache = SecurityTestUtils.createCacheClient("dataWriter", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++      assertNotAuthorized(()->region.destroyRegion(), "DATA:MANAGE");
++    });
++
++    client2.invoke(()-> {
++      Cache cache = SecurityTestUtils.createCacheClient("authRegionManager", "1234567",
serverPort, SecurityTestUtils.NO_EXCEPTION);
++      Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++      assertNotAuthorized(()->region.destroyRegion(), "DATA:MANAGE");
++    });
++
++    client3.invoke(()-> {
++      Cache cache = SecurityTestUtils.createCacheClient("super-user", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++      region.destroyRegion();
++    });
++  }
++
++}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
index 0000000,0000000..854e2f6
new file mode 100644
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
@@@ -1,0 -1,0 +1,116 @@@
++/*
++ * Licensed to the Apache Software Foundation (ASF) under one or more
++ * contributor license agreements.  See the NOTICE file distributed with
++ * this work for additional information regarding copyright ownership.
++ * The ASF licenses this file to You under the Apache License, Version 2.0
++ * (the "License"); you may not use this file except in compliance with
++ * the License.  You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++package com.gemstone.gemfire.security;
++
++import static org.junit.Assert.assertEquals;
++
++import java.util.ArrayList;
++import java.util.HashMap;
++import java.util.List;
++import java.util.Map;
++import java.util.Set;
++
++import com.gemstone.gemfire.cache.Cache;
++import com.gemstone.gemfire.cache.Region;
++import com.gemstone.gemfire.test.dunit.AsyncInvocation;
++import com.gemstone.gemfire.test.junit.categories.DistributedTest;
++
++import org.junit.Test;
++import org.junit.experimental.categories.Category;
++
++@Category(DistributedTest.class)
++public class IntegratedClientGetPutAuthDistributedTest extends AbstractIntegratedClientAuthDistributedTest
{
++
++  @Test
++  public void testGetPutAuthorization() throws InterruptedException {
++    Map<String, String> allValues = new HashMap<String, String>();
++    allValues.put("key1", "value1");
++    allValues.put("key2", "value2");
++
++    List<String> keys = new ArrayList<>();
++    keys.add("key1");
++    keys.add("key2");
++
++    // client1 connects to server as a user not authorized to do any operations
++    AsyncInvocation ai1 =  client1.invokeAsync(()->{
++      Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++
++      assertNotAuthorized(()->region.put("key3", "value3"), "DATA:WRITE:AuthRegion:key3");
++      assertNotAuthorized(()->region.get("key3"), "DATA:READ:AuthRegion:key3");
++
++      //putall
++      assertNotAuthorized(()->region.putAll(allValues), "DATA:WRITE:AuthRegion");
++
++      // not authorized for either keys, get no record back
++      Map keyValues =  region.getAll(keys);
++      assertEquals(0, keyValues.size());
++
++      Set keySet = region.keySet();
++      assertEquals(0, keySet.size());
++    });
++
++
++    // client2 connects to user as a user authorized to use AuthRegion region
++    AsyncInvocation ai2 =  client2.invokeAsync(()->{
++      Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++
++      region.put("key3", "value3");
++      assertEquals("value3", region.get("key3"));
++
++      // put all
++      region.putAll(allValues);
++
++      // get all
++      Map keyValues =  region.getAll(keys);
++      assertEquals(2, keyValues.size());
++
++      // keyset
++      Set keySet = region.keySet();
++      assertEquals(3, keySet.size());
++    });
++
++    // client3 connects to user as a user authorized to use key1 in AuthRegion region
++    AsyncInvocation ai3 =  client3.invokeAsync(()->{
++      Cache cache = SecurityTestUtils.createCacheClient("key1User", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++
++      assertNotAuthorized(()->region.put("key2", "value1"), "DATA:WRITE:AuthRegion:key2");
++      assertNotAuthorized(()->region.get("key2"), "DATA:READ:AuthRegion:key2");
++
++      assertNotAuthorized(()->region.putAll(allValues), "DATA:WRITE:AuthRegion");
++
++      // only authorized for one recrod
++      Map keyValues =  region.getAll(keys);
++      assertEquals(1, keyValues.size());
++
++      // keyset
++      Set keySet = region.keySet();
++      assertEquals(1, keySet.size());
++    });
++
++    ai1.join();
++    ai2.join();
++    ai3.join();
++
++    ai1.checkException();
++    ai2.checkException();
++    ai3.checkException();
++  }
++
++}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
index 0000000,0000000..8651a2f
new file mode 100644
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
@@@ -1,0 -1,0 +1,45 @@@
++/*
++ * Licensed to the Apache Software Foundation (ASF) under one or more
++ * contributor license agreements.  See the NOTICE file distributed with
++ * this work for additional information regarding copyright ownership.
++ * The ASF licenses this file to You under the Apache License, Version 2.0
++ * (the "License"); you may not use this file except in compliance with
++ * the License.  You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++package com.gemstone.gemfire.security;
++
++import com.gemstone.gemfire.cache.Cache;
++import com.gemstone.gemfire.cache.Region;
++import com.gemstone.gemfire.cache.client.Pool;
++import com.gemstone.gemfire.cache.client.PoolManager;
++import com.gemstone.gemfire.test.junit.categories.DistributedTest;
++
++import org.junit.Test;
++import org.junit.experimental.categories.Category;
++
++@Category(DistributedTest.class)
++public class IntegratedClientQueryAuthDistributedTest extends AbstractIntegratedClientAuthDistributedTest
{
++
++  @Test
++  public void testQuery(){
++    client1.invoke(()-> {
++      Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++      final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++
++      String query = "select * from /AuthRegion";
++      assertNotAuthorized(()->region.query(query), "DATA:READ:AuthRegion");
++
++      Pool pool = PoolManager.find(region);
++      assertNotAuthorized(()->pool.getQueryService().newQuery(query).execute(), "DATA:READ:AuthRegion");
++    });
++  }
++
++}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6a45ca0c/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java
index 0000000,0000000..b344ce1
new file mode 100644
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java
@@@ -1,0 -1,0 +1,54 @@@
++/*
++ * Licensed to the Apache Software Foundation (ASF) under one or more
++ * contributor license agreements.  See the NOTICE file distributed with
++ * this work for additional information regarding copyright ownership.
++ * The ASF licenses this file to You under the Apache License, Version 2.0
++ * (the "License"); you may not use this file except in compliance with
++ * the License.  You may obtain a copy of the License at
++ *
++ *      http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++package com.gemstone.gemfire.security;
++
++import com.gemstone.gemfire.cache.Cache;
++import com.gemstone.gemfire.cache.Region;
++import com.gemstone.gemfire.test.dunit.SerializableRunnable;
++import com.gemstone.gemfire.test.junit.categories.DistributedTest;
++
++import org.junit.Test;
++import org.junit.experimental.categories.Category;
++
++@Category(DistributedTest.class)
++public class IntegratedClientRegionClearAuthDistributedTest extends AbstractIntegratedClientAuthDistributedTest
{
++
++  @Test
++  public void testRegionClear() throws InterruptedException {
++    // Verify that an unauthorized user can't clear the region
++    SerializableRunnable clearUnauthorized = new SerializableRunnable() {
++      @Override
++      public void run() {
++        Cache cache = SecurityTestUtils.createCacheClient("stranger", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++        final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++        assertNotAuthorized(() -> region.clear(), "DATA:WRITE:AuthRegion");
++      }
++    };
++    client1.invoke(clearUnauthorized);
++
++    // Verify that an authorized user can clear the region
++    SerializableRunnable clearAuthorized = new SerializableRunnable() {
++      @Override
++      public void run() {
++        Cache cache = SecurityTestUtils.createCacheClient("authRegionUser", "1234567", serverPort,
SecurityTestUtils.NO_EXCEPTION);
++        final Region region = cache.getRegion(SecurityTestUtils.REGION_NAME);
++        region.clear();
++      }
++    };
++    client2.invoke(clearAuthorized);
++  }
++}


Mime
View raw message