diff options
Diffstat (limited to 'java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java')
-rw-r--r-- | java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java b/java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java index ceff2b998a..1830040007 100644 --- a/java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java +++ b/java/systests/src/main/java/org/apache/qpid/server/security/acl/ExternalACLJMXTest.java @@ -33,14 +33,19 @@ import java.lang.management.RuntimeMXBean; */ public class ExternalACLJMXTest extends AbstractACLTestCase { + private JMXTestUtils _jmx; private static final String TEST_QUEUE_OWNER = "admin"; private static final String TEST_VHOST = "test"; + private static final String TEST2_VHOST = "test2"; @Override public void setUp() throws Exception { + createTestVirtualHost(0, TEST_VHOST); + createTestVirtualHost(0, TEST2_VHOST); + _jmx = new JMXTestUtils(this); _jmx.setUp(); super.setUp(); @@ -54,15 +59,14 @@ public class ExternalACLJMXTest extends AbstractACLTestCase super.tearDown(); } - /** - * Ensure an empty ACL defaults to DENY ALL. - */ - public void setUpDenyAllIsDefault() throws Exception + public void setUpDenyAllIsCatchAllRule() throws Exception { - writeACLFile(null, "#Empty ACL file"); + writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", + "#No more rules, default catch all (deny all) should apply"); } - public void testDenyAllIsDefault() throws Exception + public void testDenyAllIsCatchAllRule() throws Exception { //try a broker-level method ServerInformation info = _jmx.getServerInformation(); @@ -115,6 +119,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase public void setUpVhostAllowOverridesGlobalDeny() throws Exception { writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", "ACL DENY admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); writeACLFile(TEST_VHOST, "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); @@ -128,7 +133,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase //try a vhost-level method on a different vhost try { - _jmx.createQueue("development", getTestQueueName(), TEST_QUEUE_OWNER, true); + _jmx.createQueue(TEST2_VHOST, getTestQueueName(), TEST_QUEUE_OWNER, true); fail("Exception not thrown"); } catch (SecurityException e) @@ -144,6 +149,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase public void setUpUpdateComponentOnlyAllow() throws Exception { writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager'"); } @@ -162,6 +168,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase public void setUpUpdateMethodOnlyAllow() throws Exception { writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", "ACL ALLOW admin UPDATE METHOD"); } @@ -179,8 +186,8 @@ public class ExternalACLJMXTest extends AbstractACLTestCase */ public void setUpCreateQueueSuccess() throws Exception { - writeACLFile(TEST_VHOST, - "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); + writeACLFile(null, "ACL ALLOW admin ACCESS MANAGEMENT"); + writeACLFile(TEST_VHOST, "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); } public void testCreateQueueSuccess() throws Exception @@ -194,6 +201,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase */ public void setUpCreateQueueSuccessNoAMQPRights() throws Exception { + writeACLFile(null, "ACL ALLOW admin ACCESS MANAGEMENT"); writeACLFile(TEST_VHOST, "ACL ALLOW admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'", "ACL DENY admin CREATE QUEUE"); @@ -210,6 +218,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase */ public void setUpCreateQueueDenied() throws Exception { + writeACLFile(null, "ACL ALLOW admin ACCESS MANAGEMENT"); writeACLFile(TEST_VHOST, "ACL DENY admin UPDATE METHOD component='VirtualHost.VirtualHostManager' name='createNewQueue'"); } @@ -234,6 +243,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase public void setUpServerInformationUpdateDenied() throws Exception { writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", "ACL DENY admin UPDATE METHOD component='ServerInformation' name='resetStatistics'"); } @@ -258,6 +268,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase public void setUpServerInformationAccessGranted() throws Exception { writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", "ACL ALLOW-LOG admin ACCESS METHOD component='ServerInformation' name='getManagementApiMajorVersion'"); } @@ -284,6 +295,7 @@ public class ExternalACLJMXTest extends AbstractACLTestCase public void setUpServerInformationUpdateMethodPermission() throws Exception { writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", "ACL ALLOW admin UPDATE METHOD component='ServerInformation' name='resetStatistics'"); } @@ -300,7 +312,9 @@ public class ExternalACLJMXTest extends AbstractACLTestCase */ public void setUpServerInformationAllMethodPermissions() throws Exception { - writeACLFile(null, "ACL ALLOW admin ALL METHOD component='ServerInformation'"); + writeACLFile(null, + "ACL ALLOW admin ACCESS MANAGEMENT", + "ACL ALLOW admin ALL METHOD component='ServerInformation'"); } public void testServerInformationAllMethodPermissions() throws Exception |