/** * @param passwd User's password to check. */ private void checkInvalidPassword(final String passwd) { AuthorizationContext.context(actxDflt); GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(CLI_NODE).context().authentication().addUser("test", passwd); return null; } }, UserManagementException.class, "Invalid user name"); } /**
/** * @throws Exception If failed. */ @Test public void testDropDefaultUser() throws Exception { AuthorizationContext.context(actxDflt); for (int i = 0; i < NODES_COUNT; ++i) { final int idx = i; GridTestUtils.assertThrowsAnyCause(log, new Callable<Void>() { @Override public Void call() throws Exception { userSql(idx, "DROP USER \"ignite\""); return null; } }, IgniteAccessControlException.class, "Default user cannot be removed"); } }
/** * @throws Exception If failed. */ @Test public void testAddUpdateRemoveUser() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) { for (int j = 0; j < NODES_COUNT; ++j) checkAddUpdateRemoveUser(grid(i), grid(j)); } } finally { AuthorizationContext.context(null); } }
@Override public void run() { AuthorizationContext.context(actxDflt); String user = "test" + usrCnt.getAndIncrement(); try { for (int i = 0; i < ITERATIONS; ++i) { grid(CLI_NODE).context().authentication().addUser(user, "passwd_" + user); grid(CLI_NODE).context().authentication().removeUser(user); } } catch (Exception e) { e.printStackTrace(); fail("Unexpected exception"); } } }, 10, "user-op");
/** * @throws Exception If failed. */ @Test public void testCreateWithAlreadyExistUser() throws Exception { AuthorizationContext.context(actxDflt); userSql(0, "CREATE USER test WITH PASSWORD 'test'"); for (int i = 0; i < NODES_COUNT; ++i) { final int idx = i; GridTestUtils.assertThrowsAnyCause(log, new Callable<Void>() { @Override public Void call() throws Exception { userSql(idx, "CREATE USER test WITH PASSWORD 'test'"); return null; } }, UserManagementException.class, "User already exists [login=TEST]"); } }
/** * @throws Exception If failed. */ @Test public void testAlterDropNotExistUser() throws Exception { AuthorizationContext.context(actxDflt); for (int i = 0; i < NODES_COUNT; ++i) { final int idx = i; GridTestUtils.assertThrowsAnyCause(log, new Callable<Void>() { @Override public Void call() throws Exception { userSql(idx, "ALTER USER test WITH PASSWORD 'test'"); return null; } }, UserManagementException.class, "User doesn't exist [userName=TEST]"); GridTestUtils.assertThrowsAnyCause(log, new Callable<Void>() { @Override public Void call() throws Exception { userSql(idx, "DROP USER test"); return null; } }, UserManagementException.class, "User doesn't exist [userName=TEST]"); } }
/** * @throws Exception If failed. */ @Test public void testAddAlreadyExistsUser() throws Exception { AuthorizationContext.context(actxDflt); try { grid(0).context().authentication().addUser("test", "test"); for (int i = 0; i < NODES_COUNT; ++i) { final int nodeIdx = i; GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(nodeIdx).context().authentication().addUser("test", "new_passwd"); return null; } }, UserManagementException.class, "User already exists"); } } finally { AuthorizationContext.context(null); } }
/** * @throws Exception If failed. */ @Test public void testRemoveDefault() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) { final int nodeIdx = i; GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(nodeIdx).context().authentication().removeUser("ignite"); return null; } }, IgniteAccessControlException.class, "Default user cannot be removed"); assertNotNull(grid(nodeIdx).context().authentication().authenticate("ignite", "ignite")); } } finally { AuthorizationContext.context(null); } }
/** * @param op User operation. * @return Operation future. * @throws IgniteCheckedException On error. */ private UserOperationFinishFuture execUserOperation(UserManagementOperation op) throws IgniteCheckedException { checkActivate(); checkEnabled(); synchronized (mux) { if (disconnected) { throw new UserManagementException("Failed to initiate user management operation because " + "client node is disconnected."); } AuthorizationContext actx = AuthorizationContext.context(); if (actx == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); actx.checkUserOperation(op); UserOperationFinishFuture fut = new UserOperationFinishFuture(op.id()); opFinishFuts.put(op.id(), fut); UserProposedMessage msg = new UserProposedMessage(op); ctx.discovery().sendCustomEvent(msg); return fut; } }
/** * @throws Exception If failed. */ @Test public void testQuotedUsername() throws Exception { AuthorizationContext.context(actxDflt); userSql(0, "CREATE USER \"test\" with password 'test'"); userSql(0, "CREATE USER \" test\" with password 'test'"); userSql(0, "CREATE USER \" test \" with password 'test'"); userSql(0, "CREATE USER \"test \" with password 'test'"); userSql(0, "CREATE USER \"111\" with password 'test'"); }
/** * @throws Exception If failed. */ @Test public void testUpdateUser() throws Exception { AuthorizationContext.context(actxDflt); try { grid(0).context().authentication().addUser("test", "test"); AuthorizationContext actx = grid(0).context().authentication().authenticate("test", "test"); for (int i = 0; i < NODES_COUNT; ++i) { for (int j = 0; j < NODES_COUNT; ++j) checkUpdateUser(actx, grid(i), grid(j)); } } finally { AuthorizationContext.context(null); } }
/** * @throws Exception If failed. */ @Test public void testConcurrentAddUpdateRemoveNodeRestartServer() throws Exception { IgniteInternalFuture restartFut = loopServerRestarts(); AuthorizationContext.context(actxDflt); final AtomicInteger usrCnt = new AtomicInteger(); GridTestUtils.runMultiThreaded(() -> { AuthorizationContext.context(actxDflt); String user = "test" + usrCnt.getAndIncrement(); try { while (!restartFut.isDone()) { grid(CLI_NODE).context().authentication().addUser(user, "init"); grid(CLI_NODE).context().authentication().updateUser(user, "passwd_" + user); grid(CLI_NODE).context().authentication().removeUser(user); } } catch (Exception e) { e.printStackTrace(); fail("Unexpected exception on add / remove"); } }, 10, "user-op"); restartFut.get(); }
/** * @throws Exception If failed. */ @Test public void testConcurrentFailedOperationNodeRestartServer() throws Exception { IgniteInternalFuture restartFut = loopServerRestarts(); AuthorizationContext.context(actxDflt); grid(CLI_NODE).context().authentication().addUser("test", "test"); GridTestUtils.runMultiThreaded(() -> { AuthorizationContext.context(actxDflt); try { while (!restartFut.isDone()) { GridTestUtils.assertThrows(log, () -> { grid(CLI_NODE).context().authentication().addUser("test", "test"); return null; }, UserManagementException.class, "User already exists"); } } catch (Exception e) { e.printStackTrace(); fail("Unexpected error on failed operation"); } }, 10, "user-op"); restartFut.get(); }
/** * @throws Exception If failed. */ @Test public void testProceedUsersOnJoinNode() throws Exception { AuthorizationContext.context(actxDflt); try { grid(0).context().authentication().addUser("test0", "test"); grid(0).context().authentication().addUser("test1", "test"); int nodeIdx = NODES_COUNT; startGrid(nodeIdx); AuthorizationContext actx0 = grid(nodeIdx).context().authentication().authenticate("test0", "test"); AuthorizationContext actx1 = grid(nodeIdx).context().authentication().authenticate("test1", "test"); assertNotNull(actx0); assertEquals("test0", actx0.userName()); assertNotNull(actx1); assertEquals("test1", actx1.userName()); } finally { AuthorizationContext.context(null); } }
/** {@inheritDoc} */ @Override protected void beforeTest() throws Exception { super.beforeTest(); U.resolveWorkDirectory(U.defaultWorkDirectory(), "db", true); startGrids(2); grid(0).cluster().active(true); AuthorizationContext.context(grid(0).context().authentication().authenticate("ignite", "ignite")); grid(0).context().authentication().addUser("another_user", "passwd"); AuthorizationContext.clear(); }
/** * @throws Exception If failed. */ @Test public void testDefaultUserUpdate() throws Exception { AuthorizationContext.context(actxDflt); try { // Change from all nodes for (int nodeIdx = 0; nodeIdx < NODES_COUNT; ++nodeIdx) { grid(nodeIdx).context().authentication().updateUser("ignite", "ignite" + nodeIdx); // Check each change from all nodes for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication().authenticate("ignite", "ignite" + nodeIdx); assertNotNull(actx); assertEquals("ignite", actx.userName()); } } } finally { AuthorizationContext.clear(); } }
/** * @throws Exception If failed. */ @Test public void testCreateUpdateDropUser() throws Exception { AuthorizationContext.context(actxDflt); for (int i = 0; i < NODES_COUNT; ++i) { userSql(i, "CREATE USER test WITH PASSWORD 'test'"); AuthorizationContext actx = grid(i).context().authentication() .authenticate("TEST", "test"); assertNotNull(actx); assertEquals("TEST", actx.userName()); userSql(i, "ALTER USER test WITH PASSWORD 'newpasswd'"); actx = grid(i).context().authentication() .authenticate("TEST", "newpasswd"); assertNotNull(actx); assertEquals("TEST", actx.userName()); userSql(i, "DROP USER test"); } }
AuthorizationContext.context(actxDflt);
/** * @throws Exception If failed. */ @Test public void testDefaultUserPersistence() throws Exception { AuthorizationContext.context(actxDflt); try { grid(CLI_NODE).context().authentication().addUser("test", "passwd"); stopAllGrids(); U.sleep(500); startGrids(NODES_COUNT); for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication() .authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); actx = grid(i).context().authentication() .authenticate("test", "passwd"); assertNotNull(actx); assertEquals("test", actx.userName()); } } finally { AuthorizationContext.clear(); } }
/** * @throws Exception If failed. */ @Test public void testUserPersistence() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) grid(i).context().authentication().addUser("test" + i , "passwd" + i); grid(CLI_NODE).context().authentication().updateUser("ignite", "new_passwd"); stopAllGrids(); startGrids(NODES_COUNT); for (int i = 0; i < NODES_COUNT; ++i) { for (int usrIdx = 0; usrIdx < NODES_COUNT; ++usrIdx) { AuthorizationContext actx0 = grid(i).context().authentication() .authenticate("test" + usrIdx, "passwd" + usrIdx); assertNotNull(actx0); assertEquals("test" + usrIdx, actx0.userName()); } AuthorizationContext actx = grid(i).context().authentication() .authenticate("ignite", "new_passwd"); assertNotNull(actx); assertEquals("ignite", actx.userName()); } } finally { AuthorizationContext.clear(); } }