SecuredScriptExecIT.java example

Explorer
infinispan-master
package org.infinispan.server.test.client.hotrod.security;

import static org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.ADMIN_LOGIN;
import static org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.ADMIN_PASSWD;
import static org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.EXECUTOR_LOGIN;
import static org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.EXECUTOR_PASSWORD;
import static org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.WRITER_LOGIN;
import static org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.WRITER_PASSWD;
import static org.infinispan.server.test.task.servertask.LocalAuthTestServerTask.CACHE_NAME;
import static org.infinispan.test.TestingUtil.loadFileAsString;
import static org.junit.Assert.assertEquals;

import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Map;

import org.infinispan.arquillian.core.InfinispanResource;
import org.infinispan.arquillian.core.RemoteInfinispanServer;
import org.infinispan.arquillian.core.RunningServer;
import org.infinispan.arquillian.core.WithRunningServer;
import org.infinispan.client.hotrod.RemoteCache;
import org.infinispan.client.hotrod.RemoteCacheManager;
import org.infinispan.client.hotrod.exceptions.HotRodClientException;
import org.infinispan.scripting.ScriptingManager;
import org.infinispan.server.test.category.Security;
import org.infinispan.server.test.util.security.SecurityConfigurationHelper;
import org.jboss.arquillian.junit.Arquillian;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;

/**
 * Tests script execution over HotRod client on secured cache.
 *
 * @author vjuranek
 * @since 9.0
 */
@RunWith(Arquillian.class)
@Category(Security.class)
@WithRunningServer({@RunningServer(name = "hotrodAuthClustered"), @RunningServer(name = "hotrodAuthClustered-2")})
public class SecuredScriptExecIT {

   @InfinispanResource("hotrodAuthClustered")
   RemoteInfinispanServer server1;

   @InfinispanResource("hotrodAuthClustered-2")
   RemoteInfinispanServer server2;

   private static RemoteCacheManager adminRCM = null;

   @Before
   public void prepareAdminRCM() {
      if (adminRCM == null) {
         SecurityConfigurationHelper config = new SecurityConfigurationHelper("DIGEST-MD5");
         config.forIspnServer(server1).withServerName("node0");
         config.forCredentials(ADMIN_LOGIN, ADMIN_PASSWD);
         adminRCM = new RemoteCacheManager(config.build(), true);
      }
   }

   @AfterClass
   public static void stopAdminRCM() {
      if (adminRCM != null) {
         adminRCM.stop();
         adminRCM = null;
      }
   }

   private void uploadScript(String... scripts) throws IOException {
      RemoteCache scriptCache = adminRCM.getCache(ScriptingManager.SCRIPT_CACHE);
      for (String script : scripts) {
         try (InputStream in = this.getClass().getClassLoader().getResourceAsStream(script)) {
            scriptCache.put(script, loadFileAsString(in));
         }
      }
   }

   @Test
   public void testExecuteScript() throws Exception {
      uploadScript("test.js");

      SecurityConfigurationHelper config = new SecurityConfigurationHelper("DIGEST-MD5");
      config.forIspnServer(server1).withServerName("node0");
      config.forCredentials(EXECUTOR_LOGIN, EXECUTOR_PASSWORD);
      RemoteCacheManager execRCM = new RemoteCacheManager(config.build(), true);
      RemoteCache cache = execRCM.getCache(CACHE_NAME);

      assertEquals(cache.size(), 0);
      Map<String, String> params = new HashMap<>();
      params.put("key", "test_key");
      params.put("value", "test_value");
      int result = (Integer) cache.execute("test.js", params);
      assertEquals(result, 1);
      assertEquals(cache.size(), 1);
      assertEquals(cache.get("test_key"), "test_value");

      execRCM.stop();
   }

   @Test(expected = HotRodClientException.class)
   public void testExecuteScriptWithoutExecPerm() throws IOException {
      uploadScript("test.js");

      SecurityConfigurationHelper config = new SecurityConfigurationHelper("DIGEST-MD5");
      config.forIspnServer(server1).withServerName("node0");
      config.forCredentials(WRITER_LOGIN, WRITER_PASSWD);
      RemoteCacheManager writerRCM = new RemoteCacheManager(config.build(), true);
      RemoteCache cache = writerRCM.getCache(CACHE_NAME);

      Map<String, String> params = new HashMap<>();
      params.put("key", "test_key");
      params.put("value", "test_value");
      try {
         cache.execute("test.js", params);
      } finally {
         writerRCM.stop();
      }
   }

   @Test(expected = HotRodClientException.class)
   public void testUploadScriptWithoutAdminPerm() {
      SecurityConfigurationHelper config = new SecurityConfigurationHelper("DIGEST-MD5");
      config.forIspnServer(server1).withServerName("node0");
      config.forCredentials(EXECUTOR_LOGIN, EXECUTOR_PASSWORD);
      RemoteCacheManager execRCM = new RemoteCacheManager(config.build(), true);
      RemoteCache scriptCache = execRCM.getCache(ScriptingManager.SCRIPT_CACHE);

      try {
         scriptCache.put("shouldNotPass", "1+1");
      } finally {
         execRCM.stop();
      }
   }

}