PermissionsCoverageTestUtil.java example

Explorer
wildfly-core-master
package org.jboss.as.test.integration.management.rbac;

import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ACCESS_CONTROL;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.ATTRIBUTES;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.DEFAULT;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.READ_RESOURCE_DESCRIPTION_OPERATION;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.READ_RESOURCE_OPERATION;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.RECURSIVE;
import static org.jboss.as.controller.descriptions.ModelDescriptionConstants.RESULT;
import static org.jboss.as.test.integration.management.rbac.RbacUtil.executeOperation;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;

import java.io.IOException;
import java.util.Locale;

import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.controller.descriptions.ModelDescriptionConstants;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;

/**
 * @author Ladislav Thon <lthon@redhat.com>
 */
public class PermissionsCoverageTestUtil {
    public static void assertTheEntireDomainTreeHasPermissionsDefined(ModelControllerClient client) throws IOException {
        ModelNode operation = Util.createOperation(READ_RESOURCE_OPERATION, PathAddress.EMPTY_ADDRESS);
        operation.get(RECURSIVE).set(true);
        ModelNode resource = executeOperation(client, operation, Outcome.SUCCESS).get(RESULT);

        operation = Util.createOperation(READ_RESOURCE_DESCRIPTION_OPERATION, PathAddress.EMPTY_ADDRESS);
        operation.get(RECURSIVE).set(true);
        operation.get(ACCESS_CONTROL).set("combined-descriptions");
        ModelNode resourceDescription = executeOperation(client, operation, Outcome.SUCCESS).get(RESULT);

        verify(resource, resourceDescription, DescriptionContainer.CHILDREN, "");
    }

    // "children" alternates with "model-description"
    private static enum DescriptionContainer {
        CHILDREN(ModelDescriptionConstants.CHILDREN, true, "/"),
        MODEL_DESCRIPTION(ModelDescriptionConstants.MODEL_DESCRIPTION, false, "=");

        public final String name;
        public final boolean shouldHaveAccessControlSibling; // "children" must always have a "access-control" sibling
        public final String pathSeparator;

        private DescriptionContainer(String name, boolean shouldHaveAccessControlSibling, String pathSeparator) {
            this.name = name;
            this.shouldHaveAccessControlSibling = shouldHaveAccessControlSibling;
            this.pathSeparator = pathSeparator;
        }

        public DescriptionContainer next() {
            return this == CHILDREN ? MODEL_DESCRIPTION : CHILDREN;
        }

        @Override
        public String toString() {
            return name.toUpperCase(Locale.ENGLISH);
        }
    }

    private static void verify(ModelNode resource, ModelNode resourceDescription,
                               DescriptionContainer descriptionContainer, String currentPath) {

        if (!resource.isDefined()) {
            return;
        }
        assert resource.getType() == ModelType.OBJECT;

        System.out.println("Verifying " + (currentPath.isEmpty() ? "<root>" : currentPath));

        if (descriptionContainer.shouldHaveAccessControlSibling) {
            assertTrue(resourceDescription.has(ACCESS_CONTROL));
            ModelNode accessControl = resourceDescription.get(ACCESS_CONTROL);

            assertTrue(accessControl.has(DEFAULT));
            ModelNode defaultAccessControl = accessControl.get(DEFAULT);

            assertTrue(defaultAccessControl.has("read"));
            assertEquals(ModelType.BOOLEAN, defaultAccessControl.get("read").getType());
            assertTrue(defaultAccessControl.has("write"));
            assertEquals(ModelType.BOOLEAN, defaultAccessControl.get("write").getType());
        }

        for (String key : resource.keys()) {
            if (resourceDescription.get(ATTRIBUTES).has(key)) {
                // not interesting
            } else if (resourceDescription.get(descriptionContainer.name).has(key)) {
                ModelNode child = resource.get(key);
                ModelNode childDescription = resourceDescription.get(descriptionContainer.name, key);
                verify(child, childDescription, descriptionContainer.next(), currentPath + descriptionContainer.pathSeparator + key);
            } else if (resourceDescription.get(descriptionContainer.name).has("*")) {
                ModelNode child = resource.get(key);
                ModelNode childDescription = resourceDescription.get(descriptionContainer.name, "*");
                verify(child, childDescription, descriptionContainer.next(), currentPath + descriptionContainer.pathSeparator + key);
            } else {
                fail("No description for key " + key);
            }
        }
    }
}