Skip to content

Commit

Permalink
Fix Admin attribute R66 REST V2 authaurization
Browse files Browse the repository at this point in the history
- Additional fixes on REST V2
- Add some tests to prevent regression
- Also extra missing fix bad usage of initialization of Transfer in Rest V2
- Add fix on Proxy Rest test
- Minor fix on default TCP (TCP_NODELAY set to false)

Fix issue waarp#37
  • Loading branch information
fredericBregier committed May 27, 2020
1 parent b8a31f5 commit 135e538
Show file tree
Hide file tree
Showing 24 changed files with 1,126 additions and 547 deletions.
41 changes: 27 additions & 14 deletions WaarpCommon/src/main/java/org/waarp/common/role/RoleDefault.java
Original file line number Diff line number Diff line change
Expand Up @@ -104,35 +104,48 @@ public byte getAsByte() {
return brole;
}

private static final ROLE[] READONLY_A = new ROLE[] { READONLY };
private static final ROLE[] TRANSFER_A = new ROLE[] { TRANSFER };
private static final ROLE[] RULE_A = new ROLE[] { RULE };
private static final ROLE[] HOST_A = new ROLE[] { HOST };
private static final ROLE[] LIMIT_A = new ROLE[] { LIMIT };
private static final ROLE[] SYSTEM_A = new ROLE[] { SYSTEM };
private static final ROLE[] LOGCONTROL_A = new ROLE[] { LOGCONTROL };
private static final ROLE[] UNUSED_A = new ROLE[] { UNUSED };
private static final ROLE[] NOACCESS_A = new ROLE[] { NOACCESS };
private static final ROLE[] PARTNER_A = new ROLE[] { READONLY, TRANSFER };
private static final ROLE[] CONFIGADMIN_A =
new ROLE[] { READONLY, TRANSFER, RULE, HOST };
private static final ROLE[] FULLADMIN_A =
new ROLE[] { READONLY, TRANSFER, RULE, LIMIT, SYSTEM, LOGCONTROL };

public ROLE[] getComposingRoles() {
switch (brole) {
case 1:
return new ROLE[] { READONLY };
return READONLY_A;
case 2:
return new ROLE[] { TRANSFER };
return TRANSFER_A;
case 3:
return new ROLE[] { READONLY, TRANSFER };
return PARTNER_A;
case 4:
return new ROLE[] { RULE };
return RULE_A;
case 8:
return new ROLE[] { HOST };
return HOST_A;
case 15:
return new ROLE[] { READONLY, TRANSFER, RULE, HOST };
return CONFIGADMIN_A;
case 16:
return new ROLE[] { LIMIT };
return LIMIT_A;
case 32:
return new ROLE[] { SYSTEM };
return SYSTEM_A;
case 64:
return new ROLE[] { LOGCONTROL };
return LOGCONTROL_A;
case 127:
return new ROLE[] {
READONLY, TRANSFER, RULE, LIMIT, SYSTEM, LOGCONTROL
};
return FULLADMIN_A;
case -128:
return new ROLE[] { UNUSED };
return UNUSED_A;
case 0:
default:
return new ROLE[] { NOACCESS };
return NOACCESS_A;
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ public static void setBootstrap(Bootstrap bootstrap, EventLoopGroup group,
int timeout) {
bootstrap.channel(NioSocketChannel.class);
bootstrap.group(group);
bootstrap.option(ChannelOption.TCP_NODELAY, true);
bootstrap.option(ChannelOption.TCP_NODELAY, false);
bootstrap.option(ChannelOption.SO_REUSEADDR, true);
bootstrap.option(ChannelOption.SO_KEEPALIVE, true);
bootstrap.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, timeout);
Expand All @@ -73,7 +73,7 @@ public static void setServerBootstrap(ServerBootstrap bootstrap,
bootstrap.group(group);
// bootstrap.option(ChannelOption.TCP_NODELAY, true)
bootstrap.option(ChannelOption.SO_REUSEADDR, true);
bootstrap.childOption(ChannelOption.TCP_NODELAY, true);
bootstrap.childOption(ChannelOption.TCP_NODELAY, false);
bootstrap.childOption(ChannelOption.SO_REUSEADDR, true);
bootstrap.childOption(ChannelOption.SO_KEEPALIVE, true);
bootstrap.childOption(ChannelOption.CONNECT_TIMEOUT_MILLIS, timeout);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -368,7 +368,7 @@ public void testSetRoleDefault() {
}

@Test
public void testRole() {
public void testRoleIsContained() {
assertTrue(ROLE.NOACCESS.isContained(ROLE.NOACCESS));
assertFalse(ROLE.NOACCESS.isContained(ROLE.READONLY));
assertFalse(ROLE.NOACCESS.isContained(ROLE.TRANSFER));
Expand Down Expand Up @@ -444,6 +444,7 @@ public void testRole() {
assertFalse(ROLE.NOACCESS.isContained(ROLE.PARTNER));
assertTrue(ROLE.READONLY.isContained(ROLE.PARTNER));
assertTrue(ROLE.TRANSFER.isContained(ROLE.PARTNER));
assertTrue(ROLE.PARTNER.isContained(ROLE.PARTNER));
assertFalse(ROLE.RULE.isContained(ROLE.PARTNER));
assertFalse(ROLE.HOST.isContained(ROLE.PARTNER));
assertFalse(ROLE.LIMIT.isContained(ROLE.PARTNER));
Expand All @@ -455,6 +456,7 @@ public void testRole() {
assertTrue(ROLE.TRANSFER.isContained(ROLE.CONFIGADMIN));
assertTrue(ROLE.RULE.isContained(ROLE.CONFIGADMIN));
assertTrue(ROLE.HOST.isContained(ROLE.CONFIGADMIN));
assertTrue(ROLE.CONFIGADMIN.isContained(ROLE.CONFIGADMIN));
assertFalse(ROLE.LIMIT.isContained(ROLE.CONFIGADMIN));
assertFalse(ROLE.SYSTEM.isContained(ROLE.CONFIGADMIN));
assertFalse(ROLE.LOGCONTROL.isContained(ROLE.CONFIGADMIN));
Expand All @@ -467,7 +469,11 @@ public void testRole() {
assertTrue(ROLE.LIMIT.isContained(ROLE.FULLADMIN));
assertTrue(ROLE.SYSTEM.isContained(ROLE.FULLADMIN));
assertTrue(ROLE.LOGCONTROL.isContained(ROLE.FULLADMIN));
assertTrue(ROLE.FULLADMIN.isContained(ROLE.FULLADMIN));
}

@Test
public void testRoleContains() {
assertTrue(ROLE.NOACCESS.contains(ROLE.NOACCESS));
assertFalse(ROLE.NOACCESS.contains(ROLE.READONLY));
assertFalse(ROLE.NOACCESS.contains(ROLE.TRANSFER));
Expand Down Expand Up @@ -543,6 +549,7 @@ public void testRole() {
assertFalse(ROLE.PARTNER.contains(ROLE.NOACCESS));
assertTrue(ROLE.PARTNER.contains(ROLE.READONLY));
assertTrue(ROLE.PARTNER.contains(ROLE.TRANSFER));
assertTrue(ROLE.PARTNER.contains(ROLE.PARTNER));
assertFalse(ROLE.PARTNER.contains(ROLE.RULE));
assertFalse(ROLE.PARTNER.contains(ROLE.HOST));
assertFalse(ROLE.PARTNER.contains(ROLE.LIMIT));
Expand All @@ -554,6 +561,7 @@ public void testRole() {
assertTrue(ROLE.CONFIGADMIN.contains(ROLE.TRANSFER));
assertTrue(ROLE.CONFIGADMIN.contains(ROLE.RULE));
assertTrue(ROLE.CONFIGADMIN.contains(ROLE.HOST));
assertTrue(ROLE.CONFIGADMIN.contains(ROLE.CONFIGADMIN));
assertFalse(ROLE.CONFIGADMIN.contains(ROLE.LIMIT));
assertFalse(ROLE.CONFIGADMIN.contains(ROLE.SYSTEM));
assertFalse(ROLE.CONFIGADMIN.contains(ROLE.LOGCONTROL));
Expand All @@ -566,7 +574,11 @@ public void testRole() {
assertTrue(ROLE.FULLADMIN.contains(ROLE.LIMIT));
assertTrue(ROLE.FULLADMIN.contains(ROLE.SYSTEM));
assertTrue(ROLE.FULLADMIN.contains(ROLE.LOGCONTROL));
assertTrue(ROLE.FULLADMIN.contains(ROLE.FULLADMIN));
}

@Test
public void testRoleValues() {
assertEquals(0, ROLE.NOACCESS.getAsByte());
assertEquals(1, ROLE.READONLY.getAsByte());
assertEquals(2, ROLE.TRANSFER.getAsByte());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ public void test98_Http() throws InterruptedException {
try {
// Step # | name | target | value | comment
// 1 | open | / | |
driver.get("http://127.0.0.1:10186/");
driver.get("http://127.0.0.1:11186/");
} catch (NoSuchElementException e) {
e.printStackTrace();
reloadDriver();
Expand All @@ -63,7 +63,7 @@ public void test98_Https() throws InterruptedException {
// Test name: ProxyAdmin
// Step # | name | target | value | comment
// 1 | open | / | |
driver.get("https://127.0.0.1:10187/");
driver.get("https://127.0.0.1:11187/");
// 7 | click | name=name | |
driver.findElement(By.name("name")).click();
// 8 | type | name=name | monadmin |
Expand All @@ -73,9 +73,9 @@ public void test98_Https() throws InterruptedException {
// 10 | sendKeys | name=passwd | ${KEY_ENTER} |
driver.findElement(By.name("passwd")).sendKeys(Keys.ENTER);
// 11 | click | linkText=SYSTEM | |
driver.get("https://127.0.0.1:10187/System.html");
driver.get("https://127.0.0.1:11187/System.html");
// 12 | click | linkText=START | |
driver.get("https://127.0.0.1:10187/index.html");
driver.get("https://127.0.0.1:11187/index.html");
} catch (NoSuchElementException e) {
e.printStackTrace();
reloadDriver();
Expand Down
10 changes: 5 additions & 5 deletions WaarpProxyR66/src/test/resources/config-proxy-Responsive.xml
Original file line number Diff line number Diff line change
Expand Up @@ -34,30 +34,30 @@
</serverproxy>
<serverproxy>
<serverlistenaddr>127.0.0.1</serverlistenaddr>
<serverlistenport>9887</serverlistenport>
<serverlistenport>9987</serverlistenport>
<serverlistenssl>true</serverlistenssl>
<serverremoteaddr>127.0.0.1</serverremoteaddr>
<serverremoteport>6666</serverremoteport>
<serverremotessl>false</serverremotessl>
</serverproxy>
<serverproxy>
<serverlistenaddr>127.0.0.1</serverlistenaddr>
<serverlistenport>9888</serverlistenport>
<serverlistenport>9988</serverlistenport>
<serverlistenssl>false</serverlistenssl>
<serverremoteaddr>127.0.0.1</serverremoteaddr>
<serverremoteport>6667</serverremoteport>
<serverremotessl>true</serverremotessl>
</serverproxy>
<serverproxy>
<serverlistenaddr>127.0.0.1</serverlistenaddr>
<serverlistenport>9889</serverlistenport>
<serverlistenport>9989</serverlistenport>
<serverlistenssl>true</serverlistenssl>
<serverremoteaddr>127.0.0.1</serverremoteaddr>
<serverremoteport>6667</serverremoteport>
<serverremotessl>true</serverremotessl>
</serverproxy>
<serverhttpport>10186</serverhttpport>
<serverhttpsport>10187</serverhttpsport>
<serverhttpport>11186</serverhttpport>
<serverhttpsport>11187</serverhttpsport>
</network>
<ssl>
<keypath>src/test/resources/certs/testsslnocert.jks</keypath>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,18 +73,22 @@ public void endParsingRequest(HttpRestHandler handler, RestArgument arguments,
((HttpRestR66Handler) handler).getServerHandler();
// now action according to body
final JsonPacket json = (JsonPacket) body;
if (json == null) {
result.setDetail("not enough information");
setError(handler, result, HttpResponseStatus.BAD_REQUEST);
if (json != null && !(json instanceof BandwidthJsonPacket)) {
logger.info("Validation is ignored: " + json);
result.setDetail("Unknown command");
setError(handler, result, json, HttpResponseStatus.PRECONDITION_FAILED);
return;
}
result.getAnswer()
.put(AbstractDbData.JSON_MODEL, RESTHANDLERS.Bandwidth.name());
try {
if (json instanceof BandwidthJsonPacket) {//
final long[] lresult;
final boolean setter;
final BandwidthJsonPacket node;
if (json != null && json instanceof BandwidthJsonPacket) {//
// setter, writeglobal, readglobal, writesession, readsession
final BandwidthJsonPacket node = (BandwidthJsonPacket) json;
final boolean setter = node.isSetter();
node = (BandwidthJsonPacket) json;
setter = node.isSetter();
if (setter && arguments.getMethod() != METHOD.PUT) {
// wrong
result.setDetail("Setter should be requested with a PUT method");
Expand All @@ -96,26 +100,31 @@ public void endParsingRequest(HttpRestHandler handler, RestArgument arguments,
setError(handler, result, HttpResponseStatus.CONFLICT);
return;
}
if (setter) {
result.setCommand(ACTIONS_TYPE.SetBandwidth.name());
} else {
result.setCommand(ACTIONS_TYPE.GetBandwidth.name());
} else {
if (json == null && arguments.getMethod() != METHOD.GET) {
// wrong
result.setDetail("Setter should be requested with a JSON argument");
setError(handler, result, HttpResponseStatus.CONFLICT);
return;
}
// request of current values or set new values
final long[] lresult = serverHandler
.bandwidth(setter, node.getWriteglobal(), node.getReadglobal(),
node.getWritesession(), node.getReadsession());
// Now answer
node.setWriteglobal(lresult[0]);
node.setReadglobal(lresult[1]);
node.setWritesession(lresult[2]);
node.setReadsession(lresult[3]);
setOk(handler, result, json, HttpResponseStatus.OK);
setter = false;
node = new BandwidthJsonPacket();
}
if (setter) {
result.setCommand(ACTIONS_TYPE.SetBandwidth.name());
} else {
logger.info("Validation is ignored: " + json);
result.setDetail("Unknown command");
setError(handler, result, json, HttpResponseStatus.PRECONDITION_FAILED);
result.setCommand(ACTIONS_TYPE.GetBandwidth.name());
}
// request of current values or set new values
lresult = serverHandler
.bandwidth(setter, node.getWriteglobal(), node.getReadglobal(),
node.getWritesession(), node.getReadsession());
// Now answer
node.setWriteglobal(lresult[0]);
node.setReadglobal(lresult[1]);
node.setWritesession(lresult[2]);
node.setReadsession(lresult[3]);
setOk(handler, result, node, HttpResponseStatus.OK);
} catch (final OpenR66ProtocolNotAuthenticatedException e) {
throw new HttpInvalidAuthenticationException(e);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@

import io.netty.util.AsciiString;
import org.waarp.common.database.ConnectionFactory;
import org.waarp.common.database.exception.WaarpDatabaseException;
import org.waarp.common.logging.SysErrLogger;
import org.waarp.openr66.dao.DAOFactory;
import org.waarp.openr66.protocol.configuration.Configuration;
Expand Down Expand Up @@ -63,9 +64,29 @@ private RestConstants() throws InstantiationException {

/**
* The name of this R66 server instance.
*
* @return The name of this R66 Server
*/
public static final String SERVER_NAME =
Configuration.configuration.getHostId();
public static final String serverName() {
return Configuration.configuration.getHostId();
}

/**
* The name of this R66 server instance according to SSL or not of remote one.
*
* @param requested
*
* @return the name of this R66 server according to SSL
*/
public static final String serverName(String requested) {
String requester = serverName();
try {
requester = Configuration.configuration.getHostId(requested);
} catch (WaarpDatabaseException e) {
// Ignore !!
}
return requester;
}

/**
* The DAO_FACTORY to generate connections to the underlying database.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ public static ObjectNode businessToNode(Business hostConfig) {
*/
public static Business nodeToNewBusiness(ObjectNode object) {
final Business emptyBusiness =
new Business(SERVER_NAME, "", "<roles></roles>", "<aliases></aliases>",
new Business(serverName(), "", "<roles></roles>", "<aliases></aliases>",
"<root><version></version></root>");

return nodeToUpdatedBusiness(object, emptyBusiness);
Expand Down Expand Up @@ -205,7 +205,7 @@ public static List<ROLE> getRoles(String hostName) {
BusinessDAO businessDAO = null;
try {
businessDAO = DAO_FACTORY.getBusinessDAO();
final Business config = businessDAO.select(SERVER_NAME);
final Business config = businessDAO.select(serverName());
array = getRolesArray(config);
} catch (final DAOConnectionException e) {
throw new InternalServerErrorException(e);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ public static ObjectNode limitToNode(Limit limits) {
* represent a Limit object
*/
public static Limit nodeToNewLimit(ObjectNode object) {
final Limit emptyLimits = new Limit(SERVER_NAME, 0, 0, 0, 0, 0);
final Limit emptyLimits = new Limit(serverName(), 0, 0, 0, 0, 0);
return nodeToUpdatedLimit(object, emptyLimits);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ public static ObjectNode exportAsJson(Period period) {
mon.run(seconds, true);
final ObjectNode server = new ObjectNode(JsonNodeFactory.instance);

server.put("serverName", SERVER_NAME);
server.put("serverName", serverName());
server.put("date", DateTime.now().toString());
server.put("lastRun", lastRun == null? null : lastRun.toString());
server.put("fromDate", DateTime.now().minus(period).toString());
Expand Down
Loading

0 comments on commit 135e538

Please sign in to comment.