fixed issue on copy database in case of database open without authent…

…ication, added test case for server security,issue #7761

This reverts commit 55c8cba.

client/src/main/java/com/orientechnologies/orient/core/db/OrientDBRemote.java

@@ -323,4 +323,9 @@ public void restore(String name, InputStream in, Map<String, Object> options, Ca
       OCommandOutputListener iListener) {
     throw new UnsupportedOperationException("raw restore is not supported in remote");
   }
+
+  @Override
+  public ODatabaseDocumentInternal openNoAuthorization(String name) {
+    throw new UnsupportedOperationException("impossible skip authentication and authorization in remote");
+  }
 }

core/src/main/java/com/orientechnologies/orient/core/db/OrientDBEmbedded.java

@@ -92,11 +92,26 @@ public ODatabaseDocumentEmbedded openNoAuthenticate(String name, String user) {
         embedded.init(config);
       }
       embedded.rebuildIndexes();
+      embedded.internalOpen(user, "nopwd", false);
+      embedded.callOnOpenListeners();
+      return embedded;
+    } catch (Exception e) {
+      throw OException.wrapException(new ODatabaseException("Cannot open database '" + name + "'"), e);
+    }
+  }
 
-      //** THIS IS COMMENTED OUT BECAUSE WE NEED BOTH (NO PASSWORD AND NO USER AUTHORIZATION CHECK).
-      // embedded.internalOpen(user, "nopwd", false);
-      ////////////////////////////////////////////////////////////////////////////////////////////
-
+  public ODatabaseDocumentEmbedded openNoAuthorization(String name) {
+    try {
+      final ODatabaseDocumentEmbedded embedded;
+      OrientDBConfig config = solveConfig(null);
+      synchronized (this) {
+        OAbstractPaginatedStorage storage = getOrInitStorage(name);
+        // THIS OPEN THE STORAGE ONLY THE FIRST TIME
+        storage.open(config.getConfigurations());
+        embedded = factory.newInstance(storage);
+        embedded.init(config);
+      }
+      embedded.rebuildIndexes();
       embedded.callOnOpenListeners();
       return embedded;
     } catch (Exception e) {

core/src/main/java/com/orientechnologies/orient/core/db/OrientDBInternal.java

@@ -23,6 +23,7 @@
 import com.orientechnologies.common.exception.OException;
 import com.orientechnologies.orient.core.Orient;
 import com.orientechnologies.orient.core.command.OCommandOutputListener;
+import com.orientechnologies.orient.core.db.document.ODatabaseDocumentEmbedded;
 import com.orientechnologies.orient.core.exception.ODatabaseException;
 import com.orientechnologies.orient.core.storage.OStorage;
 import com.orientechnologies.orient.core.storage.impl.local.OAbstractPaginatedStorage;
@@ -270,6 +271,8 @@ static OrientDBInternal extract(OrientDB orientDB) {
 
   ODatabaseDocumentInternal openNoAuthenticate(String iDbUrl, String user);
 
+  ODatabaseDocumentInternal openNoAuthorization(String name);
+
   void initCustomStorage(String name, String baseUrl, String userName, String userPassword);
 
   void loadAllDatabases();

core/src/main/java/com/orientechnologies/orient/core/db/document/ODatabaseDocumentEmbedded.java

@@ -299,7 +299,13 @@ public void drop() {
   public ODatabaseDocumentInternal copy() {
     ODatabaseDocumentEmbedded database = new ODatabaseDocumentEmbedded(storage);
     database.init(config);
-    database.internalOpen(getUser().getName(), null, false);
+    String user;
+    if (getUser() != null) {
+      user = getUser().getName();
+    } else {
+      user = null;
+    }
+    database.internalOpen(user, null, false);
     database.callOnOpenListeners();
     this.activateOnCurrentThread();
     return database;
@@ -352,7 +358,7 @@ public OResultSet query(String query, Object[] args) {
     }
     OResultSet original = statement.execute(this, args);
     OLocalResultSetLifecycleDecorator result = new OLocalResultSetLifecycleDecorator(original);
-    this.queryStarted(result.getQueryId(),result);
+    this.queryStarted(result.getQueryId(), result);
     result.addLifecycleListener(this);
     return result;
   }
@@ -365,7 +371,7 @@ public OResultSet query(String query, Map args) {
     }
     OResultSet original = statement.execute(this, args);
     OLocalResultSetLifecycleDecorator result = new OLocalResultSetLifecycleDecorator(original);
-    this.queryStarted(result.getQueryId(),result);
+    this.queryStarted(result.getQueryId(), result);
     result.addLifecycleListener(this);
     return result;
   }
@@ -375,7 +381,7 @@ public OResultSet command(String query, Object[] args) {
     OStatement statement = OSQLEngine.parse(query, this);
     OResultSet original = statement.execute(this, args);
     OLocalResultSetLifecycleDecorator result = new OLocalResultSetLifecycleDecorator(original);
-    this.queryStarted(result.getQueryId(),result);
+    this.queryStarted(result.getQueryId(), result);
     result.addLifecycleListener(this);
     return result;
   }
@@ -385,7 +391,7 @@ public OResultSet command(String query, Map args) {
     OStatement statement = OSQLEngine.parse(query, this);
     OResultSet original = statement.execute(this, args);
     OLocalResultSetLifecycleDecorator result = new OLocalResultSetLifecycleDecorator(original);
-    this.queryStarted(result.getQueryId(),result);
+    this.queryStarted(result.getQueryId(), result);
     result.addLifecycleListener(this);
     return result;
   }
@@ -395,7 +401,7 @@ public OResultSet execute(String language, String script, Object... args) {
     OScriptExecutor executor = OCommandManager.instance().getScriptExecutor(language);
     OResultSet original = executor.execute(this, script, args);
     OLocalResultSetLifecycleDecorator result = new OLocalResultSetLifecycleDecorator(original);
-    this.queryStarted(result.getQueryId(),result);
+    this.queryStarted(result.getQueryId(), result);
     result.addLifecycleListener(this);
     return result;
   }
@@ -405,7 +411,7 @@ public OResultSet execute(String language, String script, Map<String, ?> args) {
     OScriptExecutor executor = OCommandManager.instance().getScriptExecutor(language);
     OResultSet original = executor.execute(this, script, args);
     OLocalResultSetLifecycleDecorator result = new OLocalResultSetLifecycleDecorator(original);
-    this.queryStarted(result.getQueryId(),result);
+    this.queryStarted(result.getQueryId(), result);
     result.addLifecycleListener(this);
     return result;
   }
@@ -417,7 +423,7 @@ public OLocalResultSetLifecycleDecorator query(OExecutionPlan plan, Map<Object,
 
     OLocalResultSet result = new OLocalResultSet((OInternalExecutionPlan) plan);
     OLocalResultSetLifecycleDecorator decorator = new OLocalResultSetLifecycleDecorator(result);
-    this.queryStarted(decorator.getQueryId(),decorator);
+    this.queryStarted(decorator.getQueryId(), decorator);
     decorator.addLifecycleListener(this);
 
     return decorator;

core/src/test/java/com/orientechnologies/orient/core/db/OrientDBEmbeddedTests.java

@@ -267,4 +267,11 @@ public void createForceCloseOpen() throws InterruptedException {
     orientDB.close();
   }
 
+  @Test(expected = ODatabaseException.class)
+  public void testOpenNotExistDatabase() {
+    try (OrientDB orientDB = new OrientDB("embedded:./target/", OrientDBConfig.defaultConfig())) {
+      orientDB.open("one", "two", "three");
+    }
+  }
+
 }

server/src/main/java/com/orientechnologies/orient/server/OSystemDatabase.java

@@ -35,7 +35,7 @@
 public class OSystemDatabase {
   public static final String SYSTEM_DB_NAME = "OSystem";
 
-  private final OServer      server;
+  private final OServer server;
 
   public OSystemDatabase(final OServer server) {
     this.server = server;
@@ -87,7 +87,7 @@ public void createCluster(final String className, final String clusterName) {
    * ThreadLocal-stored database before openSystemDatabase() is called and restoring it after the database is closed.
    */
   public ODatabaseDocumentInternal openSystemDatabase() {
-    return server.openDatabase(getSystemDatabaseName(), "OSuperUser", "", null, true);
+    return server.getDatabases().openNoAuthorization(getSystemDatabaseName());
   }
 
   public Object execute(final OCallable<Object, Object> callback, final String sql, final Object... args) {

server/src/test/java/com/orientechnologies/orient/server/OServerDatabaseOperationsTest.java

@@ -0,0 +1,73 @@
+package com.orientechnologies.orient.server;
+
+import com.orientechnologies.common.io.OIOUtils;
+import com.orientechnologies.common.log.OLogManager;
+import com.orientechnologies.orient.core.config.OGlobalConfiguration;
+import com.orientechnologies.orient.core.db.ODatabaseSession;
+import com.orientechnologies.orient.core.db.ODatabaseType;
+import com.orientechnologies.orient.core.db.OrientDBConfig;
+import com.orientechnologies.orient.core.record.impl.ODocument;
+import com.orientechnologies.orient.server.config.*;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import javax.management.InstanceAlreadyExistsException;
+import javax.management.MBeanRegistrationException;
+import javax.management.MalformedObjectNameException;
+import javax.management.NotCompliantMBeanException;
+import java.io.IOException;
+import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
+import java.util.logging.Level;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+public class OServerDatabaseOperationsTest {
+
+  private OServer server;
+
+  @Before
+  public void before()
+      throws ClassNotFoundException, MalformedObjectNameException, InstanceAlreadyExistsException, NotCompliantMBeanException,
+      MBeanRegistrationException, NoSuchMethodException, IOException, InvocationTargetException, IllegalAccessException,
+      InstantiationException {
+    OLogManager.instance().setConsoleLevel(Level.OFF.getName());
+    OServerConfiguration conf = new OServerConfiguration();
+
+    conf.handlers = new ArrayList<OServerHandlerConfiguration>();
+    OServerUserConfiguration rootUser = new OServerUserConfiguration();
+    rootUser.name = "root";
+    rootUser.password = "root";
+    rootUser.resources = "list";
+    conf.users = new OServerUserConfiguration[] { rootUser };
+    conf.properties = new OServerEntryConfiguration[] { new OServerEntryConfiguration("server.database.path", "target/databases") };
+    server = new OServer();
+    server.startup(conf);
+    server.activate();
+    ODocument securityConfig = new ODocument();
+    securityConfig.fromJSON(OIOUtils.readStreamAsString(this.getClass().getClassLoader().getResourceAsStream("security.json")));
+    server.getSecurity().reload(securityConfig);
+  }
+
+  @After
+  public void after() {
+    server.shutdown();
+  }
+
+  @Test
+  public void testServerLoginDatabase() {
+    server.serverLogin("root", "root", "list");
+  }
+
+  @Test
+  public void testCreateOpenDatabase() {
+    server.createDatabase("test", ODatabaseType.MEMORY, OrientDBConfig.defaultConfig());
+    assertTrue(server.existsDatabase("test"));
+    ODatabaseSession session = server.openDatabase("test");
+    assertNotNull(session);
+    session.close();
+  }
+
+}

server/src/test/resources/security.json

@@ -0,0 +1,38 @@
+{
+  "enabled": true,
+  "debug": false,
+  "server": {
+    "createDefaultUsers": true
+  },
+  "authentication": {
+    "enabled": true,
+    "allowDefault": true,
+    "authenticators": [
+      {
+        "name": "Password",
+        "class": "com.orientechnologies.orient.server.security.authenticator.ODefaultPasswordAuthenticator",
+        "enabled": true,
+        "users": [
+          {
+            "username": "guest",
+            "resources": "server.listDatabases,server.dblist"
+          }
+        ]
+      },
+      {
+        "name": "ServerConfig",
+        "class": "com.orientechnologies.orient.server.security.authenticator.OServerConfigAuthenticator",
+        "enabled": true
+      },
+      {
+        "name": "SystemAuthenticator",
+        "class": "com.orientechnologies.orient.server.security.authenticator.OSystemUserAuthenticator",
+        "enabled": true
+      }
+    ]
+  },
+  "auditing": {
+    "class": "com.orientechnologies.security.auditing.ODefaultAuditing",
+    "enabled": false
+  }
+}