Search in sources :

Example 6 with AuthorizationManager

use of com.yahoo.pulsar.broker.authorization.AuthorizationManager in project pulsar by yahoo.

the class DiscoveryService method start.

/**
     * Starts discovery service by initializing zookkeeper and server
     * @throws Exception
     */
public void start() throws Exception {
    discoveryProvider = new BrokerDiscoveryProvider(this.config, getZooKeeperClientFactory());
    this.configurationCacheService = new ConfigurationCacheService(discoveryProvider.globalZkCache);
    ServiceConfiguration serviceConfiguration = createServiceConfiguration(config);
    authenticationService = new AuthenticationService(serviceConfiguration);
    authorizationManager = new AuthorizationManager(serviceConfiguration, configurationCacheService);
    startServer();
}
Also used : ServiceConfiguration(com.yahoo.pulsar.broker.ServiceConfiguration) ConfigurationCacheService(com.yahoo.pulsar.broker.cache.ConfigurationCacheService) AuthorizationManager(com.yahoo.pulsar.broker.authorization.AuthorizationManager) AuthenticationService(com.yahoo.pulsar.broker.authentication.AuthenticationService)

Example 7 with AuthorizationManager

use of com.yahoo.pulsar.broker.authorization.AuthorizationManager in project pulsar by yahoo.

the class ServerCnxTest method testNonExistentTopic.

@SuppressWarnings("unchecked")
@Test(timeOut = 30000)
public void testNonExistentTopic() throws Exception {
    ZooKeeperDataCache<Policies> zkDataCache = mock(ZooKeeperDataCache.class);
    ConfigurationCacheService configCacheService = mock(ConfigurationCacheService.class);
    doReturn(configCacheService).when(pulsar).getConfigurationCache();
    doReturn(zkDataCache).when(configCacheService).policiesCache();
    doReturn(CompletableFuture.completedFuture(Optional.empty())).when(zkDataCache).getAsync(matches(".*nonexistent.*"));
    AuthorizationManager authorizationManager = spy(new AuthorizationManager(svcConfig, configCacheService));
    doReturn(authorizationManager).when(brokerService).getAuthorizationManager();
    doReturn(true).when(brokerService).isAuthorizationEnabled();
    doReturn(false).when(authorizationManager).isSuperUser(Mockito.anyString());
    // Test producer creation
    resetChannel();
    setChannelConnected();
    ByteBuf newProducerCmd = Commands.newProducer(nonExistentTopicName, 1, /* producer id */
    1, /* request id */
    "prod-name");
    channel.writeInbound(newProducerCmd);
    assertTrue(getResponse() instanceof CommandError);
    channel.finish();
    // Test consumer creation
    resetChannel();
    setChannelConnected();
    ByteBuf newSubscribeCmd = //
    Commands.newSubscribe(//
    nonExistentTopicName, successSubName, 1, /* consumer id */
    1, /* request id */
    SubType.Exclusive, 0, "test");
    channel.writeInbound(newSubscribeCmd);
    assertTrue(getResponse() instanceof CommandError);
}
Also used : Policies(com.yahoo.pulsar.common.policies.data.Policies) ConfigurationCacheService(com.yahoo.pulsar.broker.cache.ConfigurationCacheService) AuthorizationManager(com.yahoo.pulsar.broker.authorization.AuthorizationManager) CommandError(com.yahoo.pulsar.common.api.proto.PulsarApi.CommandError) ByteBuf(io.netty.buffer.ByteBuf) Test(org.testng.annotations.Test)

Example 8 with AuthorizationManager

use of com.yahoo.pulsar.broker.authorization.AuthorizationManager in project pulsar by yahoo.

the class ServerCnxTest method testProducerCommandWithAuthorizationPositive.

@Test(timeOut = 30000)
public void testProducerCommandWithAuthorizationPositive() throws Exception {
    AuthorizationManager authorizationManager = mock(AuthorizationManager.class);
    doReturn(CompletableFuture.completedFuture(true)).when(authorizationManager).canProduceAsync(Mockito.any(), Mockito.any());
    doReturn(authorizationManager).when(brokerService).getAuthorizationManager();
    doReturn(true).when(brokerService).isAuthenticationEnabled();
    resetChannel();
    setChannelConnected();
    // test PRODUCER success case
    ByteBuf clientCommand = Commands.newProducer(successTopicName, 1, /* producer id */
    1, /* request id */
    "prod-name");
    channel.writeInbound(clientCommand);
    assertEquals(getResponse().getClass(), CommandProducerSuccess.class);
    PersistentTopic topicRef = (PersistentTopic) brokerService.getTopicReference(successTopicName);
    assertNotNull(topicRef);
    assertEquals(topicRef.getProducers().size(), 1);
    channel.finish();
    assertEquals(topicRef.getProducers().size(), 0);
}
Also used : PersistentTopic(com.yahoo.pulsar.broker.service.persistent.PersistentTopic) AuthorizationManager(com.yahoo.pulsar.broker.authorization.AuthorizationManager) ByteBuf(io.netty.buffer.ByteBuf) Test(org.testng.annotations.Test)

Example 9 with AuthorizationManager

use of com.yahoo.pulsar.broker.authorization.AuthorizationManager in project pulsar by yahoo.

the class ServerCnxTest method testNonExistentTopicSuperUserAccess.

@Test(timeOut = 30000)
public void testNonExistentTopicSuperUserAccess() throws Exception {
    AuthorizationManager authorizationManager = spy(new AuthorizationManager(svcConfig, configCacheService));
    doReturn(authorizationManager).when(brokerService).getAuthorizationManager();
    doReturn(true).when(brokerService).isAuthorizationEnabled();
    doReturn(true).when(authorizationManager).isSuperUser(Mockito.anyString());
    // Test producer creation
    resetChannel();
    setChannelConnected();
    ByteBuf newProducerCmd = Commands.newProducer(nonExistentTopicName, 1, /* producer id */
    1, /* request id */
    "prod-name");
    channel.writeInbound(newProducerCmd);
    assertTrue(getResponse() instanceof CommandProducerSuccess);
    PersistentTopic topicRef = (PersistentTopic) brokerService.getTopicReference(nonExistentTopicName);
    assertNotNull(topicRef);
    assertEquals(topicRef.getProducers().size(), 1);
    channel.finish();
    // Test consumer creation
    resetChannel();
    setChannelConnected();
    ByteBuf newSubscribeCmd = //
    Commands.newSubscribe(//
    nonExistentTopicName, successSubName, 1, /* consumer id */
    1, /* request id */
    SubType.Exclusive, 0, "test");
    channel.writeInbound(newSubscribeCmd);
    topicRef = (PersistentTopic) brokerService.getTopicReference(nonExistentTopicName);
    assertNotNull(topicRef);
    assertTrue(topicRef.getSubscriptions().containsKey(successSubName));
    assertTrue(topicRef.getPersistentSubscription(successSubName).getDispatcher().isConsumerConnected());
    assertTrue(getResponse() instanceof CommandSuccess);
}
Also used : CommandSuccess(com.yahoo.pulsar.common.api.proto.PulsarApi.CommandSuccess) PersistentTopic(com.yahoo.pulsar.broker.service.persistent.PersistentTopic) CommandProducerSuccess(com.yahoo.pulsar.common.api.proto.PulsarApi.CommandProducerSuccess) AuthorizationManager(com.yahoo.pulsar.broker.authorization.AuthorizationManager) ByteBuf(io.netty.buffer.ByteBuf) Test(org.testng.annotations.Test)

Example 10 with AuthorizationManager

use of com.yahoo.pulsar.broker.authorization.AuthorizationManager in project pulsar by yahoo.

the class ServerCnxTest method testSubscribeCommandWithAuthorizationNegative.

@Test(timeOut = 30000)
public void testSubscribeCommandWithAuthorizationNegative() throws Exception {
    AuthorizationManager authorizationManager = mock(AuthorizationManager.class);
    doReturn(CompletableFuture.completedFuture(false)).when(authorizationManager).canConsumeAsync(Mockito.any(), Mockito.any());
    doReturn(authorizationManager).when(brokerService).getAuthorizationManager();
    doReturn(true).when(brokerService).isAuthenticationEnabled();
    doReturn(true).when(brokerService).isAuthorizationEnabled();
    resetChannel();
    setChannelConnected();
    // test SUBSCRIBE on topic and cursor creation success
    ByteBuf clientCommand = //
    Commands.newSubscribe(//
    successTopicName, successSubName, 1, /* consumer id */
    1, /* request id */
    SubType.Exclusive, 0, "test");
    channel.writeInbound(clientCommand);
    assertTrue(getResponse() instanceof CommandError);
    channel.finish();
}
Also used : AuthorizationManager(com.yahoo.pulsar.broker.authorization.AuthorizationManager) CommandError(com.yahoo.pulsar.common.api.proto.PulsarApi.CommandError) ByteBuf(io.netty.buffer.ByteBuf) Test(org.testng.annotations.Test)

Aggregations

AuthorizationManager (com.yahoo.pulsar.broker.authorization.AuthorizationManager)11 Test (org.testng.annotations.Test)8 ByteBuf (io.netty.buffer.ByteBuf)7 CommandError (com.yahoo.pulsar.common.api.proto.PulsarApi.CommandError)4 ConfigurationCacheService (com.yahoo.pulsar.broker.cache.ConfigurationCacheService)3 AuthAction (com.yahoo.pulsar.common.policies.data.AuthAction)3 AuthenticationService (com.yahoo.pulsar.broker.authentication.AuthenticationService)2 PersistentTopic (com.yahoo.pulsar.broker.service.persistent.PersistentTopic)2 CommandProducerSuccess (com.yahoo.pulsar.common.api.proto.PulsarApi.CommandProducerSuccess)2 CommandSuccess (com.yahoo.pulsar.common.api.proto.PulsarApi.CommandSuccess)2 ClusterData (com.yahoo.pulsar.common.policies.data.ClusterData)2 PropertyAdmin (com.yahoo.pulsar.common.policies.data.PropertyAdmin)2 PulsarServerException (com.yahoo.pulsar.broker.PulsarServerException)1 ServiceConfiguration (com.yahoo.pulsar.broker.ServiceConfiguration)1 MockedPulsarServiceBaseTest (com.yahoo.pulsar.broker.auth.MockedPulsarServiceBaseTest)1 DestinationName (com.yahoo.pulsar.common.naming.DestinationName)1 Policies (com.yahoo.pulsar.common.policies.data.Policies)1 GlobalZooKeeperCache (com.yahoo.pulsar.zookeeper.GlobalZooKeeperCache)1 IOException (java.io.IOException)1