use of org.apache.qpid.server.security.access.firewall.FirewallRule in project qpid-broker-j by apache.
the class ClientActionTest method testMatches_returnsFalseWhenActionsDontMatch.
public void testMatches_returnsFalseWhenActionsDontMatch() {
FirewallRule firewallRule = mock(FirewallRule.class);
when(firewallRule.matches(_addressOfClient)).thenReturn(true);
when(_action.matches(any(Action.class))).thenReturn(false);
when(_ruleAction.getFirewallRule()).thenReturn(firewallRule);
assertFalse(_clientAction.matches(_ruleAction, _addressOfClient));
}
use of org.apache.qpid.server.security.access.firewall.FirewallRule in project qpid-broker-j by apache.
the class ClientActionTest method testMatches_ignoresFirewallRuleIfClientAddressIsNull.
public void testMatches_ignoresFirewallRuleIfClientAddressIsNull() {
FirewallRule firewallRule = mock(FirewallRule.class);
when(_action.matches(any(Action.class))).thenReturn(true);
when(_ruleAction.getFirewallRule()).thenReturn(firewallRule);
assertTrue(_clientAction.matches(_ruleAction, null));
verifyZeroInteractions(firewallRule);
}
use of org.apache.qpid.server.security.access.firewall.FirewallRule in project qpid-broker-j by apache.
the class MessagingACLTest method configureACL.
private void configureACL(String... rules) throws Exception {
EventLoggerProvider eventLoggerProvider = mock(EventLoggerProvider.class);
EventLogger eventLogger = mock(EventLogger.class);
when(eventLoggerProvider.getEventLogger()).thenReturn(eventLogger);
List<AclRule> aclRules = new ArrayList<>();
try (StringReader stringReader = new StringReader(Arrays.stream(rules).collect(Collectors.joining(LINE_SEPARATOR)))) {
RuleSet ruleSet = AclFileParser.parse(stringReader, eventLoggerProvider);
final List<Rule> parsedRules = ruleSet.getAllRules();
for (final Rule rule : parsedRules) {
aclRules.add(new AclRule() {
@Override
public String getIdentity() {
return rule.getIdentity();
}
@Override
public ObjectType getObjectType() {
return rule.getAction().getObjectType();
}
@Override
public LegacyOperation getOperation() {
return rule.getAction().getOperation();
}
@Override
public Map<ObjectProperties.Property, String> getAttributes() {
Map<ObjectProperties.Property, String> attributes = new HashMap<>(rule.getAction().getProperties().asPropertyMap());
FirewallRule firewallRule = rule.getAclAction().getFirewallRule();
if (firewallRule != null) {
if (firewallRule instanceof HostnameFirewallRule) {
attributes.put(ObjectProperties.Property.FROM_HOSTNAME, "127.0.0.1");
} else if (firewallRule instanceof NetworkFirewallRule) {
// tests use only 127.0.0.1 at the moment
attributes.put(ObjectProperties.Property.FROM_NETWORK, "127.0.0.1");
}
}
return attributes;
}
@Override
public RuleOutcome getOutcome() {
return rule.getRuleOutcome();
}
});
}
}
configureACL(aclRules.toArray(new AclRule[aclRules.size()]));
}
use of org.apache.qpid.server.security.access.firewall.FirewallRule in project qpid-broker-j by apache.
the class ClientActionTest method testMatches_returnsTrueWhenActionsAndFirewallRuleMatch.
public void testMatches_returnsTrueWhenActionsAndFirewallRuleMatch() {
FirewallRule firewallRule = mock(FirewallRule.class);
when(firewallRule.matches(_addressOfClient)).thenReturn(true);
when(_action.matches(any(Action.class))).thenReturn(true);
when(_ruleAction.getFirewallRule()).thenReturn(firewallRule);
assertTrue(_clientAction.matches(_ruleAction, _addressOfClient));
}
Aggregations