use of org.apache.solr.handler.SchemaHandler in project lucene-solr by apache.
the class TestApiFramework method testFramework.
public void testFramework() {
Map<String, Object[]> calls = new HashMap<>();
Map<String, Object> out = new HashMap<>();
CoreContainer mockCC = TestCoreAdminApis.getCoreContainerMock(calls, out);
PluginBag<SolrRequestHandler> containerHandlers = new PluginBag<>(SolrRequestHandler.class, null, false);
containerHandlers.put(COLLECTIONS_HANDLER_PATH, new TestCollectionAPIs.MockCollectionsHandler());
containerHandlers.put(CORES_HANDLER_PATH, new CoreAdminHandler(mockCC));
containerHandlers.put(CONFIGSETS_HANDLER_PATH, new ConfigSetsHandler(mockCC));
out.put("getRequestHandlers", containerHandlers);
PluginBag<SolrRequestHandler> coreHandlers = new PluginBag<>(SolrRequestHandler.class, null, false);
coreHandlers.put("/schema", new SchemaHandler());
coreHandlers.put("/config", new SolrConfigHandler());
coreHandlers.put("/admin/ping", new PingRequestHandler());
Map<String, String> parts = new HashMap<>();
String fullPath = "/collections/hello/shards";
Api api = V2HttpCall.getApiInfo(containerHandlers, fullPath, "POST", fullPath, parts);
assertNotNull(api);
assertConditions(api.getSpec(), Utils.makeMap("/methods[0]", "POST", "/commands/create", NOT_NULL));
assertEquals("hello", parts.get("collection"));
parts = new HashMap<>();
api = V2HttpCall.getApiInfo(containerHandlers, "/collections/hello/shards", "POST", null, parts);
assertConditions(api.getSpec(), Utils.makeMap("/methods[0]", "POST", "/commands/split", NOT_NULL, "/commands/add-replica", NOT_NULL));
parts = new HashMap<>();
api = V2HttpCall.getApiInfo(containerHandlers, "/collections/hello/shards/shard1", "POST", null, parts);
assertConditions(api.getSpec(), Utils.makeMap("/methods[0]", "POST", "/commands/force-leader", NOT_NULL));
assertEquals("hello", parts.get("collection"));
assertEquals("shard1", parts.get("shard"));
parts = new HashMap<>();
api = V2HttpCall.getApiInfo(containerHandlers, "/collections/hello", "POST", null, parts);
assertConditions(api.getSpec(), Utils.makeMap("/methods[0]", "POST", "/commands/add-replica-property", NOT_NULL, "/commands/delete-replica-property", NOT_NULL));
assertEquals("hello", parts.get("collection"));
api = V2HttpCall.getApiInfo(containerHandlers, "/collections/hello/shards/shard1/replica1", "DELETE", null, parts);
assertConditions(api.getSpec(), Utils.makeMap("/methods[0]", "DELETE", "/url/params/onlyIfDown/type", "boolean"));
assertEquals("hello", parts.get("collection"));
assertEquals("shard1", parts.get("shard"));
assertEquals("replica1", parts.get("replica"));
SolrQueryResponse rsp = invoke(containerHandlers, null, "/collections/_introspect", GET, mockCC);
assertConditions(rsp.getValues().asMap(2), Utils.makeMap("/spec[0]/methods[0]", "DELETE", "/spec[1]/methods[0]", "POST", "/spec[2]/methods[0]", "GET"));
rsp = invoke(coreHandlers, "/schema/_introspect", "/collections/hello/schema/_introspect", GET, mockCC);
assertConditions(rsp.getValues().asMap(2), Utils.makeMap("/spec[0]/methods[0]", "POST", "/spec[0]/commands", NOT_NULL, "/spec[1]/methods[0]", "GET"));
rsp = invoke(coreHandlers, "/", "/collections/hello/_introspect", GET, mockCC);
assertConditions(rsp.getValues().asMap(2), Utils.makeMap("/availableSubPaths", NOT_NULL, "availableSubPaths /collections/hello/config/jmx", NOT_NULL, "availableSubPaths /collections/hello/schema", NOT_NULL, "availableSubPaths /collections/hello/shards", NOT_NULL, "availableSubPaths /collections/hello/shards/{shard}", NOT_NULL, "availableSubPaths /collections/hello/shards/{shard}/{replica}", NOT_NULL));
}
use of org.apache.solr.handler.SchemaHandler in project lucene-solr by apache.
the class TestRuleBasedAuthorizationPlugin method testBasicPermissions.
public void testBasicPermissions() {
int STATUS_OK = 200;
int FORBIDDEN = 403;
int PROMPT_FOR_CREDENTIALS = 401;
checkRules(makeMap("resource", "/update/json/docs", "httpMethod", "POST", "userPrincipal", "unknownuser", "collectionRequests", "freeforall", "handler", new UpdateRequestHandler()), STATUS_OK);
checkRules(makeMap("resource", "/update/json/docs", "httpMethod", "POST", "userPrincipal", "tim", "collectionRequests", "mycoll", "handler", new UpdateRequestHandler()), STATUS_OK);
checkRules(makeMap("resource", "/update/json/docs", "httpMethod", "POST", "collectionRequests", "mycoll", "handler", new UpdateRequestHandler()), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/schema", "userPrincipal", "somebody", "collectionRequests", "mycoll", "httpMethod", "POST", "handler", new SchemaHandler()), FORBIDDEN);
checkRules(makeMap("resource", "/schema", "userPrincipal", "somebody", "collectionRequests", "mycoll", "httpMethod", "GET", "handler", new SchemaHandler()), STATUS_OK);
checkRules(makeMap("resource", "/schema/fields", "userPrincipal", "somebody", "collectionRequests", "mycoll", "httpMethod", "GET", "handler", new SchemaHandler()), STATUS_OK);
checkRules(makeMap("resource", "/schema", "userPrincipal", "somebody", "collectionRequests", "mycoll", "httpMethod", "POST", "handler", new SchemaHandler()), FORBIDDEN);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", "tim", "requestType", RequestType.ADMIN, "collectionRequests", null, "httpMethod", "GET", "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "LIST"))), STATUS_OK);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", null, "requestType", RequestType.ADMIN, "collectionRequests", null, "httpMethod", "GET", "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "LIST"))), STATUS_OK);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", null, "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "CREATE"))), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", null, "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "RELOAD"))), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", "somebody", "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "CREATE"))), FORBIDDEN);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", "tim", "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "CREATE"))), STATUS_OK);
checkRules(makeMap("resource", "/select", "httpMethod", "GET", "handler", new SearchHandler(), "collectionRequests", singletonList(new CollectionRequest("mycoll")), "userPrincipal", "joe"), FORBIDDEN);
Map rules = (Map) Utils.fromJSONString(permissions);
((Map) rules.get("user-role")).put("cio", "su");
((List) rules.get("permissions")).add(makeMap("name", "all", "role", "su"));
checkRules(makeMap("resource", ReplicationHandler.PATH, "httpMethod", "POST", "userPrincipal", "tim", "handler", new ReplicationHandler(), "collectionRequests", singletonList(new CollectionRequest("mycoll"))), FORBIDDEN, rules);
checkRules(makeMap("resource", ReplicationHandler.PATH, "httpMethod", "POST", "userPrincipal", "cio", "handler", new ReplicationHandler(), "collectionRequests", singletonList(new CollectionRequest("mycoll"))), STATUS_OK, rules);
checkRules(makeMap("resource", "/admin/collections", "userPrincipal", "tim", "requestType", AuthorizationContext.RequestType.ADMIN, "collectionRequests", null, "handler", new CollectionsHandler(), "params", new MapSolrParams(singletonMap("action", "CREATE"))), STATUS_OK, rules);
rules = (Map) Utils.fromJSONString(permissions);
((List) rules.get("permissions")).add(makeMap("name", "core-admin-edit", "role", "su"));
((List) rules.get("permissions")).add(makeMap("name", "core-admin-read", "role", "user"));
((Map) rules.get("user-role")).put("cio", "su");
((List) rules.get("permissions")).add(makeMap("name", "all", "role", "su"));
permissions = Utils.toJSONString(rules);
checkRules(makeMap("resource", "/admin/cores", "userPrincipal", null, "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CoreAdminHandler(null), "params", new MapSolrParams(singletonMap("action", "CREATE"))), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/admin/cores", "userPrincipal", "joe", "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CoreAdminHandler(null), "params", new MapSolrParams(singletonMap("action", "CREATE"))), FORBIDDEN);
checkRules(makeMap("resource", "/admin/cores", "userPrincipal", "joe", "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CoreAdminHandler(null), "params", new MapSolrParams(singletonMap("action", "STATUS"))), STATUS_OK);
checkRules(makeMap("resource", "/admin/cores", "userPrincipal", "cio", "requestType", RequestType.ADMIN, "collectionRequests", null, "handler", new CoreAdminHandler(null), "params", new MapSolrParams(singletonMap("action", "CREATE"))), STATUS_OK);
rules = (Map) Utils.fromJSONString(permissions);
List permissions = (List) rules.get("permissions");
//remove the 'all' permission
permissions.remove(permissions.size() - 1);
permissions.add(makeMap("name", "test-params", "role", "admin", "path", "/x", "params", makeMap("key", Arrays.asList("REGEX:(?i)val1", "VAL2"))));
this.permissions = Utils.toJSONString(rules);
checkRules(makeMap("resource", "/x", "userPrincipal", null, "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new DumpRequestHandler(), "params", new MapSolrParams(singletonMap("key", "VAL1"))), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/x", "userPrincipal", null, "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new DumpRequestHandler(), "params", new MapSolrParams(singletonMap("key", "Val1"))), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/x", "userPrincipal", null, "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new DumpRequestHandler(), "params", new MapSolrParams(singletonMap("key", "Val1"))), PROMPT_FOR_CREDENTIALS);
checkRules(makeMap("resource", "/x", "userPrincipal", "joe", "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new DumpRequestHandler(), "params", new MapSolrParams(singletonMap("key", "Val1"))), FORBIDDEN);
checkRules(makeMap("resource", "/x", "userPrincipal", "joe", "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new DumpRequestHandler(), "params", new MapSolrParams(singletonMap("key", "Val2"))), STATUS_OK);
checkRules(makeMap("resource", "/x", "userPrincipal", "joe", "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new DumpRequestHandler(), "params", new MapSolrParams(singletonMap("key", "VAL2"))), FORBIDDEN);
checkRules(makeMap("resource", "/update", "userPrincipal", "solr", "requestType", RequestType.UNKNOWN, "collectionRequests", "go", "handler", new UpdateRequestHandler(), "params", new MapSolrParams(singletonMap("key", "VAL2"))), FORBIDDEN, (Map<String, Object>) Utils.fromJSONString("{user-role:{" + " admin:[admin_role]," + " update:[update_role]," + " solr:[read_role]}," + " permissions:[" + " {name:update, role:[admin_role,update_role]}," + " {name:read, role:[admin_role,update_role,read_role]}" + "]}"));
}
Aggregations