use of org.opengrok.indexer.web.DummyHttpServletRequest in project OpenGrok by OpenGrok.
the class AuthorizationFrameworkReloadTest method testReloadCycle.
/**
* Sort of a stress test - call isAllowed() and reload() in parallel.
* This might uncover any snags with locking within AuthorizationFramework.
*/
@Test
public void testReloadCycle() {
String projectName = "project" + Math.random();
// Create authorization stack for single project.
AuthorizationStack stack = new AuthorizationStack(AuthControlFlag.REQUIRED, "stack for project " + projectName);
assertNotNull(stack);
stack.add(new AuthorizationPlugin(AuthControlFlag.REQUIRED, "opengrok.auth.plugin.FalsePlugin"));
stack.setForProjects(projectName);
AuthorizationFramework framework = new AuthorizationFramework(pluginDirectory.getPath(), stack);
// to avoid noise when loading classes of other tests
framework.setLoadClasses(false);
framework.reload();
// Perform simple sanity check before long run is entered. If this fails,
// it will be waste of time to continue with the test.
Project p = new Project(projectName);
DummyHttpServletRequest req = new DummyHttpServletRequest();
assertFalse(framework.isAllowed(req, p));
// Create a thread that does reload() every now and then.
runThread = true;
final int maxReloadSleep = 10;
Thread t = new Thread(() -> {
while (runThread) {
framework.reload();
try {
Thread.sleep((long) (Math.random() % maxReloadSleep) + 1);
} catch (InterruptedException ex) {
}
}
});
t.start();
// Process number or requests and check that framework decision is consistent.
for (int i = 0; i < 1000; i++) {
req = new DummyHttpServletRequest();
assertFalse(framework.isAllowed(req, p));
try {
// Should run more frequently than the thread performing reload().
Thread.sleep((long) (Math.random() % (maxReloadSleep / 3)) + 1);
} catch (InterruptedException ex) {
}
}
try {
// Terminate the thread.
runThread = false;
t.join();
} catch (InterruptedException ex) {
}
// Double check that at least one reload() was done.
long reloads = (long) Metrics.getRegistry().counter("authorization.stack.reload").count();
assertTrue(reloads > 0);
}
use of org.opengrok.indexer.web.DummyHttpServletRequest in project OpenGrok by OpenGrok.
the class AuthorizationFrameworkReloadTest method testReloadSimple.
/**
* After {@code reload()} the session attributes should be invalidated.
* It is assumed that invalidation of HttpSession objects means that all
* the attributes will be unset.
*/
@Test
public void testReloadSimple() {
DummyHttpServletRequest req = new DummyHttpServletRequest();
AuthorizationFramework framework = new AuthorizationFramework(pluginDirectory.getPath());
// to avoid noise when loading classes of other tests
framework.setLoadClasses(false);
framework.reload();
// Ensure the framework was setup correctly.
assertNotNull(framework.getPluginDirectory());
assertEquals(pluginDirectory, framework.getPluginDirectory());
// Create pre-requisite objects - mainly the HTTP session with attribute.
Project p = new Project("project" + Math.random());
HttpSession session = req.getSession();
String attrName = "foo";
session.setAttribute(attrName, "bar");
assertNotNull(session.getAttribute(attrName));
// Reload the framework to increment the plugin generation version.
framework.reload();
// Let the framework check the request. This should invalidate the session
// since the version was incremented. In this test we are not interested
// in the actual result.
framework.isAllowed(req, p);
// Verify that the session no longer has the attribute.
assertNull(session.getAttribute(attrName));
}
use of org.opengrok.indexer.web.DummyHttpServletRequest in project OpenGrok by OpenGrok.
the class TruePluginTest method shouldAllowRandomUserForAnyProject.
@Test
public void shouldAllowRandomUserForAnyProject() {
DummyHttpServletRequest req = new DummyHttpServletRequest();
req.setAttribute(UserPlugin.REQUEST_ATTR, new User(RandomStringUtils.randomAlphanumeric(8)));
Project randomProject = new Project(RandomStringUtils.randomAlphanumeric(10));
boolean projectAllowed = plugin.isAllowed(req, randomProject);
assertTrue(projectAllowed, "should allow rando for random project 1");
randomProject = new Project(RandomStringUtils.randomAlphanumeric(10));
projectAllowed = plugin.isAllowed(req, randomProject);
assertTrue(projectAllowed, "should allow rando for random project 2");
}
use of org.opengrok.indexer.web.DummyHttpServletRequest in project OpenGrok by OpenGrok.
the class TruePluginTest method shouldAllowRandomUserForAnyGroup.
@Test
public void shouldAllowRandomUserForAnyGroup() {
DummyHttpServletRequest req = new DummyHttpServletRequest();
req.setAttribute(UserPlugin.REQUEST_ATTR, new User(RandomStringUtils.randomAlphanumeric(8)));
Group randomGroup = new Group(RandomStringUtils.randomAlphanumeric(10));
boolean projectAllowed = plugin.isAllowed(req, randomGroup);
assertTrue(projectAllowed, "should allow rando for random group 1");
randomGroup = new Group(RandomStringUtils.randomAlphanumeric(10));
projectAllowed = plugin.isAllowed(req, randomGroup);
assertTrue(projectAllowed, "should allow rando for random group 2");
}
use of org.opengrok.indexer.web.DummyHttpServletRequest in project OpenGrok by OpenGrok.
the class UserWhiteListPluginTest method shouldNotAllowRandomUserForAnyProject.
@ParameterizedTest
@MethodSource("parameters")
public void shouldNotAllowRandomUserForAnyProject(String param) {
init(param);
plugin.load(validPluginParameters);
DummyHttpServletRequest req = new DummyHttpServletRequest();
req.setAttribute(UserPlugin.REQUEST_ATTR, new User(RandomStringUtils.randomAlphanumeric(8)));
Project randomProject = new Project(RandomStringUtils.randomAlphanumeric(10));
boolean projectAllowed = plugin.isAllowed(req, randomProject);
assertFalse(projectAllowed, "should not allow random user for random project 1");
randomProject = new Project(RandomStringUtils.randomAlphanumeric(10));
projectAllowed = plugin.isAllowed(req, randomProject);
assertFalse(projectAllowed, "should not allow random user for random project 2");
}
Aggregations