use of org.wildfly.security.auth.server.SecurityIdentity in project wildfly by wildfly.
the class BatchSubsystemSecurityTestCase method testStop_NotAllowed.
/**
* Stopping an execution by a user who doesn't have the permission to do it.
*/
@Test
public void testStop_NotAllowed() throws Exception {
final SecurityIdentity user1 = getSecurityIdentity("user1", "password1");
final SecurityIdentity user3 = getSecurityIdentity("user3", "password3");
final Long id = user1.runAs((Callable<Long>) () -> operator.start("long-running-batchlet", null));
TimeUnit.SECONDS.sleep(1);
try {
user3.runAs(() -> operator.stop(id));
Assert.fail("user2 should not be allowed to stop job executions");
} catch (JobSecurityException e) {
// OK
}
Assert.assertNotEquals(BatchStatus.STOPPED, operator.getJobExecution(id).getBatchStatus());
}
use of org.wildfly.security.auth.server.SecurityIdentity in project wildfly by wildfly.
the class BatchSubsystemSecurityTestCase method testStart_Allowed.
/**
* Try running a job as a user who has the permission to run jobs. It should succeed.
* The job should also be able to retrieve the name of the user who ran it.
*/
@Test
public void testStart_Allowed() throws Exception {
identityWithinJob = new CompletableFuture<>();
final SecurityIdentity user1 = getSecurityIdentity("user1", "password1");
user1.runAs((Callable<Long>) () -> operator.start("assert-identity", new Properties()));
final String actualUsername = identityWithinJob.get(TimeoutUtil.adjust(20), TimeUnit.SECONDS);
Assert.assertEquals("user1", actualUsername);
}
use of org.wildfly.security.auth.server.SecurityIdentity in project wildfly by wildfly.
the class BatchSubsystemSecurityTestCase method testStop_Allowed.
/**
* Stopping an execution by a user who has the permission to do it.
*/
@Test
public void testStop_Allowed() throws Exception {
final SecurityIdentity user1 = getSecurityIdentity("user1", "password1");
final Long id = user1.runAs((Callable<Long>) () -> operator.start("long-running-batchlet", null));
TimeUnit.SECONDS.sleep(1);
user1.runAs(() -> operator.stop(id));
waitForJobEnd(id, 10);
Assert.assertEquals(BatchStatus.STOPPED, operator.getJobExecution(id).getBatchStatus());
}
use of org.wildfly.security.auth.server.SecurityIdentity in project wildfly by wildfly.
the class BatchSubsystemSecurityTestCase method testRead_Allowed.
/**
* Test reading execution metadata by a user who has the permission to do it.
* User1 runs a job and then user2 tries to read its metadata.
*/
@Test
public void testRead_Allowed() throws Exception {
final Properties jobParams = new Properties();
jobParams.put("prop1", "val1");
final SecurityIdentity user1 = getSecurityIdentity("user1", "password1");
final SecurityIdentity user3 = getSecurityIdentity("user3", "password3");
final Long executionId = user1.runAs((Callable<Long>) () -> operator.start("assert-identity", jobParams));
final Properties retrievedParams = user3.runAs((Callable<Properties>) () -> operator.getJobExecution(executionId).getJobParameters());
Assert.assertEquals(jobParams, retrievedParams);
}
use of org.wildfly.security.auth.server.SecurityIdentity in project wildfly by wildfly.
the class BatchSubsystemSecurityTestCase method testRestart_NotAllowed.
/**
* Test restarting failed jobs by a user who doesn't have the permission to do it.
*/
@Test
public void testRestart_NotAllowed() throws Exception {
final SecurityIdentity user1 = getSecurityIdentity("user1", "password1");
final SecurityIdentity user2 = getSecurityIdentity("user2", "password2");
Properties params = new Properties();
params.put("should.fail", "true");
final Long executionId = user1.runAs((Callable<Long>) () -> operator.start("failing-batchlet", params));
waitForJobEnd(executionId, 10);
Assert.assertEquals(BatchStatus.FAILED, operator.getJobExecution(executionId).getBatchStatus());
try {
user2.runAs((Callable<Long>) () -> operator.restart(executionId, params));
Assert.fail("user2 shouldn't be allowed to restart batch jobs");
} catch (JobSecurityException e) {
// OK
}
}
Aggregations