killbill-memoizeit
entitlement: Code review integration for 7b29b4858d24571d821de11f928419689692449b Add …
10/17/2015 7:43:55 PM
Changes
catalog/src/test/resources/Cloud.xml 0(+0 -0)
Details
catalog/src/test/resources/Cloud.xml 0(+0 -0)
diff --git a/catalog/src/test/resources/Cloud.xml b/catalog/src/test/resources/Cloud.xml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/catalog/src/test/resources/Cloud.xml
diff --git a/entitlement/src/main/java/org/killbill/billing/entitlement/api/DefaultEntitlement.java b/entitlement/src/main/java/org/killbill/billing/entitlement/api/DefaultEntitlement.java
index 7a7ec33..0507ae1 100644
--- a/entitlement/src/main/java/org/killbill/billing/entitlement/api/DefaultEntitlement.java
+++ b/entitlement/src/main/java/org/killbill/billing/entitlement/api/DefaultEntitlement.java
@@ -628,11 +628,11 @@ public class DefaultEntitlement extends EntityBase implements Entitlement {
//
// If authentication had been done (CorsBasicHttpAuthenticationFilter) we verify the correct permissions exist.
//
- if (SecurityUtils.getSubject().isAuthenticated()) {
+ if (securityApi.isSubjectAuthenticated()) {
try {
securityApi.checkCurrentUserPermissions(ImmutableList.of(permission), Logical.AND, callContext);
} catch (final SecurityApiException e) {
- throw new EntitlementApiException(ErrorCode.SECURITY_INVALID_PERMISSIONS, permission.toString());
+ throw new EntitlementApiException(ErrorCode.SECURITY_NOT_ENOUGH_PERMISSIONS);
}
}
}
diff --git a/entitlement/src/test/java/org/killbill/billing/entitlement/EntitlementTestSuiteWithEmbeddedDB.java b/entitlement/src/test/java/org/killbill/billing/entitlement/EntitlementTestSuiteWithEmbeddedDB.java
index 5c9770c..1fe5700 100644
--- a/entitlement/src/test/java/org/killbill/billing/entitlement/EntitlementTestSuiteWithEmbeddedDB.java
+++ b/entitlement/src/test/java/org/killbill/billing/entitlement/EntitlementTestSuiteWithEmbeddedDB.java
@@ -51,6 +51,7 @@ import org.killbill.billing.lifecycle.api.BusService;
import org.killbill.billing.mock.MockAccountBuilder;
import org.killbill.billing.platform.api.KillbillConfigSource;
import org.killbill.billing.security.Permission;
+import org.killbill.billing.security.api.SecurityApi;
import org.killbill.billing.subscription.api.SubscriptionBaseInternalApi;
import org.killbill.billing.subscription.api.SubscriptionBaseService;
import org.killbill.billing.subscription.engine.core.DefaultSubscriptionBaseService;
@@ -115,6 +116,8 @@ public class EntitlementTestSuiteWithEmbeddedDB extends GuicyKillbillTestSuiteWi
protected AuditUserApi auditUserApi;
@Inject
protected InternalCallContextFactory internalCallContextFactory;
+ @Inject
+ protected SecurityApi securityApi;
protected Catalog catalog;
@@ -143,18 +146,9 @@ public class EntitlementTestSuiteWithEmbeddedDB extends GuicyKillbillTestSuiteWi
}
private void login(final String username) {
- logout();
- final AuthenticationToken token = new UsernamePasswordToken(username, "password");
- final Subject currentUser = SecurityUtils.getSubject();
- currentUser.login(token);
+ securityApi.login(username, "password");
}
- private void logout() {
- final Subject currentUser = SecurityUtils.getSubject();
- if (currentUser.isAuthenticated()) {
- currentUser.logout();
- }
- }
protected void configureShiro() {
final Ini config = new Ini();
@@ -179,7 +173,7 @@ public class EntitlementTestSuiteWithEmbeddedDB extends GuicyKillbillTestSuiteWi
@AfterMethod(groups = "slow")
public void afterMethod() throws Exception {
- logout();
+ securityApi.logout();
// Make sure we finish in a clean state
assertListenerStatus();
diff --git a/profiles/killbill/src/test/java/org/killbill/billing/jaxrs/TestSecurity.java b/profiles/killbill/src/test/java/org/killbill/billing/jaxrs/TestSecurity.java
index 15ca63c..fe40922 100644
--- a/profiles/killbill/src/test/java/org/killbill/billing/jaxrs/TestSecurity.java
+++ b/profiles/killbill/src/test/java/org/killbill/billing/jaxrs/TestSecurity.java
@@ -71,12 +71,12 @@ public class TestSecurity extends TestJaxrsBase {
@Test(groups = "slow")
public void testDynamicUserRolesAllCatalogPermissions() throws Exception {
- testDynamicUserRolesInternal("wqeqsdswe", "jsddsh763s", "allcatalog", ImmutableList.of("catalog:*","tenant:add_keys"), true);
+ testDynamicUserRolesInternal("wqeqsdswe", "jsddsh763s", "allcatalog", ImmutableList.of("catalog:*","tenant_kvs:add"), true);
}
@Test(groups = "slow")
public void testDynamicUserRolesCorrectCatalogPermissions() throws Exception {
- testDynamicUserRolesInternal("wqeq23f6we", "jds5gh763s", "correctcatalog", ImmutableList.of("catalog:config_upload","tenant:add_keys"), true);
+ testDynamicUserRolesInternal("wqeq23f6we", "jds5gh763s", "correctcatalog", ImmutableList.of("catalog:config_upload","tenant_kvs:add"), true);
}
@Test(groups = "slow")
diff --git a/util/src/main/java/org/killbill/billing/util/security/api/DefaultSecurityApi.java b/util/src/main/java/org/killbill/billing/util/security/api/DefaultSecurityApi.java
index f1718c1..f807229 100644
--- a/util/src/main/java/org/killbill/billing/util/security/api/DefaultSecurityApi.java
+++ b/util/src/main/java/org/killbill/billing/util/security/api/DefaultSecurityApi.java
@@ -68,7 +68,11 @@ public class DefaultSecurityApi implements SecurityApi {
@Override
public synchronized void login(final Object principal, final Object credentials) {
+
final Subject currentUser = SecurityUtils.getSubject();
+ if (currentUser.isAuthenticated()) {
+ logout();
+ }
// Workaround for https://issues.apache.org/jira/browse/SHIRO-510
// TODO Not sure if it's a good fix?
@@ -100,7 +104,14 @@ public class DefaultSecurityApi implements SecurityApi {
@Override
public void logout() {
final Subject currentUser = SecurityUtils.getSubject();
- currentUser.logout();
+ if (currentUser != null && currentUser.isAuthenticated()) {
+ currentUser.logout();
+ }
+ }
+
+ @Override
+ public boolean isSubjectAuthenticated() {
+ return SecurityUtils.getSubject().isAuthenticated();
}
@Override
diff --git a/util/src/test/java/org/killbill/billing/util/UtilTestSuiteNoDB.java b/util/src/test/java/org/killbill/billing/util/UtilTestSuiteNoDB.java
index 9bb60b2..ad802db 100644
--- a/util/src/test/java/org/killbill/billing/util/UtilTestSuiteNoDB.java
+++ b/util/src/test/java/org/killbill/billing/util/UtilTestSuiteNoDB.java
@@ -19,20 +19,12 @@ package org.killbill.billing.util;
import javax.inject.Inject;
import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.Ini;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.apache.shiro.util.ThreadContext;
-import org.testng.annotations.AfterMethod;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.BeforeMethod;
-
import org.killbill.billing.GuicyKillbillTestSuiteNoDB;
-import org.killbill.bus.api.PersistentBus;
import org.killbill.billing.security.Permission;
import org.killbill.billing.security.api.SecurityApi;
import org.killbill.billing.util.api.AuditUserApi;
@@ -42,6 +34,10 @@ import org.killbill.billing.util.callcontext.InternalCallContextFactory;
import org.killbill.billing.util.dao.NonEntityDao;
import org.killbill.billing.util.glue.TestUtilModuleNoDB;
import org.killbill.billing.util.security.shiro.realm.KillBillJndiLdapRealm;
+import org.killbill.bus.api.PersistentBus;
+import org.testng.annotations.AfterMethod;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.BeforeMethod;
import com.google.inject.Guice;
import com.google.inject.Injector;
@@ -87,20 +83,12 @@ public class UtilTestSuiteNoDB extends GuicyKillbillTestSuiteNoDB {
}
// Security helpers
-
protected void login(final String username) {
- logout();
-
- final AuthenticationToken token = new UsernamePasswordToken(username, "password");
- final Subject currentUser = SecurityUtils.getSubject();
- currentUser.login(token);
+ securityApi.login(username, "password");
}
protected void logout() {
- final Subject currentUser = SecurityUtils.getSubject();
- if (currentUser.isAuthenticated()) {
- currentUser.logout();
- }
+ securityApi.logout();
}
protected void configureShiro() {