package com.sonian.elasticsearch.http.jetty.security;
import com.sonian.elasticsearch.http.jetty.AbstractJettyHttpServerTests;
import com.sonian.elasticsearch.http.jetty.HttpClient;
import com.sonian.elasticsearch.http.jetty.HttpClientResponse;
import org.elasticsearch.common.settings.ImmutableSettings;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import java.io.IOException;
import static org.elasticsearch.common.xcontent.XContentFactory.jsonBuilder;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
/**
* @author drewr
*/
public class ESLoginServiceTests extends AbstractJettyHttpServerTests {
@BeforeMethod
public void setup() {
startNode("server1", ImmutableSettings
.settingsBuilder()
.put("sonian.elasticsearch.http.jetty.config", "jetty.xml,jetty-es-auth.xml,jetty-restrict-writes.xml"));
}
@AfterMethod
public void stop() {
closeAllNodes();
}
@Test
public void testSuccess() throws Exception {
publishAuth("server1", "foo", "MD5:37b51d194a7513e45b56f6524f2d51f2", "pray:readwrite:love"); // password bar
HttpClient http = httpClient("server1", "foo", "bar");
String data;
data = jsonBuilder().startObject().field("blip", 1).endObject().string();
HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(201));
}
@Test
public void testFail() throws Exception {
publishAuth("server1", "foo", "MD5:37b51d194a7513e45b56f6524f2d51f2", "readwrite"); // password bar
HttpClient http = httpClient("server1", "foo", "WRONG");
String data;
data = jsonBuilder().startObject().field("blip", 1).endObject().string();
HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(401));
}
@Test
public void testTwoUsers() throws Exception {
publishAuth("server1", "john", "password1", "readwrite");
publishAuth("server1", "jane", "password2", "readwrite");
String data;
data = jsonBuilder().startObject().field("blip", 1).endObject().string();
HttpClient http = httpClient("server1", "john", "password1");
HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(201));
http = httpClient("server1", "jane", "password2");
resp = http.request("PUT", "/foo/bar/2", data.getBytes());
assertThat(resp.errorCode(), equalTo(201));
http = httpClient("server1", "john", "password2");
resp = http.request("PUT", "/foo/bar/3", data.getBytes());
assertThat(resp.errorCode(), equalTo(401));
http = httpClient("server1", "jane", "password1");
resp = http.request("PUT", "/foo/bar/4", data.getBytes());
assertThat(resp.errorCode(), equalTo(401));
http = httpClient("server1", "JaNe", "password2");
resp = http.request("PUT", "/foo/bar/4", data.getBytes());
assertThat(resp.errorCode(), equalTo(401));
}
@Test
public void testEmptyPassword() throws Exception {
publishAuth("server1", "foo", null, "readwrite");
String data;
data = jsonBuilder().startObject().field("blip", 1).endObject().string();
HttpClient http = httpClient("server1");
HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(401));
http = httpClient("server1", "foo", "");
resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(401));
}
@Test
public void testEmptyRoles() throws Exception {
publishAuth("server1", "foo", "bar", null);
String data;
data = jsonBuilder().startObject().field("blip", 1).endObject().string();
HttpClient http = httpClient("server1", "foo", "bar");
HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(403));
http = httpClient("server1", "foo", "bar");
resp = http.request("PUT", "/foo/bar/1", data.getBytes());
assertThat(resp.errorCode(), equalTo(403));
}
protected void publishAuth(String server, String user, String pass, String roles) throws IOException {
final String idx = "auth";
XContentBuilder contentBuilder = XContentFactory.jsonBuilder().startObject();
if (pass != null) {
contentBuilder.field("password", pass);
}
if (roles != null) {
contentBuilder.field("roles", roles.split(":"));
}
contentBuilder.endObject();
client(server).prepareIndex().setIndex(idx).setType("user").setId(user)
.setSource(contentBuilder)
.execute().actionGet();
client(server).admin().indices().prepareRefresh(idx).execute().actionGet();
}
}