package com.sonian.elasticsearch.http.jetty.security; import com.sonian.elasticsearch.http.jetty.AbstractJettyHttpServerTests; import com.sonian.elasticsearch.http.jetty.HttpClient; import com.sonian.elasticsearch.http.jetty.HttpClientResponse; import org.elasticsearch.common.settings.ImmutableSettings; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentFactory; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeMethod; import org.testng.annotations.Test; import java.io.IOException; import static org.elasticsearch.common.xcontent.XContentFactory.jsonBuilder; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; /** * @author drewr */ public class ESLoginServiceTests extends AbstractJettyHttpServerTests { @BeforeMethod public void setup() { startNode("server1", ImmutableSettings .settingsBuilder() .put("sonian.elasticsearch.http.jetty.config", "jetty.xml,jetty-es-auth.xml,jetty-restrict-writes.xml")); } @AfterMethod public void stop() { closeAllNodes(); } @Test public void testSuccess() throws Exception { publishAuth("server1", "foo", "MD5:37b51d194a7513e45b56f6524f2d51f2", "pray:readwrite:love"); // password bar HttpClient http = httpClient("server1", "foo", "bar"); String data; data = jsonBuilder().startObject().field("blip", 1).endObject().string(); HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(201)); } @Test public void testFail() throws Exception { publishAuth("server1", "foo", "MD5:37b51d194a7513e45b56f6524f2d51f2", "readwrite"); // password bar HttpClient http = httpClient("server1", "foo", "WRONG"); String data; data = jsonBuilder().startObject().field("blip", 1).endObject().string(); HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(401)); } @Test public void testTwoUsers() throws Exception { publishAuth("server1", "john", "password1", "readwrite"); publishAuth("server1", "jane", "password2", "readwrite"); String data; data = jsonBuilder().startObject().field("blip", 1).endObject().string(); HttpClient http = httpClient("server1", "john", "password1"); HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(201)); http = httpClient("server1", "jane", "password2"); resp = http.request("PUT", "/foo/bar/2", data.getBytes()); assertThat(resp.errorCode(), equalTo(201)); http = httpClient("server1", "john", "password2"); resp = http.request("PUT", "/foo/bar/3", data.getBytes()); assertThat(resp.errorCode(), equalTo(401)); http = httpClient("server1", "jane", "password1"); resp = http.request("PUT", "/foo/bar/4", data.getBytes()); assertThat(resp.errorCode(), equalTo(401)); http = httpClient("server1", "JaNe", "password2"); resp = http.request("PUT", "/foo/bar/4", data.getBytes()); assertThat(resp.errorCode(), equalTo(401)); } @Test public void testEmptyPassword() throws Exception { publishAuth("server1", "foo", null, "readwrite"); String data; data = jsonBuilder().startObject().field("blip", 1).endObject().string(); HttpClient http = httpClient("server1"); HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(401)); http = httpClient("server1", "foo", ""); resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(401)); } @Test public void testEmptyRoles() throws Exception { publishAuth("server1", "foo", "bar", null); String data; data = jsonBuilder().startObject().field("blip", 1).endObject().string(); HttpClient http = httpClient("server1", "foo", "bar"); HttpClientResponse resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(403)); http = httpClient("server1", "foo", "bar"); resp = http.request("PUT", "/foo/bar/1", data.getBytes()); assertThat(resp.errorCode(), equalTo(403)); } protected void publishAuth(String server, String user, String pass, String roles) throws IOException { final String idx = "auth"; XContentBuilder contentBuilder = XContentFactory.jsonBuilder().startObject(); if (pass != null) { contentBuilder.field("password", pass); } if (roles != null) { contentBuilder.field("roles", roles.split(":")); } contentBuilder.endObject(); client(server).prepareIndex().setIndex(idx).setType("user").setId(user) .setSource(contentBuilder) .execute().actionGet(); client(server).admin().indices().prepareRefresh(idx).execute().actionGet(); } }