public void setRoleList(String[] roleArray) {
userRoles = new ArrayList<String>(roleArray.length);
for (String role : roleArray) {
- userRoles.add(role);
+ String target = role.trim();
+ if (!target.isEmpty()) {
+ userRoles.add(target);
+ }
}
}
package org.opendaylight.controller.usermanager.internal;
+import java.util.ArrayList;
+import java.util.List;
+
import org.opendaylight.controller.sal.utils.Status;
/**
}
// Constructor may be needed for autocontainer logic
- public AuthorizationConfig(String user, String role) {
+ public AuthorizationConfig(String user, List<String> roles) {
super();
this.user = user;
- this.role = role;
+ this.roles = (roles == null) ? new ArrayList<String>()
+ : new ArrayList<String>(roles);
}
@Override
public Status validate() {
- return (!isRoleValid().isSuccess() ? isRoleValid() : isUsernameValid());
- }
-
- public String getRolesData() {
- return (role.replace(",", " "));
+ Status status = validateUsername();
+ if (status.isSuccess()) {
+ status = validateRoles();
+ }
+ return status;
}
public String toString() {
- return "AuthorizationConfig=[user: " + user + ", role: " + role + "]";
+ return "AuthorizationConfig=[user: " + user + ", roles: " + roles + "]";
}
}
package org.opendaylight.controller.usermanager.internal;
import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
* configurations
*/
protected String user;
- protected String role;
+ protected List<String> roles;
private String password;
private static final int USERNAME_MAXLENGTH = 32;
private static final int PASSWORD_MINLENGTH = 5;
public UserConfig() {
}
- public UserConfig(String user, String password, String role) {
+ public UserConfig(String user, String password, List<String> roles) {
this.user = user;
this.password = password;
- this.role = role;
+ this.roles = (roles == null) ? new ArrayList<String>()
+ : new ArrayList<String>(roles);
}
-
+
public String getUser() {
return user;
}
return password;
}
- public String getRole() {
- return role;
+ public List<String> getRoles() {
+ return new ArrayList<String>(roles);
}
@Override
@Override
public String toString() {
- return "UserConfig[user=" + user + ", password=" + password + "]";
+ return "UserConfig[user=" + user + ", password=" + password + ", roles=" + roles +"]";
}
public Status validate() {
- Status validCheck = new Status(StatusCode.SUCCESS, null);
- validCheck = isRoleValid();
-
- if (validCheck.isSuccess())
- validCheck = isUsernameValid();
- if (validCheck.isSuccess())
- validCheck = isPasswordValid();
-
+ Status validCheck = validateRoles();
+ if (validCheck.isSuccess()) {
+ validCheck = validateUsername();
+ }
+ if (validCheck.isSuccess()) {
+ validCheck = validatePassword();
+ }
return validCheck;
}
- protected Status isUsernameValid() {
+ protected Status validateUsername() {
if (user == null || user.isEmpty()) {
return new Status(StatusCode.BADREQUEST, "Username cannot be empty");
}
+ "characters except ./#%;?\\");
}
- return new Status(StatusCode.SUCCESS, null);
+ return new Status(StatusCode.SUCCESS);
}
- private Status isPasswordValid() {
+ private Status validatePassword() {
if (password == null || password.isEmpty()) {
return new Status(StatusCode.BADREQUEST, "Password cannot be empty");
}
return new Status(StatusCode.BADREQUEST,
"Password should have 5-256 characters");
}
- return new Status(StatusCode.SUCCESS, null);
+ return new Status(StatusCode.SUCCESS);
}
- protected Status isRoleValid() {
- if (role == null || role.isEmpty()) {
- return new Status(StatusCode.BADREQUEST,
- "Role name cannot be empty");
+ protected Status validateRoles() {
+ if (roles == null || roles.isEmpty()) {
+ return new Status(StatusCode.BADREQUEST, "No role specified");
}
- return new Status(StatusCode.SUCCESS, null);
+ return new Status(StatusCode.SUCCESS);
}
- public boolean update(String currentPassword, String newPassword,
- String newRole) {
+ public Status update(String currentPassword, String newPassword,
+ List<String> newRoles) {
// To make any changes to a user configured profile, current password
// must always be provided
if (!this.password.equals(currentPassword)) {
- return false;
- }
- if (newPassword != null) {
- this.password = newPassword;
+ return new Status(StatusCode.BADREQUEST,
+ "Current password is incorrect");
}
- if (newRole != null) {
- this.role = newRole;
+
+ // Create a new object with the proposed modifications
+ UserConfig proposed = new UserConfig();
+ proposed.user = this.user;
+ proposed.password = (newPassword != null)? newPassword : this.password;
+ proposed.roles = (newRoles != null)? newRoles : this.roles;
+
+ // Validate it
+ Status status = proposed.validate();
+ if (!status.isSuccess()) {
+ return status;
}
- return true;
+
+ // Accept the modifications
+ this.user = proposed.user;
+ this.password = proposed.password;
+ this.roles = new ArrayList<String>(proposed.roles);
+
+ return status;
}
public AuthResponse authenticate(String clearTextPass) {
AuthResponse locResponse = new AuthResponse();
if (password.equals(clearTextPass)) {
locResponse.setStatus(AuthResultEnum.AUTH_ACCEPT_LOC);
- locResponse.addData(role.replace(",", " "));
+ locResponse.addData(getRolesString());
} else {
locResponse.setStatus(AuthResultEnum.AUTH_REJECT_LOC);
}
return locResponse;
}
+
+ protected String getRolesString() {
+ StringBuffer buffer = new StringBuffer();
+ if (!roles.isEmpty()) {
+ Iterator<String> iter = roles.iterator();
+ buffer.append(iter.next());
+ while (iter.hasNext()) {
+ buffer.append(" ");
+ buffer.append(iter.next());
+ }
+ }
+ return buffer.toString();
+ }
}
private static final String authFileName = ROOT + "authorization.conf";
private ConcurrentMap<String, UserConfig> localUserConfigList;
private ConcurrentMap<String, ServerConfig> remoteServerConfigList;
- private ConcurrentMap<String, AuthorizationConfig> authorizationConfList; // local
- // authorization
- // info
- // for
- // remotely
- // authenticated
- // users
+ // local authorization info for remotely authenticated users
+ private ConcurrentMap<String, AuthorizationConfig> authorizationConfList;
private ConcurrentMap<String, AuthenticatedUser> activeUsers;
private ConcurrentMap<String, IAAAProvider> authProviders;
private ConcurrentMap<Long, String> localUserListSaveConfigEvent,
// If startup config is not there, it's old or it was deleted,
// need to add Default Admin
if (!localUserConfigList.containsKey(defaultAdmin)) {
+ List<String> roles = new ArrayList<String>(1);
+ roles.add(defaultAdminRole);
localUserConfigList.put(defaultAdmin, new UserConfig(defaultAdmin,
- defaultAdminPassword, defaultAdminRole));
+ defaultAdminPassword, roles));
}
}
IAAAProvider aaaClient;
AuthResponse rcResponse = null;
AuthenticatedUser result;
- String[] adminRoles = null;
boolean remotelyAuthenticated = false;
boolean authorizationInfoIsPresent = false;
boolean authorized = false;
if (resource != null) {
logger.info("Found Local Authorization Info for User: \"{}\"",
userName);
- attributes = resource.getRolesData();
+ attributes = resource.getRolesString();
}
authorizationInfoIsPresent = checkAuthorizationInfo(attributes);
*/
if (authorizationInfoIsPresent) {
// Identifying the administrative role
- adminRoles = attributes.split(" ");
- result.setRoleList(adminRoles);
+ result.setRoleList(attributes.split(" "));
authorized = true;
} else {
logger.info("Not able to find Authorization Info for User: \"{}\"",
return new Status(StatusCode.NOTALLOWED, msg);
}
localUserConfigList.remove(AAAconf.getUser());
+ /*
+ * A user account has been removed form local database, we assume
+ * admin does not want this user to stay connected, in case he has
+ * an open session. So we clean the active list as well.
+ */
+ removeUserFromActiveList(AAAconf.getUser());
} else {
if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) {
String msg = "Invalid Request: Default Network Admin User "
if (targetConfigEntry == null) {
return new Status(StatusCode.NOTFOUND, "User not found");
}
- if (false == targetConfigEntry.update(curPassword, newPassword, null)) {
- return new Status(StatusCode.BADREQUEST,
- "Current password is incorrect");
+ Status status = targetConfigEntry
+ .update(curPassword, newPassword, null);
+ if (!status.isSuccess()) {
+ return status;
}
- localUserConfigList.put(user, targetConfigEntry); // trigger cluster
- // update
+ // Trigger cluster update
+ localUserConfigList.put(user, targetConfigEntry);
logger.info("Password changed for User \"{}\"", user);
- return new Status(StatusCode.SUCCESS, null);
+ return status;
}
@Override
String userName = ci.nextArgument();
String password = ci.nextArgument();
String role = ci.nextArgument();
+
+ List<String> roles = new ArrayList<String>();
+ while (role != null) {
+ if (!role.trim().isEmpty()) {
+ roles.add(role);
+ }
+ role = ci.nextArgument();
+ }
if (userName == null || userName.trim().isEmpty() || password == null
- || password.trim().isEmpty() || role == null
- || role.trim().isEmpty()) {
+ || password.trim().isEmpty() || roles == null
+ || roles.isEmpty()) {
ci.println("Invalid Arguments");
ci.println("umAddUser <user_name> <password> <user_role>");
return;
}
- this.addLocalUser(new UserConfig(userName, password, role));
+ ci.print(this.addLocalUser(new UserConfig(userName, password, roles)));
}
public void _umRemUser(CommandInterpreter ci) {
String userName = ci.nextArgument();
- String password = ci.nextArgument();
- String role = ci.nextArgument();
- if (userName == null || userName.trim().isEmpty() || password == null
- || password.trim().isEmpty() || role == null
- || role.trim().isEmpty()) {
+ if (userName == null || userName.trim().isEmpty()) {
ci.println("Invalid Arguments");
- ci.println("umRemUser <user_name> <password> <user_role>");
+ ci.println("umRemUser <user_name>");
return;
}
- this.removeLocalUser(new UserConfig(userName, password, role));
+ UserConfig target = localUserConfigList.get(userName);
+ if (target == null) {
+ ci.println("User not found");
+ return;
+ }
+ ci.println(this.removeLocalUser(target));
}
public void _umGetUsers(CommandInterpreter ci) {
for (UserConfig conf : this.getLocalUserList()) {
- ci.println(conf.getUser() + " " + conf.getRole());
+ ci.println(conf.getUser() + " " + conf.getRoles());
}
}
@Override
public UserLevel getUserLevel(String username) {
// Returns the controller well-know user level for the passed user
- String roleName = null;
+ List<String> rolesNames = null;
// First check in active users then in local configured users
if (activeUsers.containsKey(username)) {
List<String> roles = activeUsers.get(username).getUserRoles();
- roleName = (roles == null || roles.isEmpty())? null : roles.get(0);
+ rolesNames = (roles == null || roles.isEmpty()) ? null : roles;
} else if (localUserConfigList.containsKey(username)) {
UserConfig config = localUserConfigList.get(username);
- roleName = (config == null)? null : config.getRole();
+ rolesNames = (config == null) ? null : config.getRoles();
}
- if (roleName == null) {
+ if (rolesNames == null) {
return UserLevel.NOUSER;
}
- // For now only one role per user is allowed
- if (roleName.equals(UserLevel.SYSTEMADMIN.toString())) {
+ // Check against the well known controller roles first
+ if (rolesNames.contains(UserLevel.SYSTEMADMIN.toString())) {
return UserLevel.SYSTEMADMIN;
}
- if (roleName.equals(UserLevel.NETWORKADMIN.toString())) {
+ if (rolesNames.contains(UserLevel.NETWORKADMIN.toString())) {
return UserLevel.NETWORKADMIN;
}
- if (roleName.equals(UserLevel.NETWORKOPERATOR.toString())) {
+ if (rolesNames.contains(UserLevel.NETWORKOPERATOR.toString())) {
return UserLevel.NETWORKOPERATOR;
}
- if (this.containerAuthorizationClient != null
- && this.containerAuthorizationClient
- .isApplicationRole(roleName)) {
- return UserLevel.CONTAINERUSER;
+ // Check if container user now
+ if (containerAuthorizationClient != null) {
+ for (String roleName : rolesNames) {
+ if (containerAuthorizationClient.isApplicationRole(roleName)) {
+ return UserLevel.CONTAINERUSER;
+ }
+ }
}
- for (IResourceAuthorization client : this.applicationAuthorizationClients) {
- if (client.isApplicationRole(roleName)) {
- return UserLevel.APPUSER;
+ // Finally check if application user
+ if (applicationAuthorizationClients != null) {
+ for (String roleName : rolesNames) {
+ for (IResourceAuthorization client : this.applicationAuthorizationClients) {
+ if (client.isApplicationRole(roleName)) {
+ return UserLevel.APPUSER;
+ }
+ }
}
}
return UserLevel.NOUSER;
Assert.assertFalse(user.getAccessDate().isEmpty());
Assert.assertNull(user.getUserRoles());
-
}
@Test
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
+import java.util.ArrayList;
+import java.util.List;
+
import org.junit.Test;
import org.opendaylight.controller.sal.authorization.AuthResultEnum;
import org.opendaylight.controller.sal.authorization.UserLevel;
@Test
public void AuthorizationConfigTest() {
AuthorizationConfig authConfig;
+ List<String> roles = new ArrayList<String>();
// test isValid
- authConfig = new AuthorizationConfig(null,
- UserLevel.SYSTEMADMIN.toString());
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ authConfig = new AuthorizationConfig(null, roles);
assertFalse(authConfig.validate().isSuccess());
- authConfig = new AuthorizationConfig("admin", "");
+ authConfig = new AuthorizationConfig("admin", new ArrayList<String>());
assertFalse(authConfig.validate().isSuccess());
- authConfig = new AuthorizationConfig("admin",
- UserLevel.SYSTEMADMIN.toString());
+ authConfig = new AuthorizationConfig("admin", roles);
assertTrue(authConfig.validate().isSuccess());
}
@Test
public void UserConfigTest() {
UserConfig userConfig;
+ List<String> roles = new ArrayList<String>();
- userConfig = new UserConfig(null, "cisco",
- UserLevel.NETWORKOPERATOR.toString());
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ userConfig = new UserConfig(null, "cisco", roles);
assertFalse(userConfig.validate().isSuccess());
- userConfig = new UserConfig("uname", "", "cisco");
+ roles.clear();
+ roles.add("cisco");
+ userConfig = new UserConfig("uname", "", roles);
assertFalse(userConfig.validate().isSuccess());
- userConfig = new UserConfig("uname", "ciscocisco",
- UserLevel.NETWORKOPERATOR.toString());
+ roles.clear();
+ roles.add(UserLevel.NETWORKOPERATOR.toString());
+ userConfig = new UserConfig("uname", "ciscocisco", roles);
assertTrue(userConfig.validate().isSuccess());
- /* currentPassword mismatch */
- assertFalse(userConfig.update("Cisco", "cisco123",
- UserLevel.NETWORKOPERATOR.toString()));
-
- assertTrue(userConfig.update("ciscocisco", null,
- UserLevel.NETWORKOPERATOR.toString()));
- /* New Password = null, No change in password */
+ // currentPassword mismatch
+ assertFalse(userConfig.update("Cisco", "cisco123", roles).isSuccess());
+
+ // Role change only
+ roles.clear();
+ roles.add(UserLevel.NETWORKADMIN.toString());
+ assertTrue(userConfig.update("ciscocisco", null, roles).isSuccess());
+
+ // Role change and same new password
+ roles.clear();
+ roles.add(UserLevel.NETWORKOPERATOR.toString());
+ assertTrue(userConfig.update("ciscocisco", "ciscocisco", roles)
+ .isSuccess());
+
+ // New Password = null, No change in password
assertTrue(userConfig.getPassword().equals("ciscocisco"));
- /* Password changed successfully, no change in user role */
- assertTrue(userConfig.update("ciscocisco", "cisco123",
- UserLevel.NETWORKOPERATOR.toString()));
+ // Password changed successfully, no change in user role
+ assertTrue(userConfig.update("ciscocisco", "cisco123", roles)
+ .isSuccess());
assertTrue(userConfig.getPassword().equals("cisco123"));
- assertTrue(userConfig.getRole().equals(
+ assertTrue(userConfig.getRoles().get(0).equals(
UserLevel.NETWORKOPERATOR.toString()));
- /* Password not changed, role changed successfully */
- assertTrue(userConfig.update("cisco123", "cisco123",
- UserLevel.SYSTEMADMIN.toString()));
+ // Password not changed, role changed successfully
+ roles.clear();
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ assertTrue(userConfig.update("cisco123", "cisco123", roles)
+ .isSuccess());
assertTrue(userConfig.getPassword().equals("cisco123"));
- assertTrue(userConfig.getRole()
+ assertTrue(userConfig.getRoles().get(0)
.equals(UserLevel.SYSTEMADMIN.toString()));
- /* Password and role changed successfully */
- assertTrue(userConfig.update("cisco123", "ciscocisco",
- UserLevel.SYSTEMADMIN.toString()));
+ // Password and role changed successfully
+ assertTrue(userConfig.update("cisco123", "ciscocisco", roles)
+ .isSuccess());
assertTrue(userConfig.getPassword().equals("ciscocisco"));
- assertTrue(userConfig.getRole()
+ assertTrue(userConfig.getRoles().get(0)
.equals(UserLevel.SYSTEMADMIN.toString()));
String username = userConfig.getUser();
assertTrue(authresp.getStatus().equals(AuthResultEnum.AUTH_REJECT_LOC));
// test equals()
- userConfig = new UserConfig("uname", "ciscocisco",
- UserLevel.NETWORKOPERATOR.toString());
+ roles.clear();
+ roles.add(UserLevel.NETWORKOPERATOR.toString());
+ userConfig = new UserConfig("uname", "ciscocisco", roles);
assertEquals(userConfig, userConfig);
- UserConfig userConfig2 = new UserConfig("uname", "ciscocisco",
- UserLevel.NETWORKOPERATOR.toString());
+ UserConfig userConfig2 = new UserConfig("uname", "ciscocisco", roles);
assertEquals(userConfig, userConfig2);
}
}
-
/*
* Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
*
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
-import java.util.Date;
+import java.util.ArrayList;
+import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import org.junit.Assert;
*/
public class UserManagerImplTest {
- private static UserManagerImpl um;
-
- /**
- * @throws java.lang.Exception
- */
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
-
- IUserManager userManager = (IUserManager) ServiceHelper
- .getGlobalInstance(IUserManager.class, new Object());
- if (userManager instanceof UserManagerImpl) {
- um = (UserManagerImpl) userManager;
- } else {
- um = new UserManagerImpl();
- um.setAuthProviders(new ConcurrentHashMap<String, IAAAProvider>());
-
- // mock up a remote server list with a dummy server
- um.setRemoteServerConfigList(new ConcurrentHashMap<String, ServerConfig>() {
- static final long serialVersionUID = 1L;
- {
- put("dummyServerConfig", new ServerConfig() { // Server config can't be empty
- static final long serialVersionUID = 8645L;
-
- public String getAddress() {
- return "1.1.1.1";
- }
-
- public String getSecret() {
- return "secret";
- }
-
- public String getProtocol() {
- return "IPv4";
- }
- });
- }
- });
-
- // mock up a localUserConfigList with an admin user
- um.setLocalUserConfigList(new ConcurrentHashMap<String, UserConfig>() {
- static final long serialVersionUID = 2L;
- {
- put("admin", new UserConfig("admin", "7029,7455,8165,7029,7881",
- UserLevel.SYSTEMADMIN.toString()));
- }
- });
- // instantiate an empty activeUser collection
- um.setActiveUsers(new ConcurrentHashMap<String, AuthenticatedUser>());
-
- }
-
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#addAAAProvider(org.opendaylight.controller.usermanager.IAAAProvider)}
- * .
- */
- @Test
- public void testAddAAAProvider() {
- // instantiate an anonymous AAAProvider
- IAAAProvider a3p = new IAAAProvider() {
-
- public AuthResponse authService(String userName, String password,
- String server, String secretKey) {
- return new AuthResponse();
- };
-
- public String getName() {
- return "dummyAAAProvider";
- }
- };
-
- um.addAAAProvider(a3p);
- assertEquals(a3p, um.getAAAProvider("dummyAAAProvider"));
-
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#removeAAAProvider(org.opendaylight.controller.usermanager.IAAAProvider)}
- * and for for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#getAAAProvider(java.lang.String)}
- * .
- */
- @Test
- public void testRemoveAAAProvider() {
- um.removeAAAProvider(um.getAAAProvider("dummyAAAProvider"));
- assertTrue(um.getAAAProviderNames().isEmpty());
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#authenticate(java.lang.String, java.lang.String)}
- * .
- */
- @Test
- public void testAuthenticateStringString() {
- UserConfig uc = new UserConfig("administrator", "admin",
- UserLevel.SYSTEMADMIN.toString());
- um.addLocalUser(uc);
- AuthResultEnum authResult = um.authenticate("administrator", "admin");
- assertEquals(authResult, AuthResultEnum.AUTH_ACCEPT_LOC);
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#addRemoveLocalUser(org.opendaylight.controller.usermanager.internal.UserConfig, boolean)}
- * .
- */
- @Test
- public void testAddRemoveLocalUser() {
- UserConfig uc = new UserConfig("sysadmin", "7029,7455,8165,7029,7881",
- UserLevel.SYSTEMADMIN.toString());
- um.addLocalUser(uc);
- assertTrue(um.getLocalUserList().contains(uc));
- um.removeLocalUser(uc);
- assertFalse(um.getLocalUserList().contains(uc));
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#changeLocalUserPassword(java.lang.String, java.lang.String, java.lang.String)}
- * .
- */
- @Test
- public void testChangeLocalUserPassword() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#userLogout(java.lang.String)}
- * .
- */
- @Test
- public void testUserLogout() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#userTimedOut(java.lang.String)}
- * .
- */
- @Test
- public void testUserTimedOut() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#authenticate(org.springframework.security.core.Authentication)}
- * .
- */
- @Test
- public void testAuthenticateAuthentication() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#saveLocalUserList()}
- * .
- */
- @Test
- public void testSaveLocalUserList() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#saveAAAServerList()}
- * .
- */
- @Test
- public void testSaveAAAServerList() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#saveAuthorizationList()}
- * .
- */
- @Test
- public void testSaveAuthorizationList() {
- // fail("Not yet implemented");
- }
-
- /**
- * Test method for
- * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#readObject(java.io.ObjectInputStream)}
- * .
- */
- @Test
- public void testReadObject() {
- // fail("Not yet implemented");
- }
-
- @Test
- public void testGetUserLevel() {
- um.addLocalUser(new UserConfig("Jack", "password",
- UserLevel.SYSTEMADMIN.toString()));
- um.authenticate("Jack", "password");
-
- um.addLocalUser(new UserConfig("John", "password",
- UserLevel.NETWORKOPERATOR.toString()));
- // Run the check on authenticated user
- Assert.assertTrue(um.getUserLevel("Jack") == UserLevel.SYSTEMADMIN);
- // Run the check on configured users
- Assert.assertTrue(um.getUserLevel("John") == UserLevel.NETWORKOPERATOR);
- Assert.assertTrue(um.getUserLevel("Andrew") == UserLevel.NOUSER);
- }
+ private static UserManagerImpl um;
+
+ /**
+ * @throws java.lang.Exception
+ */
+ @BeforeClass
+ public static void setUpBeforeClass() throws Exception {
+
+ IUserManager userManager = (IUserManager) ServiceHelper
+ .getGlobalInstance(IUserManager.class, new Object());
+ if (userManager instanceof UserManagerImpl) {
+ um = (UserManagerImpl) userManager;
+ } else {
+ um = new UserManagerImpl();
+ um.setAuthProviders(new ConcurrentHashMap<String, IAAAProvider>());
+
+ // mock up a remote server list with a dummy server
+ um.setRemoteServerConfigList(new ConcurrentHashMap<String, ServerConfig>() {
+ static final long serialVersionUID = 1L;
+ {
+ put("dummyServerConfig", new ServerConfig() {
+ // Server config can't be empty
+ static final long serialVersionUID = 8645L;
+
+ public String getAddress() {
+ return "1.1.1.1";
+ }
+
+ public String getSecret() {
+ return "secret";
+ }
+
+ public String getProtocol() {
+ return "IPv4";
+ }
+ });
+ }
+ });
+
+ // mock up a localUserConfigList with an admin user
+ um.setLocalUserConfigList(new ConcurrentHashMap<String, UserConfig>() {
+ static final long serialVersionUID = 2L;
+ {
+ List<String> roles = new ArrayList<String>(1);
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ put("admin", new UserConfig("admin",
+ "7029,7455,8165,7029,7881", roles));
+ }
+ });
+ // instantiate an empty activeUser collection
+ um.setActiveUsers(new ConcurrentHashMap<String, AuthenticatedUser>());
+
+ }
+
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#addAAAProvider(org.opendaylight.controller.usermanager.IAAAProvider)}
+ * .
+ */
+ @Test
+ public void testAddAAAProvider() {
+ // instantiate an anonymous AAAProvider
+ IAAAProvider a3p = new IAAAProvider() {
+
+ public AuthResponse authService(String userName, String password,
+ String server, String secretKey) {
+ return new AuthResponse();
+ };
+
+ public String getName() {
+ return "dummyAAAProvider";
+ }
+ };
+
+ um.addAAAProvider(a3p);
+ assertEquals(a3p, um.getAAAProvider("dummyAAAProvider"));
+
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#removeAAAProvider(org.opendaylight.controller.usermanager.IAAAProvider)}
+ * and for for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#getAAAProvider(java.lang.String)}
+ * .
+ */
+ @Test
+ public void testRemoveAAAProvider() {
+ um.removeAAAProvider(um.getAAAProvider("dummyAAAProvider"));
+ assertTrue(um.getAAAProviderNames().isEmpty());
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#authenticate(java.lang.String, java.lang.String)}
+ * .
+ */
+ @Test
+ public void testAuthenticateStringString() {
+ List<String> roles = new ArrayList<String>(1);
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ UserConfig uc = new UserConfig("administrator", "admin", roles);
+ um.addLocalUser(uc);
+ AuthResultEnum authResult = um.authenticate("administrator", "admin");
+ assertEquals(authResult, AuthResultEnum.AUTH_ACCEPT_LOC);
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#addRemoveLocalUser(org.opendaylight.controller.usermanager.internal.UserConfig, boolean)}
+ * .
+ */
+ @Test
+ public void testAddRemoveLocalUser() {
+ List<String> roles = new ArrayList<String>(1);
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ UserConfig uc = new UserConfig("sysadmin", "7029,7455,8165,7029,7881",
+ roles);
+ um.addLocalUser(uc);
+ assertTrue(um.getLocalUserList().contains(uc));
+ um.removeLocalUser(uc);
+ assertFalse(um.getLocalUserList().contains(uc));
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#changeLocalUserPassword(java.lang.String, java.lang.String, java.lang.String)}
+ * .
+ */
+ @Test
+ public void testChangeLocalUserPassword() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#userLogout(java.lang.String)}
+ * .
+ */
+ @Test
+ public void testUserLogout() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#userTimedOut(java.lang.String)}
+ * .
+ */
+ @Test
+ public void testUserTimedOut() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#authenticate(org.springframework.security.core.Authentication)}
+ * .
+ */
+ @Test
+ public void testAuthenticateAuthentication() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#saveLocalUserList()}
+ * .
+ */
+ @Test
+ public void testSaveLocalUserList() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#saveAAAServerList()}
+ * .
+ */
+ @Test
+ public void testSaveAAAServerList() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#saveAuthorizationList()}
+ * .
+ */
+ @Test
+ public void testSaveAuthorizationList() {
+ // fail("Not yet implemented");
+ }
+
+ /**
+ * Test method for
+ * {@link org.opendaylight.controller.usermanager.internal.UserManagerImpl#readObject(java.io.ObjectInputStream)}
+ * .
+ */
+ @Test
+ public void testReadObject() {
+ // fail("Not yet implemented");
+ }
+
+ @Test
+ public void testGetUserLevel() {
+ List<String> roles = new ArrayList<String>(2);
+ roles.add(UserLevel.SYSTEMADMIN.toString());
+ roles.add("App1_supervisor");
+ um.addLocalUser(new UserConfig("Jack", "password", roles));
+ um.authenticate("Jack", "password");
+
+ roles.clear();
+ roles.add("App2Admin");
+ roles.add(UserLevel.NETWORKOPERATOR.toString());
+ um.addLocalUser(new UserConfig("John", "password", roles));
+
+ // Run the check on authenticated user
+ Assert.assertTrue(um.getUserLevel("Jack") == UserLevel.SYSTEMADMIN);
+ // Run the check on configured users
+ Assert.assertTrue(um.getUserLevel("John") == UserLevel.NETWORKOPERATOR);
+ Assert.assertTrue(um.getUserLevel("Andrew") == UserLevel.NOUSER);
+ }
}
var tr = {};
var entry = [];
entry.push(value['user']);
- entry.push(value['role']);
+ entry.push(value['roles']);
tr['entry'] = entry;
tr['id'] = value['user'];
body.push(tr);
'#' + one.main.admin.id.modal.add.form.name).val();
user['password'] = $modal.find(
'#' + one.main.admin.id.modal.add.form.password).val();
- user['role'] = $modal.find(
+ roles = new Array();
+ roles[0] = $modal.find(
'#' + one.main.admin.id.modal.add.form.role).find(
'option:selected').attr('value');
+ user['roles'] = roles;
// password check
var verify = $('#'+one.main.admin.id.modal.add.form.verify).val();
Code Review / controller.git / commitdiff