From 8bb58036a0251aa03301dc2c79d24076e0e8c8ff Mon Sep 17 00:00:00 2001 From: Dejan Bosanac Date: Tue, 31 Mar 2015 17:13:27 +0200 Subject: [PATCH] https://issues.apache.org/jira/browse/AMQ-5697 - authorization map and composite destinations --- .../activemq/security/AuthorizationEntry.java | 24 +++++++++++++++++++ .../security/AuthorizationMapTest.java | 14 +++++++++-- 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java b/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java index 846732cd11..777c8a8e4b 100644 --- a/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java +++ b/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationEntry.java @@ -111,4 +111,28 @@ public class AuthorizationEntry extends DestinationMapEntry { } return answer; } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (!(o instanceof AuthorizationEntry)) return false; + + AuthorizationEntry that = (AuthorizationEntry) o; + + if (adminRoles != null ? !adminRoles.equals(that.adminRoles) : that.adminRoles != null) return false; + if (groupClass != null ? !groupClass.equals(that.groupClass) : that.groupClass != null) return false; + if (readRoles != null ? !readRoles.equals(that.readRoles) : that.readRoles != null) return false; + if (writeRoles != null ? !writeRoles.equals(that.writeRoles) : that.writeRoles != null) return false; + + return true; + } + + @Override + public int hashCode() { + int result = adminRoles != null ? adminRoles.hashCode() : 0; + result = 31 * result + (readRoles != null ? readRoles.hashCode() : 0); + result = 31 * result + (writeRoles != null ? writeRoles.hashCode() : 0); + result = 31 * result + (groupClass != null ? groupClass.hashCode() : 0); + return result; + } } diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java index 63d39a6cfb..dc4192f2b2 100644 --- a/activemq-unit-tests/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java +++ b/activemq-unit-tests/src/test/java/org/apache/activemq/security/AuthorizationMapTest.java @@ -44,12 +44,22 @@ public class AuthorizationMapTest extends TestCase { } - public void testCompositeDoesNotBypassAuthorizationMap() { - AuthorizationMap map = createAuthorizationMap(); + public void testComposite() { + DefaultAuthorizationMap map = (DefaultAuthorizationMap)createAuthorizationMap(); + map.put(new ActiveMQQueue("QUEUEA"), createEntry("QUEUEA", "users", "users", "users")); + map.put(new ActiveMQQueue("QUEUEB"), createEntry("QUEUEB", "users", "users", "users")); Set readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR,DENIED")); assertEquals("set size: " + readACLs, 1, readACLs.size()); assertTrue("Contains users group", readACLs.contains(ADMINS)); + + readACLs = map.getReadACLs(new ActiveMQQueue("USERS.FOO.BAR,USERS.BAR.FOO")); + assertEquals("set size: " + readACLs, 2, readACLs.size()); + assertTrue("Contains users group", readACLs.contains(USERS)); + + readACLs = map.getReadACLs(new ActiveMQQueue("QUEUEA,QUEUEB")); + assertEquals("set size: " + readACLs, 2, readACLs.size()); + assertTrue("Contains users group", readACLs.contains(USERS)); } public void testAuthorizationMapWithTempDest() {