Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-3796 

Added test logic to only run POSIX permission set on *nix OS.
Separated missing and unreadable key providers to different tests and run unreadable on POSIX-compliant OS only.
This closes #1751
This commit is contained in:
Andy LoPresto 2017-05-04 10:30:38 -04:00 committed by Matt Gilman
parent 4f40eca16c
commit 7f2f38be52
No known key found for this signature in database
GPG Key ID: DF61EC19432AEE37
1 changed files with 41 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
nifi-commons/nifi-data-provenance-utils/src/test/groovy/org/apache/nifi/provenance/CryptoUtilsTest.groovy
View File

@ -16,10 +16,12 @@
*/ */
package org.apache.nifi.provenance package org.apache.nifi.provenance
import org.apache.commons.lang3.SystemUtils
import org.bouncycastle.jce.provider.BouncyCastleProvider import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex import org.bouncycastle.util.encoders.Hex
import org.junit.After import org.junit.After
import org.junit.AfterClass import org.junit.AfterClass
import org.junit.Assume
import org.junit.Before import org.junit.Before
import org.junit.BeforeClass import org.junit.BeforeClass
import org.junit.ClassRule import org.junit.ClassRule
@ -175,32 +177,60 @@ class CryptoUtilsTest {
} }
@Test @Test
void testShouldNotValidateUnreadableOrMissingFileBasedKeyProvider() { void testShouldNotValidateMissingFileBasedKeyProvider() {
// Arrange // Arrange
String fileBasedProvider = FileBasedKeyProvider.class.name
File fileBasedProviderFile = new File(tempFolder.root, "filebased_missing.kp")
String providerLocation = fileBasedProviderFile.path
logger.info("Created (no actual file) temporary file based key provider: ${providerLocation}")
// Act
String missingLocation = providerLocation
boolean missingKeyProviderIsValid = CryptoUtils.isValidKeyProvider(fileBasedProvider, missingLocation, KEY_ID, null)
logger.info("Key Provider ${fileBasedProvider} with location ${missingLocation} and keyId ${KEY_ID} / ${null} is ${missingKeyProviderIsValid ? "valid" : "invalid"}")
// Assert
assert !missingKeyProviderIsValid
}
@Test
void testShouldNotValidateUnreadableFileBasedKeyProvider() {
// Arrange
Assume.assumeFalse("This test does not run on Windows", SystemUtils.IS_OS_WINDOWS)
String fileBasedProvider = FileBasedKeyProvider.class.name String fileBasedProvider = FileBasedKeyProvider.class.name
File fileBasedProviderFile = tempFolder.newFile("filebased.kp") File fileBasedProviderFile = tempFolder.newFile("filebased.kp")
String providerLocation = fileBasedProviderFile.path String providerLocation = fileBasedProviderFile.path
logger.info("Created temporary file based key provider: ${providerLocation}") logger.info("Created temporary file based key provider: ${providerLocation}")
// Make it unreadable // Make it unreadable
fileBasedProviderFile.setReadable(false, false) markFileUnreadable(fileBasedProviderFile)
Files.setPosixFilePermissions(fileBasedProviderFile.toPath(), [] as Set<PosixFilePermission>)
// Act // Act
boolean unreadableKeyProviderIsValid = CryptoUtils.isValidKeyProvider(fileBasedProvider, providerLocation, KEY_ID, null) boolean unreadableKeyProviderIsValid = CryptoUtils.isValidKeyProvider(fileBasedProvider, providerLocation, KEY_ID, null)
logger.info("Key Provider ${fileBasedProvider} with location ${providerLocation} and keyId ${KEY_ID} / ${null} is ${unreadableKeyProviderIsValid ? "valid" : "invalid"}") logger.info("Key Provider ${fileBasedProvider} with location ${providerLocation} and keyId ${KEY_ID} / ${null} is ${unreadableKeyProviderIsValid ? "valid" : "invalid"}")
String missingLocation = providerLocation + "_missing"
boolean missingKeyProviderIsValid = CryptoUtils.isValidKeyProvider(fileBasedProvider, missingLocation, KEY_ID, null)
logger.info("Key Provider ${fileBasedProvider} with location ${missingLocation} and keyId ${KEY_ID} / ${null} is ${missingKeyProviderIsValid ? "valid" : "invalid"}")
// Assert // Assert
assert !unreadableKeyProviderIsValid assert !unreadableKeyProviderIsValid
assert !missingKeyProviderIsValid
// Make the file deletable so cleanup can occur // Make the file deletable so cleanup can occur
fileBasedProviderFile.setReadable(true, false) markFileReadable(fileBasedProviderFile)
Files.setPosixFilePermissions(fileBasedProviderFile.toPath(), ALL_POSIX_ATTRS) }
private static void markFileReadable(File fileBasedProviderFile) {
if (SystemUtils.IS_OS_WINDOWS) {
fileBasedProviderFile.setReadable(true, false)
} else {
Files.setPosixFilePermissions(fileBasedProviderFile.toPath(), ALL_POSIX_ATTRS)
}
}
private static void markFileUnreadable(File fileBasedProviderFile) {
if (SystemUtils.IS_OS_WINDOWS) {
fileBasedProviderFile.setReadable(false, false)
} else {
Files.setPosixFilePermissions(fileBasedProviderFile.toPath(), [] as Set<PosixFilePermission>)
}
} }
@Test @Test
@ -433,4 +463,5 @@ class CryptoUtilsTest {
Base64.encoder.encodeToString(CryptoUtils.concatByteArrays(ivBytes, cipherBytes)) Base64.encoder.encodeToString(CryptoUtils.concatByteArrays(ivBytes, cipherBytes))
} }
} }