Remove use of forbidden API URL#getPath
tool. However, this is a forbidden API so this commit replaces it with URI#getPath. Additionally, the tests fail with a security manager permission error due to the use of Mockito for exception throwing. This commit still uses Mockito for throwing exceptions but does it differently in a way that is acceptable by our test security policy. Original commit: elastic/x-pack-elasticsearch@5e1d45acf8
This commit is contained in:
parent
5b73c77011
commit
34ecd18e76
|
@ -258,7 +258,7 @@ public class SetupPasswordTool extends MultiCommand {
|
|||
* where to write verbose info.
|
||||
*/
|
||||
void checkElasticKeystorePasswordValid(Terminal terminal, Environment env) throws Exception {
|
||||
URL route = new URL(url, (url.getPath() + "/_xpack/security/_authenticate").replaceAll("/+", "/") + "?pretty");
|
||||
URL route = new URL(url, (url.toURI().getPath() + "/_xpack/security/_authenticate").replaceAll("/+", "/") + "?pretty");
|
||||
terminal.println(Verbosity.VERBOSE, "");
|
||||
terminal.println(Verbosity.VERBOSE, "Testing if bootstrap password is valid for " + route.toString());
|
||||
try {
|
||||
|
@ -313,7 +313,8 @@ public class SetupPasswordTool extends MultiCommand {
|
|||
* the new password of the user.
|
||||
*/
|
||||
private void changeUserPassword(String user, SecureString password, Terminal terminal) throws Exception {
|
||||
URL route = new URL(url, (url.getPath() + "/_xpack/security/user/" + user + "/_password").replaceAll("/+", "/") + "?pretty");
|
||||
URL route = new URL(url, (url.toURI().getPath() + "/_xpack/security/user/" + user + "/_password").replaceAll("/+", "/") +
|
||||
"?pretty");
|
||||
terminal.println(Verbosity.VERBOSE, "");
|
||||
terminal.println(Verbosity.VERBOSE, "Trying user password change call " + route.toString());
|
||||
try {
|
||||
|
|
|
@ -31,6 +31,7 @@ import org.mockito.Mockito;
|
|||
import java.io.IOException;
|
||||
import java.net.HttpURLConnection;
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
|
@ -42,6 +43,7 @@ import javax.net.ssl.SSLException;
|
|||
import static org.mockito.Matchers.anyString;
|
||||
import static org.mockito.Matchers.eq;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.doThrow;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
@ -163,8 +165,8 @@ public class SetupPasswordToolTests extends CommandTestCase {
|
|||
public void testWrongServer() throws Exception {
|
||||
URL url = new URL(httpClient.getDefaultURL());
|
||||
URL authnURL = checkURL(url);
|
||||
when(httpClient.postURL(eq("GET"), eq(authnURL), eq(ElasticUser.NAME), any(SecureString.class), any(CheckedSupplier.class),
|
||||
any(CheckedConsumer.class))).thenThrow(randomFrom(IOException.class, SSLException.class));
|
||||
doThrow(randomFrom(new IOException(), new SSLException(""))).when(httpClient).postURL(eq("GET"), eq(authnURL), eq(ElasticUser.NAME),
|
||||
any(SecureString.class), any(CheckedSupplier.class), any(CheckedConsumer.class));
|
||||
|
||||
try {
|
||||
execute(randomBoolean() ? "auto" : "interactive", pathHomeParameter);
|
||||
|
@ -195,8 +197,8 @@ public class SetupPasswordToolTests extends CommandTestCase {
|
|||
String userToFail = randomFrom(SetupPasswordTool.USERS);
|
||||
URL userToFailURL = passwdURL(url, userToFail);
|
||||
|
||||
when(httpClient.postURL(eq("PUT"), eq(userToFailURL), anyString(), any(SecureString.class), any(CheckedSupplier.class),
|
||||
any(CheckedConsumer.class))).thenThrow(IOException.class);
|
||||
doThrow(new IOException()).when(httpClient).postURL(eq("PUT"), eq(userToFailURL), anyString(), any(SecureString.class),
|
||||
any(CheckedSupplier.class), any(CheckedConsumer.class));
|
||||
try {
|
||||
execute(randomBoolean() ? "auto" : "interactive", pathHomeParameter, "-b");
|
||||
fail("Should have thrown exception");
|
||||
|
@ -277,11 +279,11 @@ public class SetupPasswordToolTests extends CommandTestCase {
|
|||
throw new RuntimeException("Did not properly parse password.");
|
||||
}
|
||||
|
||||
private URL checkURL(URL url) throws MalformedURLException {
|
||||
return new URL(url, (url.getPath() + "/_xpack/security/_authenticate").replaceAll("/+", "/") + "?pretty");
|
||||
private URL checkURL(URL url) throws MalformedURLException, URISyntaxException {
|
||||
return new URL(url, (url.toURI().getPath() + "/_xpack/security/_authenticate").replaceAll("/+", "/") + "?pretty");
|
||||
}
|
||||
|
||||
private URL passwdURL(URL url, String user) throws MalformedURLException {
|
||||
return new URL(url, (url.getPath() + "/_xpack/security/user/" + user + "/_password").replaceAll("/+", "/") + "?pretty");
|
||||
private URL passwdURL(URL url, String user) throws MalformedURLException, URISyntaxException {
|
||||
return new URL(url, (url.toURI().getPath() + "/_xpack/security/user/" + user + "/_password").replaceAll("/+", "/") + "?pretty");
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue