Skip to content

Commit

Permalink
[ISSUE apache#8562] Add more test coverage for StatefulAuthorizationS…
Browse files Browse the repository at this point in the history
…trategy (apache#8563)

* [ISSUE apache#8562] Add more test coverage for StatefulAuthorizationStrategy

* Update

* Update
  • Loading branch information
yx9o authored Aug 21, 2024
1 parent e2885ac commit e96e445
Showing 1 changed file with 138 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,138 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.rocketmq.auth.authorization.strategy;

import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
import org.apache.commons.lang3.reflect.MethodUtils;
import org.apache.rocketmq.auth.authentication.model.Subject;
import org.apache.rocketmq.auth.authorization.context.AuthorizationContext;
import org.apache.rocketmq.auth.authorization.context.DefaultAuthorizationContext;
import org.apache.rocketmq.auth.authorization.exception.AuthorizationException;
import org.apache.rocketmq.auth.authorization.model.Resource;
import org.apache.rocketmq.auth.config.AuthConfig;
import org.apache.rocketmq.common.Pair;
import org.apache.rocketmq.common.action.Action;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner;

import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

@RunWith(MockitoJUnitRunner.class)
public class StatefulAuthorizationStrategyTest {

@Mock
private AuthConfig authConfig;

private StatefulAuthorizationStrategy statefulAuthorizationStrategy;

@Before
public void setUp() {
when(authConfig.getStatefulAuthorizationCacheExpiredSecond()).thenReturn(60);
when(authConfig.getStatefulAuthorizationCacheMaxNum()).thenReturn(100);
Supplier<?> metadataService = mock(Supplier.class);
statefulAuthorizationStrategy = spy(new StatefulAuthorizationStrategy(authConfig, metadataService));
}

@Test
public void testEvaluateChannelIdBlankDoesNotUseCache() {
AuthorizationContext context = mock(AuthorizationContext.class);
when(context.getChannelId()).thenReturn(null);
statefulAuthorizationStrategy.evaluate(context);
verify(statefulAuthorizationStrategy, times(1)).doEvaluate(context);
}

@Test
public void testEvaluateChannelIdNotNullCacheHit() throws InvocationTargetException, NoSuchMethodException, IllegalAccessException {
DefaultAuthorizationContext context = new DefaultAuthorizationContext();
context.setChannelId("channelId");
context.setSubject(Subject.of("User"));
context.setResource(Resource.of("Cluster"));
context.setActions(new ArrayList<>());
context.setSourceIp("sourceIp");
Pair<Boolean, AuthorizationException> pair = Pair.of(true, null);
Cache<String, Pair<Boolean, AuthorizationException>> authCache = Caffeine.newBuilder()
.expireAfterWrite(60, TimeUnit.SECONDS)
.maximumSize(100)
.build();
authCache.put(buildKey(context), pair);
statefulAuthorizationStrategy.authCache = authCache;
statefulAuthorizationStrategy.evaluate(context);
verify(statefulAuthorizationStrategy, never()).doEvaluate(context);
}

@Test
public void testEvaluateChannelIdNotNullCacheMiss() {
DefaultAuthorizationContext context = new DefaultAuthorizationContext();
context.setChannelId("channelId");
context.setSubject(Subject.of("User"));
context.setResource(Resource.of("Cluster"));
context.setActions(Collections.singletonList(Action.PUB));
context.setSourceIp("sourceIp");
statefulAuthorizationStrategy.authCache = Caffeine.newBuilder()
.expireAfterWrite(60, TimeUnit.SECONDS)
.maximumSize(100)
.build();
statefulAuthorizationStrategy.evaluate(context);
verify(statefulAuthorizationStrategy, times(1)).doEvaluate(context);
}

@Test
public void testEvaluateChannelIdNotNullCacheException() throws InvocationTargetException, NoSuchMethodException, IllegalAccessException {
DefaultAuthorizationContext context = new DefaultAuthorizationContext();
context.setChannelId("channelId");
context.setSubject(Subject.of("subjectKey"));
context.setResource(Resource.of("resourceKey"));
context.setActions(Collections.singletonList(Action.PUB));
context.setSourceIp("sourceIp");
AuthorizationException exception = new AuthorizationException("test");
Pair<Boolean, AuthorizationException> pair = Pair.of(false, exception);
Cache<String, Pair<Boolean, AuthorizationException>> authCache = Caffeine.newBuilder()
.expireAfterWrite(60, TimeUnit.SECONDS)
.maximumSize(100)
.build();
authCache.put(buildKey(context), pair);
statefulAuthorizationStrategy.authCache = authCache;
try {
statefulAuthorizationStrategy.evaluate(context);
fail("Expected AuthorizationException to be thrown");
} catch (final AuthorizationException ex) {
assertEquals(exception, ex);
}
verify(statefulAuthorizationStrategy, never()).doEvaluate(context);
}

private String buildKey(AuthorizationContext context) throws InvocationTargetException, NoSuchMethodException, IllegalAccessException {
return (String) MethodUtils.invokeMethod(statefulAuthorizationStrategy, true, "buildKey", context);
}
}

0 comments on commit e96e445

Please sign in to comment.