GEODE-2919: fix lucene security tests
Project: http://git-wip-us.apache.org/repos/asf/geode/repo Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/e5204ce1 Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/e5204ce1 Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/e5204ce1 Branch: refs/heads/feature/GEODE-3109 Commit: e5204ce1224581425a2ebdc98515dae0044421ee Parents: 137ced6 Author: Jinmei Liao <jil...@pivotal.io> Authored: Mon Jun 26 17:34:20 2017 -0700 Committer: Jinmei Liao <jil...@pivotal.io> Committed: Mon Jun 26 17:44:11 2017 -0700 ---------------------------------------------------------------------- .../lucene/LuceneClientSecurityDUnitTest.java | 14 +- .../lucene/LuceneCommandsSecurityDUnitTest.java | 291 ------------------- .../lucene/LuceneCommandsSecurityTest.java | 269 +++++++++++++++++ 3 files changed, 277 insertions(+), 297 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/geode/blob/e5204ce1/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneClientSecurityDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneClientSecurityDUnitTest.java b/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneClientSecurityDUnitTest.java index f78e19f..f71caec 100644 --- a/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneClientSecurityDUnitTest.java +++ b/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneClientSecurityDUnitTest.java @@ -50,7 +50,7 @@ public class LuceneClientSecurityDUnitTest extends LuceneQueriesAccessorBase { @Test @Parameters(method = "getSearchIndexUserNameAndExpectedResponses") public void verifySearchIndexPermissions( - LuceneCommandsSecurityDUnitTest.UserNameAndExpectedResponse user) { + LuceneCommandsSecurityTest.UserNameAndExpectedResponse user) { // Start server int serverPort = dataStore1.invoke(() -> startCacheServer()); @@ -97,14 +97,16 @@ public class LuceneClientSecurityDUnitTest extends LuceneQueriesAccessorBase { } catch (ServerOperationException e) { assertTrue(e.getCause() != null && e.getCause() instanceof NotAuthorizedException); assertTrue(expectAuthorizationError); - assertTrue(e.getLocalizedMessage().contains(expectedResponse)); + if (expectedResponse != null) { + assertTrue(e.getLocalizedMessage().contains(expectedResponse)); + } } } - protected LuceneCommandsSecurityDUnitTest.UserNameAndExpectedResponse[] getSearchIndexUserNameAndExpectedResponses() { - return new LuceneCommandsSecurityDUnitTest.UserNameAndExpectedResponse[] { - new LuceneCommandsSecurityDUnitTest.UserNameAndExpectedResponse("nopermissions", true, + protected LuceneCommandsSecurityTest.UserNameAndExpectedResponse[] getSearchIndexUserNameAndExpectedResponses() { + return new LuceneCommandsSecurityTest.UserNameAndExpectedResponse[] { + new LuceneCommandsSecurityTest.UserNameAndExpectedResponse("nopermissions", true, "nopermissions not authorized for DATA:WRITE"), - new LuceneCommandsSecurityDUnitTest.UserNameAndExpectedResponse("datawrite", false, null)}; + new LuceneCommandsSecurityTest.UserNameAndExpectedResponse("datawrite", false)}; } } http://git-wip-us.apache.org/repos/asf/geode/blob/e5204ce1/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityDUnitTest.java b/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityDUnitTest.java deleted file mode 100644 index 7cc6709..0000000 --- a/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityDUnitTest.java +++ /dev/null @@ -1,291 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more contributor license - * agreements. See the NOTICE file distributed with this work for additional information regarding - * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance with the License. You may obtain a - * copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software distributed under the License - * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the License for the specific language governing permissions and limitations under - * the License. - */ -package org.apache.geode.cache.lucene; - -import static org.apache.geode.cache.lucene.test.LuceneTestUtilities.INDEX_NAME; -import static org.apache.geode.cache.lucene.test.LuceneTestUtilities.REGION_NAME; -import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; - -import java.io.Serializable; -import java.util.Properties; - -import junitparams.JUnitParamsRunner; -import junitparams.Parameters; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; -import org.junit.experimental.categories.Category; -import org.junit.runner.RunWith; - -import org.apache.geode.cache.RegionShortcut; -import org.apache.geode.cache.lucene.internal.cli.LuceneCliStrings; -import org.apache.geode.management.cli.Result; -import org.apache.geode.management.internal.cli.i18n.CliStrings; -import org.apache.geode.management.internal.cli.result.CommandResult; -import org.apache.geode.management.internal.cli.result.ErrorResultData; -import org.apache.geode.management.internal.cli.result.ResultBuilder; -import org.apache.geode.management.internal.cli.util.CommandStringBuilder; -import org.apache.geode.security.SimpleTestSecurityManager; -import org.apache.geode.test.dunit.rules.GfshShellConnectionRule; -import org.apache.geode.test.dunit.rules.LocatorServerStartupRule; -import org.apache.geode.test.dunit.rules.MemberVM; -import org.apache.geode.test.junit.categories.DistributedTest; -import org.apache.geode.test.junit.categories.SecurityTest; - -@Category({DistributedTest.class, SecurityTest.class}) -@RunWith(JUnitParamsRunner.class) -public class LuceneCommandsSecurityDUnitTest { - - @Rule - public LocatorServerStartupRule locatorServer = new LocatorServerStartupRule(); - - @Rule - public GfshShellConnectionRule gfshShell = new GfshShellConnectionRule(); - - private MemberVM locator; - - @Before - public void before() throws Exception { - // start the locator - Properties props = new Properties(); - props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName()); - this.locator = this.locatorServer.startLocatorVM(0, props); - - // start the server - props = new Properties(); - props.setProperty("security-username", "clusterManage"); - props.setProperty("security-password", "clusterManage"); - this.locatorServer.startServerVM(1, props, this.locator.getPort()); - } - - protected UserNameAndExpectedResponse[] getCreateIndexUserNameAndExpectedResponses() { - return new UserNameAndExpectedResponse[] { - new UserNameAndExpectedResponse("noPermissions", true, - "Unauthorized. Reason : noPermissions not authorized for CLUSTER:MANAGE:QUERY"), - new UserNameAndExpectedResponse("clusterManageQuery", false, - "Successfully created lucene index")}; - } - - @Test - @Parameters(method = "getCreateIndexUserNameAndExpectedResponses") - public void verifyCreateIndexPermissions(UserNameAndExpectedResponse user) throws Exception { - // Connect gfsh - this.gfshShell.secureConnectAndVerify(this.locator.getPort(), - GfshShellConnectionRule.PortType.locator, user.getUserName(), user.getUserName()); - - // Attempt to create lucene index - CommandResult result = this.gfshShell.executeCommand(getCreateIndexCommand()); - - // Verify result - verifyResult(user, result); - } - - protected UserNameAndExpectedResponse[] getSearchIndexUserNameAndExpectedResponses() { - return new UserNameAndExpectedResponse[] { - new UserNameAndExpectedResponse("noPermissions", true, - "Unauthorized. Reason : noPermissions not authorized for DATA:READ:region"), - new UserNameAndExpectedResponse("dataRead", false, "No results")}; - } - - @Test - @Parameters(method = "getSearchIndexUserNameAndExpectedResponses") - public void verifySearchIndexPermissions(UserNameAndExpectedResponse user) throws Exception { - // Create index and region - createIndexAndRegion(); - - // Connect gfsh - this.gfshShell.secureConnectAndVerify(this.locator.getPort(), - GfshShellConnectionRule.PortType.locator, user.getUserName(), user.getUserName()); - - // Attempt to search lucene index - CommandResult result = this.gfshShell.executeCommand(getSearchIndexCommand()); - - // Verify result - verifyResult(user, result); - } - - protected UserNameAndExpectedResponse[] getListIndexesUserNameAndExpectedResponses() { - return new UserNameAndExpectedResponse[] { - new UserNameAndExpectedResponse("noPermissions", true, - "Unauthorized. Reason : noPermissions not authorized for CLUSTER:READ:QUERY"), - new UserNameAndExpectedResponse("clusterReadQuery", false, "Index Name")}; - } - - @Test - @Parameters(method = "getListIndexesUserNameAndExpectedResponses") - public void verifyListIndexesPermissions(UserNameAndExpectedResponse user) throws Exception { - // Create index and region - createIndexAndRegion(); - - // Connect gfsh - this.gfshShell.secureConnectAndVerify(this.locator.getPort(), - GfshShellConnectionRule.PortType.locator, user.getUserName(), user.getUserName()); - - // Attempt to search lucene index - CommandResult result = this.gfshShell.executeCommand(getListIndexesCommand()); - - // Verify result - verifyResult(user, result); - } - - protected UserNameAndExpectedResponse[] getDescribeIndexUserNameAndExpectedResponses() { - return new UserNameAndExpectedResponse[] { - new UserNameAndExpectedResponse("noPermissions", true, - "Unauthorized. Reason : noPermissions not authorized for CLUSTER:READ:QUERY"), - new UserNameAndExpectedResponse("clusterReadQuery", false, "Index Name")}; - } - - @Test - @Parameters(method = "getDescribeIndexUserNameAndExpectedResponses") - public void verifyDescribeIndexPermissions(UserNameAndExpectedResponse user) throws Exception { - // Create index and region - createIndexAndRegion(); - - // Connect gfsh - this.gfshShell.secureConnectAndVerify(this.locator.getPort(), - GfshShellConnectionRule.PortType.locator, user.getUserName(), user.getUserName()); - - // Attempt to search lucene index - CommandResult result = this.gfshShell.executeCommand(getDescribeIndexCommand()); - - // Verify result - verifyResult(user, result); - } - - protected UserNameAndExpectedResponse[] getDestroyIndexUserNameAndExpectedResponses() { - return new UserNameAndExpectedResponse[] { - new UserNameAndExpectedResponse("noPermissions", true, - "Unauthorized. Reason : noPermissions not authorized for CLUSTER:MANAGE:QUERY"), - new UserNameAndExpectedResponse("clusterManageQuery", false, - "Successfully destroyed lucene index")}; - } - - @Test - @Parameters(method = "getDestroyIndexUserNameAndExpectedResponses") - public void verifyDestroyIndexPermissions(UserNameAndExpectedResponse user) throws Exception { - // Create index and region - createIndexAndRegion(); - - // Connect gfsh - this.gfshShell.secureConnectAndVerify(this.locator.getPort(), - GfshShellConnectionRule.PortType.locator, user.getUserName(), user.getUserName()); - - // Attempt to search lucene index - CommandResult result = this.gfshShell.executeCommand(getDestroyIndexCommand()); - - // Verify result - verifyResult(user, result); - } - - private void createIndexAndRegion() throws Exception { - // Connect gfsh to locator with permissions necessary to create an index and region - this.gfshShell.secureConnectAndVerify(this.locator.getPort(), - GfshShellConnectionRule.PortType.locator, "cluster,data", "cluster,data"); - - // Create lucene index - this.gfshShell.executeAndVerifyCommand(getCreateIndexCommand()); - - // Create region - this.gfshShell.executeAndVerifyCommand(getCreateRegionCommand()); - - // Disconnect gfsh - this.gfshShell.disconnect(); - } - - private void verifyResult(UserNameAndExpectedResponse user, CommandResult result) { - if (user.getExpectAuthorizationError()) { - assertTrue(result.getResultData() instanceof ErrorResultData); - assertEquals(ResultBuilder.ERRORCODE_UNAUTHORIZED, - ((ErrorResultData) result.getResultData()).getErrorCode()); - } else { - assertEquals(Result.Status.OK, result.getStatus()); - } - assertTrue(this.gfshShell.getGfshOutput().contains(user.getExpectedResponse())); - } - - private String getCreateIndexCommand() { - CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_CREATE_INDEX); - csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); - csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); - csb.addOption(LuceneCliStrings.LUCENE_CREATE_INDEX__FIELD, "field1"); - return csb.toString(); - } - - private String getCreateRegionCommand() { - CommandStringBuilder csb = new CommandStringBuilder(CliStrings.CREATE_REGION); - csb.addOption(CliStrings.CREATE_REGION__REGION, REGION_NAME); - csb.addOption(CliStrings.CREATE_REGION__REGIONSHORTCUT, - RegionShortcut.PARTITION_REDUNDANT.name()); - return csb.toString(); - } - - private String getSearchIndexCommand() { - CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_SEARCH_INDEX); - csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); - csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); - csb.addOption(LuceneCliStrings.LUCENE_SEARCH_INDEX__QUERY_STRING, "field1:value1"); - csb.addOption(LuceneCliStrings.LUCENE_SEARCH_INDEX__DEFAULT_FIELD, "field1"); - return csb.toString(); - } - - private String getListIndexesCommand() { - CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_LIST_INDEX); - return csb.toString(); - } - - private String getDescribeIndexCommand() { - CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_DESCRIBE_INDEX); - csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); - csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); - return csb.toString(); - } - - private String getDestroyIndexCommand() { - CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_DESTROY_INDEX); - csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); - csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); - return csb.toString(); - } - - public static class UserNameAndExpectedResponse implements Serializable { - - private final String userName; - - private final boolean expectAuthorizationError; - - private final String expectedResponse; - - public UserNameAndExpectedResponse(String userName, boolean expectAuthorizationError, - String expectedResponse) { - this.userName = userName; - this.expectAuthorizationError = expectAuthorizationError; - this.expectedResponse = expectedResponse; - } - - public String getUserName() { - return this.userName; - } - - public boolean getExpectAuthorizationError() { - return this.expectAuthorizationError; - } - - public String getExpectedResponse() { - return this.expectedResponse; - } - } -} http://git-wip-us.apache.org/repos/asf/geode/blob/e5204ce1/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityTest.java ---------------------------------------------------------------------- diff --git a/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityTest.java b/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityTest.java new file mode 100644 index 0000000..271bd08 --- /dev/null +++ b/geode-lucene/src/test/java/org/apache/geode/cache/lucene/LuceneCommandsSecurityTest.java @@ -0,0 +1,269 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for additional information regarding + * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. You may obtain a + * copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ +package org.apache.geode.cache.lucene; + +import static org.apache.geode.cache.lucene.test.LuceneTestUtilities.INDEX_NAME; +import static org.apache.geode.cache.lucene.test.LuceneTestUtilities.REGION_NAME; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import java.io.Serializable; + +import junitparams.JUnitParamsRunner; +import junitparams.Parameters; +import org.junit.After; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.runner.RunWith; + +import org.apache.geode.cache.RegionShortcut; +import org.apache.geode.cache.lucene.internal.cli.LuceneCliStrings; +import org.apache.geode.management.cli.Result; +import org.apache.geode.management.internal.cli.i18n.CliStrings; +import org.apache.geode.management.internal.cli.result.CommandResult; +import org.apache.geode.management.internal.cli.result.ErrorResultData; +import org.apache.geode.management.internal.cli.result.ResultBuilder; +import org.apache.geode.management.internal.cli.util.CommandStringBuilder; +import org.apache.geode.security.SimpleTestSecurityManager; +import org.apache.geode.test.dunit.rules.GfshShellConnectionRule; +import org.apache.geode.test.dunit.rules.ServerStarterRule; +import org.apache.geode.test.junit.categories.IntegrationTest; +import org.apache.geode.test.junit.categories.SecurityTest; + +@Category({IntegrationTest.class, SecurityTest.class}) +@RunWith(JUnitParamsRunner.class) +public class LuceneCommandsSecurityTest { + + @ClassRule + public static ServerStarterRule server = new ServerStarterRule() + .withSecurityManager(SimpleTestSecurityManager.class).withJMXManager().withAutoStart(); + + @ClassRule + public static GfshShellConnectionRule gfshShell = new GfshShellConnectionRule(); + + @After + public void after() throws Exception { + gfshShell.disconnect(); + } + + + protected UserNameAndExpectedResponse[] getCreateIndexUserNameAndExpectedResponses() { + return new UserNameAndExpectedResponse[] { + new UserNameAndExpectedResponse("noPermissions", true, + "Unauthorized. Reason : noPermissions not authorized for CLUSTER:MANAGE:QUERY"), + new UserNameAndExpectedResponse("clusterManageQuery", false)}; + } + + @Test + @Parameters(method = "getCreateIndexUserNameAndExpectedResponses") + public void verifyCreateIndexPermissions(UserNameAndExpectedResponse user) throws Exception { + // Connect gfsh + this.gfshShell.secureConnectAndVerify(this.server.getJmxPort(), + GfshShellConnectionRule.PortType.jmxManger, user.getUserName(), user.getUserName()); + + // Attempt to create lucene index + CommandResult result = this.gfshShell.executeCommand(getCreateIndexCommand()); + + // Verify result + verifyResult(user, result); + } + + protected UserNameAndExpectedResponse[] getSearchIndexUserNameAndExpectedResponses() { + return new UserNameAndExpectedResponse[] { + new UserNameAndExpectedResponse("noPermissions", true, + "Unauthorized. Reason : noPermissions not authorized for DATA:READ:region"), + new UserNameAndExpectedResponse("dataRead", false)}; + } + + @Test + @Parameters(method = "getSearchIndexUserNameAndExpectedResponses") + public void verifySearchIndexPermissions(UserNameAndExpectedResponse user) throws Exception { + // Create index and region + // createIndexAndRegion(); + + // Connect gfsh + this.gfshShell.secureConnectAndVerify(this.server.getJmxPort(), + GfshShellConnectionRule.PortType.jmxManger, user.getUserName(), user.getUserName()); + + // Attempt to search lucene index + CommandResult result = this.gfshShell.executeCommand(getSearchIndexCommand()); + + // Verify result + verifyResult(user, result); + } + + protected UserNameAndExpectedResponse[] getListIndexesUserNameAndExpectedResponses() { + return new UserNameAndExpectedResponse[] { + new UserNameAndExpectedResponse("noPermissions", true, + "Unauthorized. Reason : noPermissions not authorized for CLUSTER:READ:QUERY"), + new UserNameAndExpectedResponse("clusterReadQuery", false)}; + } + + @Test + @Parameters(method = "getListIndexesUserNameAndExpectedResponses") + public void verifyListIndexesPermissions(UserNameAndExpectedResponse user) throws Exception { + // Create index and region + // createIndexAndRegion(); + + // Connect gfsh + this.gfshShell.secureConnectAndVerify(this.server.getJmxPort(), + GfshShellConnectionRule.PortType.jmxManger, user.getUserName(), user.getUserName()); + + // Attempt to search lucene index + CommandResult result = this.gfshShell.executeCommand(getListIndexesCommand()); + + // Verify result + verifyResult(user, result); + } + + protected UserNameAndExpectedResponse[] getDescribeIndexUserNameAndExpectedResponses() { + return new UserNameAndExpectedResponse[] { + new UserNameAndExpectedResponse("noPermissions", true, + "Unauthorized. Reason : noPermissions not authorized for CLUSTER:READ:QUERY"), + new UserNameAndExpectedResponse("clusterReadQuery", false)}; + } + + @Test + @Parameters(method = "getDescribeIndexUserNameAndExpectedResponses") + public void verifyDescribeIndexPermissions(UserNameAndExpectedResponse user) throws Exception { + // Create index and region + // createIndexAndRegion(); + + // Connect gfsh + this.gfshShell.secureConnectAndVerify(this.server.getJmxPort(), + GfshShellConnectionRule.PortType.jmxManger, user.getUserName(), user.getUserName()); + + // Attempt to search lucene index + CommandResult result = this.gfshShell.executeCommand(getDescribeIndexCommand()); + + // Verify result + verifyResult(user, result); + } + + protected UserNameAndExpectedResponse[] getDestroyIndexUserNameAndExpectedResponses() { + return new UserNameAndExpectedResponse[] { + new UserNameAndExpectedResponse("noPermissions", true, + "Unauthorized. Reason : noPermissions not authorized for CLUSTER:MANAGE:QUERY"), + new UserNameAndExpectedResponse("clusterManageQuery", false)}; + } + + @Test + @Parameters(method = "getDestroyIndexUserNameAndExpectedResponses") + public void verifyDestroyIndexPermissions(UserNameAndExpectedResponse user) throws Exception { + // Create index and region + // createIndexAndRegion(); + + // Connect gfsh + this.gfshShell.secureConnectAndVerify(this.server.getJmxPort(), + GfshShellConnectionRule.PortType.jmxManger, user.getUserName(), user.getUserName()); + + // Attempt to search lucene index + CommandResult result = this.gfshShell.executeCommand(getDestroyIndexCommand()); + + // Verify result + verifyResult(user, result); + } + + private void verifyResult(UserNameAndExpectedResponse user, CommandResult result) { + if (user.getExpectAuthorizationError()) { + assertTrue(result.getResultData() instanceof ErrorResultData); + assertEquals(ResultBuilder.ERRORCODE_UNAUTHORIZED, + ((ErrorResultData) result.getResultData()).getErrorCode()); + } else { + assertEquals(Result.Status.OK, result.getStatus()); + } + + if (user.getExpectedResponse() != null) { + assertTrue(this.gfshShell.getGfshOutput().contains(user.getExpectedResponse())); + } + } + + private String getCreateIndexCommand() { + CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_CREATE_INDEX); + csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); + csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); + csb.addOption(LuceneCliStrings.LUCENE_CREATE_INDEX__FIELD, "field1"); + return csb.toString(); + } + + private String getCreateRegionCommand() { + CommandStringBuilder csb = new CommandStringBuilder(CliStrings.CREATE_REGION); + csb.addOption(CliStrings.CREATE_REGION__REGION, REGION_NAME); + csb.addOption(CliStrings.CREATE_REGION__REGIONSHORTCUT, + RegionShortcut.PARTITION_REDUNDANT.name()); + return csb.toString(); + } + + private String getSearchIndexCommand() { + CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_SEARCH_INDEX); + csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); + csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); + csb.addOption(LuceneCliStrings.LUCENE_SEARCH_INDEX__QUERY_STRING, "field1:value1"); + csb.addOption(LuceneCliStrings.LUCENE_SEARCH_INDEX__DEFAULT_FIELD, "field1"); + return csb.toString(); + } + + private String getListIndexesCommand() { + CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_LIST_INDEX); + return csb.toString(); + } + + private String getDescribeIndexCommand() { + CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_DESCRIBE_INDEX); + csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); + csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); + return csb.toString(); + } + + private String getDestroyIndexCommand() { + CommandStringBuilder csb = new CommandStringBuilder(LuceneCliStrings.LUCENE_DESTROY_INDEX); + csb.addOption(LuceneCliStrings.LUCENE__INDEX_NAME, INDEX_NAME); + csb.addOption(LuceneCliStrings.LUCENE__REGION_PATH, REGION_NAME); + return csb.toString(); + } + + public static class UserNameAndExpectedResponse implements Serializable { + + private final String userName; + + private final boolean expectAuthorizationError; + + private final String expectedResponse; + + public UserNameAndExpectedResponse(String userName, boolean expectAuthorizationError) { + this(userName, expectAuthorizationError, null); + } + + public UserNameAndExpectedResponse(String userName, boolean expectAuthorizationError, + String expectedResponse) { + this.userName = userName; + this.expectAuthorizationError = expectAuthorizationError; + this.expectedResponse = expectedResponse; + } + + public String getUserName() { + return this.userName; + } + + public boolean getExpectAuthorizationError() { + return this.expectAuthorizationError; + } + + public String getExpectedResponse() { + return this.expectedResponse; + } + } +}