Merge pull request #468 from marklogic-community/feature/remove-admin-admin

Removed default "admin" usage

Author: rjrudin

src/main/java/com/marklogic/appdeployer/AppConfig.java

@@ -64,10 +64,15 @@ public class AppConfig {
 	private String name = DEFAULT_APP_NAME;
 
 	/**
-	 * These are assumed as sensible defaults in a development environment, where teams often use admin/admin for the
-	 * admin login. They are of course expected to change in a real environment.
+	 * @deprecated since 4.5.0; will be removed in 5.0.0
 	 */
+	@Deprecated
 	public static final String DEFAULT_USERNAME = "admin";
+
+	/**
+	 * @deprecated since 4.5.0; will be removed in 5.0.0
+	 */
+	@Deprecated
 	public static final String DEFAULT_PASSWORD = "admin";
 
 	private String host = DEFAULT_HOST;
@@ -87,8 +92,8 @@ public class AppConfig {
 	// Connection info for using the client REST API - e.g. to load modules
 	private DatabaseClient.ConnectionType restConnectionType;
 	private SecurityContextType restSecurityContextType = SecurityContextType.DIGEST;
-	private String restAdminUsername = DEFAULT_USERNAME;
-	private String restAdminPassword = DEFAULT_PASSWORD;
+	private String restAdminUsername;
+	private String restAdminPassword;
 	private SSLContext restSslContext;
 	private SSLHostnameVerifier restSslHostnameVerifier;
 	private String restCertFile;
@@ -108,8 +113,8 @@ public class AppConfig {
 	// Connection info for using the App Services client REST API - e.g. to load non-REST API modules
 	private DatabaseClient.ConnectionType appServicesConnectionType;
 	private SecurityContextType appServicesSecurityContextType = SecurityContextType.DIGEST;
-	private String appServicesUsername = DEFAULT_USERNAME;
-	private String appServicesPassword = DEFAULT_PASSWORD;
+	private String appServicesUsername;
+	private String appServicesPassword;
 	private Integer appServicesPort = 8000;
 	private SSLContext appServicesSslContext;
 	private SSLHostnameVerifier appServicesSslHostnameVerifier;

src/main/java/com/marklogic/appdeployer/impl/AbstractAppDeployer.java

@@ -26,8 +26,9 @@ public abstract class AbstractAppDeployer extends LoggingObject implements AppDe
 	private List<DeployerListener> deployerListeners;
 
 	/**
-	 * Can use this constructor when the default config used by ManageClient and AdminManager will work.
+	 * @deprecated since 4.5.0; avoid using since it assumes the use of default passwords
 	 */
+	@Deprecated
 	public AbstractAppDeployer() {
 		this(new ManageClient(), new AdminManager());
 	}

src/main/java/com/marklogic/appdeployer/impl/SimpleAppDeployer.java

@@ -15,11 +15,21 @@ public class SimpleAppDeployer extends AbstractAppDeployer {
 
 	private List<Command> commands;
 
+	/**
+	 * @param commandArray
+	 * @deprecated since 4.5.0; avoid using since it assumes the use of default passwords
+	 */
+	@Deprecated
 	public SimpleAppDeployer(Command... commandArray) {
 		super();
 		buildModifiableCommandList(commandArray);
 	}
 
+	/**
+	 * @param commands
+	 * @deprecated since 4.5.0; avoid using since it assumes the use of default passwords
+	 */
+	@Deprecated
 	public SimpleAppDeployer(List<Command> commands) {
 		this.commands = commands;
 	}

src/main/java/com/marklogic/mgmt/ManageClient.java

@@ -30,11 +30,12 @@ public class ManageClient extends LoggingObject {
 	private RestTemplate securityUserRestTemplate;
 	private PayloadParser payloadParser;
 
-    /**
-     * Can use this constructor when the default values in ManageConfig will work.
-     */
+	/**
+	 * Creates an uninitialized instance that requires a {@code ManageConfig} to be provided in order to be operable.
+	 *
+	 * @deprecated since 4.5.0; will be removed in 5.0.0
+	 */
     public ManageClient() {
-        this(new ManageConfig());
     }
 
     public ManageClient(ManageConfig config) {
@@ -266,23 +267,27 @@ public HttpEntity<String> buildXmlEntity(String xml) {
 
     protected void logRequest(String path, String contentType, String method) {
         if (logger.isInfoEnabled()) {
-        	String username = manageConfig != null ? manageConfig.getUsername() : "(unknown)";
-            logger.info(String.format("Sending %s %s request as user '%s' to path: %s", contentType, method, username, buildUri(path)));
+        	String username = manageConfig != null ?
+				String.format("as user '%s' ", manageConfig.getUsername()) : "";
+            logger.info("Sending {} {} request {}to path: {}", contentType, method, username, buildUri(path));
         }
     }
 
     protected void logSecurityUserRequest(String path, String contentType, String method) {
         if (logger.isInfoEnabled()) {
-            logger.info(String.format("Sending %s %s request as user '%s' (who should have the 'manage-admin' and 'security' roles) to path: %s",
-	            contentType, method, determineUsernameForSecurityUserRequest(), buildUri(path)));
+			String username = determineUsernameForSecurityUserRequest();
+			if (!"".equals(username)) {
+				username = String.format("as user '%s' (who should have the 'manage-admin' and 'security' roles) ", username);
+			}
+            logger.info("Sending {} {} request {}to path: {}", contentType, method, username, buildUri(path));
         }
     }
 
     protected String determineUsernameForSecurityUserRequest() {
-	    String username = "(unknown)";
+	    String username = "";
 	    if (manageConfig != null) {
 		    username = manageConfig.getSecurityUsername();
-		    if (StringUtils.isEmpty(username)) {
+		    if (!StringUtils.hasText(username)) {
 			    username = manageConfig.getUsername();
 		    }
 	    }

src/main/java/com/marklogic/mgmt/ManageConfig.java

@@ -16,23 +16,37 @@
 public class ManageConfig extends RestConfig {
 
 	/**
-	 * These are assumed as sensible defaults in a development environment, where teams often use admin/admin for the
-	 * admin login. They are of course expected to change in a real environment.
+	 * @deprecated since 4.5.0; will be removed in 5.0.0
 	 */
+	@Deprecated
 	public static final String DEFAULT_USERNAME = "admin";
+
+	/**
+	 * @deprecated since 4.5.0; will be removed in 5.0.0
+	 */
+	@Deprecated
 	public static final String DEFAULT_PASSWORD = "admin";
 
 	private String securityUsername;
 	private String securityPassword;
 	private SSLContext securitySslContext;
 	private boolean cleanJsonPayloads = false;
 
+	/**
+	 * Assumes the use of "localhost" and 8002 as the host and port.
+	 */
 	public ManageConfig() {
-		this("localhost", DEFAULT_PASSWORD);
+		this("localhost", null);
 	}
 
+	/**
+	 * Assumes the use of 8002 as the port.
+	 *
+	 * @param host
+	 * @param password
+	 */
 	public ManageConfig(String host, String password) {
-		super(host, 8002, DEFAULT_USERNAME, password);
+		super(host, 8002, null, password);
 	}
 
 	public ManageConfig(String host, int port, String username, String password) {

src/main/java/com/marklogic/mgmt/admin/AdminConfig.java

@@ -8,12 +8,15 @@
  */
 public class AdminConfig extends RestConfig {
 
+	/**
+	 * Assumes the usage of "localhost" and 8001 as the host and port.
+	 */
     public AdminConfig() {
-        super("localhost", 8001, "admin", "admin");
+        super("localhost", 8001, null, null);
     }
 
     public AdminConfig(String host, String password) {
-        super(host, 8001, "admin", password);
+        super(host, 8001, null, password);
     }
 
     public AdminConfig(String host, int port, String username, String password) {

src/main/java/com/marklogic/mgmt/admin/AdminManager.java

@@ -21,11 +21,12 @@ public class AdminManager extends AbstractManager {
     private RestTemplate restTemplate;
     private AdminConfig adminConfig;
 
-    /**
-     * Can use this constructor when the default values in AdminConfig will work.
-     */
+	/**
+	 * Creates an uninitialized instance that requires a {@code AdminConfig} to be provided in order to be operable.
+	 *
+	 * @deprecated since 4.5.0; will be removed in 5.0.0
+	 */
     public AdminManager() {
-        this(new AdminConfig());
     }
 
     public AdminManager(AdminConfig adminConfig) {

src/test/java/com/marklogic/appdeployer/DefaultAppConfigFactoryTest.java

@@ -137,7 +137,6 @@ public void unrecognizedProperties() {
 		sut = new DefaultAppConfigFactory(new SimplePropertySource("foo.mlHost", "host", "foo.mlUsername", "user"));
 		AppConfig config = sut.newAppConfig();
 		assertEquals("localhost", config.getHost(), "Should use default");
-		assertEquals(AppConfig.DEFAULT_USERNAME, config.getRestAdminUsername(), "Should use default");
 	}
 
 	@Test

src/test/java/com/marklogic/appdeployer/impl/SimpleAppDeployerTest.java

@@ -4,12 +4,14 @@
 import com.marklogic.appdeployer.command.restapis.DeployRestApiServersCommand;
 import com.marklogic.appdeployer.command.security.DeployUsersCommand;
 import static org.junit.jupiter.api.Assertions.*;
+
+import com.marklogic.mgmt.AbstractMgmtTest;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
 import java.util.Arrays;
 
-public class SimpleAppDeployerTest  {
+public class SimpleAppDeployerTest extends AbstractMgmtTest {
 
     private SimpleAppDeployer deployer;
     private DeployRestApiServersCommand restApiCommand;
@@ -19,7 +21,7 @@ public class SimpleAppDeployerTest  {
     public void setup() {
         restApiCommand = new DeployRestApiServersCommand();
         dbCommand = new DeployOtherDatabasesCommand();
-        deployer = new SimpleAppDeployer(restApiCommand, dbCommand);
+        deployer = new SimpleAppDeployer(manageClient, null, restApiCommand, dbCommand);
     }
 
     @Test
@@ -52,7 +54,7 @@ void constructWithList() {
 
 	@Test
 	void constructWithArray() {
-    	deployer = new SimpleAppDeployer(new DeployOtherDatabasesCommand());
+    	deployer = new SimpleAppDeployer(manageClient, null, new DeployOtherDatabasesCommand());
     	assertEquals(1, deployer.getCommands().size());
 	}
 }

src/test/java/com/marklogic/mgmt/ManageClientTest.java

@@ -7,10 +7,9 @@ public class ManageClientTest  {
 
 	@Test
 	public void determineUsernameForSecurityUserRequest() {
-		ManageConfig config = new ManageConfig();
+		ManageConfig config = new ManageConfig("localhost", 8002, "someone", "someword");
 		config.setSecurityUsername("admin");
 		config.setSecurityPassword("admin");
-		config.setUsername("someone");
 
 		ManageClient client = new ManageClient(config);
 		assertEquals("admin", client.determineUsernameForSecurityUserRequest());