fixing authorization layer tests

Author: tulinkry

opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/AuthorizationFramework.java

@@ -414,7 +414,7 @@ public IAuthorizationPlugin handleLoadClass(String classname) {
         try {
             return loadClass(classname);
         } catch (ClassNotFoundException ex) {
-            LOGGER.log(Level.WARNING, String.format("Class \"%s\" was not found: ", classname), ex);
+            LOGGER.log(Level.WARNING, String.format("Class \"%s\" was not found", classname), ex);
         } catch (SecurityException ex) {
             LOGGER.log(Level.WARNING, String.format("Class \"%s\" was found but it is placed in prohibited package: ", classname), ex);
         } catch (InstantiationException ex) {
@@ -533,11 +533,15 @@ private void loadClassFiles(AuthorizationStack stack, List<File> classfiles) {
     private void loadJarFiles(AuthorizationStack stack, List<File> jarfiles) {
         IAuthorizationPlugin pf;
 
+
         for (File file : jarfiles) {
             try (JarFile jar = new JarFile(file)) {
                 Enumeration<JarEntry> entries = jar.entries();
                 while (entries.hasMoreElements()) {
                     JarEntry entry = entries.nextElement();
+                    if (!entry.getName().endsWith(".class")) {
+                        continue;
+                    }
                     String classname = getClassName(entry);
                     if (!entry.getName().endsWith(".class") || classname.isEmpty()) {
                         continue;
@@ -559,12 +563,15 @@ private void loadJarFiles(AuthorizationStack stack, List<File> jarfiles) {
     private String getClassName(File f) {
         String classname = f.getAbsolutePath().substring(pluginDirectory.getAbsolutePath().length() + 1, f.getAbsolutePath().length());
         classname = classname.replace(File.separatorChar, '.'); // convert to package name
+        // no need to check for the index from lastIndexOf because we're in a branch
+        // where we expect the .class suffix
         classname = classname.substring(0, classname.lastIndexOf('.')); // strip .class
         return classname;
     }
 
     private String getClassName(JarEntry f) {
-        String classname = f.getName().replace(File.separatorChar, '.'); // convert to package name
+        // java jar always uses / as separator
+        String classname = f.getName().replace('/', '.'); // convert to package name
         return classname.substring(0, classname.lastIndexOf('.'));  // strip .class
     }
 
@@ -616,7 +623,7 @@ public Object run() {
         } else {
             newLocalStack = this.newStack.clone();
         }
-        
+
         // Load all other possible plugin classes.
         if (isLoadClassesEnabled()) {
             loadClassFiles(newLocalStack, IOUtils.listFilesRec(pluginDirectory, ".class"));
@@ -649,7 +656,7 @@ public Object run() {
 
         Statistics stats = RuntimeEnvironment.getInstance().getStatistics();
         stats.addRequest("authorization_stack_reload");
-        
+
         // clean the old stack
         removeAll(oldStack);
         oldStack = null;
@@ -682,7 +689,7 @@ private void increasePluginVersion() {
      *
      * Assumes the {@code lock} is held for reading.
      *
-     * @param req the request
+     * @param session the request session
      * @return true if it is; false otherwise
      */
     private boolean isSessionInvalid(HttpSession session) {
@@ -738,8 +745,9 @@ private boolean isSessionInvalid(HttpSession session) {
      *
      * @param request request object
      * @param cache cache
-     * @param name name
-     * @param predicate predicate
+     * @param entity entity with name
+     * @param pluginPredicate predicate to determine the plugin's decision for the request
+     * @param skippingPredicate predicate to determine if the plugin should be skipped for this request
      * @return true if yes
      *
      * @see RuntimeEnvironment#getPluginStack()

opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/AuthorizationPluginClassLoader.java

@@ -88,7 +88,8 @@ public boolean accept(File dir, String name) {
 
         for (File f : jars) {
             try (JarFile jar = new JarFile(f)) {
-                String filename = classname.replace('.', File.separatorChar) + ".class";
+                // jar files always use / separator
+                String filename = classname.replace('.', '/') + ".class";
                 JarEntry entry = (JarEntry) jar.getEntry(filename);
                 if (entry != null && entry.getName().endsWith(".class")) {
                     try (InputStream is = jar.getInputStream(entry)) {
@@ -105,7 +106,7 @@ public boolean accept(File dir, String name) {
             } catch (IOException ex) {
                 LOGGER.log(Level.SEVERE, "Loading class threw an exception:", ex);
             } catch (Throwable ex) {
-                LOGGER.log(Level.SEVERE, "Loading class threw an unknown exception:", ex);
+                LOGGER.log(Level.SEVERE, "Loading class threw an unknown exception", ex);
             }
         }
         throw new ClassNotFoundException("Class \"" + classname + "\" could not be found");

opengrok-indexer/src/test/java/org/opengrok/indexer/authorization/AuthorizationFrameworkReloadTest.java

@@ -22,14 +22,16 @@
  */
 package org.opengrok.indexer.authorization;
 
-import java.io.File;
-import java.net.URL;
-import javax.servlet.http.HttpSession;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+import java.net.URISyntaxException;
+import java.nio.file.Paths;
+import javax.servlet.http.HttpSession;
 import org.junit.Test;
 import org.opengrok.indexer.configuration.Project;
 import org.opengrok.indexer.configuration.RuntimeEnvironment;
@@ -38,20 +40,18 @@
 
 /**
  * Test behavior of AuthorizationFramework {@code reload()} w.r.t. HTTP sessions.
- * 
+ *
  * @author Vladimir Kotal
  */
 public class AuthorizationFrameworkReloadTest {
-    
+
     private final File pluginDirectory;
-    
     volatile boolean runThread;
-    
-    public AuthorizationFrameworkReloadTest() {
-        URL resource = AuthorizationFrameworkReloadTest.class.getResource("/authorization/plugins/testplugins.jar");
-        pluginDirectory = new File(resource.getFile()).getParentFile();
+
+    public AuthorizationFrameworkReloadTest() throws URISyntaxException {
+        pluginDirectory = Paths.get(getClass().getResource("/authorization/plugins/testplugins.jar").toURI()).toFile().getParentFile();
     }
-    
+
     /**
      * After {@code reload()} the session attributes should be invalidated.
      * It is assumed that invalidation of HttpSession objects means that all
@@ -64,18 +64,18 @@ public void testReloadSimple() {
         framework.setLoadClasses(false); // to avoid noise when loading classes of other tests
         framework.reload();
         Statistics stats = RuntimeEnvironment.getInstance().getStatistics();
-        
+
         // Ensure the framework was setup correctly.
         assertNotNull(framework.getPluginDirectory());
         assertEquals(pluginDirectory, framework.getPluginDirectory());
-        
+
         // Create pre-requisite objects - mainly the HTTP session with attribute.
         Project p = new Project("project" + Math.random());
         HttpSession session = req.getSession();
         String attrName = "foo";
         session.setAttribute(attrName, "bar");
         assertNotNull(session.getAttribute(attrName));
-        
+
         // Reload the framework to increment the plugin generation version.
         framework.reload();
         // Let the framework check the request. This should invalidate the session
@@ -86,35 +86,35 @@ public void testReloadSimple() {
         // Verify that the session no longer has the attribute.
         assertNull(session.getAttribute(attrName));
     }
-    
+
     /**
      * Sort of a stress test - call isAllowed() and reload() in parallel.
      * This might uncover any snags with locking within AuthorizationFramework.
      */
     @Test
-    public void testReloadCycle() {
+    public void testReloadCycle() throws URISyntaxException {
         Statistics stats = RuntimeEnvironment.getInstance().getStatistics();
         Long reloads;
         String projectName = "project" + Math.random();
-        
+
         // Create authorization stack for single project.
         AuthorizationStack stack = new AuthorizationStack(AuthControlFlag.REQUIRED,
                 "stack for project " + projectName);
         assertNotNull(stack);
-        stack.add(new AuthorizationPlugin(AuthControlFlag.REQUIRED, 
+        stack.add(new AuthorizationPlugin(AuthControlFlag.REQUIRED,
                 "opengrok.auth.plugin.FalsePlugin"));
         stack.setForProjects(projectName);
-        AuthorizationFramework framework = 
+        AuthorizationFramework framework =
                 new AuthorizationFramework(pluginDirectory.getPath(), stack);
         framework.setLoadClasses(false); // to avoid noise when loading classes of other tests
         framework.reload();
-        
+
         // Perform simple sanity check before long run is entered. If this fails,
         // it will be waste of time to continue with the test.
         Project p = new Project(projectName);
         DummyHttpServletRequest req = new DummyHttpServletRequest();
         assertFalse(framework.isAllowed(req, p));
-        
+
         // Create a thread that does reload() every now and then.
         runThread = true;
         final int maxReloadSleep = 10;
@@ -131,7 +131,7 @@ public void run() {
             }
         });
         t.start();
-        
+
         reloads = stats.getRequest("authorization_stack_reload");
         assertNotNull(reloads);
         // Process number or requests and check that framework decision is consistent.
@@ -144,28 +144,27 @@ public void run() {
             } catch (InterruptedException ex) {
             }
         }
-        
+
         try {
             // Terminate the thread.
             runThread = false;
             t.join();
         } catch (InterruptedException ex) {
         }
-        
+
         // Double check that at least one reload() was done.
         reloads = stats.getRequest("authorization_stack_reload") - reloads;
-        System.out.println("number of reloads: " + reloads);
         assertTrue(reloads > 0);
     }
-    
+
     @Test
     public void testSetLoadClasses() {
         AuthorizationFramework framework = new AuthorizationFramework();
         assertTrue(framework.isLoadClassesEnabled());
         framework.setLoadClasses(false);
         assertFalse(framework.isLoadClassesEnabled());
     }
-    
+
     @Test
     public void testSetLoadJars() {
         AuthorizationFramework framework = new AuthorizationFramework();

opengrok-indexer/src/test/java/org/opengrok/indexer/authorization/AuthorizationPluginClassLoaderTest.java

@@ -24,22 +24,21 @@
 
 import java.io.File;
 import java.net.URISyntaxException;
-import java.net.URL;
 import java.nio.file.Paths;
-
+import java.util.logging.Level;
 import org.junit.Assert;
 import org.junit.Test;
 import org.opengrok.indexer.configuration.Group;
 import org.opengrok.indexer.configuration.Project;
+import org.opengrok.indexer.logger.LoggerUtil;
 import org.opengrok.indexer.web.DummyHttpServletRequest;
 
 public class AuthorizationPluginClassLoaderTest {
 
     private final File pluginDirectory;
 
     public AuthorizationPluginClassLoaderTest() throws URISyntaxException {
-        URL resource = AuthorizationPluginClassLoaderTest.class.getResource("/authorization/plugins/testplugins.jar");
-        pluginDirectory = Paths.get(resource.toURI()).toFile().getParentFile();
+        pluginDirectory = Paths.get(getClass().getResource("/authorization/plugins/testplugins.jar").toURI()).toFile().getParentFile();
         Assert.assertTrue(pluginDirectory.isDirectory());
     }
 
@@ -142,7 +141,7 @@ public void testNonExistingPlugin() {
         AuthorizationPluginClassLoader instance
                 = new AuthorizationPluginClassLoader(pluginDirectory);
 
-        Class clazz = loadClass(instance, "org.sample.plugin.NoPlugin", true);
+        loadClass(instance, "org.sample.plugin.NoPlugin", true);
     }
 
     @Test
@@ -212,15 +211,15 @@ private Class loadClass(AuthorizationPluginClassLoader loader, String name, bool
             }
         } catch (ClassNotFoundException ex) {
             if (!shouldFail) {
-                Assert.fail("Should not produce ClassNotFoundException");
+                Assert.fail(String.format("Should not produce ClassNotFoundException: %s", ex.getLocalizedMessage()));
             }
         } catch (SecurityException ex) {
             if (!shouldFail) {
-                Assert.fail("Should not produce SecurityException");
+                Assert.fail(String.format("Should not produce SecurityException: %s", ex.getLocalizedMessage()));
             }
         } catch (Exception ex) {
             if (!shouldFail) {
-                Assert.fail("Should not produce any exception");
+                Assert.fail(String.format("Should not produce any exception: %s", ex.getLocalizedMessage()));
             }
         }
         return clazz;

pom.xml

@@ -206,8 +206,8 @@ Portions Copyright (c) 2018, Chris Fraire <[email protected]>.
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <configuration>
-                        <forkCount>1</forkCount>
-                        <reuseForks>false</reuseForks>
+                    <forkCount>1</forkCount>
+                    <reuseForks>false</reuseForks>
                 </configuration>
                 <version>2.22.0</version>
                 <executions>