private void checkWriteVaultExpressionWriteSensitive(final StandardRole standardRole, final boolean writable) throws Exception {
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresAccessPermission(false);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresReadPermission(true);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresWritePermission(true);
try {
ChildResourceDefinition oneChild = new ChildResourceDefinition(ONE);
oneChild.addAttribute("attr1");
oneChild.addOperation("test", true, false, null);
rootRegistration.registerSubModel(oneChild);
Resource resourceA = Resource.Factory.create();
resourceA.getModel().get("attr1").set("test-a");
rootResource.registerChild(ONE_A, resourceA);
AccessAuditContext.doAs(roleToSecurityIdentity(standardRole), null, new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try {
server.setAttribute(ONE_A_NAME, new Attribute("attr1", "${VAULT::AA::bb::cc}"));
Assert.assertTrue(writable);
} catch (JMRuntimeException e) {
Assert.assertFalse(writable);
}
return null;
}
});
} finally {
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresAccessPermission(null);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresReadPermission(null);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresWritePermission(null);
}
}
JmxFacadeRbacEnabledTestCase.java 文件源码
java
阅读 22
收藏 0
点赞 0
评论 0
项目:wildfly-core
作者:
评论列表
文章目录
