private void checkAddVaultSensitive(final StandardRole standardRole, final boolean executable) throws Exception {
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresAccessPermission(false);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresReadPermission(true);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresWritePermission(true);
try {
PathElement pathElement = ONE_A;
ChildResourceDefinition oneChild = new ChildResourceDefinition(pathElement);
oneChild.addAttribute("attr1");
oneChild.addOperation("test", true, false, null);
rootRegistration.registerSubModel(oneChild);
AccessAuditContext.doAs(roleToSecurityIdentity(standardRole), null, new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
Assert.assertFalse(server.queryNames(null, null).contains(ONE_A_NAME));
try {
String add = "addOneA";
Object[] params = new String[]{"${VAULT::AA::bb::cc}"};
String[] sig = new String[] {String.class.getName()};
server.invoke(ROOT_NAME, add, params, sig);
Assert.assertTrue(executable);
Assert.assertTrue(server.queryNames(null, null).contains(ONE_A_NAME));
} catch (JMRuntimeException e) {
Assert.assertFalse(executable);
}
return null;
}
});
} finally {
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresAccessPermission(false);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresReadPermission(true);
VaultExpressionSensitivityConfig.INSTANCE.setConfiguredRequiresWritePermission(true);
}
}
JmxFacadeRbacEnabledTestCase.java 文件源码
java
阅读 20
收藏 0
点赞 0
评论 0
项目:wildfly-core
作者:
评论列表
文章目录
