nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Insert initial securityEnabled value from first TaskanaEngine into database also when it's true

This commit is contained in:
Jörg Heffner 2020-05-15 10:09:34 +02:00
parent 35e7db4355
commit cbe6b6f5ec
2 changed files with 56 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
lib/taskana-core/src/main/java/pro/taskana/common/internal/configuration/SecurityVerifier.java
View File

@ -28,35 +28,40 @@ public class SecurityVerifier {
public void checkSecureAccess(boolean securityEnabled) {
if (!securityEnabled) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(String.format("Entering checkSecureAccess with securityEnabled set to %b",
securityEnabled));
}
LOGGER.debug("Trying to connect in disabled security-mode");
try (Connection connection = dataSource.getConnection()) {
try (Connection connection = dataSource.getConnection()) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(connection.getMetaData().toString());
}
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(connection.getMetaData().toString());
}
SqlRunner sqlRunner = new SqlRunner(connection);
SqlRunner sqlRunner = new SqlRunner(connection);
String querySecurity = String.format(SELECT_SECURITY_FLAG, SECURITY_FLAG_COLUMN_NAME,
schemaName);
String querySecurity = String.format(SELECT_SECURITY_FLAG, SECURITY_FLAG_COLUMN_NAME,
schemaName);
if ((boolean) sqlRunner.selectOne(querySecurity).get(SECURITY_FLAG_COLUMN_NAME)
&& !securityEnabled) {
if ((boolean) sqlRunner.selectOne(querySecurity).get(SECURITY_FLAG_COLUMN_NAME)) {
LOGGER.error("Tried to start TASKANA in unsecured mode while secured mode is enforced!");
throw new SystemException(
"Secured TASKANA mode is enforced, can't start in unsecured mode");
}
} catch (SQLException ex) {
LOGGER.info(String.format(
"Security-mode is not yet set. Setting security flag to %b", securityEnabled));
setInitialSecurityMode(securityEnabled);
throw new SystemException(
"Secured TASKANA mode is enforced, can't start in unsecured mode");
}
} catch (SQLException ex) {
LOGGER.info(String.format(
"Security-mode is not yet set. Setting security flag to %b", securityEnabled));
setInitialSecurityMode(securityEnabled);
}
LOGGER.debug("Security-mode is enabled");
}

50
lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java
View File

@ -10,8 +10,7 @@ import java.sql.SQLException;
import java.sql.Statement;
import javax.sql.DataSource;
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import pro.taskana.TaskanaEngineConfiguration;
@ -22,25 +21,20 @@ import pro.taskana.sampledata.SampleDataGenerator;
public class TaskanaSecurityConfigAccTest {
@BeforeAll
public static void setupTests() throws SQLException {
DataSource dataSource = TaskanaEngineTestConfiguration.getDataSource();
String schemaName = TaskanaEngineTestConfiguration.getSchemaName();
DbSchemaCreator dbSchemaCreator = new DbSchemaCreator(dataSource, schemaName);
dbSchemaCreator.run();
}
@AfterEach
public void cleanDb() {
@BeforeEach
public void cleanDb() throws SQLException {
DataSource dataSource = TaskanaEngineTestConfiguration.getDataSource();
String schemaName = TaskanaEngineTestConfiguration.getSchemaName();
SampleDataGenerator sampleDataGenerator = new SampleDataGenerator(dataSource, schemaName);
sampleDataGenerator.clearDb();
sampleDataGenerator.dropDb();
DbSchemaCreator dbSchemaCreator = new DbSchemaCreator(dataSource, schemaName);
dbSchemaCreator.run();
}
@Test
public void should_ThrowException_When_CreatingUnsecuredEngineConfigWhileSecurityIsEnforced()
public void should_ThrowException_When_CreatingUnsecuredEngineCfgWhileSecurityIsEnforced()
throws SQLException {
setSecurityFlag(true);
@ -59,7 +53,7 @@ public class TaskanaSecurityConfigAccTest {
}
@Test
public void should_StartUpNormally_When_CreatingUnsecuredEngineConfigWhileSecurityIsNotEnforced()
public void should_StartUpNormally_When_CreatingUnsecuredEngineCfgWhileSecurityIsNotEnforced()
throws SQLException {
setSecurityFlag(false);
@ -76,7 +70,8 @@ public class TaskanaSecurityConfigAccTest {
}
@Test
public void should_SetSecurityFlag_When_SecurityFlagIsNotSet() throws SQLException {
public void should_SetSecurityFlagToFalse_When_CreatingUnsecureEngineCfgAndSecurityFlagIsNotSet()
throws SQLException {
assertThat(retrieveSecurityFlag()).isNull();
@ -93,13 +88,32 @@ public class TaskanaSecurityConfigAccTest {
}
@Test
public void should_SetSecurityFlagToTrue_When_CreatingSecureEngineCfgAndSecurityFlagIsNotSet()
throws SQLException {
assertThat(retrieveSecurityFlag()).isNull();
ThrowingCallable createSecuredTaskanaEngineConfiguration = () -> {
TaskanaEngineConfiguration taskanaEngineConfiguration = new TaskanaEngineConfiguration(
TaskanaEngineTestConfiguration.getDataSource(), false, true,
TaskanaEngineTestConfiguration.getSchemaName());
};
assertThatCode(createSecuredTaskanaEngineConfiguration).doesNotThrowAnyException();
assertThat(retrieveSecurityFlag()).isTrue();
}
private Boolean retrieveSecurityFlag() throws SQLException {
try (Connection connection = TaskanaEngineTestConfiguration.getDataSource().getConnection()) {
String selectSecurityFlagSql = String
.format("SELECT * FROM %s.CONFIGURATION",
TaskanaEngineTestConfiguration.getSchemaName());
.format("SELECT * FROM %s.CONFIGURATION",
TaskanaEngineTestConfiguration.getSchemaName());
Statement statement = connection.createStatement();
ResultSet resultSet = statement.executeQuery(selectSecurityFlagSql);