Skip to content

[AMBARI-22837] AmbariAuthorizationFilterTest.testDoFilter_userNoPermissionsAccess fails unexpectedly#176

Merged
rlevas merged 4 commits into
apache:trunkfrom
ReedOei:trunk
Feb 14, 2018
Merged

[AMBARI-22837] AmbariAuthorizationFilterTest.testDoFilter_userNoPermissionsAccess fails unexpectedly#176
rlevas merged 4 commits into
apache:trunkfrom
ReedOei:trunk

Conversation

@ReedOei
Copy link
Copy Markdown
Contributor

@ReedOei ReedOei commented Jan 23, 2018
edited
Loading

What changes were proposed in this pull request?

This test requires that the security context not be set up when it runs to pass. If a test that sets up the security context improperly is run before this test, it will fail despite there being no changes in the code.

This can be fixed by clearing the security context.

How was this patch tested?

Patch was tested manually.

@adoroszlai This issue is similar to another pull request I submitted (#133)

@adoroszlai adoroszlai requested a review from rlevas January 23, 2018 21:46
@asfgit
Copy link
Copy Markdown

asfgit commented Jan 23, 2018

Refer to this link for build results (access rights to CI server needed):
https://builds.apache.org/job/Ambari-Github-PullRequest-Builder/251/
Test FAILed.
Test FAILured.

rlevas
rlevas suggested changes Jan 24, 2018
View reviewed changes
Comment thread ...test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java Outdated
public class AmbariAuthorizationFilterTest {
@Before
public void setUp() {
SecurityContextHolder.getContext().setAuthentication(null);
Copy link
Copy Markdown
Contributor

@rlevas rlevas Jan 24, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically, this is not the correct solution since the test case appears to use a mocked SecurityContext, not the one from the SecurityContextHolder. See org.apache.ambari.server.security.authorization.AmbariAuthorizationFilterTest#performGeneralDoFilterTest.

I think we need to remove the mocked SecurityContext and use the one provided by Spring. For example, see org.apache.ambari.server.controller.internal.UserResourceProviderTest#deleteResourcesTest.

In cases like the referenced method, we can do the following rather than create a mocked SecurityContext:

    SecurityContextHolder.getContext().setAuthentication(authentication);

Since the test case explictly sets the authenticated user before performing the test, there is no real need to explicitly clear it in the before method.

@ReedOei
Copy link
Copy Markdown
Contributor Author

ReedOei commented Jan 26, 2018

I have made the requested changes.

@rlevas rlevas requested a review from echekanskiy January 26, 2018 16:44
@asfgit
Copy link
Copy Markdown

asfgit commented Jan 26, 2018

Refer to this link for build results (access rights to CI server needed):
https://builds.apache.org/job/Ambari-Github-PullRequest-Builder/302/
Test PASSed.

@ReedOei ReedOei mentioned this pull request Feb 14, 2018
Merged
@ReedOei
Copy link
Copy Markdown
Contributor Author

ReedOei commented Feb 14, 2018

@rlevas @echekanskiy is this pull request ready to be merged? Feel free to let me know if any additional changes are necessary.

@rlevas rlevas merged commit 91462df into apache:trunk Feb 14, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@echekanskiy echekanskiy Awaiting requested review from echekanskiy

1 more reviewer

@rlevas rlevas rlevas approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ReedOei @asfgit @rlevas