Skip to content

/ wildfly-core

Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also .
base repository: wildfly/wildfly-core
Choose a Base Repository
wildfly/wildfly-core
ASML-Labs/wildfly-core
Acidburn0zzz/wildfly-core
BenjaminLefoul/wildfly-core
BrentDouglas/wildfly-core
DouglasDeciccoT/wildfly-core
Gordiychuk/wildfly-core
IPreeti/wildfly-core
Jakarta-EE-Petclinic/wildfly-core
Kinlaw/wildfly-core
KrishnaKotari/wildfly-core
Ladicek/wildfly-core
Lerm/wildfly-core
OndrejKotek/wildfly-core
Richterrettich/wildfly-core
Sanne/wildfly-core
SirLoxley/wildfly-core
The-Alchemist/wildfly-core
TomasHofman/wildfly-core
WebJustDevelopment/wildfly-core
Yuan-Hu/wildfly-core
adrianoschmidt/wildfly-core
alesj/wildfly-core
aloubyansky/wildfly-core
altanis/wildfly-core
andreabattaglia/wildfly-core
aogburn/wildfly-core
aparnachaudhary/wildfly-core
aparra/wildfly-core
arcivanov/wildfly-core
asoldano/wildfly-core
bagges/wildfly-core
baranowb/wildfly-core
bayern39/wildfly-core
bgaisford/wildfly-core
bingli-borland/wildfly-core
bmaxwell/wildfly-core
bobmcwhirter/wildfly-core
briehman/wildfly-core
broubach/wildfly-core
brunolitman/wildfly-core
bstansberry/wildfly-core
caikov/wildfly-core
ceharris/wildfly-core
chengfang/wildfly-core
cstroe/wildfly-core
ctomc/wildfly-core
cybernetics/wildfly-core
dandreadis/wildfly-core
darranl/wildfly-core
dbroeglin/wildfly-core
dehort/wildfly-core
distortedsignal/wildfly-core
dmlloyd/wildfly-core
doctau/wildfly-core
domtoupin/wildfly-core
doobrie/wildfly-core
dosoudil/wildfly-core
dpospisil/wildfly-core
ehsavoie/wildfly-core
elguardian/wildfly-core
emmartins/wildfly-core
emuckenhuber/wildfly-core
esantana/wildfly-core
eventis/wildfly-core
fbogyai/wildfly-core
fjuma/wildfly-core
fl4via/wildfly-core
forrestlv/wildfly-core
gaohoward/wildfly-core
gaol/wildfly-core
goldentarek/wildfly-core
golovnin/wildfly-core
grantwohl/wildfly-core
gunnarmorling/wildfly-core
gustavonv/wildfly-core
heiko-braun/wildfly-core
hkalina/wildfly-core
honza-kasik/wildfly-core
hpehl/wildfly-core
hradecek/wildfly-core
hsvabek/wildfly-core
istraka/wildfly-core
istudens/wildfly-core
ivassile/wildfly-core
iweiss/wildfly-core
jaikiran/wildfly-core
jamesmcabee/wildfly-core
jamezp/wildfly-core
jasinner/wildfly-core
jeffzhang/wildfly-core
jfdenise/wildfly-core
jharting/wildfly-core
jimma/wildfly-core
jmartisk/wildfly-core
jmazzitelli/wildfly-core
jmesnil/wildfly-core
jorsol/wildfly-core
jpkrohling/wildfly-core
jstourac/wildfly-core
jtymel/wildfly-core
jurakp/wildfly-core
kabir-ncl/wildfly-core
kabir/wildfly-core
kayceo/wildfly-core
kgeneral/wildfly-core
kwart/wildfly-core
kylape/wildfly-core
kylinsoong/wildfly-core
langfr/wildfly-core
luck3y/wildfly-core
maasvdberg/wildfly-core
maeste/wildfly-core
marcuscarvalho/wildfly-core
marekkopecky/wildfly-core
marschall/wildfly-core
martin-welss/wildfly-core
mattdrees/wildfly-core
mayankmittal1982/wildfly-core
mayerw/wildfly-core
mchoma/wildfly-core
mikefinn/wildfly-core
miteshmanani/wildfly-core
mkouba/wildfly-core
mmusaji/wildfly-core
mnovak1/wildfly-core
mschvarc/wildfly-core
msfm/wildfly-core
n1hility/wildfly-core
nekop/wildfly-core
nibin/wildfly-core
nuzayats/wildfly-core
nziakova/wildfly-core
objectiser/wildfly-core
oketels/wildfly-core
olukas/wildfly-core
onagano-rh/wildfly-core
oscerd/wildfly-core
ossnms/wildfly-core
panossot/wildfly-core
pedroigor/wildfly-core
pferraro/wildfly-core
pgier/wildfly-core
pietroaragona/wildfly-core
pilhuhn/wildfly-core
pk-codebox-evo/webserver-wildfly-core
pkdevboxy/wildfly-core
pkremens/wildfly-core
ppalaga/wildfly-core
ppetrou/wildfly-core
psakar/wildfly-core
psiroky/wildfly-core
pskopek/wildfly-core
rachmatowicz/wildfly-core
ramsperger/wildfly-core
ramsrib/wildfly-core
rarguello/wildfly-core
red-dev01/wildfly-core
rhatlapa/wildfly-core
rhusar/wildfly-core
rnetuka/wildfly-core
robstryker/wildfly-core
ropalka/wildfly-core
rpelisse/wildfly-core
rsvoboda/wildfly-core
ryanemerson/wildfly-core
scottmarlow/wildfly-core
sfcoy/wildfly-core
sgilda/wildfly-core
sguilhen/wildfly-core
shezhu/wildfly-core
siddharthgoel88/wildfly-core
simkam/wildfly-core
singhsurjeet/wildfly-core
slaskawi/wildfly-core
soapinc/wildfly-core
soul2zimate/wildfly-core
spolti/wildfly-core
spyrkob/wildfly-core
ssilvert/wildfly-core
stalep/wildfly-core
stoty/wildfly-core
stuartwdouglas/wildfly-core
subaochen/wildfly-core
tadamski/wildfly-core
tedwon/wildfly-core
thomasdarimont/wildfly-core
tobias/wildfly-core
treblereel/wildfly-core
tsegismont/wildfly-core
vpakan/wildfly-core
vtunka/wildfly-core
wbrefvem/wildfly-core
weebl2000/wildfly-core
wildfly-security-incubator/wildfly-core
wolfc/wildfly-core
wsaca/wildfly-core
xstefank/wildfly-core
yersan/wildfly-core
zhfeng/wildfly-core
Nothing to show
base: aadd115
head repository: wildfly/wildfly-core
Choose a Head Repository
wildfly/wildfly-core
ASML-Labs/wildfly-core
Acidburn0zzz/wildfly-core
BenjaminLefoul/wildfly-core
BrentDouglas/wildfly-core
DouglasDeciccoT/wildfly-core
Gordiychuk/wildfly-core
IPreeti/wildfly-core
Jakarta-EE-Petclinic/wildfly-core
Kinlaw/wildfly-core
KrishnaKotari/wildfly-core
Ladicek/wildfly-core
Lerm/wildfly-core
OndrejKotek/wildfly-core
Richterrettich/wildfly-core
Sanne/wildfly-core
SirLoxley/wildfly-core
The-Alchemist/wildfly-core
TomasHofman/wildfly-core
WebJustDevelopment/wildfly-core
Yuan-Hu/wildfly-core
adrianoschmidt/wildfly-core
alesj/wildfly-core
aloubyansky/wildfly-core
altanis/wildfly-core
andreabattaglia/wildfly-core
aogburn/wildfly-core
aparnachaudhary/wildfly-core
aparra/wildfly-core
arcivanov/wildfly-core
asoldano/wildfly-core
bagges/wildfly-core
baranowb/wildfly-core
bayern39/wildfly-core
bgaisford/wildfly-core
bingli-borland/wildfly-core
bmaxwell/wildfly-core
bobmcwhirter/wildfly-core
briehman/wildfly-core
broubach/wildfly-core
brunolitman/wildfly-core
bstansberry/wildfly-core
caikov/wildfly-core
ceharris/wildfly-core
chengfang/wildfly-core
cstroe/wildfly-core
ctomc/wildfly-core
cybernetics/wildfly-core
dandreadis/wildfly-core
darranl/wildfly-core
dbroeglin/wildfly-core
dehort/wildfly-core
distortedsignal/wildfly-core
dmlloyd/wildfly-core
doctau/wildfly-core
domtoupin/wildfly-core
doobrie/wildfly-core
dosoudil/wildfly-core
dpospisil/wildfly-core
ehsavoie/wildfly-core
elguardian/wildfly-core
emmartins/wildfly-core
emuckenhuber/wildfly-core
esantana/wildfly-core
eventis/wildfly-core
fbogyai/wildfly-core
fjuma/wildfly-core
fl4via/wildfly-core
forrestlv/wildfly-core
gaohoward/wildfly-core
gaol/wildfly-core
goldentarek/wildfly-core
golovnin/wildfly-core
grantwohl/wildfly-core
gunnarmorling/wildfly-core
gustavonv/wildfly-core
heiko-braun/wildfly-core
hkalina/wildfly-core
honza-kasik/wildfly-core
hpehl/wildfly-core
hradecek/wildfly-core
hsvabek/wildfly-core
istraka/wildfly-core
istudens/wildfly-core
ivassile/wildfly-core
iweiss/wildfly-core
jaikiran/wildfly-core
jamesmcabee/wildfly-core
jamezp/wildfly-core
jasinner/wildfly-core
jeffzhang/wildfly-core
jfdenise/wildfly-core
jharting/wildfly-core
jimma/wildfly-core
jmartisk/wildfly-core
jmazzitelli/wildfly-core
jmesnil/wildfly-core
jorsol/wildfly-core
jpkrohling/wildfly-core
jstourac/wildfly-core
jtymel/wildfly-core
jurakp/wildfly-core
kabir-ncl/wildfly-core
kabir/wildfly-core
kayceo/wildfly-core
kgeneral/wildfly-core
kwart/wildfly-core
kylape/wildfly-core
kylinsoong/wildfly-core
langfr/wildfly-core
luck3y/wildfly-core
maasvdberg/wildfly-core
maeste/wildfly-core
marcuscarvalho/wildfly-core
marekkopecky/wildfly-core
marschall/wildfly-core
martin-welss/wildfly-core
mattdrees/wildfly-core
mayankmittal1982/wildfly-core
mayerw/wildfly-core
mchoma/wildfly-core
mikefinn/wildfly-core
miteshmanani/wildfly-core
mkouba/wildfly-core
mmusaji/wildfly-core
mnovak1/wildfly-core
mschvarc/wildfly-core
msfm/wildfly-core
n1hility/wildfly-core
nekop/wildfly-core
nibin/wildfly-core
nuzayats/wildfly-core
nziakova/wildfly-core
objectiser/wildfly-core
oketels/wildfly-core
olukas/wildfly-core
onagano-rh/wildfly-core
oscerd/wildfly-core
ossnms/wildfly-core
panossot/wildfly-core
pedroigor/wildfly-core
pferraro/wildfly-core
pgier/wildfly-core
pietroaragona/wildfly-core
pilhuhn/wildfly-core
pk-codebox-evo/webserver-wildfly-core
pkdevboxy/wildfly-core
pkremens/wildfly-core
ppalaga/wildfly-core
ppetrou/wildfly-core
psakar/wildfly-core
psiroky/wildfly-core
pskopek/wildfly-core
rachmatowicz/wildfly-core
ramsperger/wildfly-core
ramsrib/wildfly-core
rarguello/wildfly-core
red-dev01/wildfly-core
rhatlapa/wildfly-core
rhusar/wildfly-core
rnetuka/wildfly-core
robstryker/wildfly-core
ropalka/wildfly-core
rpelisse/wildfly-core
rsvoboda/wildfly-core
ryanemerson/wildfly-core
scottmarlow/wildfly-core
sfcoy/wildfly-core
sgilda/wildfly-core
sguilhen/wildfly-core
shezhu/wildfly-core
siddharthgoel88/wildfly-core
simkam/wildfly-core
singhsurjeet/wildfly-core
slaskawi/wildfly-core
soapinc/wildfly-core
soul2zimate/wildfly-core
spolti/wildfly-core
spyrkob/wildfly-core
ssilvert/wildfly-core
stalep/wildfly-core
stoty/wildfly-core
stuartwdouglas/wildfly-core
subaochen/wildfly-core
tadamski/wildfly-core
tedwon/wildfly-core
thomasdarimont/wildfly-core
tobias/wildfly-core
treblereel/wildfly-core
tsegismont/wildfly-core
vpakan/wildfly-core
vtunka/wildfly-core
wbrefvem/wildfly-core
weebl2000/wildfly-core
wildfly-security-incubator/wildfly-core
wolfc/wildfly-core
wsaca/wildfly-core
xstefank/wildfly-core
yersan/wildfly-core
zhfeng/wildfly-core
Nothing to show
compare: 8368040
  • 4 commits
  • 9 files changed
  • 0 commit comments
  • 2 contributors
Commits on Apr 15, 2019
@soul2zimate
soul2zimate
[WFCORE-4061] ApplicationTypeConfigWriteAttributeHandler and Sensitiv…
Unverified
The committer email address is not verified.
Learn about signing commits
9009338 
…ityClassificationWriteAttributeHandler rollback handling
@soul2zimate
soul2zimate
[WFCORE-4061] remove redundant else clause because attribute name sho…
Unverified
The committer email address is not verified.
Learn about signing commits
14a2e5a 
…uld have been validated before execution.
@soul2zimate
soul2zimate
[WFCORE-3995] Validate Sensitivity Classification attributes and tests.
Unverified
The committer email address is not verified.
Learn about signing commits
Loading status checks…
344c72d
Commits on Apr 17, 2019
@jmesnil
jmesnil
Merge pull request #3426 from soul2zimate/WFCORE-3995-master
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
8368040 
[WFCORE-3995] forbid invalid Sensitivity Constraint attribute read-wr…
38 controller/src/main/java/org/jboss/as/controller/access/constraint/AbstractSensitivity.java
View file
@@ -124,4 +124,42 @@ protected boolean isCompatibleWith(AbstractSensitivity other) {
&& defaultRequiresReadPermission == other.defaultRequiresReadPermission
&& defaultRequiresWritePermission == other.defaultRequiresWritePermission);
}

public boolean isConfiguredRequiresAccessPermissionValid(Boolean requiresAccessPermission) {
boolean effectiveAccessPermission = requiresAccessPermission == null ? defaultRequiresAccessPermission : requiresAccessPermission;
boolean effectiveReadPermission = configuredRequiresReadPermission == null ? defaultRequiresReadPermission : configuredRequiresReadPermission;
boolean effectiveWritePermission = configuredRequiresWritePermission == null ? defaultRequiresWritePermission : configuredRequiresWritePermission;
if (effectiveAccessPermission == true && (effectiveReadPermission == false | effectiveWritePermission == false)) {
return false;
} else {
return true;
}
}

public boolean isConfiguredRequiresReadPermissionValid(Boolean requiresReadPermission) {
boolean effectiveReadPermission = requiresReadPermission == null ? defaultRequiresReadPermission : requiresReadPermission;
boolean effectiveAccessPermission = configuredRequiresAccessPermission == null ? defaultRequiresAccessPermission : configuredRequiresAccessPermission;
boolean effectiveWritePermission = configuredRequiresWritePermission == null ? defaultRequiresWritePermission : configuredRequiresWritePermission;
if (effectiveReadPermission == false && effectiveAccessPermission == true) {
// write false to configured-requires-read while configured-requires-access is true is invalid
return false;
} else if (effectiveReadPermission == true && effectiveWritePermission == false) {
// write true to configured-requires-read while configured-requires-write is false is invalid
return false;
} else {
return true;
}
}

public boolean isConfiguredRequiresWritePermissionValid(Boolean requiresWritePermission) {
boolean effectiveWritePermission = requiresWritePermission == null ? defaultRequiresWritePermission : requiresWritePermission;
boolean effectiveAccessPermission = configuredRequiresAccessPermission == null ? defaultRequiresAccessPermission : configuredRequiresAccessPermission;
boolean effectiveReadPermission = configuredRequiresReadPermission == null ? defaultRequiresReadPermission : configuredRequiresReadPermission;
if (effectiveWritePermission == false && (effectiveAccessPermission == true | effectiveReadPermission == true)) {
// write false to configured-requires-write while configured-requires-access or configured-requires-read is true is invalid
return false;
} else {
return true;
}
}
}
14 ...t/java/org/jboss/as/core/model/test/access/RuntimeSensitivityReconfigurationTestCase.java
View file
@@ -209,9 +209,11 @@ private void reconfigureSensitivity(String sensitivity, Boolean requiresAccess,

ModelNode operation = Util.createOperation(WRITE_ATTRIBUTE_OPERATION, address);

if (requiresAccess != null) {
operation.get(NAME).set(CONFIGURED_REQUIRES_ADDRESSABLE);
operation.get(VALUE).set(requiresAccess);
// WFCORE-3995 in separate operation execution, we can not set access to true first without setting read and write.
// Update to following order write - read - access for validation
if (requiresWrite != null) {
operation.get(NAME).set(CONFIGURED_REQUIRES_WRITE);
operation.get(VALUE).set(requiresWrite);
executeWithRoles(operation, StandardRole.SUPERUSER);
}

@@ -221,9 +223,9 @@ private void reconfigureSensitivity(String sensitivity, Boolean requiresAccess,
executeWithRoles(operation, StandardRole.SUPERUSER);
}

if (requiresWrite != null) {
operation.get(NAME).set(CONFIGURED_REQUIRES_WRITE);
operation.get(VALUE).set(requiresWrite);
if (requiresAccess != null) {
operation.get(NAME).set(CONFIGURED_REQUIRES_ADDRESSABLE);
operation.get(VALUE).set(requiresAccess);
executeWithRoles(operation, StandardRole.SUPERUSER);
}
}
96 ...ts/src/test/java/org/jboss/as/core/model/test/access/StandaloneAccessControlTestCase.java
View file
@@ -65,6 +65,7 @@
public void testConfiguration() throws Exception {
//Initialize some additional constraints
new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification("play", "security-realm", true, true, true));
new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification("system-property", "system-property", true, true, true));
new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig("play", "deployment", false));


@@ -80,6 +81,12 @@ public void testConfiguration() throws Exception {
//////////////////////////////////////////////////////////////////////////////////
//Check that both set and undefined configured constraint settings get returned

/*
* <sensitive-classification type="play" name="security-realm" requires-addressable="false" requires-read="false" requires-write="false" />
* <sensitive-classification type="system-property" name="system-property" requires-addressable="true" requires-read="true" requires-write="true" />
* system-property sensitive classification default values are false, false, true
*/

System.out.println(kernelServices.readWholeModel());
//Sensitivity classification
//This one is undefined
@@ -103,6 +110,86 @@ public void testConfiguration() throws Exception {
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_ADDRESSABLE.getName())));
checkResultExists(result, new ModelNode(false));

// WFCORE-3995 Test write operations on configured-requires-addressable
// This should fail as sensitivity constraint attribute configured-requires-read and configured-requires-write must not be false before writing configured-requires-addressable to true
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getWriteAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "play"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_ADDRESSABLE.getName(), true)));
checkResultNotExists(result);

// This should fail as sensitivity constraint attribute configured-requires-read and configured-requires-write must not be false before undefine configured-requires-addressable to its default value true
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getUndefineAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "play"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_ADDRESSABLE.getName())));
checkResultNotExists(result);

// WFCORE-3995 Test write operations on configured-requires-read
// This should fail as sensitivity constraint attribute configured-requires-addressable must not be true before writing configured-requires-read to false
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getWriteAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "system-propery"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName(), false)));
checkResultNotExists(result);

// This should fail as sensitivity constraint attribute configured-requires-addressable must not be true before undefine configured-requires-read its default value false
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getUndefineAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "system-propery"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName())));
checkResultNotExists(result);

// This should fail as sensitivity constraint attribute configured-requires-write must not be false before writing configured-requires-read to true
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getWriteAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "play"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName(), true)));
checkResultNotExists(result);

// This should fail as sensitivity constraint attribute configured-requires-addressable must not be false before undefine configured-requires-read to its default value true
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getUndefineAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "play"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName())));
checkResultNotExists(result);

// WFCORE-3995 Test write operations on configured-requires-write
// This should fail as sensitivity constraint attribute configured-requires-addressable and configured-requires-read must not be true before writing configured-requires-read to false
result = ModelTestUtils.checkFailed(
kernelServices.executeOperation(
Util.getWriteAttributeOperation(PathAddress.pathAddress(
pathElement(CORE_SERVICE, MANAGEMENT),
pathElement(ACCESS, AUTHORIZATION),
pathElement(CONSTRAINT, SENSITIVITY_CLASSIFICATION),
pathElement(TYPE, "system-propery"),
pathElement(CLASSIFICATION, SECURITY_REALM)), SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName(), false)));
checkResultNotExists(result);

//VaultExpression
//It is defined
PathAddress vaultAddress = PathAddress.pathAddress(
@@ -113,7 +200,10 @@ public void testConfiguration() throws Exception {
kernelServices.executeOperation(
Util.getReadAttributeOperation(vaultAddress, SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName())));
checkResultExists(result, new ModelNode(false));
//Now undefine it and check again
//Now undefine it and check again (need to undefine configured-requires-write first)
ModelTestUtils.checkOutcome(
kernelServices.executeOperation(
Util.getUndefineAttributeOperation(vaultAddress, SensitivityResourceDefinition.CONFIGURED_REQUIRES_WRITE.getName())));
ModelTestUtils.checkOutcome(
kernelServices.executeOperation(
Util.getUndefineAttributeOperation(vaultAddress, SensitivityResourceDefinition.CONFIGURED_REQUIRES_READ.getName())));
@@ -150,4 +240,8 @@ private void checkResultExists(ModelNode result, ModelNode expected) {
Assert.assertTrue(result.has(RESULT));
Assert.assertEquals(expected, result.get(RESULT));
}

private void checkResultNotExists(ModelNode result) {
Assert.assertFalse(result.has(RESULT));
}
}
1 core-model-test/tests/src/test/resources/org/jboss/as/core/model/test/access/standalone.xml
View file
@@ -42,6 +42,7 @@
<sensitive-classification type="core" name="access-control" requires-addressable="false" requires-read="false" requires-write="false" />
<sensitive-classification type="core" name="security-realm" requires-addressable="false" requires-read="false" requires-write="false" />
<sensitive-classification type="play" name="security-realm" requires-addressable="false" requires-read="false" requires-write="false" />
<sensitive-classification type="system-property" name="system-property" requires-addressable="true" requires-read="true" requires-write="true" />
</sensitive-classifications>
<application-classifications>
<application-classification type="core" name="deployment" application="false"/>
34 .../jboss/as/domain/management/access/ApplicationClassificationConfigResourceDefinition.java
View file
@@ -98,14 +98,11 @@ public void execute(OperationContext context, ModelNode operation) throws Operat
final String attribute = operation.require(NAME).asString();
final ApplicationTypeConfigResource resource = (ApplicationTypeConfigResource)context.readResource(PathAddress.EMPTY_ADDRESS);
final ApplicationTypeConfig applicationType = resource.applicationType;
Boolean result;
Boolean result = null;
if (attribute.equals(DEFAULT_APPLICATION.getName())) {
result = applicationType.isDefaultApplication();
} else if (attribute.equals(CONFIGURED_APPLICATION.getName())) {
result = applicationType.getConfiguredApplication();
} else {
//TODO i18n
throw new IllegalStateException();
}

context.getResult();
@@ -121,17 +118,28 @@ public void execute(OperationContext context, ModelNode operation) throws Operat

@Override
public void execute(OperationContext context, ModelNode operation) throws OperationFailedException {
final String attribute = operation.require(NAME).asString();
final ModelNode value = operation.require(VALUE);
final ApplicationTypeConfigResource resource = (ApplicationTypeConfigResource)context.readResourceForUpdate(PathAddress.EMPTY_ADDRESS);
final ApplicationTypeConfigResource resource = (ApplicationTypeConfigResource) context.readResourceForUpdate(PathAddress.EMPTY_ADDRESS);
final ModelNode modelNode = resource.getModel();
// record model values for rollback handler
final ModelNode configuredApplication = modelNode.get(ModelDescriptionConstants.CONFIGURED_APPLICATION);

final ApplicationTypeConfig classification = resource.applicationType;
if (attribute.equals(CONFIGURED_APPLICATION.getName())) {
Boolean confValue = readValue(context, value, CONFIGURED_APPLICATION);
classification.setConfiguredApplication(confValue);
} else {
//TODO i18n
throw new IllegalStateException();
}
classification.setConfiguredApplication(readValue(context, value, CONFIGURED_APPLICATION));

context.completeStep(new OperationContext.RollbackHandler() {

@Override
public void handleRollback(OperationContext context, ModelNode operation) {
try {
classification.setConfiguredApplication(readValue(context, configuredApplication, CONFIGURED_APPLICATION));
} catch (OperationFailedException e) {
// Should not happen since configured value is retrieved from resource.
throw new RuntimeException(e);
}

}
});
}

private Boolean readValue(OperationContext context, ModelNode value, AttributeDefinition definition) throws OperationFailedException {

No commit comments for this range

You can’t perform that action at this time.