Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/RequestValidator.java +8 −6 Original line number Diff line number Diff line Loading @@ -68,12 +68,14 @@ */ package ca.nrc.cadc.ac.server; import java.util.List; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.IdentityType; import ca.nrc.cadc.ac.Role; import ca.nrc.cadc.uws.Parameter; import ca.nrc.cadc.uws.ParameterUtil; import java.util.List; import org.apache.log4j.Logger; /** * Request Validator. This class extracts and validates the ID, TYPE, ROLE Loading Loading @@ -105,7 +107,7 @@ public class RequestValidator if (paramList == null || paramList.isEmpty()) { throw new IllegalArgumentException( "Missing required parameters: ID and TYPE"); "Missing required parameters: ID and IDTYPE"); } // ID Loading @@ -118,12 +120,12 @@ public class RequestValidator this.userID = param.trim(); log.debug("ID: " + userID); // TYPE param = ParameterUtil.findParameterValue("TYPE", paramList); // IDTYPE param = ParameterUtil.findParameterValue("IDTYPE", paramList); if (param == null || param.trim().isEmpty()) { throw new IllegalArgumentException( "TYPE parameter required but not found"); "IDTYPE parameter required but not found"); } this.idType = IdentityType.toValue(param); log.debug("TYPE: " + idType); Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java +1 −1 Original line number Diff line number Diff line Loading @@ -212,7 +212,7 @@ public abstract class LdapDAO { throw new AccessControlException("Invalid credentials " + msg); } else if (code == ResultCode.SUCCESS) else if ((code == ResultCode.SUCCESS) || (code == ResultCode.NO_SUCH_OBJECT) ) { // all good. nothing to do } Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java +19 −15 Original line number Diff line number Diff line Loading @@ -72,6 +72,7 @@ import java.security.AccessControlException; import java.security.Principal; import java.util.ArrayList; import java.util.Collection; import java.util.HashSet; import java.util.List; import java.util.Set; Loading Loading @@ -104,7 +105,6 @@ import com.unboundid.ldap.sdk.SearchResult; import com.unboundid.ldap.sdk.SearchResultEntry; import com.unboundid.ldap.sdk.SearchScope; import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl; import java.util.HashSet; public class LdapGroupDAO<T extends Principal> extends LdapDAO { Loading Loading @@ -345,7 +345,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO { String [] attributes = new String[] {"entrydn", "cn", "description", "owner", "uniquemember", "modifytimestamp"}; "modifytimestamp", "nsaccountlock"}; return getGroup(groupDN, groupID, withMembers, attributes); } Loading @@ -366,10 +366,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO { try { Filter filter = Filter.createANDFilter( Filter.createEqualityFilter("cn", groupID), Filter.createNOTFilter( Filter.createEqualityFilter("nsaccountlock", "TRUE"))); Filter filter = Filter.createEqualityFilter("cn", groupID); SearchRequest searchRequest = new SearchRequest(groupDN.toNormalizedString(), Loading @@ -386,11 +383,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO } catch (LDAPSearchException e) { if (e.getResultCode() == ResultCode.AUTHORIZATION_DENIED) { throw new AccessControlException("Unauthorized to access group " + groupID); } else if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) { String msg = "Group not found " + groupID; logger.debug(msg); Loading @@ -398,23 +391,34 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO } else { throw new RuntimeException("Unknown LDAP exception: " + e.getResultCode()); LdapDAO.checkLdapResult(e.getResultCode(), e.getMessage()); } } if (searchResult.getEntryCount() == 0) { // deleted groups? String msg = "Group not found " + groupID; LdapDAO.checkLdapResult(searchResult.getResultCode(), null); //access denied String msg = "Not authorized to access " + groupID; logger.debug(msg); throw new GroupNotFoundException(groupID); throw new AccessControlException(groupID); } if (searchResult.getEntryCount() >1) { throw new RuntimeException("BUG: multiple results when retrieving group " + groupID); } SearchResultEntry searchEntry = searchResult.getSearchEntries().get(0); if (searchEntry.getAttribute("nsaccountlock") != null) { // deleted group String msg = "Group not found " + groupID; logger.debug(msg); throw new GroupNotFoundException(groupID); } String groupCN = searchEntry.getAttributeValue("cn"); DN groupOwner = searchEntry.getAttributeValueAsDN("owner"); Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/ACSearchRunner.java +85 −88 Original line number Diff line number Diff line Loading @@ -68,38 +68,30 @@ */ package ca.nrc.cadc.ac.server.web; import java.security.AccessControlException; import java.security.Principal; import java.util.Collection; import java.util.Date; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupsWriter; import ca.nrc.cadc.ac.IdentityType; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.server.GroupPersistence; import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.RequestValidator; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.auth.AuthenticationUtil; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.NumericPrincipal; import ca.nrc.cadc.auth.OpenIdPrincipal; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.uws.ErrorSummary; import ca.nrc.cadc.uws.ErrorType; import ca.nrc.cadc.uws.ExecutionPhase; import ca.nrc.cadc.uws.Job; import ca.nrc.cadc.uws.server.JobNotFoundException; import ca.nrc.cadc.uws.server.JobPersistenceException; import ca.nrc.cadc.uws.server.JobRunner; import ca.nrc.cadc.uws.server.JobUpdater; import ca.nrc.cadc.uws.server.SyncOutput; import ca.nrc.cadc.uws.util.JobLogInfo; import java.io.IOException; import java.security.AccessControlException; import java.security.Principal; import java.util.Collection; import java.util.Date; import javax.security.auth.x500.X500Principal; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; public class ACSearchRunner implements JobRunner { Loading Loading @@ -151,6 +143,15 @@ public class ACSearchRunner implements JobRunner @SuppressWarnings("unchecked") private void search() { // Note: This search runner is customized to run with // InMemoryJobPersistence, and synchronous POST requests are // dealt with immediately, rather than returning results via // a redirect. // Jobs in this runner are never updated after execution begins // in case the in-memory job has gone away. Error reporting // is done directly through the response on both POST and GET try { ExecutionPhase ep = Loading @@ -158,11 +159,7 @@ public class ACSearchRunner implements JobRunner ExecutionPhase.EXECUTING, new Date()); if ( !ExecutionPhase.EXECUTING.equals(ep) ) { String message = job.getID() + ": QUEUED -> EXECUTING [FAILED] -- DONE"; logInfo.setSuccess(false); logInfo.setMessage(message); return; throw new IllegalStateException("QUEUED -> EXECUTING [FAILED]"); } log.debug(job.getID() + ": QUEUED -> EXECUTING [OK]"); Loading @@ -181,29 +178,29 @@ public class ACSearchRunner implements JobRunner GroupsWriter.write(groups, syncOut.getOutputStream()); // Mark the Job as completed. jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.COMPLETED, new Date()); // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.COMPLETED, new Date()); } catch (TransientException t) { logInfo.setSuccess(false); logInfo.setMessage(t.getMessage()); log.debug("FAIL", t); log.error("FAIL", t); syncOut.setResponseCode(400); syncOut.setResponseCode(503); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (UserNotFoundException t) { Loading @@ -213,18 +210,18 @@ public class ACSearchRunner implements JobRunner syncOut.setResponseCode(404); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (GroupNotFoundException t) { Loading @@ -234,18 +231,18 @@ public class ACSearchRunner implements JobRunner syncOut.setResponseCode(404); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (AccessControlException t) { Loading @@ -255,39 +252,39 @@ public class ACSearchRunner implements JobRunner syncOut.setResponseCode(401); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (Throwable t) { logInfo.setSuccess(false); logInfo.setMessage(t.getMessage()); log.debug("FAIL", t); log.error("FAIL", t); syncOut.setResponseCode(400); syncOut.setResponseCode(500); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } } Loading projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java +26 −5 Original line number Diff line number Diff line Loading @@ -558,7 +558,28 @@ public class LdapGroupDAOTest { public Object run() throws Exception { getGroupDAO().deleteGroup(groupID); try { getGroupDAO().getGroup(groupID); //fail("getGroup with anonymous access should throw " + // "AccessControlException"); } catch (AccessControlException ignore) {} return null; } }); Subject.doAs(daoTestUser2Subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { getGroupDAO().getGroup(groupID); fail("getGroup with anonymous access should throw " + "AccessControlException"); } catch (AccessControlException ignore) {} return null; } }); Loading Loading @@ -729,10 +750,10 @@ public class LdapGroupDAOTest Group group = getGroupDAO().getGroup(groupID); assertTrue(group == null); fail("searchGroups with unknown user should throw " + "GroupNotFoundException"); fail("searchGroups with un-authorized user should throw " + "AccessControlException"); } catch (GroupNotFoundException ignore) catch (AccessControlException ignore) { } Loading Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/RequestValidator.java +8 −6 Original line number Diff line number Diff line Loading @@ -68,12 +68,14 @@ */ package ca.nrc.cadc.ac.server; import java.util.List; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.IdentityType; import ca.nrc.cadc.ac.Role; import ca.nrc.cadc.uws.Parameter; import ca.nrc.cadc.uws.ParameterUtil; import java.util.List; import org.apache.log4j.Logger; /** * Request Validator. This class extracts and validates the ID, TYPE, ROLE Loading Loading @@ -105,7 +107,7 @@ public class RequestValidator if (paramList == null || paramList.isEmpty()) { throw new IllegalArgumentException( "Missing required parameters: ID and TYPE"); "Missing required parameters: ID and IDTYPE"); } // ID Loading @@ -118,12 +120,12 @@ public class RequestValidator this.userID = param.trim(); log.debug("ID: " + userID); // TYPE param = ParameterUtil.findParameterValue("TYPE", paramList); // IDTYPE param = ParameterUtil.findParameterValue("IDTYPE", paramList); if (param == null || param.trim().isEmpty()) { throw new IllegalArgumentException( "TYPE parameter required but not found"); "IDTYPE parameter required but not found"); } this.idType = IdentityType.toValue(param); log.debug("TYPE: " + idType); Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java +1 −1 Original line number Diff line number Diff line Loading @@ -212,7 +212,7 @@ public abstract class LdapDAO { throw new AccessControlException("Invalid credentials " + msg); } else if (code == ResultCode.SUCCESS) else if ((code == ResultCode.SUCCESS) || (code == ResultCode.NO_SUCH_OBJECT) ) { // all good. nothing to do } Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java +19 −15 Original line number Diff line number Diff line Loading @@ -72,6 +72,7 @@ import java.security.AccessControlException; import java.security.Principal; import java.util.ArrayList; import java.util.Collection; import java.util.HashSet; import java.util.List; import java.util.Set; Loading Loading @@ -104,7 +105,6 @@ import com.unboundid.ldap.sdk.SearchResult; import com.unboundid.ldap.sdk.SearchResultEntry; import com.unboundid.ldap.sdk.SearchScope; import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl; import java.util.HashSet; public class LdapGroupDAO<T extends Principal> extends LdapDAO { Loading Loading @@ -345,7 +345,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO { String [] attributes = new String[] {"entrydn", "cn", "description", "owner", "uniquemember", "modifytimestamp"}; "modifytimestamp", "nsaccountlock"}; return getGroup(groupDN, groupID, withMembers, attributes); } Loading @@ -366,10 +366,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO { try { Filter filter = Filter.createANDFilter( Filter.createEqualityFilter("cn", groupID), Filter.createNOTFilter( Filter.createEqualityFilter("nsaccountlock", "TRUE"))); Filter filter = Filter.createEqualityFilter("cn", groupID); SearchRequest searchRequest = new SearchRequest(groupDN.toNormalizedString(), Loading @@ -386,11 +383,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO } catch (LDAPSearchException e) { if (e.getResultCode() == ResultCode.AUTHORIZATION_DENIED) { throw new AccessControlException("Unauthorized to access group " + groupID); } else if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) { String msg = "Group not found " + groupID; logger.debug(msg); Loading @@ -398,23 +391,34 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO } else { throw new RuntimeException("Unknown LDAP exception: " + e.getResultCode()); LdapDAO.checkLdapResult(e.getResultCode(), e.getMessage()); } } if (searchResult.getEntryCount() == 0) { // deleted groups? String msg = "Group not found " + groupID; LdapDAO.checkLdapResult(searchResult.getResultCode(), null); //access denied String msg = "Not authorized to access " + groupID; logger.debug(msg); throw new GroupNotFoundException(groupID); throw new AccessControlException(groupID); } if (searchResult.getEntryCount() >1) { throw new RuntimeException("BUG: multiple results when retrieving group " + groupID); } SearchResultEntry searchEntry = searchResult.getSearchEntries().get(0); if (searchEntry.getAttribute("nsaccountlock") != null) { // deleted group String msg = "Group not found " + groupID; logger.debug(msg); throw new GroupNotFoundException(groupID); } String groupCN = searchEntry.getAttributeValue("cn"); DN groupOwner = searchEntry.getAttributeValueAsDN("owner"); Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/ACSearchRunner.java +85 −88 Original line number Diff line number Diff line Loading @@ -68,38 +68,30 @@ */ package ca.nrc.cadc.ac.server.web; import java.security.AccessControlException; import java.security.Principal; import java.util.Collection; import java.util.Date; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupsWriter; import ca.nrc.cadc.ac.IdentityType; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.server.GroupPersistence; import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.RequestValidator; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.auth.AuthenticationUtil; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.NumericPrincipal; import ca.nrc.cadc.auth.OpenIdPrincipal; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.uws.ErrorSummary; import ca.nrc.cadc.uws.ErrorType; import ca.nrc.cadc.uws.ExecutionPhase; import ca.nrc.cadc.uws.Job; import ca.nrc.cadc.uws.server.JobNotFoundException; import ca.nrc.cadc.uws.server.JobPersistenceException; import ca.nrc.cadc.uws.server.JobRunner; import ca.nrc.cadc.uws.server.JobUpdater; import ca.nrc.cadc.uws.server.SyncOutput; import ca.nrc.cadc.uws.util.JobLogInfo; import java.io.IOException; import java.security.AccessControlException; import java.security.Principal; import java.util.Collection; import java.util.Date; import javax.security.auth.x500.X500Principal; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; public class ACSearchRunner implements JobRunner { Loading Loading @@ -151,6 +143,15 @@ public class ACSearchRunner implements JobRunner @SuppressWarnings("unchecked") private void search() { // Note: This search runner is customized to run with // InMemoryJobPersistence, and synchronous POST requests are // dealt with immediately, rather than returning results via // a redirect. // Jobs in this runner are never updated after execution begins // in case the in-memory job has gone away. Error reporting // is done directly through the response on both POST and GET try { ExecutionPhase ep = Loading @@ -158,11 +159,7 @@ public class ACSearchRunner implements JobRunner ExecutionPhase.EXECUTING, new Date()); if ( !ExecutionPhase.EXECUTING.equals(ep) ) { String message = job.getID() + ": QUEUED -> EXECUTING [FAILED] -- DONE"; logInfo.setSuccess(false); logInfo.setMessage(message); return; throw new IllegalStateException("QUEUED -> EXECUTING [FAILED]"); } log.debug(job.getID() + ": QUEUED -> EXECUTING [OK]"); Loading @@ -181,29 +178,29 @@ public class ACSearchRunner implements JobRunner GroupsWriter.write(groups, syncOut.getOutputStream()); // Mark the Job as completed. jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.COMPLETED, new Date()); // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.COMPLETED, new Date()); } catch (TransientException t) { logInfo.setSuccess(false); logInfo.setMessage(t.getMessage()); log.debug("FAIL", t); log.error("FAIL", t); syncOut.setResponseCode(400); syncOut.setResponseCode(503); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (UserNotFoundException t) { Loading @@ -213,18 +210,18 @@ public class ACSearchRunner implements JobRunner syncOut.setResponseCode(404); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (GroupNotFoundException t) { Loading @@ -234,18 +231,18 @@ public class ACSearchRunner implements JobRunner syncOut.setResponseCode(404); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (AccessControlException t) { Loading @@ -255,39 +252,39 @@ public class ACSearchRunner implements JobRunner syncOut.setResponseCode(401); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } catch (Throwable t) { logInfo.setSuccess(false); logInfo.setMessage(t.getMessage()); log.debug("FAIL", t); log.error("FAIL", t); syncOut.setResponseCode(400); syncOut.setResponseCode(500); ErrorSummary errorSummary = new ErrorSummary(t.getMessage(), ErrorType.FATAL); try { jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, ExecutionPhase.ERROR, errorSummary, new Date()); } catch(Throwable oops) { log.debug("failed to set final error status after " + t, oops); } // ErrorSummary errorSummary = // new ErrorSummary(t.getMessage(), ErrorType.FATAL); // try // { // jobUpdater.setPhase(job.getID(), ExecutionPhase.EXECUTING, // ExecutionPhase.ERROR, errorSummary, // new Date()); // } // catch(Throwable oops) // { // log.debug("failed to set final error status after " + t, oops); // } } } Loading
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java +26 −5 Original line number Diff line number Diff line Loading @@ -558,7 +558,28 @@ public class LdapGroupDAOTest { public Object run() throws Exception { getGroupDAO().deleteGroup(groupID); try { getGroupDAO().getGroup(groupID); //fail("getGroup with anonymous access should throw " + // "AccessControlException"); } catch (AccessControlException ignore) {} return null; } }); Subject.doAs(daoTestUser2Subject, new PrivilegedExceptionAction<Object>() { public Object run() throws Exception { try { getGroupDAO().getGroup(groupID); fail("getGroup with anonymous access should throw " + "AccessControlException"); } catch (AccessControlException ignore) {} return null; } }); Loading Loading @@ -729,10 +750,10 @@ public class LdapGroupDAOTest Group group = getGroupDAO().getGroup(groupID); assertTrue(group == null); fail("searchGroups with unknown user should throw " + "GroupNotFoundException"); fail("searchGroups with un-authorized user should throw " + "AccessControlException"); } catch (GroupNotFoundException ignore) catch (AccessControlException ignore) { } Loading
