[test] Fix ServerCnxTest failing after merge of #19830
The ServerCnxTest class is run as part of the flaky tests,
so https://github.com/apache/pulsar/pull/19830 was merged
without noticing that the changes didn't actually pass
tests. This commit fixes the test by changing the assertions
to ensure that "correct" combinations of roles and original
principals are verified.
(cherry picked from commit 13f4a0dc0a8df4a65d2f1006e5fb65ed1e671e0d)
diff --git a/pulsar-broker/src/test/java/org/apache/pulsar/broker/service/ServerCnxTest.java b/pulsar-broker/src/test/java/org/apache/pulsar/broker/service/ServerCnxTest.java
index 77833bc..553374a 100644
--- a/pulsar-broker/src/test/java/org/apache/pulsar/broker/service/ServerCnxTest.java
+++ b/pulsar-broker/src/test/java/org/apache/pulsar/broker/service/ServerCnxTest.java
@@ -600,8 +600,10 @@
channel.finish();
}
+ // This test is different in branch-2.11 and older because the behavior changes after branch-2.11.
+ // See https://github.com/apache/pulsar/pull/19830 for additional information.
@Test(timeOut = 30000)
- public void testConnectCommandWithInvalidRoleCombinations() throws Exception {
+ public void testConnectCommandWithDifferentRoleCombinations() throws Exception {
AuthenticationService authenticationService = mock(AuthenticationService.class);
AuthenticationProvider authenticationProvider = new MockAuthenticationProvider();
String authMethodName = authenticationProvider.getAuthMethodName();
@@ -614,19 +616,20 @@
svcConfig.setProxyRoles(Collections.singleton("pass.proxy"));
// Invalid combinations where authData is proxy role
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.proxy", "pass.proxy");
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.proxy", "");
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.proxy", null);
- // Invalid combinations where original principal is set to a pass.proxy role
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client", "pass.proxy");
- // Invalid combinations where the original principal is set to a non-proxy role
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client1", "pass.client");
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client", "pass.client");
- verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client", "pass.client1");
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.proxy", "pass.proxy", false);
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.proxy", "", false);
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.proxy", null, false);
+ // Only considered valid because there is no requirement for that only a proxy role can pass
+ // an original principal
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client", "pass.proxy", true);
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client1", "pass.client", true);
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client", "pass.client", true);
+ verifyAuthRoleAndOriginalPrincipalBehavior(authMethodName, "pass.client", "pass.client1", true);
}
private void verifyAuthRoleAndOriginalPrincipalBehavior(String authMethodName, String authData,
- String originalPrincipal) throws Exception {
+ String originalPrincipal,
+ boolean shouldPass) throws Exception {
resetChannel();
assertTrue(channel.isActive());
assertEquals(serverCnx.getState(), State.Start);
@@ -636,9 +639,15 @@
channel.writeInbound(clientCommand);
Object response = getResponse();
- assertTrue(response instanceof CommandError);
- assertEquals(((CommandError) response).getError(), ServerError.AuthorizationError);
- assertEquals(serverCnx.getState(), State.Failed);
+ if (shouldPass) {
+ assertTrue(response instanceof CommandConnected);
+ assertEquals(serverCnx.getState(), State.Connected);
+ assertTrue(serverCnx.isActive());
+ } else {
+ assertTrue(response instanceof CommandError);
+ assertEquals(((CommandError) response).getError(), ServerError.AuthorizationError);
+ assertEquals(serverCnx.getState(), State.Failed);
+ }
channel.finish();
}
