[jboss-jira] [JBoss JIRA] (WFLY-4925) Admin in Monitor role can execute test-connection-in-pool op
Brian Stansberry (JIRA)
issues at jboss.org
Tue Jul 14 21:13:03 EDT 2015
Brian Stansberry created WFLY-4925:
--------------------------------------
Summary: Admin in Monitor role can execute test-connection-in-pool op
Key: WFLY-4925
URL: https://issues.jboss.org/browse/WFLY-4925
Project: WildFly
Issue Type: Bug
Components: JCA
Affects Versions: 10.0.0.Alpha5
Reporter: Brian Stansberry
Assignee: Jesper Pedersen
This should not work, as the Monitor role is not allowed to do anything that modifies any state:
{code}
[standalone at localhost:9990 data-source=ExampleDS] :test-connection-in-pool{roles=Monitor}
{
"outcome" => "success",
"result" => [true]
}
{code}
I believe the problem is PoolOperations L75:
{code}
final ServiceController<?> managementRepoService = context.getServiceRegistry(false).getService(
ConnectorServices.MANAGEMENT_REPOSITORY_SERVICE);
{code}
The parameter to context.getServiceRegistry(...) must be 'true' if the operation is going to use the returned service registry to perform any form of state modification. So I believe all the PoolOperation subclasses should provide a param to PoolOperation's constructor that can be used to set this value. I believe in all subclasses except DumpQueuedThreadInPool this param should be 'true'.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list