[jboss-svn-commits] JBL Code SVN: r32000 - in labs/jbossrules/trunk: drools-compiler/src/test/java/org/drools/compiler/xml/changeset and 2 other directories.

Tue Mar 9 03:26:34 EST 2010

Author: jervisliu
Date: 2010-03-09 03:26:33 -0500 (Tue, 09 Mar 2010)
New Revision: 32000

Modified:
   labs/jbossrules/trunk/drools-api/src/main/resources/change-set.xsd
   labs/jbossrules/trunk/drools-compiler/src/test/java/org/drools/compiler/xml/changeset/ChangeSetTest.java
   labs/jbossrules/trunk/drools-core/src/main/java/org/drools/io/impl/UrlResource.java
   labs/jbossrules/trunk/drools-core/src/main/java/org/drools/xml/changeset/ResourceHandler.java
Log:
GUVNOR-133: Rules Agent provides access to all users' rules without authentication. 

Modified: labs/jbossrules/trunk/drools-api/src/main/resources/change-set.xsd
===================================================================

--- labs/jbossrules/trunk/drools-api/src/main/resources/change-set.xsd	2010-03-09 05:39:59 UTC (rev 31999)
+++ labs/jbossrules/trunk/drools-api/src/main/resources/change-set.xsd	2010-03-09 08:26:33 UTC (rev 32000)
@@ -33,6 +33,9 @@
       <xsd:attribute name="source" use="required" type="xsd:anyURI"/>
       <!-- for example, DRL, or PKG -->
       <xsd:attribute name="type" use="required" type="xsd:string"/>
+      <xsd:attribute name="basicAuthentication" type="xsd:string"/>
+      <xsd:attribute name="username" type="xsd:string"/>
+      <xsd:attribute name="password" type="xsd:string"/>
     </xsd:complexType>
     
   </xsd:element>

Modified: labs/jbossrules/trunk/drools-compiler/src/test/java/org/drools/compiler/xml/changeset/ChangeSetTest.java
===================================================================
--- labs/jbossrules/trunk/drools-compiler/src/test/java/org/drools/compiler/xml/changeset/ChangeSetTest.java	2010-03-09 05:39:59 UTC (rev 31999)
+++ labs/jbossrules/trunk/drools-compiler/src/test/java/org/drools/compiler/xml/changeset/ChangeSetTest.java	2010-03-09 08:26:33 UTC (rev 32000)
@@ -103,4 +103,38 @@
         assertTrue( list.containsAll( Arrays.asList( new String[]{"rule1", "rule2"} ) ) );
     }
 
+    public void testBasicAuthentication() throws SAXException,
+                               IOException {
+
+        PackageBuilderConfiguration conf = new PackageBuilderConfiguration();
+        XmlChangeSetReader xmlReader = new XmlChangeSetReader( conf.getSemanticModules() );
+
+        String str = "";
+        str += "<change-set ";
+        str += "xmlns='http://drools.org/drools-5.0/change-set' ";
+        str += "xmlns:xs='http://www.w3.org/2001/XMLSchema-instance' ";
+        str += "xs:schemaLocation='http://drools.org/drools-5.0/change-set drools-change-set-5.0.xsd' >";
+        str += "    <add> ";
+        str += "        <resource source='http://localhost:8081/jboss-brms/org.drools.guvnor.Guvnor/package/defaultPackage/LATEST' type='PKG' basicAuthentication='enabled' username='admin' password='pwd'/>";
+        str += "    </add> ";        
+        str += "</change-set>";
+
+        StringReader reader = new StringReader( str );
+        ChangeSet changeSet = xmlReader.read( reader );
+
+        assertEquals( 1,
+                      changeSet.getResourcesAdded().size() );
+        UrlResource resource = ( UrlResource ) ((List)changeSet.getResourcesAdded()).get( 0 );
+        assertNull( resource.getConfiguration() );
+        assertEquals( "http://localhost:8081/jboss-brms/org.drools.guvnor.Guvnor/package/defaultPackage/LATEST",
+                      resource.getURL().toString() );
+        assertEquals( "enabled", resource.getBasicAuthentication() );
+        assertEquals( "admin", resource.getUsername() );
+        assertEquals( "pwd", resource.getPassword() );
+        assertEquals( ResourceType.PKG,
+                      resource.getResourceType() );
+    }
+
+
+    
 }

Modified: labs/jbossrules/trunk/drools-core/src/main/java/org/drools/io/impl/UrlResource.java
===================================================================
--- labs/jbossrules/trunk/drools-core/src/main/java/org/drools/io/impl/UrlResource.java	2010-03-09 05:39:59 UTC (rev 31999)
+++ labs/jbossrules/trunk/drools-core/src/main/java/org/drools/io/impl/UrlResource.java	2010-03-09 08:26:33 UTC (rev 32000)
@@ -26,6 +26,8 @@
 import org.drools.io.Resource;
 import org.drools.io.internal.InternalResource;
 
+import sun.misc.BASE64Encoder;
+
 /**
  * Borrowed gratuitously from Spring under ASL2.0.
  *
@@ -46,6 +48,9 @@
     private URL  url;
     private long lastRead = -1;
     private static final String DROOLS_RESOURCE_URLCACHE = "drools.resource.urlcache";
+    private String basicAuthentication = "disabled";
+    private String username = "";
+    private String password = "";
 
     public UrlResource() {
 
@@ -75,7 +80,31 @@
         this.url = (URL) in.readObject();
     }
 
-    /**
+    public String getBasicAuthentication() {
+		return basicAuthentication;
+	}
+
+	public void setBasicAuthentication(String basicAuthentication) {
+		this.basicAuthentication = basicAuthentication;
+	}
+
+	public String getUsername() {
+		return username;
+	}
+
+	public void setUsername(String username) {
+		this.username = username;
+	}
+
+	public String getPassword() {
+		return password;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	/**
      * This implementation opens an InputStream for the given URL.
      * It sets the "UseCaches" flag to <code>false</code>,
      * mainly to avoid jar file locking on Windows.
@@ -149,6 +178,21 @@
     private InputStream grabStream() throws IOException {
         URLConnection con = this.url.openConnection();
         con.setUseCaches( false );
+
+        if ( con instanceof HttpURLConnection) {
+            //((HttpURLConnection) con).setRequestMethod( "GET" );
+            boolean useBasicAuth = true;
+            if ("enabled".equalsIgnoreCase(basicAuthentication)) {
+				BASE64Encoder enc = new sun.misc.BASE64Encoder();
+				String userpassword = username + ":" + password;
+				String encodedAuthorization = enc.encode(userpassword
+						.getBytes());
+				((HttpURLConnection) con).setRequestProperty("Authorization",
+						"Basic " + encodedAuthorization);
+			}
+
+        }
+
         return con.getInputStream();
     }
 
@@ -194,7 +238,7 @@
             long lm = grabLastMod();
             //try the cache.
             if (lm == 0 && cacheFileExists()) {
-                //OK we will return it from the local cached copy, as remote one isn't available.. 
+                //OK we will return it from the local cached copy, as remote one isn't available..
                 return getCacheFile().lastModified();
             }
             return lm;
@@ -268,7 +312,7 @@
                 return resources;
             }
         } catch ( Exception e ) {
-            // swallow as we'll throw an exception anyway            
+            // swallow as we'll throw an exception anyway
         }
         throw new RuntimeException( "This Resource cannot be listed, or is not a directory" );
     }

Modified: labs/jbossrules/trunk/drools-core/src/main/java/org/drools/xml/changeset/ResourceHandler.java
===================================================================
--- labs/jbossrules/trunk/drools-core/src/main/java/org/drools/xml/changeset/ResourceHandler.java	2010-03-09 05:39:59 UTC (rev 31999)
+++ labs/jbossrules/trunk/drools-core/src/main/java/org/drools/xml/changeset/ResourceHandler.java	2010-03-09 08:26:33 UTC (rev 32000)
@@ -44,6 +44,10 @@
         
         String src = attrs.getValue( "source" );
         String type = attrs.getValue( "type" );
+        String basicAuthentication = attrs.getValue( "basicAuthentication" );
+        String username = attrs.getValue( "username" );
+        String password = attrs.getValue( "password" );
+
         
         emptyAttributeCheck( localName,
                              "source",
@@ -60,6 +64,9 @@
             resource = new ClassPathResource( src.substring( src.indexOf( ':' ) + 1 ), ( Class ) parser.getMetaData().get( "clazz" ), parser.getClassLoader() );
         } else {
             resource = new UrlResource( src );
+            ((UrlResource)resource).setBasicAuthentication(basicAuthentication);
+            ((UrlResource)resource).setUsername(username);
+            ((UrlResource)resource).setPassword(password);           
         }
         
         resource.setResourceType( ResourceType.getResourceType( type ) );

