[jbosstools-issues] [JBoss JIRA] (JBIDE-22426) Connection: authorization strategy is always overwritten (in the client) upon #isConnected

Viacheslav Kabanovich (JIRA) issues at jboss.org
Wed May 25 14:47:00 EDT 2016 

    [ https://issues.jboss.org/browse/JBIDE-22426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242822#comment-13242822 ] 

Viacheslav Kabanovich commented on JBIDE-22426:
-----------------------------------------------

[~adietish], please consider https://github.com/jbosstools/jbosstools-openshift/pull/1185 - prevention of possible unwanted connect() in isConnected(). The hole was not a big one - for the very first access to the connection, but still it might make the start of Deploy image wizard from Docker explorer behave not as planned (separate Sign In dialog instead of Sign In page in the wizard).

> Connection: authorization strategy is always overwritten (in the client) upon #isConnected 
> -------------------------------------------------------------------------------------------
>
>                 Key: JBIDE-22426
>                 URL: https://issues.jboss.org/browse/JBIDE-22426
>             Project: Tools (JBoss Tools)
>          Issue Type: Bug
>          Components: openshift
>    Affects Versions: 4.4.0.Alpha3
>            Reporter: Andre Dietisheim
>            Assignee: Andre Dietisheim
>              Labels: connection, openshift_v3
>             Fix For: 4.4.0.Alpha3
>
>
> The current implementation of Connection#isConnected() will always overwrite the authorization strategy in the client that it is using. This seems wrong given that #getResources, #createResource, #updateResource (and other methods) also set it but check if it already exists beforehand. Making sure that they dont overwrite an existing strategy.
> {code:title=Connection#isConnected}
> 	public boolean isConnected(IProgressMonitor monitor) {
> 		client.setAuthorizationStrategy(getAuthorizationStrategy());
> 		try {
> {code}
> {code:title=Connection#createResource}
> 	public <T extends IResource> T createResource(T resource) {
> 		try {
> 			if(client.getAuthorizationStrategy() == null) {
> 				client.setAuthorizationStrategy(getAuthorizationStrategy());
> 			}
> 			return client.create(resource);
> {code}
> A very likely side-effect of this is in Connection#ownsResource which compares clients (the one in the connection and the one attached to the given resource. The 2 clients are compared with the authorization strategy:
> {code:title=com.openshift.internal.restclient.DefaultClient#equals}
> 	@Override
> 	public boolean equals(Object obj) {
> 		...
> 		return ObjectUtils.equals(strategy, other.strategy);
> {code}
> the lookup for a connection for a given resource in ConnectionRegistryUtils#safeGetConnectionFor will therefore fail after a Connection#isConnected:
> {code:title=ConnectionsRegistryUtil#safeGetConnectionFor(IResource)} 
> 	public static Connection safeGetConnectionFor(IResource resource) {
> 		Collection<Connection> all = ConnectionsRegistrySingleton.getInstance().getAll(Connection.class);
> 		for (Connection connection : all) {
> 			if(connection.ownsResource(resource)) {
> 				return connection;
> 			}
> 		}
> 		return null;
> 	}
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jbosstools-issues mailing list