Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added commands for security subsystem #55

Merged
merged 1 commit into from
Feb 9, 2016

Conversation

olukas
Copy link
Collaborator

@olukas olukas commented Feb 1, 2016

No description provided.

@Ladicek Ladicek self-assigned this Feb 1, 2016
@Ladicek
Copy link
Contributor

Ladicek commented Feb 1, 2016

Not assigning a milestone just yet, this might take long and I don't want to block any particular release with this.

@Ladicek
Copy link
Contributor

Ladicek commented Feb 1, 2016

On the first sight, there's quite a lot of standalone builder classes. Typically, builders are embedded in the class of the command they are building. Any reason why not to do that?

Also, see the Logging class, which is a bit more friendly entrypoint for the commands in the logging subsystem -- could be useful here as well.

EDIT: I see that the tests are structured in a slightly more coarse grained way -- one test class (or two, actually) for given command. This is how the commands/builders could be structured as well, as I said above. Could help with review, too.

@olukas
Copy link
Collaborator Author

olukas commented Feb 1, 2016

These standalone builders only extends common builder for adding login module. They serve as facade for AddLoginModule.Builder. Only reason for them is simplifying usage of AddLoginModule command for some commonly used login modules. They can be wrapped to own command classes, but since they serve as facade then these commands will not added any new functionality or something. They will become just an empty wrappers. I am not sure if it will be better to wrap them to that command classes. WDYT?

I have also taken a look on Logging class. It is nice entry point to subsystem. I can add similar entry point to Security subsystem.

@Ladicek
Copy link
Contributor

Ladicek commented Feb 1, 2016

If the standalone builders just simplify usage of the "generic" builder and don't add any functionality, maybe these builders could just be folded to the Security entrypoint class?

@olukas
Copy link
Collaborator Author

olukas commented Feb 1, 2016

They can be folded to Security entrypoint class. However some inconveniences occur:

  1. Security class will include a lot of lines which are not directly related to "orientation" in security subsystem (which is IMHO one of main reason for that class) - but OK, it is probably only aesthetic detail.
  2. Adding a new builder will result to modifying Security class instead of simply creating of the new builder class.

If you think these inconveniences are insignificant I will move those builders to Security class.

/**
* Add a new authorization classic policy module to given security domain.
*/
public class AddAuthorizationModule implements OnlineCommand, OfflineCommand {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

final?

@Ladicek
Copy link
Contributor

Ladicek commented Feb 1, 2016

Comments are minor, this is a really good work. Does it work with EAP 6 as well?

@Ladicek
Copy link
Contributor

Ladicek commented Feb 8, 2016

OK, I really like this in the current form. I found two small issues:

The class AddLoginModule should mention the builders in the class javadoc.

The Remove*OnlineTest tests have ugly copy&paste errors. For example, from RemoveLoginModuleOnlineTest:

    @Test
    public void removeOneOfMoreLoginModules() throws Exception {
        client.apply(ADD_LOGIN_MODULE_1);
        assertTrue("The login module should be created", ops.exists(TEST_LOGIN_MODULE1_ADDRESS));
        client.apply(ADD_LOGIN_MODULE_2);
        assertTrue("The login module should be created", ops.exists(TEST_LOGIN_MODULE2_ADDRESS));

        client.apply(new RemoveLoginModule(TEST_SECURITY_DOMAIN_NAME, LOGIN_MODULE1_CODE));
        assertFalse("The security domain should be created", ops.exists(TEST_LOGIN_MODULE1_ADDRESS));
    }

The assert message on the last line should reflect that this is about login modules, not security domains, and about removing, not creating. So: "The login module should be removed".

And things like this are all over the Remove*OnlineTest tests.

But these are pretty small issues and I believe we don't have to have an extra round of review on that. So when you fix it, please also rebase and squash. I'll happily merge.

@Ladicek
Copy link
Contributor

Ladicek commented Feb 8, 2016

One other thing: the AddLoginModule builders use generics to emulate self types. With the datasources builders, I added a comment The {@code THIS} type parameter is only meant to be used by subclasses. If you're not inheriting from this class, don't use it. -- could you add it to the AddLoginModule.Builder javadoc too?

@Ladicek Ladicek added this to the 0.9.5 milestone Feb 9, 2016
@Ladicek Ladicek merged commit 5fa24ed into wildfly-extras:master Feb 9, 2016
jtymel pushed a commit to jtymel/creaper that referenced this pull request Jan 18, 2017
Added online commands for authentication-configuration and authentication-context
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants