Mercurial > hg > release > thermostat-1.4
changeset 1785:4575ba459d09
Disallow identical agent and client username choices in thermostat setup
Reviewed-by: jerboaa
Review-thread: http://icedtea.classpath.org/pipermail/thermostat/2015-September/015998.html
author | Anirudhan Mukundan <amukunda@redhat.com> |
---|---|
date | Fri, 11 Sep 2015 10:52:58 -0400 |
parents | b14d240b710b |
children | d9e78b81ecdf |
files | setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/InputCredentialPanel.java setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/UserPropertiesView.java setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/cli/CLISetup.java setup/command/src/main/java/com/redhat/thermostat/setup/command/locale/LocaleResources.java setup/command/src/main/resources/com/redhat/thermostat/setup/locale/strings.properties setup/command/src/test/java/com/redhat/thermostat/setup/command/internal/cli/CLISetupTest.java |
diffstat | 6 files changed, 93 insertions(+), 27 deletions(-) [+] |
line wrap: on
line diff
--- a/setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/InputCredentialPanel.java Thu Sep 10 11:20:39 2015 -0400 +++ b/setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/InputCredentialPanel.java Fri Sep 11 10:52:58 2015 -0400 @@ -210,6 +210,12 @@ this.repaint(); } + public void setErrorMessage(String message) { + errorMessage.setText(message); + this.revalidate(); + this.repaint(); + } + public boolean isInputValid() { //ensure credentials are not empty try {
--- a/setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/UserPropertiesView.java Thu Sep 10 11:20:39 2015 -0400 +++ b/setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/UserPropertiesView.java Fri Sep 11 10:52:58 2015 -0400 @@ -119,7 +119,20 @@ agentInfoPanel = new InputCredentialPanel( translator.localize(LocaleResources.AGENT_CRED_TITLE).getContents(), translator.localize(LocaleResources.AGENT_HELP_INFO).getContents(), - translator.localize(LocaleResources.AGENT_USER_PREFIX).getContents()); + translator.localize(LocaleResources.AGENT_USER_PREFIX).getContents()) { + + @Override + public boolean isInputValid() { + // show additional error message to indicate that the chosen + // agent username cannot be identical to the client username + if (getUsername().equals(clientInfoPanel.getUsername())) { + setErrorMessage(translator.localize(LocaleResources.USERNAMES_IDENTICAL).getContents()); + return false; + } else { + return super.isInputValid(); + } + } + }; midPanel = new JPanel(); midPanel.setLayout(new BoxLayout(midPanel, BoxLayout.PAGE_AXIS));
--- a/setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/cli/CLISetup.java Thu Sep 10 11:20:39 2015 -0400 +++ b/setup/command/src/main/java/com/redhat/thermostat/setup/command/internal/cli/CLISetup.java Fri Sep 11 10:52:58 2015 -0400 @@ -39,6 +39,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.PrintWriter; +import java.util.Arrays; import java.util.logging.Level; import java.util.logging.Logger; @@ -52,21 +53,21 @@ import com.redhat.thermostat.shared.locale.Translate; public class CLISetup { - + private static final Logger logger = LoggingUtils.getLogger(CLISetup.class); private static final Translate<LocaleResources> t = LocaleResources.createLocalizer(); private final ThermostatSetup thermostatSetup; private final Console console; private final PrintWriter outWriter; private final PrintWriter errWriter; - + public CLISetup(ThermostatSetup setup, Console console) { this.thermostatSetup = setup; this.console = console; this.outWriter = new PrintWriter(console.getOutput()); this.errWriter = new PrintWriter(console.getError()); } - + public void run() throws CommandException { runSetup(); println(LocaleResources.CLI_SETUP_FINISH_SUCCESS); @@ -92,26 +93,49 @@ // package-private for testing void readThermostatUserCredentials() throws IOException { + String clientUsername; + char[] clientPassword; + String agentUsername; + char[] agentPassword; + boolean isValid = false; + println(LocaleResources.CLI_SETUP_THERMOSTAT_USER_CREDS_INTRO); - LocalizedString clientUsernamePrompt = t.localize(LocaleResources.CLI_SETUP_THERMOSTAT_CLIENT_USERNAME_PROMPT); - UsernameCredentialsReader clientUserReader = new UsernameCredentialsReader(console, clientUsernamePrompt); - String clientUsername = clientUserReader.read(); - LocalizedString passwordPrompt = t.localize(LocaleResources.CLI_SETUP_PASSWORD_PROMPT, clientUsername); - LocalizedString passwordPromptRepeat = t.localize(LocaleResources.CLI_SETUP_PASSWORD_REPEAT_PROMPT, clientUsername); - PasswordCredentialsReader clientPasswordReader = new PasswordCredentialsReader(console, passwordPrompt, passwordPromptRepeat); - char[] clientPassword = clientPasswordReader.readPassword(); + do { + LocalizedString clientUsernamePrompt = t.localize(LocaleResources.CLI_SETUP_THERMOSTAT_CLIENT_USERNAME_PROMPT); + UsernameCredentialsReader clientUserReader = new UsernameCredentialsReader(console, clientUsernamePrompt); + clientUsername = clientUserReader.read(); + LocalizedString passwordPrompt = t.localize(LocaleResources.CLI_SETUP_PASSWORD_PROMPT, clientUsername); + LocalizedString passwordPromptRepeat = t.localize(LocaleResources.CLI_SETUP_PASSWORD_REPEAT_PROMPT, clientUsername); + PasswordCredentialsReader clientPasswordReader = new PasswordCredentialsReader(console, passwordPrompt, passwordPromptRepeat); + clientPassword = clientPasswordReader.readPassword(); + + LocalizedString agentUsernamePrompt = t.localize(LocaleResources.CLI_SETUP_THERMOSTAT_AGENT_USERNAME_PROMPT); + UsernameCredentialsReader agentUserReader = new UsernameCredentialsReader(console, agentUsernamePrompt); + agentUsername = agentUserReader.read(); + passwordPrompt = t.localize(LocaleResources.CLI_SETUP_PASSWORD_PROMPT, agentUsername); + passwordPromptRepeat = t.localize(LocaleResources.CLI_SETUP_PASSWORD_REPEAT_PROMPT, agentUsername); + PasswordCredentialsReader agentPasswordReader = new PasswordCredentialsReader(console, passwordPrompt, passwordPromptRepeat); + agentPassword = agentPasswordReader.readPassword(); + + try { + checkUsernamesNotIdentical(clientUsername, agentUsername); + isValid = true; + } catch (IdenticalUsernameException e) { + Arrays.fill(clientPassword, '\0'); + Arrays.fill(agentPassword, '\0'); + printErr(LocaleResources.CLI_SETUP_USERNAMES_IDENTICAL, clientUsername); + } + } while (!isValid); thermostatSetup.createClientAdminUser(clientUsername, clientPassword); - - LocalizedString agentUsernamePrompt = t.localize(LocaleResources.CLI_SETUP_THERMOSTAT_AGENT_USERNAME_PROMPT); - UsernameCredentialsReader agentUserReader = new UsernameCredentialsReader(console, agentUsernamePrompt); - String agentUsername = agentUserReader.read(); - passwordPrompt = t.localize(LocaleResources.CLI_SETUP_PASSWORD_PROMPT, agentUsername); - passwordPromptRepeat = t.localize(LocaleResources.CLI_SETUP_PASSWORD_REPEAT_PROMPT, agentUsername); - PasswordCredentialsReader agentPasswordReader = new PasswordCredentialsReader(console, passwordPrompt, passwordPromptRepeat); - char[] agentPassword = agentPasswordReader.readPassword(); thermostatSetup.createAgentUser(agentUsername, agentPassword); } + void checkUsernamesNotIdentical(String first, String second) throws IdenticalUsernameException { + if (first.equals(second)) { + throw new IdenticalUsernameException(); + } + } + // package-private for testing void readMongodbCredentials() throws IOException { println(LocaleResources.CLI_SETUP_MONGODB_USER_CREDS_INTRO); @@ -126,10 +150,8 @@ } /** - * * @return {@code true} if user wants to continue, {@code false} otherwise. - * - * @throws IOException + * @throws IOException */ private boolean readContinueAnswer() throws IOException { final String localizedProceedToken = t.localize(LocaleResources.CLI_SETUP_PROCEED_WORD).getContents(); @@ -155,12 +177,12 @@ logger.log(Level.WARNING, "Tried " + maxTries + " times with invalid input. Cancelling."); return false; } - + private String readLine(InputStream in) throws IOException { int c; StringBuilder builder = new StringBuilder(); while ((c = in.read()) != -1) { - char token = (char)c; + char token = (char) c; if (token == '\n') { break; } @@ -173,12 +195,12 @@ String userGuideURL = new ApplicationInfo().getUserGuide(); println(LocaleResources.CLI_SETUP_INTRO, userGuideURL); } - + private void println(LocaleResources resource, String... strings) { outWriter.println(t.localize(resource, strings).getContents()); outWriter.flush(); } - + private void print(LocaleResources resource, String... strings) { outWriter.print(t.localize(resource, strings).getContents()); outWriter.flush(); @@ -188,4 +210,9 @@ errWriter.println(t.localize(resource, strings).getContents()); errWriter.flush(); } + + @SuppressWarnings("serial") + private static class IdenticalUsernameException extends Exception { + // nothing + } }
--- a/setup/command/src/main/java/com/redhat/thermostat/setup/command/locale/LocaleResources.java Thu Sep 10 11:20:39 2015 -0400 +++ b/setup/command/src/main/java/com/redhat/thermostat/setup/command/locale/LocaleResources.java Fri Sep 11 10:52:58 2015 -0400 @@ -58,6 +58,7 @@ STORAGE_HELP_INFO, PASSWORD_MISMATCH, DETAILS_MISSING, + USERNAMES_IDENTICAL, SHOW_PASSWORDS, USE_DEFAULTS, THERMOSTAT_BRIEF, @@ -88,6 +89,7 @@ CLI_SETUP_PASSWORD_INVALID, CLI_SETUP_PASSWORD_MISMATCH, CLI_SETUP_USERNAME_INVALID, + CLI_SETUP_USERNAMES_IDENTICAL, CLI_SETUP_MONGODB_USER_CREDS_INTRO, CLI_SETUP_MONGODB_USERNAME_PROMPT, CLI_SETUP_PASSWORD_PROMPT,
--- a/setup/command/src/main/resources/com/redhat/thermostat/setup/locale/strings.properties Thu Sep 10 11:20:39 2015 -0400 +++ b/setup/command/src/main/resources/com/redhat/thermostat/setup/locale/strings.properties Fri Sep 11 10:52:58 2015 -0400 @@ -81,6 +81,8 @@ DETAILS_MISSING=Please fill in ALL fields +USERNAMES_IDENTICAL=Both client and agent usernames cannot be the same! + SHOW_PASSWORDS=Show password USE_DEFAULTS=Use Defaults @@ -140,6 +142,7 @@ CLI_SETUP_PASSWORD_MISMATCH=Passwords did not match! CLI_SETUP_PASSWORD_INVALID=Chosen password invalid! CLI_SETUP_USERNAME_INVALID=Chosen username ''{0}'' invalid! +CLI_SETUP_USERNAMES_IDENTICAL=Both client and agent usernames cannot be ''{0}''! CLI_SETUP_MONGODB_USER_CREDS_INTRO=----- Mongodb User Setup ----- CLI_SETUP_MONGODB_USERNAME_PROMPT=Please enter the desired Mongodb username: CLI_SETUP_USERNAME_REPEAT=Chosen username is ''{0}''.
--- a/setup/command/src/test/java/com/redhat/thermostat/setup/command/internal/cli/CLISetupTest.java Thu Sep 10 11:20:39 2015 -0400 +++ b/setup/command/src/test/java/com/redhat/thermostat/setup/command/internal/cli/CLISetupTest.java Fri Sep 11 10:52:58 2015 -0400 @@ -109,7 +109,7 @@ byte[] buf = new byte[input.length()]; int retval = mockInStream.read(buf, 3, input.length() - 3); assertEquals("Read more bytes than are needed!", input.length() - 3, retval); - assertEquals("Expected 'e' from somethingMor(e)", 'e', (char)buf[input.length() - 2]); + assertEquals("Expected 'e' from somethingMor(e)", 'e', (char) buf[input.length() - 2]); } @Test @@ -181,6 +181,21 @@ assertTrue("Expected agent-user in output. Got: " + output, output.contains("agent-user")); assertEquals("Expected no errors", "", new String(berr.toByteArray())); } + + @Test + public void testReadThermostatCredsWithIdenticalUsernames() throws IOException { + String incorrectInput = "identical-user\nt\nt\nidentical-user\nb\nb\n"; + String correctInput = "client-user\nt\nt\nagent-user\nb\nb\n"; + ByteArrayInputStream mockInStream = new ByteArrayInputStream((incorrectInput + correctInput).getBytes()); + when(console.getInput()).thenReturn(mockInStream); + cliSetup.readThermostatUserCredentials(); + verify(thermostatSetup).createAgentUser(eq("agent-user"), argThat(matchesPassword(new char[] {'b'}))); + verify(thermostatSetup).createClientAdminUser(eq("client-user"), argThat(matchesPassword(new char[] {'t'}))); + String output = new String(bout.toByteArray()); + assertTrue("Expected client-user in output. Got: " + output, output.contains("client-user")); + assertTrue("Expected agent-user in output. Got: " + output, output.contains("agent-user")); + assertEquals("Both client and agent usernames cannot be 'identical-user'!\n", new String(berr.toByteArray())); + } @Test public void canCreateUsersFromStdInput() throws CommandException {