mirror of
https://github.com/corda/corda.git
synced 2025-06-23 17:53:31 +00:00
ENT-11351 - Compiler warnings pass 1 (#7652)
* Removed warnings - pass 1 * Resolve detekt errors * Properly compare X500 distinguished names
This commit is contained in:
Chris Cochrane
GitHub
@ -9,6 +9,7 @@ import net.corda.testing.node.User
|
||||
import org.assertj.core.api.Assertions
|
||||
import org.junit.Assume
|
||||
import org.junit.Test
|
||||
import java.util.Locale
|
||||
|
||||
class FlowsExecutionModeRpcTest {
|
||||
|
||||
@ -16,7 +17,7 @@ class FlowsExecutionModeRpcTest {
|
||||
fun `persistent state survives node restart`() {
|
||||
// Temporary disable this test when executed on Windows. It is known to be sporadically failing.
|
||||
// More investigation is needed to establish why.
|
||||
Assume.assumeFalse(System.getProperty("os.name").toLowerCase().startsWith("win"))
|
||||
Assume.assumeFalse(System.getProperty("os.name").lowercase(Locale.getDefault()).startsWith("win"))
|
||||
|
||||
val user = User("mark", "dadada", setOf(Permissions.invokeRpc("setFlowsDrainingModeEnabled"), Permissions.invokeRpc("isFlowsDrainingModeEnabled")))
|
||||
driver(DriverParameters(
|
||||
|
||||
@ -27,6 +27,7 @@ import net.corda.testing.node.User
|
||||
import org.junit.Assume
|
||||
import org.junit.Test
|
||||
import java.lang.management.ManagementFactory
|
||||
import java.util.Locale
|
||||
import kotlin.test.assertEquals
|
||||
import kotlin.test.assertNotNull
|
||||
|
||||
@ -67,7 +68,7 @@ class NodeStatePersistenceTests {
|
||||
fun `persistent state survives node restart without reinitialising database schema`() {
|
||||
// Temporary disable this test when executed on Windows. It is known to be sporadically failing.
|
||||
// More investigation is needed to establish why.
|
||||
Assume.assumeFalse(System.getProperty("os.name").toLowerCase().startsWith("win"))
|
||||
Assume.assumeFalse(System.getProperty("os.name").lowercase(Locale.getDefault()).startsWith("win"))
|
||||
|
||||
val user = User("mark", "dadada", setOf(Permissions.startFlow<SendMessageFlow>(), Permissions.invokeRpc("vaultQuery")))
|
||||
val message = Message("Hello world!")
|
||||
|
||||
@ -127,7 +127,7 @@ class BrokerJaasLoginModule : BaseBrokerJaasLoginModule() {
|
||||
ArtemisMessagingComponent.NODE_P2P_USER -> {
|
||||
requireTls(certificates)
|
||||
CertificateChainCheckPolicy.LeafMustMatch.createCheck(nodeJaasConfig.keyStore, nodeJaasConfig.trustStore).checkCertificateChain(certificates)
|
||||
Pair(certificates.first().subjectDN.name, listOf(RolePrincipal(NODE_P2P_ROLE)))
|
||||
Pair(certificates.first().getSubjectX500Principal().name, listOf(RolePrincipal(NODE_P2P_ROLE)))
|
||||
}
|
||||
ArtemisMessagingComponent.NODE_RPC_USER -> {
|
||||
requireTls(certificates)
|
||||
@ -141,7 +141,7 @@ class BrokerJaasLoginModule : BaseBrokerJaasLoginModule() {
|
||||
CertificateChainCheckPolicy.RootMustMatch
|
||||
.createCheck(p2pJaasConfig.keyStore, p2pJaasConfig.trustStore)
|
||||
.checkCertificateChain(certificates)
|
||||
Pair(certificates.first().subjectDN.name, listOf(RolePrincipal(PEER_ROLE)))
|
||||
Pair(certificates.first().getSubjectX500Principal().name, listOf(RolePrincipal(PEER_ROLE)))
|
||||
}
|
||||
else -> {
|
||||
requireNotNull(rpcJaasConfig) { "Attempted to connect as an rpc user to the P2P broker." }
|
||||
|
||||
@ -79,7 +79,7 @@ sealed class CertificateChainCheckPolicy {
|
||||
class UsernameMustMatchCommonNameCheck : Check {
|
||||
lateinit var username: String
|
||||
override fun checkCertificateChain(theirChain: Array<java.security.cert.X509Certificate>) {
|
||||
if (!theirChain.any { certificate -> CordaX500Name.parse(certificate.subjectDN.name).commonName == username }) {
|
||||
if (!theirChain.any { certificate -> CordaX500Name.parse(certificate.getSubjectX500Principal().name).commonName == username }) {
|
||||
throw CertificateException("Client certificate does not match login username.")
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.corda.node.internal.artemis
|
||||
|
||||
import net.corda.core.internal.isEquivalentTo
|
||||
import net.corda.core.utilities.contextLogger
|
||||
import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.PEER_USER
|
||||
import org.apache.activemq.artemis.api.core.ActiveMQSecurityException
|
||||
@ -8,6 +9,7 @@ import org.apache.activemq.artemis.core.server.ServerSession
|
||||
import org.apache.activemq.artemis.core.server.plugin.ActiveMQServerPlugin
|
||||
import org.apache.activemq.artemis.core.transaction.Transaction
|
||||
import org.apache.activemq.artemis.protocol.amqp.broker.AMQPMessage
|
||||
import javax.security.auth.x500.X500Principal
|
||||
|
||||
/**
|
||||
* Plugin to verify the user in the AMQP message header against the user in the authenticated session.
|
||||
@ -32,7 +34,7 @@ class UserValidationPlugin : ActiveMQServerPlugin {
|
||||
throw ActiveMQSecurityException("Invalid message type: expected [${AMQPMessage::class.java.name}], got [${message.javaClass.name}]")
|
||||
}
|
||||
val user = message.getStringProperty(Message.HDR_VALIDATED_USER)
|
||||
if (user != null && user != session.validatedUser) {
|
||||
if (user != null && !X500Principal(user).isEquivalentTo(X500Principal(session.validatedUser))) {
|
||||
throw ActiveMQSecurityException("_AMQ_VALIDATED_USER mismatch: expected [${session.validatedUser}], got [${user}]")
|
||||
}
|
||||
}
|
||||
|
||||
@ -12,6 +12,7 @@ import org.apache.shiro.authz.Permission
|
||||
import org.apache.shiro.authz.permission.PermissionResolver
|
||||
import org.slf4j.LoggerFactory
|
||||
import java.lang.reflect.Method
|
||||
import java.util.Locale
|
||||
import kotlin.reflect.KClass
|
||||
import kotlin.reflect.KFunction
|
||||
import kotlin.reflect.KProperty
|
||||
@ -54,7 +55,7 @@ internal object RPCPermissionResolver : PermissionResolver {
|
||||
private val FLOW_RPC_PERMITTED_START_FLOW_WITH_CLIENT_ID_CALLS = setOf("startFlowWithClientId", "startFlowDynamicWithClientId")
|
||||
|
||||
override fun resolvePermission(representation: String): Permission {
|
||||
when (representation.substringBefore(SEPARATOR).toLowerCase()) {
|
||||
when (representation.substringBefore(SEPARATOR).lowercase(Locale.getDefault())) {
|
||||
ACTION_INVOKE_RPC -> {
|
||||
val rpcCall = representation.substringAfter(SEPARATOR, "")
|
||||
require(representation.count { it == SEPARATOR } == 1 && rpcCall.isNotEmpty()) { "Malformed permission string" }
|
||||
@ -90,7 +91,7 @@ internal object RPCPermissionResolver : PermissionResolver {
|
||||
* 3. Methods of specific group: InvokeRpc:com.fully.qualified.package.CustomClientRpcOps#READONLY
|
||||
*/
|
||||
private fun attemptNewStyleParsing(permAsString: String): Permission {
|
||||
return when(permAsString.substringBefore(NEW_STYLE_SEP).toLowerCase()) {
|
||||
return when(permAsString.substringBefore(NEW_STYLE_SEP).lowercase(Locale.getDefault())) {
|
||||
ACTION_INVOKE_RPC -> {
|
||||
val interfaceAndMethods = permAsString.substringAfter(NEW_STYLE_SEP, "")
|
||||
val interfaceParts = interfaceAndMethods.split(INTERFACE_SEPARATOR)
|
||||
@ -98,7 +99,7 @@ internal object RPCPermissionResolver : PermissionResolver {
|
||||
val methodsMap = requireNotNull(cache.get(interfaceParts[0]))
|
||||
{ "Method map for ${interfaceParts[0]} must not be null in the cache. There must have been error processing interface. " +
|
||||
"Please look at the error log lines above." }
|
||||
val lookupKey = interfaceAndMethods.toLowerCase()
|
||||
val lookupKey = interfaceAndMethods.lowercase(Locale.getDefault())
|
||||
val methods = requireNotNull(methodsMap[lookupKey]) { "Cannot find record for " +
|
||||
"'$lookupKey' for interface '${interfaceParts[0]}' in $methodsMap. " +
|
||||
"Please check permissions configuration string '$permAsString' matching class representation." }
|
||||
@ -171,9 +172,9 @@ internal object RPCPermissionResolver : PermissionResolver {
|
||||
return emptyList()
|
||||
}
|
||||
|
||||
val allKey = methodFullName(interfaceClass.java, ACTION_ALL).toLowerCase()
|
||||
val allKey = methodFullName(interfaceClass.java, ACTION_ALL).lowercase(Locale.getDefault())
|
||||
val methodFullName = methodFullName(method)
|
||||
return listOf(allKey to methodFullName) + // ALL group
|
||||
listOf(methodFullName.toLowerCase() to methodFullName) // Full method names individually
|
||||
listOf(methodFullName.lowercase(Locale.getDefault()) to methodFullName) // Full method names individually
|
||||
}
|
||||
}
|
||||
@ -182,7 +182,7 @@ open class DBTransactionStorage(private val database: CordaPersistence, cacheFac
|
||||
|
||||
private fun weighTx(actTx: TxCacheValue?): Int {
|
||||
if (actTx == null) return 0
|
||||
return TXCACHEVALUE_OVERHEAD_BYTES + actTx.sigs.sumBy { it.size + TRANSACTION_SIGNATURE_OVERHEAD_BYTES } + actTx.txBits.size
|
||||
return TXCACHEVALUE_OVERHEAD_BYTES + actTx.sigs.sumOf { it.size + TRANSACTION_SIGNATURE_OVERHEAD_BYTES } + actTx.txBits.size
|
||||
}
|
||||
|
||||
private val log = contextLogger()
|
||||
|
||||
@ -31,6 +31,7 @@ import java.sql.SQLTransientConnectionException
|
||||
import java.time.Clock
|
||||
import java.time.Duration
|
||||
import java.time.Instant
|
||||
import java.util.Locale
|
||||
import java.util.Timer
|
||||
import java.util.concurrent.ConcurrentHashMap
|
||||
import javax.persistence.PersistenceException
|
||||
@ -726,7 +727,7 @@ private fun <T : Throwable> Throwable?.mentionsThrowable(exceptionType: Class<T>
|
||||
return false
|
||||
}
|
||||
val containsMessage = if (errorMessage != null) {
|
||||
message?.toLowerCase()?.contains(errorMessage) ?: false
|
||||
message?.lowercase(Locale.getDefault())?.contains(errorMessage) ?: false
|
||||
} else {
|
||||
true
|
||||
}
|
||||
|
||||
@ -82,9 +82,9 @@ abstract class AbstractQueryCriteriaParser<Q : GenericQueryCriteria<Q,P>, in P:
|
||||
column as Path<String?>
|
||||
when (columnPredicate.operator) {
|
||||
EQUAL -> criteriaBuilder.equal(column, literal)
|
||||
EQUAL_IGNORE_CASE -> criteriaBuilder.equal(criteriaBuilder.upper(column), literal.toUpperCase())
|
||||
EQUAL_IGNORE_CASE -> criteriaBuilder.equal(criteriaBuilder.upper(column), literal.uppercase(Locale.getDefault()))
|
||||
NOT_EQUAL -> criteriaBuilder.notEqual(column, literal)
|
||||
NOT_EQUAL_IGNORE_CASE -> criteriaBuilder.notEqual(criteriaBuilder.upper(column), literal.toUpperCase())
|
||||
NOT_EQUAL_IGNORE_CASE -> criteriaBuilder.notEqual(criteriaBuilder.upper(column), literal.uppercase(Locale.getDefault()))
|
||||
}
|
||||
} else {
|
||||
when (columnPredicate.operator) {
|
||||
@ -111,9 +111,9 @@ abstract class AbstractQueryCriteriaParser<Q : GenericQueryCriteria<Q,P>, in P:
|
||||
column as Path<String?>
|
||||
return when (columnPredicate.operator) {
|
||||
LIKE -> criteriaBuilder.like(column, columnPredicate.rightLiteral)
|
||||
LIKE_IGNORE_CASE -> criteriaBuilder.like(criteriaBuilder.upper(column), columnPredicate.rightLiteral.toUpperCase())
|
||||
LIKE_IGNORE_CASE -> criteriaBuilder.like(criteriaBuilder.upper(column), columnPredicate.rightLiteral.uppercase(Locale.getDefault()))
|
||||
NOT_LIKE -> criteriaBuilder.notLike(column, columnPredicate.rightLiteral)
|
||||
NOT_LIKE_IGNORE_CASE -> criteriaBuilder.notLike(criteriaBuilder.upper(column), columnPredicate.rightLiteral.toUpperCase())
|
||||
NOT_LIKE_IGNORE_CASE -> criteriaBuilder.notLike(criteriaBuilder.upper(column), columnPredicate.rightLiteral.uppercase(Locale.getDefault()))
|
||||
}
|
||||
}
|
||||
|
||||
@ -126,9 +126,9 @@ abstract class AbstractQueryCriteriaParser<Q : GenericQueryCriteria<Q,P>, in P:
|
||||
literal as Collection<String>
|
||||
when (columnPredicate.operator) {
|
||||
IN -> column.`in`(literal)
|
||||
IN_IGNORE_CASE -> criteriaBuilder.upper(column).`in`(literal.map { it.toUpperCase() })
|
||||
IN_IGNORE_CASE -> criteriaBuilder.upper(column).`in`(literal.map { it.uppercase(Locale.getDefault()) })
|
||||
NOT_IN -> criteriaBuilder.not(column.`in`(literal))
|
||||
NOT_IN_IGNORE_CASE -> criteriaBuilder.not(criteriaBuilder.upper(column).`in`(literal.map { it.toUpperCase() }))
|
||||
NOT_IN_IGNORE_CASE -> criteriaBuilder.not(criteriaBuilder.upper(column).`in`(literal.map { it.uppercase(Locale.getDefault()) }))
|
||||
}
|
||||
} else {
|
||||
when (columnPredicate.operator) {
|
||||
|
||||
@ -135,7 +135,7 @@ object ObjectDiffer {
|
||||
continue
|
||||
}
|
||||
if (method.name.startsWith("get") && method.name.length > 3 && method.parameterCount == 0) {
|
||||
val fieldName = method.name[3].toLowerCase() + method.name.substring(4)
|
||||
val fieldName = method.name[3].lowercaseChar() + method.name.substring(4)
|
||||
foci.add(FieldFocus(fieldName, method.returnType, method))
|
||||
} else if (method.name.startsWith("is") && method.parameterCount == 0) {
|
||||
foci.add(FieldFocus(method.name, method.returnType, method))
|
||||
|
||||
@ -5,6 +5,7 @@ import net.corda.node.internal.rpc.proxies.RpcAuthHelper.methodFullName
|
||||
import org.junit.Test
|
||||
|
||||
import java.time.ZonedDateTime
|
||||
import java.util.Locale
|
||||
import kotlin.test.assertEquals
|
||||
|
||||
class RPCPermissionResolverTest {
|
||||
@ -29,7 +30,7 @@ class RPCPermissionResolverTest {
|
||||
}
|
||||
|
||||
private val readAlphaMethod = methodFullName(Alpha::class.java.getMethod("readAlpha"))
|
||||
private val readAlphaMethodKey = readAlphaMethod.toLowerCase()
|
||||
private val readAlphaMethodKey = readAlphaMethod.lowercase(Locale.getDefault())
|
||||
|
||||
@Test(timeout=300_000)
|
||||
fun `test Alpha`() {
|
||||
|
||||
Reference in New Issue
Block a user