.filter( c -> Encryption.NONE.equals( c.encryptionLevel() ) ) .findFirst() .map( connector -> config.get( connector.listen_address ).toString() )
optionsObeyCase( Encryption.class ), defaultValue.name() );
@Test public void setsDeprecationFlagOnCustomNamedHttpConnectors() { List<Setting<Object>> settings = cv.settings( stringMap( "dbms.connector.0.type", "HTTP", "dbms.connector.0.enabled", "false", "dbms.connector.0.listen_address", "1.2.3.4:123", "dbms.connector.0.advertised_address", "localhost:123", "dbms.connector.0.encryption", Encryption.NONE.toString() ) ); assertEquals( 5, settings.size() ); for ( Setting s : settings ) { assertTrue( "every setting should be deprecated: " + s.name(), s.deprecated() ); String[] parts = s.name().split( "\\." ); if ( !"encryption".equals( parts[3] ) && !"type".equals( parts[3] ) ) { assertEquals( Optional.of( format( "%s.%s.%s.%s", parts[0], parts[1], "http", parts[3] ) ), s.replacement() ); } } }
optionsObeyCase( Encryption.class ), defaultValue.name() );
.filter( c -> Encryption.NONE.equals( c.encryptionLevel() ) ) .findFirst() .map( connector -> config.get( connector.listen_address ).toString() )
@Nonnull private static Map<String,String> assertEncryption( @Nonnull String name, @Nonnull Setting<?> setting, @Nonnull Map<String,String> rawConfig ) throws InvalidSettingException { Map<String,String> result = setting.validate( rawConfig, nullConsumer ); Optional<?> encryption = Optional.ofNullable( setting.apply( rawConfig::get ) ); if ( "https".equalsIgnoreCase( name ) ) { if ( encryption.isPresent() && encryption.get() != TLS ) { throw new InvalidSettingException( format( "'%s' is only allowed to be '%s'; not '%s'", setting.name(), TLS.name(), encryption.get() ) ); } } else if ( "http".equalsIgnoreCase( name ) ) { if ( encryption.isPresent() && encryption.get() != NONE ) { throw new InvalidSettingException( format( "'%s' is only allowed to be '%s'; not '%s'", setting.name(), NONE.name(), encryption.get() ) ); } } return result; }
private void init( File workingDir ) { setDirectory( workingDir ); withConfig( auth_enabled, "false" ); withConfig( pagecache_memory, "8m" ); BoltConnector bolt0 = new BoltConnector( "bolt" ); HttpConnector http1 = new HttpConnector( "http", Encryption.NONE ); HttpConnector http2 = new HttpConnector( "https", Encryption.TLS ); withConfig( http1.type, "HTTP" ); withConfig( http1.encryption, Encryption.NONE.name() ); withConfig( http1.enabled, "true" ); withConfig( http1.address, "localhost:0" ); withConfig( http2.type, "HTTP" ); withConfig( http2.encryption, Encryption.TLS.name() ); withConfig( http2.enabled, "false" ); withConfig( http2.address, "localhost:0" ); withConfig( bolt0.type, "BOLT" ); withConfig( bolt0.enabled, "true" ); withConfig( bolt0.address, "localhost:0" ); }
static ClientConnectorAddresses extractFromConfig( Config config ) { List<ConnectorUri> connectorUris = new ArrayList<>(); List<BoltConnector> boltConnectors = config.enabledBoltConnectors(); if ( boltConnectors.isEmpty() ) { throw new IllegalArgumentException( "A Bolt connector must be configured to run a cluster" ); } boltConnectors .forEach( c -> connectorUris.add( new ConnectorUri( bolt, config.get( c.advertised_address ) ) ) ); config.enabledHttpConnectors() .forEach( c -> connectorUris.add( new ConnectorUri( Encryption.NONE.equals(c.encryptionLevel() ) ? http : https, config.get( c.advertised_address ) ) ) ); return new ClientConnectorAddresses( connectorUris ); }
@Test void testServerDefaultSettings() { // given Config config = Config.builder().withServerDefaults().build(); // when List<HttpConnector> connectors = config.httpConnectors(); // then assertEquals( 2, connectors.size() ); if ( connectors.get( 0 ).encryptionLevel().equals( TLS ) ) { assertEquals( new ListenSocketAddress( "localhost", 7474 ), config.get( connectors.get( 1 ).listen_address ) ); assertEquals( new ListenSocketAddress( "localhost", 7473 ), config.get( connectors.get( 0 ).listen_address ) ); } else { assertEquals( new ListenSocketAddress( "127.0.0.1", 7474 ), config.get( connectors.get( 0 ).listen_address ) ); assertEquals( new ListenSocketAddress( "127.0.0.1", 7473 ), config.get( connectors.get( 1 ).listen_address ) ); } }
@Nonnull private static Map<String,String> assertEncryption( @Nonnull String name, @Nonnull Setting<?> setting, @Nonnull Map<String,String> rawConfig ) throws InvalidSettingException { Map<String,String> result = setting.validate( rawConfig, nullConsumer ); Optional<?> encryption = Optional.ofNullable( setting.apply( rawConfig::get ) ); if ( "https".equalsIgnoreCase( name ) ) { if ( encryption.isPresent() && encryption.get() != TLS ) { throw new InvalidSettingException( format( "'%s' is only allowed to be '%s'; not '%s'", setting.name(), TLS.name(), encryption.get() ) ); } } else if ( "http".equalsIgnoreCase( name ) ) { if ( encryption.isPresent() && encryption.get() != NONE ) { throw new InvalidSettingException( format( "'%s' is only allowed to be '%s'; not '%s'", setting.name(), NONE.name(), encryption.get() ) ); } } return result; }
private void init( File workingDir ) { setDirectory( workingDir ); withConfig( auth_enabled, "false" ); withConfig( pagecache_memory, "8m" ); BoltConnector bolt0 = new BoltConnector( "bolt" ); HttpConnector http1 = new HttpConnector( "http", Encryption.NONE ); HttpConnector http2 = new HttpConnector( "https", Encryption.TLS ); withConfig( http1.type, "HTTP" ); withConfig( http1.encryption, Encryption.NONE.name() ); withConfig( http1.enabled, "true" ); withConfig( http1.address, "localhost:0" ); withConfig( http2.type, "HTTP" ); withConfig( http2.encryption, Encryption.TLS.name() ); withConfig( http2.enabled, "false" ); withConfig( http2.address, "localhost:0" ); withConfig( bolt0.type, "BOLT" ); withConfig( bolt0.enabled, "true" ); withConfig( bolt0.address, "localhost:0" ); }
@Test public void setsDeprecationFlagOnCustomNamedHttpsConnectors() { List<Setting<Object>> settings = cv.settings( stringMap( "dbms.connector.0.type", "HTTP", "dbms.connector.0.enabled", "false", "dbms.connector.0.listen_address", "1.2.3.4:123", "dbms.connector.0.advertised_address", "localhost:123", "dbms.connector.0.encryption", Encryption.TLS.toString() ) ); assertEquals( 5, settings.size() ); for ( Setting s : settings ) { assertTrue( "every setting should be deprecated: " + s.name(), s.deprecated() ); String[] parts = s.name().split( "\\." ); if ( !"encryption".equals( parts[3] ) && !"type".equals( parts[3] ) ) { assertEquals( Optional.of( format( "%s.%s.%s.%s", parts[0], parts[1], "https", parts[3] ) ), s.replacement() ); } } } }
@Test public void validatesEncryption() { String key = "dbms.connector.bla.encryption"; String type = "dbms.connector.bla.type"; assertEquals( stringMap( key, Encryption.NONE.name(), type, HTTP.name() ), cv.validate( stringMap( key, Encryption.NONE.name(), type, HTTP.name() ), warningConsumer ) ); assertEquals( stringMap( key, Encryption.TLS.name(), type, HTTP.name() ), cv.validate( stringMap( key, Encryption.TLS.name(), type, HTTP.name() ), warningConsumer ) ); expected.expect( InvalidSettingException.class ); expected.expectMessage( "Bad value 'BOBO' for setting 'dbms.connector.bla.encryption': must be one of [NONE, TLS] case " + "sensitive" ); cv.validate( stringMap( key, "BOBO", type, HTTP.name() ), warningConsumer ); }
@Test public void httpsConnectorCanOnlyHaveTLS() { String key = "dbms.connector.https.encryption"; assertEquals( stringMap( key, Encryption.TLS.name() ), cv.validate( stringMap( key, Encryption.TLS.name() ), warningConsumer ) ); expected.expect( InvalidSettingException.class ); expected.expectMessage( "'dbms.connector.https.encryption' is only allowed to be 'TLS'; not 'NONE'" ); cv.validate( stringMap( key, Encryption.NONE.name() ), warningConsumer ); }
@Test public void httpConnectorCanNotHaveTLS() { String key = "dbms.connector.http.encryption"; assertEquals( stringMap( key, Encryption.NONE.name() ), cv.validate( stringMap( key, Encryption.NONE.name() ), warningConsumer ) ); expected.expect( InvalidSettingException.class ); expected.expectMessage( "'dbms.connector.http.encryption' is only allowed to be 'NONE'; not 'TLS'" ); cv.validate( stringMap( key, Encryption.TLS.name() ), warningConsumer ); }