IGNITE-27754 Replace ad-hoc withSecurityContextOnAllNodes method with explicit Security Context switch in tests.

modules/calcite/src/test/java/org/apache/ignite/internal/processors/query/calcite/integration/AbstractBasicIntegrationTest.java

@@ -44,11 +44,15 @@
 import org.apache.ignite.internal.processors.query.calcite.schema.IgniteIndex;
 import org.apache.ignite.internal.processors.query.calcite.schema.IgniteTable;
 import org.apache.ignite.internal.processors.query.calcite.util.Commons;
+import org.apache.ignite.internal.processors.security.OperationSecurityContext;
+import org.apache.ignite.internal.processors.security.SecurityContext;
 import org.apache.ignite.internal.util.typedef.F;
 import org.apache.ignite.internal.util.typedef.G;
 import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
 import org.jetbrains.annotations.Nullable;
 
+import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.authenticate;
+import static org.apache.ignite.internal.processors.authentication.User.DFAULT_USER_NAME;
 import static org.apache.ignite.internal.processors.query.calcite.exec.ExchangeServiceImpl.INBOX_INITIALIZATION_TIMEOUT;
 import static org.apache.ignite.testframework.GridTestUtils.assertThrowsAnyCause;
 import static org.apache.ignite.testframework.GridTestUtils.waitForCondition;
@@ -237,6 +241,15 @@ protected List<List<?>> sql(String sql, Object... params) {
         return sql(client, sql, params);
     }
 
+    /** */
+    protected List<List<?>> sqlAsRoot(IgniteEx ignite, String sql) throws Exception {
+        SecurityContext secCtx = authenticate(grid(0), DFAULT_USER_NAME, "ignite");
+
+        try (OperationSecurityContext ignored = ignite.context().security().withContext(secCtx)) {
+            return sql(ignite, sql);
+        }
+    }
+
     /** */
     protected List<List<?>> sql(IgniteEx ignite, String sql, Object... params) {
         // {@code sql} can contain more than one query.

modules/calcite/src/test/java/org/apache/ignite/internal/processors/query/calcite/integration/SqlDiagnosticIntegrationTest.java

@@ -70,7 +70,6 @@
 import org.apache.ignite.internal.processors.query.calcite.exec.task.StripedQueryTaskExecutor;
 import org.apache.ignite.internal.processors.query.running.GridRunningQueryInfo;
 import org.apache.ignite.internal.processors.query.running.HeavyQueriesTracker;
-import org.apache.ignite.internal.processors.security.SecurityContext;
 import org.apache.ignite.internal.util.GridTestClockTimer;
 import org.apache.ignite.internal.util.future.GridCompoundFuture;
 import org.apache.ignite.internal.util.typedef.F;
@@ -89,8 +88,6 @@
 import static org.apache.ignite.events.EventType.EVT_CACHE_QUERY_EXECUTED;
 import static org.apache.ignite.events.EventType.EVT_CACHE_QUERY_OBJECT_READ;
 import static org.apache.ignite.events.EventType.EVT_SQL_QUERY_EXECUTION;
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.authenticate;
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.withSecurityContextOnAllNodes;
 import static org.apache.ignite.internal.processors.authentication.User.DFAULT_USER_NAME;
 import static org.apache.ignite.internal.processors.cache.query.GridCacheQueryType.SQL_FIELDS;
 import static org.apache.ignite.internal.processors.metric.impl.MetricUtils.metricName;
@@ -127,9 +124,6 @@ public class SqlDiagnosticIntegrationTest extends AbstractBasicIntegrationTest {
     /** */
     private ListeningTestLogger log;
 
-    /** */
-    private SecurityContext secCtxDflt;
-
     /** {@inheritDoc} */
     @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
         return super.getConfiguration(igniteInstanceName)
@@ -164,8 +158,6 @@ public class SqlDiagnosticIntegrationTest extends AbstractBasicIntegrationTest {
         client = startClientGrid();
 
         client.cluster().state(ClusterState.ACTIVE);
-
-        secCtxDflt = authenticate(grid(0), DFAULT_USER_NAME, "ignite");
     }
 
     /** {@inheritDoc} */
@@ -223,8 +215,6 @@ public void testParserMetrics() {
     /** */
     @Test
     public void testBatchParserMetrics() throws Exception {
-        withSecurityContextOnAllNodes(secCtxDflt);
-
         MetricRegistryImpl mreg0 = grid(0).context().metric().registry(QUERY_PARSER_METRIC_GROUP_NAME);
         MetricRegistryImpl mreg1 = grid(1).context().metric().registry(QUERY_PARSER_METRIC_GROUP_NAME);
         mreg0.reset();
@@ -644,8 +634,6 @@ public void testSqlEvents() {
     /** */
     @Test
     public void testSensitiveInformationHiding() throws Exception {
-        withSecurityContextOnAllNodes(secCtxDflt);
-
         cleanPerformanceStatisticsDir();
         startCollectStatistics();
 
@@ -697,8 +685,8 @@ public void testSensitiveInformationHiding() throws Exception {
             sql(grid(0), "CREATE TABLE test_sens1 (val) WITH CACHE_NAME=\"test_sens1\" AS SELECT 'sensitive' AS val");
 
             // Test CREATE/ALTER USER commands rewrite.
-            sql(grid(0), "CREATE USER test WITH PASSWORD 'sensitive'");
-            sql(grid(0), "ALTER USER test WITH PASSWORD 'sensitive'");
+            sqlAsRoot(grid(0), "CREATE USER test WITH PASSWORD 'sensitive'");
+            sqlAsRoot(grid(0), "ALTER USER test WITH PASSWORD 'sensitive'");
 
             // Test JOIN.
             sql(grid(0),

modules/calcite/src/test/java/org/apache/ignite/internal/processors/query/calcite/integration/UserDdlIntegrationTest.java

@@ -28,16 +28,11 @@
 import org.junit.Test;
 
 import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.authenticate;
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.withSecurityContextOnAllNodes;
-import static org.apache.ignite.internal.processors.authentication.User.DFAULT_USER_NAME;
 
 /**
  *  Integration test for CREATE/ALTER/DROP USER DDL commands.
  */
 public class UserDdlIntegrationTest extends AbstractDdlIntegrationTest {
-    /** Security context for default user. */
-    private SecurityContext secCtxDflt;
-
     /** {@inheritDoc} */
     @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
         IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName);
@@ -55,41 +50,30 @@ public class UserDdlIntegrationTest extends AbstractDdlIntegrationTest {
         return cfg;
     }
 
-    /** {@inheritDoc} */
-    @Override protected void beforeTest() throws Exception {
-        super.beforeTest();
-
-        secCtxDflt = authenticate(grid(0), DFAULT_USER_NAME, "ignite");
-
-        assertNotNull(secCtxDflt);
-    }
-
     /**
      * Creates, alter and drops user.
      */
     @SuppressWarnings("ThrowableNotThrown")
     @Test
     public void testCreateAlterDropUser() throws Exception {
-        withSecurityContextOnAllNodes(secCtxDflt);
-
         for (Ignite ignite : G.allGrids()) {
             IgniteEx igniteEx = (IgniteEx)ignite;
 
-            sql(igniteEx, "CREATE USER test WITH PASSWORD 'test'");
+            sqlAsRoot(igniteEx, "CREATE USER test WITH PASSWORD 'test'");
 
             SecurityContext secCtx = authenticate(igniteEx, "TEST", "test");
 
             assertNotNull(secCtx);
             assertEquals("TEST", secCtx.subject().login());
 
-            sql(igniteEx, "ALTER USER test WITH PASSWORD 'newpasswd'");
+            sqlAsRoot(igniteEx, "ALTER USER test WITH PASSWORD 'newpasswd'");
 
             secCtx = authenticate(igniteEx, "TEST", "newpasswd");
 
             assertNotNull(secCtx);
             assertEquals("TEST", secCtx.subject().login());
 
-            sql(igniteEx, "DROP USER test");
+            sqlAsRoot(igniteEx, "DROP USER test");
 
             GridTestUtils.assertThrowsWithCause(() -> authenticate(igniteEx, "TEST", "newpasswd"),
                 IgniteAccessControlException.class);

modules/clients/src/test/java/org/apache/ignite/jdbc/thin/JdbcThinAuthenticateConnectionSelfTest.java

@@ -28,8 +28,7 @@
 import org.apache.ignite.testframework.GridTestUtils;
 import org.junit.Test;
 
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.authenticate;
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.withSecurityContextOnAllNodes;
+import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.asRoot;
 
 /**
  * Tests for authenticated an non authenticated JDBC thin connection.
@@ -40,7 +39,6 @@ public class JdbcThinAuthenticateConnectionSelfTest extends JdbcThinAbstractSelf
     private static final String URL = "jdbc:ignite:thin://127.0.0.1";
 
     /** {@inheritDoc} */
-    @SuppressWarnings("deprecation")
     @Override protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
         IgniteConfiguration cfg = super.getConfiguration(igniteInstanceName);
 
@@ -66,9 +64,7 @@ public class JdbcThinAuthenticateConnectionSelfTest extends JdbcThinAbstractSelf
 
         grid(0).cluster().state(ClusterState.ACTIVE);
 
-        try (AutoCloseable ignored = withSecurityContextOnAllNodes(authenticate(grid(0), "ignite", "ignite"))) {
-            grid(0).context().security().createUser("another_user", "passwd".toCharArray());
-        }
+        asRoot(grid(0), s -> s.createUser("another_user", "passwd".toCharArray()));
     }
 
     /** {@inheritDoc} */

modules/core/src/test/java/org/apache/ignite/internal/processors/authentication/Authentication1kUsersNodeRestartTest.java

@@ -18,19 +18,16 @@
 package org.apache.ignite.internal.processors.authentication;
 
 import java.util.stream.IntStream;
-import org.apache.ignite.IgniteException;
 import org.apache.ignite.cluster.ClusterState;
 import org.apache.ignite.configuration.DataRegionConfiguration;
 import org.apache.ignite.configuration.DataStorageConfiguration;
 import org.apache.ignite.configuration.IgniteConfiguration;
-import org.apache.ignite.internal.processors.security.IgniteSecurity;
-import org.apache.ignite.internal.processors.security.SecurityContext;
 import org.apache.ignite.testframework.GridTestUtils;
 import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
 import org.junit.Test;
 
+import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.asRoot;
 import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.authenticate;
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.withSecurityContextOnAllNodes;
 
 /**
  * Test for {@link IgniteAuthenticationProcessor} on unstable topology.
@@ -90,33 +87,11 @@ public void test1kUsersNodeRestartServer() throws Exception {
 
         grid(0).cluster().state(ClusterState.ACTIVE);
 
-        IgniteSecurity sec = grid(0).context().security();
-
-        SecurityContext secCtxDflt = authenticate(grid(0), User.DFAULT_USER_NAME, "ignite");
-
-        withSecurityContextOnAllNodes(secCtxDflt);
-
-        IntStream.range(0, USERS_COUNT).parallel().forEach(
-            i -> {
-                try (AutoCloseable ignored = withSecurityContextOnAllNodes(secCtxDflt)) {
-                    sec.createUser("test" + i, "init".toCharArray());
-                }
-                catch (Exception e) {
-                    throw new IgniteException(e);
-                }
-            }
-        );
-
-        IntStream.range(0, USERS_COUNT).parallel().forEach(
-            i -> {
-                try (AutoCloseable ignored = withSecurityContextOnAllNodes(secCtxDflt)) {
-                    sec.alterUser("test" + i, ("passwd_" + i).toCharArray());
-                }
-                catch (Exception e) {
-                    throw new IgniteException(e);
-                }
-            }
-        );
+        IntStream.range(0, USERS_COUNT).parallel().forEach(i ->
+            asRoot(grid(0), s -> s.createUser("test" + i, "init".toCharArray())));
+
+        IntStream.range(0, USERS_COUNT).parallel().forEach(i ->
+            asRoot(grid(0), s -> s.alterUser("test" + i, ("passwd_" + i).toCharArray())));
 
         stopGrid(0);
 

modules/core/src/test/java/org/apache/ignite/internal/processors/authentication/AuthenticationOnNotActiveClusterTest.java

@@ -27,8 +27,8 @@
 import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
 import org.junit.Test;
 
+import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.asRoot;
 import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.authenticate;
-import static org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.withSecurityContextOnAllNodes;
 
 /**
  * Test for {@link IgniteAuthenticationProcessor}.
@@ -109,12 +109,11 @@ public void testNotDefaultUser() throws Exception {
 
         grid(0).cluster().state(ClusterState.ACTIVE);
 
-        SecurityContext secCtxDflt = authenticate(grid(0), User.DFAULT_USER_NAME, "ignite");
+        for (int i = 0; i < 10; ++i) {
+            String userName = "test" + i;
 
-        withSecurityContextOnAllNodes(secCtxDflt);
-
-        for (int i = 0; i < 10; ++i)
-            grid(0).context().security().createUser("test" + i, "passwd".toCharArray());
+            asRoot(grid(0), s -> s.createUser(userName, "passwd".toCharArray()));
+        }
 
         stopAllGrids();