fgerlits commented on a change in pull request #937: URL: https://github.com/apache/nifi-minifi-cpp/pull/937#discussion_r526759292
########## File path: libminifi/src/c2/C2Client.cpp ########## @@ -0,0 +1,335 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <memory> +#include <map> +#include "c2/C2Client.h" +#include "core/state/nodes/MetricsBase.h" +#include "core/state/nodes/QueueMetrics.h" +#include "core/state/nodes/AgentInformation.h" +#include "core/state/nodes/RepositoryMetrics.h" +#include "properties/Configure.h" +#include "core/state/UpdateController.h" +#include "core/controller/ControllerServiceProvider.h" +#include "c2/C2Agent.h" +#include "core/state/nodes/FlowInformation.h" +#include "utils/file/FileSystem.h" + +namespace org { +namespace apache { +namespace nifi { +namespace minifi { +namespace c2 { + +C2Client::C2Client( + std::shared_ptr<Configure> configuration, std::shared_ptr<core::Repository> provenance_repo, + std::shared_ptr<core::Repository> flow_file_repo, std::shared_ptr<core::ContentRepository> content_repo, + std::unique_ptr<core::FlowConfiguration> flow_configuration, std::shared_ptr<utils::file::FileSystem> filesystem, + std::shared_ptr<logging::Logger> logger) + : core::Flow(std::move(provenance_repo), std::move(flow_file_repo), std::move(content_repo), std::move(flow_configuration)), + configuration_(std::move(configuration)), + filesystem_(std::move(filesystem)), + logger_(std::move(logger)) {} + +void C2Client::stopC2() { + if (c2_agent_) { + c2_agent_->stop(); + } +} + +bool C2Client::isC2Enabled() const { + std::string c2_enable_str; + bool c2_enabled = false; + if (configuration_->get(Configure::nifi_c2_enable, "c2.enable", c2_enable_str)) { + utils::StringUtils::StringToBool(c2_enable_str, c2_enabled); + } + return c2_enabled; Review comment: Minor, but why don't we use the new `toBool()` function? I think that would be nicer: ```suggestion configuration_->get(Configure::nifi_c2_enable, "c2.enable", c2_enable_str); return utils::StringUtils::toBool(c2_enable_str).value_or(false); ``` ########## File path: libminifi/src/c2/C2Client.cpp ########## @@ -0,0 +1,335 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <memory> +#include <map> +#include "c2/C2Client.h" +#include "core/state/nodes/MetricsBase.h" +#include "core/state/nodes/QueueMetrics.h" +#include "core/state/nodes/AgentInformation.h" +#include "core/state/nodes/RepositoryMetrics.h" +#include "properties/Configure.h" +#include "core/state/UpdateController.h" +#include "core/controller/ControllerServiceProvider.h" +#include "c2/C2Agent.h" +#include "core/state/nodes/FlowInformation.h" +#include "utils/file/FileSystem.h" + +namespace org { +namespace apache { +namespace nifi { +namespace minifi { +namespace c2 { + +C2Client::C2Client( + std::shared_ptr<Configure> configuration, std::shared_ptr<core::Repository> provenance_repo, + std::shared_ptr<core::Repository> flow_file_repo, std::shared_ptr<core::ContentRepository> content_repo, + std::unique_ptr<core::FlowConfiguration> flow_configuration, std::shared_ptr<utils::file::FileSystem> filesystem, + std::shared_ptr<logging::Logger> logger) + : core::Flow(std::move(provenance_repo), std::move(flow_file_repo), std::move(content_repo), std::move(flow_configuration)), + configuration_(std::move(configuration)), + filesystem_(std::move(filesystem)), + logger_(std::move(logger)) {} + +void C2Client::stopC2() { + if (c2_agent_) { + c2_agent_->stop(); + } +} + +bool C2Client::isC2Enabled() const { + std::string c2_enable_str; + bool c2_enabled = false; + if (configuration_->get(Configure::nifi_c2_enable, "c2.enable", c2_enable_str)) { + utils::StringUtils::StringToBool(c2_enable_str, c2_enabled); + } + return c2_enabled; +} + +void C2Client::initialize(core::controller::ControllerServiceProvider *controller, const std::shared_ptr<state::StateMonitor> &update_sink) { + std::string class_str; + configuration_->get("nifi.c2.agent.class", "c2.agent.class", class_str); + configuration_->setAgentClass(class_str); + + if (!isC2Enabled()) { + return; + } + + if (class_str.empty()) { + logger_->log_error("Class name must be defined when C2 is enabled"); + throw std::runtime_error("Class name must be defined when C2 is enabled"); + } + + std::string identifier_str; + if (!configuration_->get("nifi.c2.agent.identifier", "c2.agent.identifier", identifier_str) || identifier_str.empty()) { + // set to the flow controller's identifier + identifier_str = getControllerUUID().to_string(); + } + configuration_->setAgentIdentifier(identifier_str); + + if (initialized_ && !flow_update_) { + return; + } + + std::lock_guard<std::recursive_mutex> guard(metrics_mutex_); + + device_information_.clear(); + component_metrics_.clear(); + // root_response_nodes_ was not cleared before, it is unclear if that was intentional + + std::string class_csv; + if (root_ != nullptr) { + std::shared_ptr<state::response::QueueMetrics> queueMetrics = std::make_shared<state::response::QueueMetrics>(); + std::map<std::string, std::shared_ptr<Connection>> connections; + root_->getConnections(connections); + for (auto& con : connections) { + queueMetrics->addConnection(con.second); + } + device_information_[queueMetrics->getName()] = queueMetrics; + std::shared_ptr<state::response::RepositoryMetrics> repoMetrics = std::make_shared<state::response::RepositoryMetrics>(); + repoMetrics->addRepository(provenance_repo_); + repoMetrics->addRepository(flow_file_repo_); + device_information_[repoMetrics->getName()] = repoMetrics; + } + + if (configuration_->get("nifi.c2.root.classes", class_csv)) { + std::vector<std::string> classes = utils::StringUtils::split(class_csv, ","); + + for (const std::string& clazz : classes) { + auto processor = std::dynamic_pointer_cast<state::response::ResponseNode>(core::ClassLoader::getDefaultClassLoader().instantiate(clazz, clazz)); + if (nullptr == processor) { + logger_->log_error("No metric defined for %s", clazz); + continue; + } + auto identifier = std::dynamic_pointer_cast<state::response::AgentIdentifier>(processor); + if (identifier != nullptr) { + identifier->setIdentifier(identifier_str); + identifier->setAgentClass(class_str); + } + auto monitor = std::dynamic_pointer_cast<state::response::AgentMonitor>(processor); + if (monitor != nullptr) { + monitor->addRepository(provenance_repo_); + monitor->addRepository(flow_file_repo_); + monitor->setStateMonitor(update_sink); + } + auto flowMonitor = std::dynamic_pointer_cast<state::response::FlowMonitor>(processor); + if (flowMonitor != nullptr) { + std::map<std::string, std::shared_ptr<Connection>> connections; + if (root_ != nullptr) { + root_->getConnections(connections); + } + for (auto &con : connections) { + flowMonitor->addConnection(con.second); + } + flowMonitor->setStateMonitor(update_sink); + flowMonitor->setFlowVersion(flow_configuration_->getFlowVersion()); + } + root_response_nodes_[processor->getName()] = processor; + } + } + + if (configuration_->get("nifi.flow.metrics.classes", class_csv)) { + std::vector<std::string> classes = utils::StringUtils::split(class_csv, ","); + for (const std::string& clazz : classes) { + auto ptr = core::ClassLoader::getDefaultClassLoader().instantiate(clazz, clazz); + if (nullptr == ptr) { + logger_->log_error("No metric defined for %s", clazz); + continue; + } + std::shared_ptr<state::response::ResponseNode> processor = std::static_pointer_cast<state::response::ResponseNode>(ptr); + device_information_[processor->getName()] = processor; + } + } + + // get all component metrics + std::vector<std::shared_ptr<core::Processor>> processors; + if (root_ != nullptr) { + root_->getAllProcessors(processors); + for (const auto &processor : processors) { + auto rep = std::dynamic_pointer_cast<state::response::ResponseNodeSource>(processor); + // we have a metrics source. + if (nullptr != rep) { + std::vector<std::shared_ptr<state::response::ResponseNode>> metric_vector; + rep->getResponseNodes(metric_vector); + for (auto& metric : metric_vector) { + component_metrics_[metric->getName()] = metric; + } + } + } + } + Review comment: The old code did something with `nifi.flow.metrics.class.definitions` here; that is no longer needed? ########## File path: libminifi/test/unit/StringViewTests.cpp ########## @@ -0,0 +1,114 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <string> +#include <vector> +#include <tuple> +#include "utils/StringView.h" +#include "utils/StringViewUtils.h" +#include "../TestBase.h" + +using utils::StringView; +using utils::StringViewUtils; + +TEST_CASE("Comparision") { + std::string a = "a"; + std::string b = "b"; + + REQUIRE(StringView(a) == "a"); + REQUIRE(StringView(a) != "b"); + REQUIRE(StringView("a") == "a"); + REQUIRE(StringView("abcd") != "a"); + REQUIRE(StringView(a) == a); + REQUIRE(StringView(a) != b); Review comment: we should test the mirrored cases, too: `REQUIRE("a" == StringView(a))` etc ########## File path: libminifi/test/unit/StringViewTests.cpp ########## @@ -0,0 +1,114 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <string> +#include <vector> +#include <tuple> +#include "utils/StringView.h" +#include "utils/StringViewUtils.h" +#include "../TestBase.h" + +using utils::StringView; +using utils::StringViewUtils; + +TEST_CASE("Comparision") { + std::string a = "a"; + std::string b = "b"; + + REQUIRE(StringView(a) == "a"); + REQUIRE(StringView(a) != "b"); + REQUIRE(StringView("a") == "a"); + REQUIRE(StringView("abcd") != "a"); + REQUIRE(StringView(a) == a); + REQUIRE(StringView(a) != b); + REQUIRE(StringView(a) == StringView(a)); + REQUIRE(StringView(a) != StringView(b)); + REQUIRE(!(StringView(a) == StringView(b))); +} + +TEST_CASE("trimLeft") { + std::vector<std::pair<std::string, std::string>> cases{ + {"", ""}, + {"abcd", "abcd"}, + {" abc", "abc"}, + {" abc", "abc"}, + {" ", ""}, + {"abc ", "abc "} Review comment: throw in a few more cases where the whitespace is \t, \r or \n instead of spaces? ########## File path: libminifi/src/utils/EncryptionProvider.cpp ########## @@ -15,40 +14,45 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#include "properties/Decryptor.h" +#include <string> +#include "utils/EncryptionProvider.h" #include "properties/Properties.h" #include "utils/OptionalUtils.h" #include "utils/StringUtils.h" +namespace org { +namespace apache { +namespace nifi { +namespace minifi { +namespace utils { +namespace crypto { + namespace { #ifdef WIN32 constexpr const char* DEFAULT_NIFI_BOOTSTRAP_FILE = "\\conf\\bootstrap.conf"; #else -constexpr const char* DEFAULT_NIFI_BOOTSTRAP_FILE = "./conf/bootstrap.conf"; +constexpr const char *DEFAULT_NIFI_BOOTSTRAP_FILE = "./conf/bootstrap.conf"; #endif // WIN32 -constexpr const char* CONFIG_ENCRYPTION_KEY_PROPERTY_NAME = "nifi.bootstrap.sensitive.key"; +constexpr const char *CONFIG_ENCRYPTION_KEY_PROPERTY_NAME = "nifi.bootstrap.sensitive.key"; Review comment: extremely minor, and I don't care about where the `*` is, but I think you should either change none, or all three ########## File path: libminifi/src/utils/file/FileSystem.cpp ########## @@ -0,0 +1,80 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <string> +#include <fstream> +#include "utils/file/FileSystem.h" +#include "utils/OptionalUtils.h" +#include "utils/EncryptionProvider.h" + +namespace org { +namespace apache { +namespace nifi { +namespace minifi { +namespace utils { +namespace file { + +FileSystem::FileSystem(bool should_encrypt, utils::optional<utils::crypto::EncryptionProvider> encryptor) + : should_encrypt_(should_encrypt), + encryptor_(std::move(encryptor)) { + if (should_encrypt_ && !encryptor) { + std::string err_message = "Requested file encryption but no encryption utility was provided"; + logger_->log_error(err_message.c_str()); + throw std::invalid_argument(err_message); + } +} + +utils::optional<std::string> FileSystem::read(const std::string& file_name) { + std::ifstream input{file_name, std::ios::binary}; + std::string content{std::istreambuf_iterator<char>(input), {}}; Review comment: In other similar code, we tell `ifstream` to throw exceptions with `input.exceptions(std::ios::failbit | std::ios::badbit)`; do we want to do that here, too? ########## File path: libminifi/test/unit/FileSystemTests.cpp ########## @@ -0,0 +1,90 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <string> +#include <fstream> +#include <iterator> +#include "../TestBase.h" +#include "utils/file/FileSystem.h" + +using utils::crypto::EncryptionProvider; +using utils::file::FileSystem; + +utils::crypto::Bytes encryption_key = utils::crypto::stringToBytes(utils::StringUtils::from_hex( + "4024b327fdc987ce3eb43dd1f690b9987e4072e0020e3edf4349ce1ad91a4e38")); + +struct FSTest : TestController { + FSTest() { + char format[] = "/var/tmp/fs.XXXXXX"; + dir = createTempDirectory(format); + encrypted_file = utils::file::FileUtils::concat_path(dir, "encrypted.txt"); + raw_file = utils::file::FileUtils::concat_path(dir, "raw.txt"); + new_file = utils::file::FileUtils::concat_path(dir, "new.txt"); + + std::ofstream{encrypted_file, std::ios::binary} << crypto.encrypt("banana"); + std::ofstream{raw_file, std::ios::binary} << "banana"; + } + + EncryptionProvider crypto{encryption_key}; + std::string encrypted_file; + std::string raw_file; + std::string new_file; + std::string dir; +}; + +TEST_CASE_METHOD(FSTest, "Can read encrypted or non-encrypted file", "[fs]") { Review comment: I would rename both the fixture and the tags to make them clearer: FSTest -> FileSystemTest, fs -> file_system. ########## File path: libminifi/include/utils/file/FileSystem.h ########## @@ -0,0 +1,57 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#pragma once + +#include <string> +#include <memory> +#include "utils/OptionalUtils.h" +#include "utils/EncryptionProvider.h" +#include "core/logging/LoggerConfiguration.h" + +namespace org { +namespace apache { +namespace nifi { +namespace minifi { +namespace utils { +namespace file { + +class FileSystem { + public: + explicit FileSystem(bool should_encrypt = false, utils::optional<utils::crypto::EncryptionProvider> encryptor = {}); Review comment: I think the names of these parameters are not clear enough: I did not realize at first (until I saw the unit test) that `FileSystem{false, valid_encryptor}` is a valid use case which will decrypt on read but not encrypt on write. It would be slightly wasteful, but much clearer, to do `FileSystem(utils::optional<utils::crypto::EncryptionProvider> decryptor = {}, utils::optional<utils::crypto::EncryptionProvider> encryptor = {})`. If you don't like that, I'm fine with a renaming, eg. `should_encrypt_on_write` and `encryption_provider`. ########## File path: libminifi/src/c2/C2Client.cpp ########## @@ -0,0 +1,335 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <memory> +#include <map> +#include "c2/C2Client.h" +#include "core/state/nodes/MetricsBase.h" +#include "core/state/nodes/QueueMetrics.h" +#include "core/state/nodes/AgentInformation.h" +#include "core/state/nodes/RepositoryMetrics.h" +#include "properties/Configure.h" +#include "core/state/UpdateController.h" +#include "core/controller/ControllerServiceProvider.h" +#include "c2/C2Agent.h" +#include "core/state/nodes/FlowInformation.h" +#include "utils/file/FileSystem.h" + +namespace org { +namespace apache { +namespace nifi { +namespace minifi { +namespace c2 { + +C2Client::C2Client( + std::shared_ptr<Configure> configuration, std::shared_ptr<core::Repository> provenance_repo, + std::shared_ptr<core::Repository> flow_file_repo, std::shared_ptr<core::ContentRepository> content_repo, + std::unique_ptr<core::FlowConfiguration> flow_configuration, std::shared_ptr<utils::file::FileSystem> filesystem, + std::shared_ptr<logging::Logger> logger) + : core::Flow(std::move(provenance_repo), std::move(flow_file_repo), std::move(content_repo), std::move(flow_configuration)), + configuration_(std::move(configuration)), + filesystem_(std::move(filesystem)), + logger_(std::move(logger)) {} + +void C2Client::stopC2() { + if (c2_agent_) { + c2_agent_->stop(); + } +} + +bool C2Client::isC2Enabled() const { + std::string c2_enable_str; + bool c2_enabled = false; + if (configuration_->get(Configure::nifi_c2_enable, "c2.enable", c2_enable_str)) { + utils::StringUtils::StringToBool(c2_enable_str, c2_enabled); + } + return c2_enabled; +} + +void C2Client::initialize(core::controller::ControllerServiceProvider *controller, const std::shared_ptr<state::StateMonitor> &update_sink) { + std::string class_str; + configuration_->get("nifi.c2.agent.class", "c2.agent.class", class_str); + configuration_->setAgentClass(class_str); + + if (!isC2Enabled()) { + return; + } + + if (class_str.empty()) { + logger_->log_error("Class name must be defined when C2 is enabled"); + throw std::runtime_error("Class name must be defined when C2 is enabled"); + } + + std::string identifier_str; + if (!configuration_->get("nifi.c2.agent.identifier", "c2.agent.identifier", identifier_str) || identifier_str.empty()) { + // set to the flow controller's identifier + identifier_str = getControllerUUID().to_string(); + } + configuration_->setAgentIdentifier(identifier_str); + + if (initialized_ && !flow_update_) { + return; + } + + std::lock_guard<std::recursive_mutex> guard(metrics_mutex_); Review comment: The scope of this lock is quite large, and larger than it used to be. Can it be made smaller? I would rather lose some performance by locking and unlocking multiple times than risk creating a deadlock. (Same comment on lock scope extensions in other functions in this file.) ########## File path: libminifi/test/unit/FileSystemTests.cpp ########## @@ -0,0 +1,90 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <string> +#include <fstream> +#include <iterator> +#include "../TestBase.h" +#include "utils/file/FileSystem.h" + +using utils::crypto::EncryptionProvider; +using utils::file::FileSystem; + +utils::crypto::Bytes encryption_key = utils::crypto::stringToBytes(utils::StringUtils::from_hex( + "4024b327fdc987ce3eb43dd1f690b9987e4072e0020e3edf4349ce1ad91a4e38")); + +struct FSTest : TestController { + FSTest() { + char format[] = "/var/tmp/fs.XXXXXX"; + dir = createTempDirectory(format); + encrypted_file = utils::file::FileUtils::concat_path(dir, "encrypted.txt"); + raw_file = utils::file::FileUtils::concat_path(dir, "raw.txt"); + new_file = utils::file::FileUtils::concat_path(dir, "new.txt"); + + std::ofstream{encrypted_file, std::ios::binary} << crypto.encrypt("banana"); + std::ofstream{raw_file, std::ios::binary} << "banana"; + } + + EncryptionProvider crypto{encryption_key}; + std::string encrypted_file; + std::string raw_file; + std::string new_file; + std::string dir; +}; + +TEST_CASE_METHOD(FSTest, "Can read encrypted or non-encrypted file", "[fs]") { + FileSystem fs{true, crypto}; + REQUIRE(fs.read(encrypted_file) == "banana"); + REQUIRE(fs.read(raw_file) == "banana"); +} + +TEST_CASE_METHOD(FSTest, "Write encrypted file", "[fs]") { + FileSystem fs{true, crypto}; + + fs.write(new_file, "red lorry, yellow lorry"); + + std::ifstream file{new_file, std::ios::binary}; + std::string file_content{std::istreambuf_iterator<char>(file), {}}; + REQUIRE(crypto.decrypt(file_content) == "red lorry, yellow lorry"); +} + +TEST_CASE_METHOD(FSTest, "Can read encrypted but writes non-encrypted", "[fs]") { + FileSystem fs{false, crypto}; + REQUIRE(fs.read(encrypted_file) == "banana"); + + fs.write(new_file, "red lorry, yellow lorry"); + + std::ifstream file{new_file, std::ios::binary}; + std::string file_content{std::istreambuf_iterator<char>(file), {}}; + REQUIRE(file_content == "red lorry, yellow lorry"); +} + +TEST_CASE_METHOD(FSTest, "Can't read/write encrypted", "[fs]") { Review comment: I would break this up into two tests: "Can't read encrypted file without encryption provider" and "Can read and write unencrypted". ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
