apache
diff --git a/‎artemis-commons/src/main/java/org/apache/activemq/artemis/utils/JsonLoader.java‎
Lines changed: 23 additions & 0 deletions b/‎artemis-commons/src/main/java/org/apache/activemq/artemis/utils/JsonLoader.java‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎artemis-commons/src/main/java/org/apache/activemq/artemis/utils/RandomUtil.java‎
Lines changed: 14 additions & 0 deletions b/‎artemis-commons/src/main/java/org/apache/activemq/artemis/utils/RandomUtil.java‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/JsonUtil.java‎
Lines changed: 18 additions & 0 deletions b/‎artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/JsonUtil.java‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/ActiveMQServerControl.java‎
Lines changed: 54 additions & 1 deletion b/‎artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/ActiveMQServerControl.java‎
Lines changed: 54 additions & 1 deletion
diff --git a/‎artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/RoleInfo.java‎
Lines changed: 13 additions & 109 deletions b/‎artemis-core-client/src/main/java/org/apache/activemq/artemis/api/core/management/RoleInfo.java‎
Lines changed: 13 additions & 109 deletions
@@ -26,8 +26,13 @@
 import org.apache.activemq.artemis.json.impl.JsonObjectImpl;
 
 import javax.json.JsonReader;
+import javax.json.JsonWriter;
 import javax.json.spi.JsonProvider;
 import java.io.Reader;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.io.Writer;
+import java.util.Map;
 
 /**
  * This is to make sure we use the proper classLoader to load JSon libraries. This is equivalent to using
@@ -43,6 +48,12 @@ public static JsonObject readObject(Reader reader) {
       }
    }
 
+   public static void writeObject(Map<String, Object> properties, Writer writer, JsonObject jsonObject) {
+      try (JsonWriter jsonReader = provider.createWriterFactory(properties).createWriter(writer)) {
+         jsonReader.writeObject((((JsonObjectImpl)jsonObject).getRawObject()));
+      }
+   }
+
    public static JsonArray readArray(Reader reader) {
       try (JsonReader jsonReader = provider.createReader(reader)) {
          return new JsonArrayImpl(jsonReader.readArray());
@@ -56,4 +67,16 @@ public static JsonArrayBuilder createArrayBuilder() {
    public static JsonObjectBuilder createObjectBuilder() {
       return new JsonObjectBuilderImpl(provider.createObjectBuilder());
    }
+
+   // Please do not remove this method as it's useful for debugging purposes
+   public static String prettyPrint(String json) {
+      String result = json;
+      try (StringReader reader = new StringReader(json);
+           StringWriter writer = new StringWriter()) {
+         JsonLoader.writeObject(Map.of(javax.json.stream.JsonGenerator.PRETTY_PRINTING, true), writer, JsonLoader.readObject(reader));
+         result = writer.toString();
+      } catch (Exception e) {
+      }
+      return result;
+   }
 }
@@ -175,4 +175,18 @@ public static float randomFloat() {
       return RandomUtil.random.nextFloat();
    }
 
+   /**
+    * Generates an array of random alpha-numeric words. The words will be of a random length between 1 and 10
+    * characters.
+    *
+    * @param wordCount the number of random words to generate
+    * @return an array of randomly generated alpha-numeric words between 1 and 10 characters long
+    */
+   public static String[] randomWords(int wordCount) {
+      String[] words = new String[wordCount];
+      for (int i = 0; i < wordCount; i++) {
+         words[i] = randomAlphaNumericString((randomPositiveInt() % 10) + 1);
+      }
+      return words;
+   }
 }
@@ -26,6 +26,7 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.stream.Collectors;
 
 import org.apache.activemq.artemis.json.JsonArray;
 import org.apache.activemq.artemis.json.JsonArrayBuilder;
@@ -456,4 +457,21 @@ public String toString() {
          return s;
       }
    }
+
+   /**
+    * Converts a JSON array from the specified key in a JsonObject into a comma-separated string. If the key does not
+    * exist or if its value is not a JSON array, then an empty string is returned.
+    *
+    * @param jsonObject the JsonObject from which to retrieve the array
+    * @param key        the key associated with the JSON array in the JsonObject
+    * @return a comma-separated string representation of the array's elements, or an empty string if the key does not
+    * exist or the value is not an array
+    */
+   public static String arrayToString(JsonObject jsonObject, String key) {
+      JsonValue value = jsonObject.get(key);
+      if (value == null || value.getValueType() != JsonValue.ValueType.ARRAY) {
+         return "";
+      }
+      return jsonObject.getJsonArray(key).stream().map((s) -> ((JsonString) s).getString()).collect(Collectors.joining(", "));
+   }
 }
@@ -1382,6 +1382,10 @@ boolean closeConsumerWithID(@Parameter(desc = "The session ID", name = "sessionI
    @Operation(desc = "List the sessions for the given connectionID", impact = MBeanOperationInfo.INFO)
    String[] listSessions(@Parameter(desc = "a connection ID", name = "connectionID") String connectionID) throws Exception;
 
+   /**
+    * @deprecated use {@link ActiveMQServerControl#addSecuritySettings(String, String)}
+    */
+   @Deprecated(forRemoval = true)
    @Operation(desc = "Add security settings for addresses matching the addressMatch", impact = MBeanOperationInfo.ACTION)
    void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch,
                             @Parameter(desc = "a comma-separated list of roles allowed to send messages", name = "send") String sendRoles,
@@ -1392,6 +1396,10 @@ void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMa
                             @Parameter(desc = "a comma-separated list of roles allowed to delete non durable queues", name = "deleteNonDurableQueueRoles") String deleteNonDurableQueueRoles,
                             @Parameter(desc = "a comma-separated list of roles allowed to send management messages messages", name = "manage") String manageRoles) throws Exception;
 
+   /**
+    * @deprecated use {@link ActiveMQServerControl#addSecuritySettings(String, String)}
+    */
+   @Deprecated(forRemoval = true)
    @Operation(desc = "Add security settings for addresses matching the addressMatch", impact = MBeanOperationInfo.ACTION)
    void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch,
                             @Parameter(desc = "a comma-separated list of roles allowed to send messages", name = "send") String sendRoles,
@@ -1403,6 +1411,10 @@ void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMa
                             @Parameter(desc = "a comma-separated list of roles allowed to send management messages messages", name = "manage") String manageRoles,
                             @Parameter(desc = "a comma-separated list of roles allowed to browse queues", name = "browse") String browseRoles) throws Exception;
 
+   /**
+    * @deprecated use {@link ActiveMQServerControl#addSecuritySettings(String, String)}
+    */
+   @Deprecated(forRemoval = true)
    @Operation(desc = "Add security settings for addresses matching the addressMatch", impact = MBeanOperationInfo.ACTION)
    void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch,
                             @Parameter(desc = "a comma-separated list of roles allowed to send messages", name = "send") String sendRoles,
@@ -1416,6 +1428,10 @@ void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMa
                             @Parameter(desc = "a comma-separated list of roles allowed to create addresses", name = "createAddressRoles") String createAddressRoles,
                             @Parameter(desc = "a comma-separated list of roles allowed to delete addresses", name = "deleteAddressRoles") String deleteAddressRoles) throws Exception;
 
+   /**
+    * @deprecated use {@link ActiveMQServerControl#addSecuritySettings(String, String)}
+    */
+   @Deprecated(forRemoval = true)
    @Operation(desc = "Add security settings for addresses matching the addressMatch", impact = MBeanOperationInfo.ACTION)
    void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch,
                             @Parameter(desc = "a comma-separated list of roles allowed to send messages", name = "send") String sendRoles,
@@ -1431,6 +1447,43 @@ void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMa
                             @Parameter(desc = "a comma-separated list of roles allowed to view management resources", name = "view") String viewRoles,
                             @Parameter(desc = "a comma-separated list of roles allowed to edit management resources", name = "edit") String editRoles) throws Exception;
 
+   /**
+    * Add security-settings for matching addresses.
+    *
+    * @param addressMatch           The address match pattern to which the security-settings will be applied.
+    * @param securitySettingsAsJson The security-settings in JSON format. The JSON consists of key/value pairs where the
+    *                               key is a string representing the permission type, and the value is an array of
+    *                               strings containing the names of the roles which will be granted the corresponding
+    *                               permission, e.g.:
+    *                               <pre>{@code
+    *                               {
+    *                                 "send": ["role1", "role2"],
+    *                                 "consume": ["role3", "role4"],
+    *                                 "createDurableQueue": ["role5", "role6"]
+    *                               }
+    *                               }</pre>
+    *                               These permission types are supported:
+    *                               <ul>
+    *                               <li>send</li>
+    *                               <li>consume</li>
+    *                               <li>createDurableQueue</li>
+    *                               <li>deleteDurableQueue</li>
+    *                               <li>createNonDurableQueue</li>
+    *                               <li>deleteNonDurableQueue</li>
+    *                               <li>manage</li>
+    *                               <li>browse</li>
+    *                               <li>createAddress</li>
+    *                               <li>deleteAddress</li>
+    *                               <li>view</li>
+    *                               <li>edit</li>
+    *                               </ul>
+    *                               This JSON can be constructed using methods from {@link org.apache.activemq.artemis.utils.SecurityFormatter}.
+    * @throws Exception If an error occurs while adding the security-settings.
+    */
+   @Operation(desc = "Add security-settings for matching addresses", impact = MBeanOperationInfo.ACTION)
+   void addSecuritySettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch,
+                            @Parameter(desc = "The configuration of the security-settings as JSON", name = "securitySettingsAsJson")  String securitySettingsAsJson) throws Exception;
+
    @Operation(desc = "Remove security settings for an address", impact = MBeanOperationInfo.ACTION)
    void removeSecuritySettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch) throws Exception;
 
@@ -1685,7 +1738,7 @@ void addAddressSettings(@Parameter(desc = "an address match", name = "addressMat
     * adds a new address setting for a specific address
     */
    @Operation(desc = "Add address settings for addresses matching the addressMatch", impact = MBeanOperationInfo.ACTION)
-   String addAddressSettings(@Parameter(desc = "an address match", name = "addressMatch") String address, @Parameter(desc = "The configuration of the address settings as JSON", name = "addressSettingsConfigurationAsJson")  String addressSettingsConfigurationAsJson) throws Exception;
+   String addAddressSettings(@Parameter(desc = "an address match", name = "addressMatch") String address, @Parameter(desc = "The configuration of the address settings as JSON", name = "addressSettingsConfigurationAsJson") String addressSettingsConfigurationAsJson) throws Exception;
 
    @Operation(desc = "Remove address settings", impact = MBeanOperationInfo.ACTION)
    void removeAddressSettings(@Parameter(desc = "an address match", name = "addressMatch") String addressMatch) throws Exception;
 
@@ -16,37 +16,15 @@
  */
 package org.apache.activemq.artemis.api.core.management;
 
+import org.apache.activemq.artemis.api.core.JsonUtil;
+import org.apache.activemq.artemis.core.security.Role;
 import org.apache.activemq.artemis.json.JsonArray;
 import org.apache.activemq.artemis.json.JsonObject;
 
-import org.apache.activemq.artemis.api.core.JsonUtil;
-
 /**
  * Helper class to create Java Objects from the JSON serialization returned by {@link AddressControl#getRolesAsJSON()}.
  */
-public final class RoleInfo {
-
-   private final String name;
-
-   private final boolean send;
-
-   private final boolean consume;
-
-   private final boolean createDurableQueue;
-
-   private final boolean deleteDurableQueue;
-
-   private final boolean createNonDurableQueue;
-
-   private final boolean deleteNonDurableQueue;
-
-   private final boolean manage;
-
-   private final boolean browse;
-
-   private final boolean createAddress;
-
-   private final boolean deleteAddress;
+public final class RoleInfo extends Role {
 
    /**
     * {@return an array of RoleInfo corresponding to the JSON serialization returned by {@link
@@ -59,16 +37,16 @@ public static RoleInfo[] from(final String jsonString) throws Exception {
          JsonObject r = array.getJsonObject(i);
          RoleInfo role = new RoleInfo(
                  r.getString("name"),
-                 r.getBoolean("send"),
-                 r.getBoolean("consume"),
-                 r.getBoolean("createDurableQueue"),
-                 r.getBoolean("deleteDurableQueue"),
-                 r.getBoolean("createNonDurableQueue"),
-                 r.getBoolean("deleteNonDurableQueue"),
-                 r.getBoolean("manage"),
-                 r.getBoolean("browse"),
-                 r.getBoolean("createAddress"),
-                 r.getBoolean("deleteAddress"));
+                 r.getBoolean(SEND_PERMISSION),
+                 r.getBoolean(CONSUME_PERMISSION),
+                 r.getBoolean(CREATE_DURABLE_QUEUE_PERMISSION),
+                 r.getBoolean(DELETE_DURABLE_QUEUE_PERMISSION),
+                 r.getBoolean(CREATE_NONDURABLE_QUEUE_PERMISSION),
+                 r.getBoolean(DELETE_NONDURABLE_QUEUE_PERMISSION),
+                 r.getBoolean(MANAGE_PERMISSION),
+                 r.getBoolean(BROWSE_PERMISSION),
+                 r.getBoolean(CREATE_ADDRESS_PERMISSION),
+                 r.getBoolean(DELETE_ADDRESS_PERMISSION));
          roles[i] = role;
       }
       return roles;
@@ -97,78 +75,4 @@ private RoleInfo(final String name,
       this.createAddress = createAddress;
       this.deleteAddress = deleteAddress;
    }
-
-   public String getName() {
-      return name;
-   }
-
-   /**
-    * {@return whether this role can send messages to the address}
-    */
-   public boolean isSend() {
-      return send;
-   }
-
-   /**
-    * {@return whether this role can consume messages from queues bound to the address}
-    */
-   public boolean isConsume() {
-      return consume;
-   }
-
-   /**
-    * {@return whether this role can create durable queues bound to the address}
-    */
-   public boolean isCreateDurableQueue() {
-      return createDurableQueue;
-   }
-
-   /**
-    * {@return whether this role can delete durable queues bound to the address}
-    */
-   public boolean isDeleteDurableQueue() {
-      return deleteDurableQueue;
-   }
-
-   /**
-    * {@return whether this role can create non-durable queues bound to the address}
-    */
-   public boolean isCreateNonDurableQueue() {
-      return createNonDurableQueue;
-   }
-
-   /**
-    * {@return whether this role can delete non-durable queues bound to the address}
-    */
-   public boolean isDeleteNonDurableQueue() {
-      return deleteNonDurableQueue;
-   }
-
-   /**
-    * {@return whether this role can send management messages to the address}
-    */
-   public boolean isManage() {
-      return manage;
-   }
-
-   /**
-    * {@return whether this role can browse queues bound to the address}
-    */
-   public boolean isBrowse() {
-      return browse;
-   }
-
-   /**
-    * {@return whether this role can create addresses}
-    */
-   public boolean isCreateAddress() {
-      return createAddress;
-   }
-
-   /**
-    * {@return whether this role can delete addresses}
-    */
-   public boolean isDeleteAddress() {
-      return deleteAddress;
-   }
 }