HBASE-11713 Adding hbase shell unit test coverage for visibility labels (Srikanth Srungarapu)

2014-08-15 15:20:35 -07:00 · 2014-08-15 15:20:35 -07:00 · 680a6f32f2
parent 2c5825d897
commit 680a6f32f2
5 changed files with 107 additions and 17 deletions
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
@ -13,6 +13,8 @@ package org.apache.hadoop.hbase.security.visibility;
 import java.io.IOException;

 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
+

 /**
 * Utility methods for testing visibility labels.
@ -21,8 +23,18 @@ public class VisibilityTestUtil {

  public static void enableVisiblityLabels(Configuration conf) throws IOException {
    conf.setInt("hfile.format.version", 3);
-    conf.set("hbase.coprocessor.master.classes", VisibilityController.class.getName());
-    conf.set("hbase.coprocessor.region.classes", VisibilityController.class.getName());
+    appendCoprocessor(conf, CoprocessorHost.MASTER_COPROCESSOR_CONF_KEY,
+      VisibilityController.class.getName());
+    appendCoprocessor(conf, CoprocessorHost.REGION_COPROCESSOR_CONF_KEY,
+      VisibilityController.class.getName());
+  }
+
+  private static void appendCoprocessor(Configuration conf, String property, String value) {
+    if (conf.get(property) == null) {
+      conf.set(property, VisibilityController.class.getName());
+    } else {
+      conf.set(property, conf.get(property) + "," + VisibilityController.class.getName());
+    }
  }

 }
--- a/hbase-shell/src/test/java/org/apache/hadoop/hbase/client/TestShell.java
+++ b/hbase-shell/src/test/java/org/apache/hadoop/hbase/client/TestShell.java
@ -30,6 +30,7 @@ import org.apache.hadoop.hbase.HConstants;
 import org.apache.hadoop.hbase.LargeTests;
 import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
 import org.apache.hadoop.hbase.security.access.SecureTestUtil;
+import org.apache.hadoop.hbase.security.visibility.VisibilityTestUtil;
 import org.jruby.embed.PathType;
 import org.jruby.embed.ScriptingContainer;
 import org.junit.AfterClass;
@ -51,8 +52,10 @@ public class TestShell {
    TEST_UTIL.getConfiguration().setInt("hbase.client.pause", 250);
    TEST_UTIL.getConfiguration().setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 6);
    TEST_UTIL.getConfiguration().setBoolean(CoprocessorHost.ABORT_ON_ERROR_KEY, false);
+    TEST_UTIL.getConfiguration().setInt("hfile.format.version", 3);
    // Security setup configuration
    SecureTestUtil.enableSecurity(TEST_UTIL.getConfiguration());
+    VisibilityTestUtil.enableVisiblityLabels(TEST_UTIL.getConfiguration());

    TEST_UTIL.startMiniCluster();

--- a/hbase-shell/src/test/ruby/hbase/table_test.rb
+++ b/hbase-shell/src/test/ruby/hbase/table_test.rb
@ -132,10 +132,7 @@ module Hbase
    define_test "put should work with attributes" do
       @test_table.put("123", "x:a", 4, {ATTRIBUTES=>{'mykey'=>'myvalue'}})
    end
-    
-    define_test "put should work with VISIBILITY" do
-       @test_table.put("123", "x:a", 4, {VISIBILITY=>'mykey'})
-    end
+
    #-------------------------------------------------------------------------------

    define_test "delete should work without timestamp" do
@ -206,9 +203,6 @@ module Hbase
      
      @test_table.put(3, "x:a", 21, {ATTRIBUTES=>{'mykey'=>'myvalue'}})
      @test_table.put(3, "x:b", 22, @test_ts, {ATTRIBUTES=>{'mykey'=>'myvalue'}})
-      
-      @test_table.put(4, "x:a", 31, {VISIBILITY=>'mykey'})
-      @test_table.put(4, "x:b", 32, @test_ts, {VISIBILITY=>'mykey'})

    end

@ -242,14 +236,6 @@ module Hbase
      assert_not_nil(res['x:a'])
      assert_not_nil(res['x:b'])
    end
-    
-     define_test "get should work for data written with Visibility" do
-      res = @test_table._get_internal('4')
-      assert_not_nil(res)
-      assert_kind_of(Hash, res)
-      assert_not_nil(res['x:a'])
-      assert_not_nil(res['x:b'])
-    end

    define_test "get should work with integer keys" do
      res = @test_table._get_internal(1)
--- a/hbase-shell/src/test/ruby/hbase/visibility_labels_admin_test.rb
+++ b/hbase-shell/src/test/ruby/hbase/visibility_labels_admin_test.rb
@ -0,0 +1,85 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'shell'
+require 'shell/formatter'
+require 'hbase'
+require 'hbase/hbase'
+require 'hbase/table'
+
+include HBaseConstants
+
+module Hbase
+  # Simple secure administration methods tests
+  class VisibilityLabelsAdminMethodsTest < Test::Unit::TestCase
+    include TestHelpers
+
+    def setup
+      setup_hbase
+      @test_name = "hbase_shell_tests_table"
+      @test_table = table(@test_name)
+      # Create table test table name
+      create_test_table(@test_name)
+    end
+
+    define_test "Labels should be created as specified" do
+      label = 'TEST_LABELS'
+      count = table('hbase:labels')._count_internal
+      visibility_admin.add_labels('test_label')
+      assert_equal(count + 1, table('hbase:labels')._count_internal)
+    end
+
+    define_test "The set/clear methods should work with authorizations" do
+      label = 'TEST_AUTHS'
+      user = org.apache.hadoop.hbase.security.User.getCurrent().getName();
+      visibility_admin.add_labels(label)
+      count = visibility_admin.get_auths(user).length
+
+      # verifying the set functionality
+      visibility_admin.set_auths(user, label)
+      assert_equal(count + 1, visibility_admin.get_auths(user).length)
+      assert_block do
+        visibility_admin.get_auths(user).any? {
+          |auth| org.apache.hadoop.hbase.util.Bytes::toStringBinary(auth.toByteArray) == label
+        }
+      end
+
+      # verifying the clear functionality
+      visibility_admin.clear_auths(user, label)
+      assert_equal(count, visibility_admin.get_auths(user).length)
+    end
+
+    define_test "The get/put methods should work for data written with Visibility" do
+      label = 'TEST_VISIBILITY'
+      user = org.apache.hadoop.hbase.security.User.getCurrent().getName();
+      visibility_admin.add_labels(label)
+      visibility_admin.set_auths(user, label)
+
+      # verifying put functionality
+      @test_table.put(1, "x:a", 31, {VISIBILITY=>label})
+
+      # verifying get functionality
+      res = @test_table._get_internal('1', {AUTHORIZATIONS=>[label]})
+      assert_not_nil(res)
+      assert_kind_of(Hash, res)
+      assert_not_nil(res['x:a'])
+    end
+
+  end
+end
--- a/hbase-shell/src/test/ruby/test_helper.rb
+++ b/hbase-shell/src/test/ruby/test_helper.rb
@ -60,6 +60,10 @@ module Hbase
      @shell.hbase_security_admin
    end

+    def visibility_admin
+      @shell.hbase_visibility_labels_admin
+    end
+
    def create_test_table(name)
      # Create the table if needed
      unless admin.exists?(name)