HBASE-13246 Correct the assertion for namespace permissions in tearDown method of TestAccessController (Ashish Singhi)
This commit is contained in:
parent
b7e2daa1db
commit
76ba53004b
|
@ -20,7 +20,6 @@ package org.apache.hadoop.hbase.security.access;
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertFalse;
|
import static org.junit.Assert.assertFalse;
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
import static org.junit.Assert.assertNull;
|
|
||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
|
|
||||||
|
@ -288,7 +287,10 @@ public class TestAccessController extends SecureTestUtil {
|
||||||
}
|
}
|
||||||
// Verify all table/namespace permissions are erased
|
// Verify all table/namespace permissions are erased
|
||||||
assertEquals(0, AccessControlLists.getTablePermissions(conf, TEST_TABLE.getTableName()).size());
|
assertEquals(0, AccessControlLists.getTablePermissions(conf, TEST_TABLE.getTableName()).size());
|
||||||
assertEquals(0, AccessControlLists.getNamespacePermissions(conf, TEST_TABLE.getTableName().getNameAsString()).size());
|
assertEquals(
|
||||||
|
0,
|
||||||
|
AccessControlLists.getNamespacePermissions(conf,
|
||||||
|
TEST_TABLE.getTableName().getNamespaceAsString()).size());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -2168,13 +2170,17 @@ public class TestAccessController extends SecureTestUtil {
|
||||||
|
|
||||||
verifyDenied(getAction, USER_NONE);
|
verifyDenied(getAction, USER_NONE);
|
||||||
|
|
||||||
|
String namespace = "testNamespaceUserGrant";
|
||||||
|
NamespaceDescriptor desc = NamespaceDescriptor.create(namespace).build();
|
||||||
|
TEST_UTIL.getMiniHBaseCluster().getMaster().createNamespace(desc);
|
||||||
|
|
||||||
// Grant namespace READ to USER_NONE, this should supersede any table permissions
|
// Grant namespace READ to USER_NONE, this should supersede any table permissions
|
||||||
grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(),
|
grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(), namespace, Permission.Action.READ);
|
||||||
TEST_TABLE.getTableName().getNamespaceAsString(),
|
|
||||||
Permission.Action.READ);
|
|
||||||
|
|
||||||
// Now USER_NONE should be able to read also
|
// Now USER_NONE should be able to read also
|
||||||
verifyAllowed(getAction, USER_NONE);
|
verifyAllowed(getAction, USER_NONE);
|
||||||
|
|
||||||
|
TEST_UTIL.getMiniHBaseCluster().getMaster().deleteNamespace(namespace);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -2386,14 +2392,18 @@ public class TestAccessController extends SecureTestUtil {
|
||||||
// Verify that EXEC permission is checked correctly
|
// Verify that EXEC permission is checked correctly
|
||||||
verifyDenied(execEndpointAction, userB);
|
verifyDenied(execEndpointAction, userB);
|
||||||
verifyAllowed(execEndpointAction, userA);
|
verifyAllowed(execEndpointAction, userA);
|
||||||
|
|
||||||
|
String namespace = "testCoprocessorExec";
|
||||||
|
NamespaceDescriptor desc = NamespaceDescriptor.create(namespace).build();
|
||||||
|
TEST_UTIL.getMiniHBaseCluster().getMaster().createNamespace(desc);
|
||||||
|
|
||||||
// Now grant EXEC to the entire namespace to user B
|
// Now grant EXEC to the entire namespace to user B
|
||||||
grantOnNamespace(TEST_UTIL, userB.getShortName(),
|
grantOnNamespace(TEST_UTIL, userB.getShortName(), namespace, Permission.Action.EXEC);
|
||||||
TEST_TABLE.getTableName().getNamespaceAsString(),
|
|
||||||
Permission.Action.EXEC);
|
|
||||||
|
|
||||||
// User B should now be allowed also
|
// User B should now be allowed also
|
||||||
verifyAllowed(execEndpointAction, userA, userB);
|
verifyAllowed(execEndpointAction, userA, userB);
|
||||||
|
|
||||||
|
TEST_UTIL.getMiniHBaseCluster().getMaster().deleteNamespace(namespace);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
Loading…
Reference in New Issue