HBASE-13246 Correct the assertion for namespace permissions in tearDown method of TestAccessController (Ashish Singhi)
This commit is contained in:
parent
b7e2daa1db
commit
76ba53004b
|
@ -20,7 +20,6 @@ package org.apache.hadoop.hbase.security.access;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.fail;
|
||||
|
||||
|
@ -288,7 +287,10 @@ public class TestAccessController extends SecureTestUtil {
|
|||
}
|
||||
// Verify all table/namespace permissions are erased
|
||||
assertEquals(0, AccessControlLists.getTablePermissions(conf, TEST_TABLE.getTableName()).size());
|
||||
assertEquals(0, AccessControlLists.getNamespacePermissions(conf, TEST_TABLE.getTableName().getNameAsString()).size());
|
||||
assertEquals(
|
||||
0,
|
||||
AccessControlLists.getNamespacePermissions(conf,
|
||||
TEST_TABLE.getTableName().getNamespaceAsString()).size());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -2168,13 +2170,17 @@ public class TestAccessController extends SecureTestUtil {
|
|||
|
||||
verifyDenied(getAction, USER_NONE);
|
||||
|
||||
String namespace = "testNamespaceUserGrant";
|
||||
NamespaceDescriptor desc = NamespaceDescriptor.create(namespace).build();
|
||||
TEST_UTIL.getMiniHBaseCluster().getMaster().createNamespace(desc);
|
||||
|
||||
// Grant namespace READ to USER_NONE, this should supersede any table permissions
|
||||
grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(),
|
||||
TEST_TABLE.getTableName().getNamespaceAsString(),
|
||||
Permission.Action.READ);
|
||||
grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(), namespace, Permission.Action.READ);
|
||||
|
||||
// Now USER_NONE should be able to read also
|
||||
verifyAllowed(getAction, USER_NONE);
|
||||
|
||||
TEST_UTIL.getMiniHBaseCluster().getMaster().deleteNamespace(namespace);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -2386,14 +2392,18 @@ public class TestAccessController extends SecureTestUtil {
|
|||
// Verify that EXEC permission is checked correctly
|
||||
verifyDenied(execEndpointAction, userB);
|
||||
verifyAllowed(execEndpointAction, userA);
|
||||
|
||||
String namespace = "testCoprocessorExec";
|
||||
NamespaceDescriptor desc = NamespaceDescriptor.create(namespace).build();
|
||||
TEST_UTIL.getMiniHBaseCluster().getMaster().createNamespace(desc);
|
||||
|
||||
// Now grant EXEC to the entire namespace to user B
|
||||
grantOnNamespace(TEST_UTIL, userB.getShortName(),
|
||||
TEST_TABLE.getTableName().getNamespaceAsString(),
|
||||
Permission.Action.EXEC);
|
||||
grantOnNamespace(TEST_UTIL, userB.getShortName(), namespace, Permission.Action.EXEC);
|
||||
|
||||
// User B should now be allowed also
|
||||
verifyAllowed(execEndpointAction, userA, userB);
|
||||
|
||||
TEST_UTIL.getMiniHBaseCluster().getMaster().deleteNamespace(namespace);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
Loading…
Reference in New Issue