HBASE-10005 TestVisibilityLabels fails occasionally

git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1546396 13f79535-47bb-0310-9956-ffa450edef68
2013-11-28 16:49:12 +00:00 · 2013-11-28 16:49:12 +00:00 · b4f0a38daa
parent 2a6407fff4
commit b4f0a38daa
2 changed files with 44 additions and 24 deletions
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
@ -1078,8 +1078,7 @@ public class VisibilityController extends BaseRegionObserver implements MasterOb
    done.run(response.build());
  }

-  private void performACLCheck()
-      throws IOException {
+  private void performACLCheck() throws IOException {
    // Do ACL check only when the security is enabled.
    if (this.acOn && !isSystemOrSuperUser()) {
      User user = getActiveUser();
@ -1166,28 +1165,10 @@ public class VisibilityController extends BaseRegionObserver implements MasterOb
    byte[] user = request.getUser().toByteArray();
    GetAuthsResponse.Builder response = GetAuthsResponse.newBuilder();
    response.setUser(request.getUser());
-
-    Scan s = new Scan();
-    s.addColumn(LABELS_TABLE_FAMILY, user);
-    Filter filter = createVisibilityLabelFilter(this.regionEnv.getRegion(), new Authorizations(
-        SYSTEM_LABEL));
-    s.setFilter(filter);
    try {
-      // We do ACL check here as we create scanner directly on region. It will not make calls to
-      // AccessController CP methods.
-      performACLCheck();
-      RegionScanner scanner = this.regionEnv.getRegion().getScanner(s);
-      List<Cell> results = new ArrayList<Cell>(1);
-      while (true) {
-        scanner.next(results);
-        if (results.isEmpty()) break;
-        Cell cell = results.get(0);
-        int ordinal = Bytes.toInt(cell.getRowArray(), cell.getRowOffset(), cell.getRowLength());
-        String label = this.visibilityManager.getLabel(ordinal);
-        if (label != null) {
-          response.addAuth(ZeroCopyLiteralByteString.wrap(Bytes.toBytes(label)));
-        }
-        results.clear();
+      List<String> labels = getUserAuthsFromLablesTable(user);
+      for (String label : labels) {
+        response.addAuth(ZeroCopyLiteralByteString.wrap(Bytes.toBytes(label)));
      }
    } catch (IOException e) {
      ResponseConverter.setControllerException(controller, e);
@ -1195,6 +1176,32 @@ public class VisibilityController extends BaseRegionObserver implements MasterOb
    done.run(response.build());
  }

+  private List<String> getUserAuthsFromLablesTable(byte[] user) throws IOException {
+    Scan s = new Scan();
+    s.addColumn(LABELS_TABLE_FAMILY, user);
+    Filter filter = createVisibilityLabelFilter(this.regionEnv.getRegion(), new Authorizations(
+        SYSTEM_LABEL));
+    s.setFilter(filter);
+    List<String> auths = new ArrayList<String>();
+    // We do ACL check here as we create scanner directly on region. It will not make calls to
+    // AccessController CP methods.
+    performACLCheck();
+    RegionScanner scanner = this.regionEnv.getRegion().getScanner(s);
+    List<Cell> results = new ArrayList<Cell>(1);
+    while (true) {
+      scanner.next(results);
+      if (results.isEmpty()) break;
+      Cell cell = results.get(0);
+      int ordinal = Bytes.toInt(cell.getRowArray(), cell.getRowOffset(), cell.getRowLength());
+      String label = this.visibilityManager.getLabel(ordinal);
+      if (label != null) {
+        auths.add(label);
+      }
+      results.clear();
+    }
+    return auths;
+  }
+
  @Override
  public synchronized void clearAuths(RpcController controller, SetAuthsRequest request,
      RpcCallback<VisibilityLabelsResponse> done) {
@ -1203,7 +1210,7 @@ public class VisibilityController extends BaseRegionObserver implements MasterOb
    byte[] user = request.getUser().toByteArray();
    try {
      checkCallingUserAuth();
-      List<String> currentAuths = this.visibilityManager.getAuths(Bytes.toString(user));
+      List<String> currentAuths = this.getUserAuthsFromLablesTable(user);
      List<Mutation> deletes = new ArrayList<Mutation>(auths.size());
      RegionActionResult successResult = RegionActionResult.newBuilder().build();
      for (ByteString authBS : auths) {
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabels.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabels.java
@ -348,6 +348,12 @@ public class TestVisibilityLabels {
      } catch (InterruptedException e) {
      }
    }
+    while (regionServer.getOnlineRegions(LABELS_TABLE_NAME).isEmpty()) {
+      try {
+        Thread.sleep(10);
+      } catch (InterruptedException e) {
+      }
+    }
    HTable table = createTableAndWriteDataWithLabels(tableName, "(" + SECRET + "|" + CONFIDENTIAL
        + ")", PRIVATE);
    try {
@ -379,6 +385,13 @@ public class TestVisibilityLabels {
      } catch (InterruptedException e) {
      }
    }
+    while (regionServer.getOnlineRegions(LABELS_TABLE_NAME).isEmpty()) {
+      try {
+        Thread.sleep(10);
+      } catch (InterruptedException e) {
+      }
+    }
+
    String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, "ABC", "XYZ" };
    try {
      VisibilityClient.addLabels(conf, labels);