HBASE-11713 Adding hbase shell unit test coverage for visibility labels (Srikanth Srungarapu)
This commit is contained in:
parent
a3f99265c3
commit
baeabeab83
|
@ -13,6 +13,8 @@ package org.apache.hadoop.hbase.security.visibility;
|
|||
import java.io.IOException;
|
||||
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
|
||||
|
||||
|
||||
/**
|
||||
* Utility methods for testing visibility labels.
|
||||
|
@ -21,8 +23,18 @@ public class VisibilityTestUtil {
|
|||
|
||||
public static void enableVisiblityLabels(Configuration conf) throws IOException {
|
||||
conf.setInt("hfile.format.version", 3);
|
||||
conf.set("hbase.coprocessor.master.classes", VisibilityController.class.getName());
|
||||
conf.set("hbase.coprocessor.region.classes", VisibilityController.class.getName());
|
||||
appendCoprocessor(conf, CoprocessorHost.MASTER_COPROCESSOR_CONF_KEY,
|
||||
VisibilityController.class.getName());
|
||||
appendCoprocessor(conf, CoprocessorHost.REGION_COPROCESSOR_CONF_KEY,
|
||||
VisibilityController.class.getName());
|
||||
}
|
||||
|
||||
private static void appendCoprocessor(Configuration conf, String property, String value) {
|
||||
if (conf.get(property) == null) {
|
||||
conf.set(property, VisibilityController.class.getName());
|
||||
} else {
|
||||
conf.set(property, conf.get(property) + "," + VisibilityController.class.getName());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -30,6 +30,7 @@ import org.apache.hadoop.hbase.HConstants;
|
|||
import org.apache.hadoop.hbase.LargeTests;
|
||||
import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
|
||||
import org.apache.hadoop.hbase.security.access.SecureTestUtil;
|
||||
import org.apache.hadoop.hbase.security.visibility.VisibilityTestUtil;
|
||||
import org.jruby.embed.PathType;
|
||||
import org.jruby.embed.ScriptingContainer;
|
||||
import org.junit.AfterClass;
|
||||
|
@ -51,8 +52,10 @@ public class TestShell {
|
|||
TEST_UTIL.getConfiguration().setInt("hbase.client.pause", 250);
|
||||
TEST_UTIL.getConfiguration().setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 6);
|
||||
TEST_UTIL.getConfiguration().setBoolean(CoprocessorHost.ABORT_ON_ERROR_KEY, false);
|
||||
TEST_UTIL.getConfiguration().setInt("hfile.format.version", 3);
|
||||
// Security setup configuration
|
||||
SecureTestUtil.enableSecurity(TEST_UTIL.getConfiguration());
|
||||
VisibilityTestUtil.enableVisiblityLabels(TEST_UTIL.getConfiguration());
|
||||
|
||||
TEST_UTIL.startMiniCluster();
|
||||
|
||||
|
|
|
@ -132,10 +132,7 @@ module Hbase
|
|||
define_test "put should work with attributes" do
|
||||
@test_table.put("123", "x:a", 4, {ATTRIBUTES=>{'mykey'=>'myvalue'}})
|
||||
end
|
||||
|
||||
define_test "put should work with VISIBILITY" do
|
||||
@test_table.put("123", "x:a", 4, {VISIBILITY=>'mykey'})
|
||||
end
|
||||
|
||||
#-------------------------------------------------------------------------------
|
||||
|
||||
define_test "delete should work without timestamp" do
|
||||
|
@ -206,9 +203,6 @@ module Hbase
|
|||
|
||||
@test_table.put(3, "x:a", 21, {ATTRIBUTES=>{'mykey'=>'myvalue'}})
|
||||
@test_table.put(3, "x:b", 22, @test_ts, {ATTRIBUTES=>{'mykey'=>'myvalue'}})
|
||||
|
||||
@test_table.put(4, "x:a", 31, {VISIBILITY=>'mykey'})
|
||||
@test_table.put(4, "x:b", 32, @test_ts, {VISIBILITY=>'mykey'})
|
||||
|
||||
end
|
||||
|
||||
|
@ -242,14 +236,6 @@ module Hbase
|
|||
assert_not_nil(res['x:a'])
|
||||
assert_not_nil(res['x:b'])
|
||||
end
|
||||
|
||||
define_test "get should work for data written with Visibility" do
|
||||
res = @test_table._get_internal('4')
|
||||
assert_not_nil(res)
|
||||
assert_kind_of(Hash, res)
|
||||
assert_not_nil(res['x:a'])
|
||||
assert_not_nil(res['x:b'])
|
||||
end
|
||||
|
||||
define_test "get should work with integer keys" do
|
||||
res = @test_table._get_internal(1)
|
||||
|
|
|
@ -0,0 +1,85 @@
|
|||
#
|
||||
#
|
||||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
require 'shell'
|
||||
require 'shell/formatter'
|
||||
require 'hbase'
|
||||
require 'hbase/hbase'
|
||||
require 'hbase/table'
|
||||
|
||||
include HBaseConstants
|
||||
|
||||
module Hbase
|
||||
# Simple secure administration methods tests
|
||||
class VisibilityLabelsAdminMethodsTest < Test::Unit::TestCase
|
||||
include TestHelpers
|
||||
|
||||
def setup
|
||||
setup_hbase
|
||||
@test_name = "hbase_shell_tests_table"
|
||||
@test_table = table(@test_name)
|
||||
# Create table test table name
|
||||
create_test_table(@test_name)
|
||||
end
|
||||
|
||||
define_test "Labels should be created as specified" do
|
||||
label = 'TEST_LABELS'
|
||||
count = table('hbase:labels')._count_internal
|
||||
visibility_admin.add_labels('test_label')
|
||||
assert_equal(count + 1, table('hbase:labels')._count_internal)
|
||||
end
|
||||
|
||||
define_test "The set/clear methods should work with authorizations" do
|
||||
label = 'TEST_AUTHS'
|
||||
user = org.apache.hadoop.hbase.security.User.getCurrent().getName();
|
||||
visibility_admin.add_labels(label)
|
||||
count = visibility_admin.get_auths(user).length
|
||||
|
||||
# verifying the set functionality
|
||||
visibility_admin.set_auths(user, label)
|
||||
assert_equal(count + 1, visibility_admin.get_auths(user).length)
|
||||
assert_block do
|
||||
visibility_admin.get_auths(user).any? {
|
||||
|auth| org.apache.hadoop.hbase.util.Bytes::toStringBinary(auth.toByteArray) == label
|
||||
}
|
||||
end
|
||||
|
||||
# verifying the clear functionality
|
||||
visibility_admin.clear_auths(user, label)
|
||||
assert_equal(count, visibility_admin.get_auths(user).length)
|
||||
end
|
||||
|
||||
define_test "The get/put methods should work for data written with Visibility" do
|
||||
label = 'TEST_VISIBILITY'
|
||||
user = org.apache.hadoop.hbase.security.User.getCurrent().getName();
|
||||
visibility_admin.add_labels(label)
|
||||
visibility_admin.set_auths(user, label)
|
||||
|
||||
# verifying put functionality
|
||||
@test_table.put(1, "x:a", 31, {VISIBILITY=>label})
|
||||
|
||||
# verifying get functionality
|
||||
res = @test_table._get_internal('1', {AUTHORIZATIONS=>[label]})
|
||||
assert_not_nil(res)
|
||||
assert_kind_of(Hash, res)
|
||||
assert_not_nil(res['x:a'])
|
||||
end
|
||||
|
||||
end
|
||||
end
|
|
@ -60,6 +60,10 @@ module Hbase
|
|||
@shell.hbase_security_admin
|
||||
end
|
||||
|
||||
def visibility_admin
|
||||
@shell.hbase_visibility_labels_admin
|
||||
end
|
||||
|
||||
def create_test_table(name)
|
||||
# Create the table if needed
|
||||
unless admin.exists?(name)
|
||||
|
|
Loading…
Reference in New Issue