HBASE-19914 Refactor TestVisibilityLabelsOnNewVersionBehaviorTable
This commit is contained in:
parent
a3233572ac
commit
cb138c2da8
|
@ -552,6 +552,11 @@ public class ColumnFamilyDescriptorBuilder {
|
|||
return this;
|
||||
}
|
||||
|
||||
public ColumnFamilyDescriptorBuilder setNewVersionBehavior(final boolean value) {
|
||||
desc.setNewVersionBehavior(value);
|
||||
return this;
|
||||
}
|
||||
|
||||
public ColumnFamilyDescriptorBuilder setValue(final Bytes key, final Bytes value) {
|
||||
desc.setValue(key, value);
|
||||
return this;
|
||||
|
|
|
@ -18,30 +18,33 @@
|
|||
package org.apache.hadoop.hbase.security.visibility;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.apache.hadoop.hbase.HBaseClassTestRule;
|
||||
import org.apache.hadoop.hbase.HColumnDescriptor;
|
||||
import org.apache.hadoop.hbase.HTableDescriptor;
|
||||
import org.apache.hadoop.hbase.TableName;
|
||||
import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
|
||||
import org.apache.hadoop.hbase.client.Table;
|
||||
import org.apache.hadoop.hbase.client.TableDescriptorBuilder;
|
||||
import org.apache.hadoop.hbase.testclassification.MediumTests;
|
||||
import org.apache.hadoop.hbase.testclassification.SecurityTests;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.experimental.categories.Category;
|
||||
|
||||
|
||||
@Category({ SecurityTests.class, MediumTests.class })
|
||||
public class TestVisibilityLabelsOnNewVersionBehaviorTable extends TestVisibilityLabelsWithDeletes {
|
||||
public class TestVisibilityLabelsOnNewVersionBehaviorTable
|
||||
extends VisibilityLabelsWithDeletesTestBase {
|
||||
|
||||
@ClassRule
|
||||
public static final HBaseClassTestRule CLASS_RULE =
|
||||
HBaseClassTestRule.forClass(TestVisibilityLabelsOnNewVersionBehaviorTable.class);
|
||||
|
||||
@Override
|
||||
protected Table createTable(HColumnDescriptor fam) throws IOException {
|
||||
fam.setNewVersionBehavior(true);
|
||||
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
|
||||
HTableDescriptor table = new HTableDescriptor(tableName);
|
||||
table.addFamily(fam);
|
||||
TEST_UTIL.getHBaseAdmin().createTable(table);
|
||||
protected Table createTable(byte[] fam) throws IOException {
|
||||
TableName tableName = TableName.valueOf(testName.getMethodName());
|
||||
TEST_UTIL.getAdmin()
|
||||
.createTable(TableDescriptorBuilder.newBuilder(tableName)
|
||||
.addColumnFamily(
|
||||
ColumnFamilyDescriptorBuilder.newBuilder(fam).setNewVersionBehavior(true).build())
|
||||
.build());
|
||||
return TEST_UTIL.getConnection().getTable(tableName);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -114,7 +114,7 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
|
|||
SUPERUSER.runAs(action);
|
||||
}
|
||||
|
||||
@Test(timeout = 60 * 1000)
|
||||
@Test
|
||||
public void testAddVisibilityLabelsOnRSRestart() throws Exception {
|
||||
List<RegionServerThread> regionServerThreads = TEST_UTIL.getHBaseCluster()
|
||||
.getRegionServerThreads();
|
||||
|
@ -227,7 +227,7 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
|
|||
SUPERUSER.runAs(action);
|
||||
}
|
||||
|
||||
@Test(timeout = 60 * 1000)
|
||||
@Test
|
||||
public void testVisibilityLabelsOnWALReplay() throws Exception {
|
||||
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
|
||||
try (Table table = createTableAndWriteDataWithLabels(tableName,
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,313 @@
|
|||
/**
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.apache.hadoop.hbase.security.visibility;
|
||||
|
||||
import static org.apache.hadoop.hbase.security.visibility.VisibilityConstants.LABELS_TABLE_NAME;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.hbase.Cell;
|
||||
import org.apache.hadoop.hbase.CellScanner;
|
||||
import org.apache.hadoop.hbase.HBaseTestingUtility;
|
||||
import org.apache.hadoop.hbase.HConstants;
|
||||
import org.apache.hadoop.hbase.TableName;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.Delete;
|
||||
import org.apache.hadoop.hbase.client.Put;
|
||||
import org.apache.hadoop.hbase.client.Result;
|
||||
import org.apache.hadoop.hbase.client.ResultScanner;
|
||||
import org.apache.hadoop.hbase.client.Scan;
|
||||
import org.apache.hadoop.hbase.client.Table;
|
||||
import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse;
|
||||
import org.apache.hadoop.hbase.security.User;
|
||||
import org.apache.hadoop.hbase.util.Bytes;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.TestName;
|
||||
|
||||
/**
|
||||
* Tests visibility labels with deletes
|
||||
*/
|
||||
public abstract class VisibilityLabelsWithDeletesTestBase {
|
||||
|
||||
protected static final String TOPSECRET = "TOPSECRET";
|
||||
protected static final String PUBLIC = "PUBLIC";
|
||||
protected static final String PRIVATE = "PRIVATE";
|
||||
protected static final String CONFIDENTIAL = "CONFIDENTIAL";
|
||||
protected static final String SECRET = "SECRET";
|
||||
protected static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
|
||||
protected static final byte[] row1 = Bytes.toBytes("row1");
|
||||
protected static final byte[] row2 = Bytes.toBytes("row2");
|
||||
protected final static byte[] fam = Bytes.toBytes("info");
|
||||
protected final static byte[] qual = Bytes.toBytes("qual");
|
||||
protected final static byte[] qual1 = Bytes.toBytes("qual1");
|
||||
protected final static byte[] qual2 = Bytes.toBytes("qual2");
|
||||
protected final static byte[] value = Bytes.toBytes("value");
|
||||
protected final static byte[] value1 = Bytes.toBytes("value1");
|
||||
protected static Configuration conf;
|
||||
|
||||
@Rule
|
||||
public final TestName testName = new TestName();
|
||||
protected static User SUPERUSER;
|
||||
|
||||
@BeforeClass
|
||||
public static void setupBeforeClass() throws Exception {
|
||||
// setup configuration
|
||||
conf = TEST_UTIL.getConfiguration();
|
||||
VisibilityTestUtil.enableVisiblityLabels(conf);
|
||||
conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class,
|
||||
ScanLabelGenerator.class);
|
||||
conf.set("hbase.superuser", "admin");
|
||||
TEST_UTIL.startMiniCluster(2);
|
||||
SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" });
|
||||
|
||||
// Wait for the labels table to become available
|
||||
TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000);
|
||||
addLabels();
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void tearDownAfterClass() throws Exception {
|
||||
TEST_UTIL.shutdownMiniCluster();
|
||||
}
|
||||
|
||||
public static void addLabels() throws Exception {
|
||||
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
|
||||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE };
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
SUPERUSER.runAs(action);
|
||||
}
|
||||
|
||||
protected abstract Table createTable(byte[] fam) throws IOException;
|
||||
|
||||
protected final void setAuths() throws IOException, InterruptedException {
|
||||
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
|
||||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn,
|
||||
new String[] { CONFIDENTIAL, PRIVATE, SECRET, TOPSECRET }, SUPERUSER.getShortName());
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
SUPERUSER.runAs(action);
|
||||
}
|
||||
|
||||
private Table createTableAndWriteDataWithLabels(String... labelExps) throws Exception {
|
||||
Table table = createTable(fam);
|
||||
int i = 1;
|
||||
List<Put> puts = new ArrayList<>(labelExps.length);
|
||||
for (String labelExp : labelExps) {
|
||||
Put put = new Put(Bytes.toBytes("row" + i));
|
||||
put.addColumn(fam, qual, HConstants.LATEST_TIMESTAMP, value);
|
||||
put.setCellVisibility(new CellVisibility(labelExp));
|
||||
puts.add(put);
|
||||
table.put(put);
|
||||
i++;
|
||||
}
|
||||
// table.put(puts);
|
||||
return table;
|
||||
}
|
||||
|
||||
private Table createTableAndWriteDataWithLabels(long[] timestamp, String... labelExps)
|
||||
throws Exception {
|
||||
Table table = createTable(fam);
|
||||
int i = 1;
|
||||
List<Put> puts = new ArrayList<>(labelExps.length);
|
||||
for (String labelExp : labelExps) {
|
||||
Put put = new Put(Bytes.toBytes("row" + i));
|
||||
put.addColumn(fam, qual, timestamp[i - 1], value);
|
||||
put.setCellVisibility(new CellVisibility(labelExp));
|
||||
puts.add(put);
|
||||
table.put(put);
|
||||
TEST_UTIL.getAdmin().flush(table.getName());
|
||||
i++;
|
||||
}
|
||||
return table;
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisibilityLabelsWithDeleteColumns() throws Throwable {
|
||||
setAuths();
|
||||
final TableName tableName = TableName.valueOf(testName.getMethodName());
|
||||
|
||||
try (Table table = createTableAndWriteDataWithLabels(SECRET + "&" + TOPSECRET, SECRET)) {
|
||||
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
|
||||
@Override
|
||||
public Void run() throws Exception {
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf);
|
||||
Table table = connection.getTable(tableName)) {
|
||||
Delete d = new Delete(row1);
|
||||
d.setCellVisibility(new CellVisibility(TOPSECRET + "&" + SECRET));
|
||||
d.addColumns(fam, qual);
|
||||
table.delete(d);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
SUPERUSER.runAs(actiona);
|
||||
|
||||
TEST_UTIL.getAdmin().flush(tableName);
|
||||
Scan s = new Scan();
|
||||
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
|
||||
ResultScanner scanner = table.getScanner(s);
|
||||
Result[] next = scanner.next(3);
|
||||
assertTrue(next.length == 1);
|
||||
CellScanner cellScanner = next[0].cellScanner();
|
||||
cellScanner.advance();
|
||||
Cell current = cellScanner.current();
|
||||
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
|
||||
row2, 0, row2.length));
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisibilityLabelsWithDeleteFamily() throws Exception {
|
||||
setAuths();
|
||||
final TableName tableName = TableName.valueOf(testName.getMethodName());
|
||||
try (Table table = createTableAndWriteDataWithLabels(SECRET, CONFIDENTIAL + "|" + TOPSECRET)) {
|
||||
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
|
||||
@Override
|
||||
public Void run() throws Exception {
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf);
|
||||
Table table = connection.getTable(tableName)) {
|
||||
Delete d = new Delete(row2);
|
||||
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
|
||||
d.addFamily(fam);
|
||||
table.delete(d);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
SUPERUSER.runAs(actiona);
|
||||
|
||||
TEST_UTIL.getAdmin().flush(tableName);
|
||||
Scan s = new Scan();
|
||||
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
|
||||
ResultScanner scanner = table.getScanner(s);
|
||||
Result[] next = scanner.next(3);
|
||||
assertTrue(next.length == 1);
|
||||
CellScanner cellScanner = next[0].cellScanner();
|
||||
cellScanner.advance();
|
||||
Cell current = cellScanner.current();
|
||||
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
|
||||
row1, 0, row1.length));
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisibilityLabelsWithDeleteFamilyVersion() throws Exception {
|
||||
setAuths();
|
||||
final TableName tableName = TableName.valueOf(testName.getMethodName());
|
||||
long[] ts = new long[] { 123L, 125L };
|
||||
try (
|
||||
Table table = createTableAndWriteDataWithLabels(ts, CONFIDENTIAL + "|" + TOPSECRET, SECRET)) {
|
||||
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
|
||||
@Override
|
||||
public Void run() throws Exception {
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf);
|
||||
Table table = connection.getTable(tableName)) {
|
||||
Delete d = new Delete(row1);
|
||||
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
|
||||
d.addFamilyVersion(fam, 123L);
|
||||
table.delete(d);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
SUPERUSER.runAs(actiona);
|
||||
|
||||
TEST_UTIL.getAdmin().flush(tableName);
|
||||
Scan s = new Scan();
|
||||
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
|
||||
ResultScanner scanner = table.getScanner(s);
|
||||
Result[] next = scanner.next(3);
|
||||
assertTrue(next.length == 1);
|
||||
CellScanner cellScanner = next[0].cellScanner();
|
||||
cellScanner.advance();
|
||||
Cell current = cellScanner.current();
|
||||
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
|
||||
row2, 0, row2.length));
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisibilityLabelsWithDeleteColumnExactVersion() throws Exception {
|
||||
setAuths();
|
||||
final TableName tableName = TableName.valueOf(testName.getMethodName());
|
||||
long[] ts = new long[] { 123L, 125L };
|
||||
try (
|
||||
Table table = createTableAndWriteDataWithLabels(ts, CONFIDENTIAL + "|" + TOPSECRET, SECRET)) {
|
||||
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
|
||||
@Override
|
||||
public Void run() throws Exception {
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf);
|
||||
Table table = connection.getTable(tableName)) {
|
||||
Delete d = new Delete(row1);
|
||||
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
|
||||
d.addColumn(fam, qual, 123L);
|
||||
table.delete(d);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
SUPERUSER.runAs(actiona);
|
||||
|
||||
TEST_UTIL.getAdmin().flush(tableName);
|
||||
Scan s = new Scan();
|
||||
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
|
||||
ResultScanner scanner = table.getScanner(s);
|
||||
Result[] next = scanner.next(3);
|
||||
assertTrue(next.length == 1);
|
||||
CellScanner cellScanner = next[0].cellScanner();
|
||||
cellScanner.advance();
|
||||
Cell current = cellScanner.current();
|
||||
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
|
||||
row2, 0, row2.length));
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue