HBASE-19914 Refactor TestVisibilityLabelsOnNewVersionBehaviorTable

This commit is contained in:
zhangduo 2018-02-04 08:38:46 +08:00
parent a3233572ac
commit cb138c2da8
5 changed files with 887 additions and 938 deletions

View File

@ -552,6 +552,11 @@ public class ColumnFamilyDescriptorBuilder {
return this;
}
public ColumnFamilyDescriptorBuilder setNewVersionBehavior(final boolean value) {
desc.setNewVersionBehavior(value);
return this;
}
public ColumnFamilyDescriptorBuilder setValue(final Bytes key, final Bytes value) {
desc.setValue(key, value);
return this;

View File

@ -18,30 +18,33 @@
package org.apache.hadoop.hbase.security.visibility;
import java.io.IOException;
import org.apache.hadoop.hbase.HBaseClassTestRule;
import org.apache.hadoop.hbase.HColumnDescriptor;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.client.TableDescriptorBuilder;
import org.apache.hadoop.hbase.testclassification.MediumTests;
import org.apache.hadoop.hbase.testclassification.SecurityTests;
import org.junit.ClassRule;
import org.junit.experimental.categories.Category;
@Category({ SecurityTests.class, MediumTests.class })
public class TestVisibilityLabelsOnNewVersionBehaviorTable extends TestVisibilityLabelsWithDeletes {
public class TestVisibilityLabelsOnNewVersionBehaviorTable
extends VisibilityLabelsWithDeletesTestBase {
@ClassRule
public static final HBaseClassTestRule CLASS_RULE =
HBaseClassTestRule.forClass(TestVisibilityLabelsOnNewVersionBehaviorTable.class);
@Override
protected Table createTable(HColumnDescriptor fam) throws IOException {
fam.setNewVersionBehavior(true);
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
HTableDescriptor table = new HTableDescriptor(tableName);
table.addFamily(fam);
TEST_UTIL.getHBaseAdmin().createTable(table);
protected Table createTable(byte[] fam) throws IOException {
TableName tableName = TableName.valueOf(testName.getMethodName());
TEST_UTIL.getAdmin()
.createTable(TableDescriptorBuilder.newBuilder(tableName)
.addColumnFamily(
ColumnFamilyDescriptorBuilder.newBuilder(fam).setNewVersionBehavior(true).build())
.build());
return TEST_UTIL.getConnection().getTable(tableName);
}
}

View File

@ -114,7 +114,7 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
SUPERUSER.runAs(action);
}
@Test(timeout = 60 * 1000)
@Test
public void testAddVisibilityLabelsOnRSRestart() throws Exception {
List<RegionServerThread> regionServerThreads = TEST_UTIL.getHBaseCluster()
.getRegionServerThreads();
@ -227,7 +227,7 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
SUPERUSER.runAs(action);
}
@Test(timeout = 60 * 1000)
@Test
public void testVisibilityLabelsOnWALReplay() throws Exception {
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
try (Table table = createTableAndWriteDataWithLabels(tableName,

View File

@ -0,0 +1,313 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.hbase.security.visibility;
import static org.apache.hadoop.hbase.security.visibility.VisibilityConstants.LABELS_TABLE_NAME;
import static org.junit.Assert.assertTrue;
import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellScanner;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Delete;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.Result;
import org.apache.hadoop.hbase.client.ResultScanner;
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.util.Bytes;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;
/**
* Tests visibility labels with deletes
*/
public abstract class VisibilityLabelsWithDeletesTestBase {
protected static final String TOPSECRET = "TOPSECRET";
protected static final String PUBLIC = "PUBLIC";
protected static final String PRIVATE = "PRIVATE";
protected static final String CONFIDENTIAL = "CONFIDENTIAL";
protected static final String SECRET = "SECRET";
protected static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
protected static final byte[] row1 = Bytes.toBytes("row1");
protected static final byte[] row2 = Bytes.toBytes("row2");
protected final static byte[] fam = Bytes.toBytes("info");
protected final static byte[] qual = Bytes.toBytes("qual");
protected final static byte[] qual1 = Bytes.toBytes("qual1");
protected final static byte[] qual2 = Bytes.toBytes("qual2");
protected final static byte[] value = Bytes.toBytes("value");
protected final static byte[] value1 = Bytes.toBytes("value1");
protected static Configuration conf;
@Rule
public final TestName testName = new TestName();
protected static User SUPERUSER;
@BeforeClass
public static void setupBeforeClass() throws Exception {
// setup configuration
conf = TEST_UTIL.getConfiguration();
VisibilityTestUtil.enableVisiblityLabels(conf);
conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class,
ScanLabelGenerator.class);
conf.set("hbase.superuser", "admin");
TEST_UTIL.startMiniCluster(2);
SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" });
// Wait for the labels table to become available
TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000);
addLabels();
}
@AfterClass
public static void tearDownAfterClass() throws Exception {
TEST_UTIL.shutdownMiniCluster();
}
public static void addLabels() throws Exception {
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
@Override
public VisibilityLabelsResponse run() throws Exception {
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE };
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityClient.addLabels(conn, labels);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(action);
}
protected abstract Table createTable(byte[] fam) throws IOException;
protected final void setAuths() throws IOException, InterruptedException {
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
@Override
public VisibilityLabelsResponse run() throws Exception {
try (Connection conn = ConnectionFactory.createConnection(conf)) {
return VisibilityClient.setAuths(conn,
new String[] { CONFIDENTIAL, PRIVATE, SECRET, TOPSECRET }, SUPERUSER.getShortName());
} catch (Throwable e) {
}
return null;
}
};
SUPERUSER.runAs(action);
}
private Table createTableAndWriteDataWithLabels(String... labelExps) throws Exception {
Table table = createTable(fam);
int i = 1;
List<Put> puts = new ArrayList<>(labelExps.length);
for (String labelExp : labelExps) {
Put put = new Put(Bytes.toBytes("row" + i));
put.addColumn(fam, qual, HConstants.LATEST_TIMESTAMP, value);
put.setCellVisibility(new CellVisibility(labelExp));
puts.add(put);
table.put(put);
i++;
}
// table.put(puts);
return table;
}
private Table createTableAndWriteDataWithLabels(long[] timestamp, String... labelExps)
throws Exception {
Table table = createTable(fam);
int i = 1;
List<Put> puts = new ArrayList<>(labelExps.length);
for (String labelExp : labelExps) {
Put put = new Put(Bytes.toBytes("row" + i));
put.addColumn(fam, qual, timestamp[i - 1], value);
put.setCellVisibility(new CellVisibility(labelExp));
puts.add(put);
table.put(put);
TEST_UTIL.getAdmin().flush(table.getName());
i++;
}
return table;
}
@Test
public void testVisibilityLabelsWithDeleteColumns() throws Throwable {
setAuths();
final TableName tableName = TableName.valueOf(testName.getMethodName());
try (Table table = createTableAndWriteDataWithLabels(SECRET + "&" + TOPSECRET, SECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row1);
d.setCellVisibility(new CellVisibility(TOPSECRET + "&" + SECRET));
d.addColumns(fam, qual);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
row2, 0, row2.length));
}
}
@Test
public void testVisibilityLabelsWithDeleteFamily() throws Exception {
setAuths();
final TableName tableName = TableName.valueOf(testName.getMethodName());
try (Table table = createTableAndWriteDataWithLabels(SECRET, CONFIDENTIAL + "|" + TOPSECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row2);
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
d.addFamily(fam);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
row1, 0, row1.length));
}
}
@Test
public void testVisibilityLabelsWithDeleteFamilyVersion() throws Exception {
setAuths();
final TableName tableName = TableName.valueOf(testName.getMethodName());
long[] ts = new long[] { 123L, 125L };
try (
Table table = createTableAndWriteDataWithLabels(ts, CONFIDENTIAL + "|" + TOPSECRET, SECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row1);
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
d.addFamilyVersion(fam, 123L);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
row2, 0, row2.length));
}
}
@Test
public void testVisibilityLabelsWithDeleteColumnExactVersion() throws Exception {
setAuths();
final TableName tableName = TableName.valueOf(testName.getMethodName());
long[] ts = new long[] { 123L, 125L };
try (
Table table = createTableAndWriteDataWithLabels(ts, CONFIDENTIAL + "|" + TOPSECRET, SECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row1);
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
d.addColumn(fam, qual, 123L);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(),
row2, 0, row2.length));
}
}
}