HBASE-13358 - Update VisibilityClient to accept Connection objects.
Signed-off-by: Srikanth Srungarapu <ssrungarapu@cloudera.com>
This commit is contained in:
parent
235dc9734f
commit
d50d6d967d
|
@ -56,87 +56,82 @@ public class VisibilityClient {
|
|||
|
||||
/**
|
||||
* Utility method for adding label to the system.
|
||||
*
|
||||
* @param conf
|
||||
*
|
||||
* @param connection
|
||||
* @param label
|
||||
* @return VisibilityLabelsResponse
|
||||
* @throws Throwable
|
||||
*/
|
||||
public static VisibilityLabelsResponse addLabel(Configuration conf, final String label)
|
||||
public static VisibilityLabelsResponse addLabel(Connection connection, final String label)
|
||||
throws Throwable {
|
||||
return addLabels(conf, new String[] { label });
|
||||
return addLabels(connection, new String[] { label });
|
||||
}
|
||||
|
||||
/**
|
||||
* Utility method for adding labels to the system.
|
||||
*
|
||||
* @param conf
|
||||
*
|
||||
* @param connection
|
||||
* @param labels
|
||||
* @return VisibilityLabelsResponse
|
||||
* @throws Throwable
|
||||
*/
|
||||
public static VisibilityLabelsResponse addLabels(Configuration conf, final String[] labels)
|
||||
public static VisibilityLabelsResponse addLabels(Connection connection, final String[] labels)
|
||||
throws Throwable {
|
||||
// TODO: Make it so caller passes in a Connection rather than have us do this expensive
|
||||
// setup each time. This class only used in test and shell at moment though.
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf)) {
|
||||
try (Table table = connection.getTable(LABELS_TABLE_NAME)) {
|
||||
Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse> callable =
|
||||
new Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse>() {
|
||||
ServerRpcController controller = new ServerRpcController();
|
||||
BlockingRpcCallback<VisibilityLabelsResponse> rpcCallback =
|
||||
new BlockingRpcCallback<VisibilityLabelsResponse>();
|
||||
|
||||
public VisibilityLabelsResponse call(VisibilityLabelsService service)
|
||||
throws IOException {
|
||||
VisibilityLabelsRequest.Builder builder = VisibilityLabelsRequest.newBuilder();
|
||||
for (String label : labels) {
|
||||
if (label.length() > 0) {
|
||||
VisibilityLabel.Builder newBuilder = VisibilityLabel.newBuilder();
|
||||
newBuilder.setLabel(ByteStringer.wrap(Bytes.toBytes(label)));
|
||||
builder.addVisLabel(newBuilder.build());
|
||||
try (Table table = connection.getTable(LABELS_TABLE_NAME)) {
|
||||
Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse> callable =
|
||||
new Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse>() {
|
||||
ServerRpcController controller = new ServerRpcController();
|
||||
BlockingRpcCallback<VisibilityLabelsResponse> rpcCallback =
|
||||
new BlockingRpcCallback<VisibilityLabelsResponse>();
|
||||
|
||||
public VisibilityLabelsResponse call(VisibilityLabelsService service)
|
||||
throws IOException {
|
||||
VisibilityLabelsRequest.Builder builder = VisibilityLabelsRequest.newBuilder();
|
||||
for (String label : labels) {
|
||||
if (label.length() > 0) {
|
||||
VisibilityLabel.Builder newBuilder = VisibilityLabel.newBuilder();
|
||||
newBuilder.setLabel(ByteStringer.wrap(Bytes.toBytes(label)));
|
||||
builder.addVisLabel(newBuilder.build());
|
||||
}
|
||||
}
|
||||
service.addLabels(controller, builder.build(), rpcCallback);
|
||||
VisibilityLabelsResponse response = rpcCallback.get();
|
||||
if (controller.failedOnException()) {
|
||||
throw controller.getFailedOn();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
service.addLabels(controller, builder.build(), rpcCallback);
|
||||
VisibilityLabelsResponse response = rpcCallback.get();
|
||||
if (controller.failedOnException()) {
|
||||
throw controller.getFailedOn();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
};
|
||||
Map<byte[], VisibilityLabelsResponse> result =
|
||||
};
|
||||
Map<byte[], VisibilityLabelsResponse> result =
|
||||
table.coprocessorService(VisibilityLabelsService.class, HConstants.EMPTY_BYTE_ARRAY,
|
||||
HConstants.EMPTY_BYTE_ARRAY, callable);
|
||||
return result.values().iterator().next(); // There will be exactly one region for labels
|
||||
// table and so one entry in result Map.
|
||||
}
|
||||
return result.values().iterator().next(); // There will be exactly one region for labels
|
||||
// table and so one entry in result Map.
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets given labels globally authorized for the user.
|
||||
* @param conf
|
||||
* @param connection
|
||||
* @param auths
|
||||
* @param user
|
||||
* @return VisibilityLabelsResponse
|
||||
* @throws Throwable
|
||||
*/
|
||||
public static VisibilityLabelsResponse setAuths(Configuration conf, final String[] auths,
|
||||
public static VisibilityLabelsResponse setAuths(Connection connection, final String[] auths,
|
||||
final String user) throws Throwable {
|
||||
return setOrClearAuths(conf, auths, user, true);
|
||||
return setOrClearAuths(connection, auths, user, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param conf
|
||||
* @param connection the Connection instance to use.
|
||||
* @param user
|
||||
* @return labels, the given user is globally authorized for.
|
||||
* @throws Throwable
|
||||
*/
|
||||
public static GetAuthsResponse getAuths(Configuration conf, final String user) throws Throwable {
|
||||
// TODO: Make it so caller passes in a Connection rather than have us do this expensive
|
||||
// setup each time. This class only used in test and shell at moment though.
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf)) {
|
||||
public static GetAuthsResponse getAuths(Connection connection, final String user)
|
||||
throws Throwable {
|
||||
try (Table table = connection.getTable(LABELS_TABLE_NAME)) {
|
||||
Batch.Call<VisibilityLabelsService, GetAuthsResponse> callable =
|
||||
new Batch.Call<VisibilityLabelsService, GetAuthsResponse>() {
|
||||
|
@ -161,44 +156,41 @@ public class VisibilityClient {
|
|||
return result.values().iterator().next(); // There will be exactly one region for labels
|
||||
// table and so one entry in result Map.
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the list of visibility labels defined in the system.
|
||||
* @param conf
|
||||
* @param connection The Connection instance to use.
|
||||
* @param regex The regular expression to filter which labels are returned.
|
||||
* @return labels The list of visibility labels defined in the system.
|
||||
* @throws Throwable
|
||||
*/
|
||||
public static ListLabelsResponse listLabels(Configuration conf, final String regex)
|
||||
public static ListLabelsResponse listLabels(Connection connection, final String regex)
|
||||
throws Throwable {
|
||||
Connection connection = null;
|
||||
Table table = null;
|
||||
try {
|
||||
connection = ConnectionFactory.createConnection(conf);
|
||||
table = connection.getTable(LABELS_TABLE_NAME);
|
||||
Batch.Call<VisibilityLabelsService, ListLabelsResponse> callable =
|
||||
new Batch.Call<VisibilityLabelsService, ListLabelsResponse>() {
|
||||
ServerRpcController controller = new ServerRpcController();
|
||||
BlockingRpcCallback<ListLabelsResponse> rpcCallback =
|
||||
new BlockingRpcCallback<ListLabelsResponse>();
|
||||
ServerRpcController controller = new ServerRpcController();
|
||||
BlockingRpcCallback<ListLabelsResponse> rpcCallback =
|
||||
new BlockingRpcCallback<ListLabelsResponse>();
|
||||
|
||||
public ListLabelsResponse call(VisibilityLabelsService service) throws IOException {
|
||||
ListLabelsRequest.Builder listAuthLabelsReqBuilder = ListLabelsRequest.newBuilder();
|
||||
if (regex != null) {
|
||||
// Compile the regex here to catch any regex exception earlier.
|
||||
Pattern pattern = Pattern.compile(regex);
|
||||
listAuthLabelsReqBuilder.setRegex(pattern.toString());
|
||||
}
|
||||
service.listLabels(controller, listAuthLabelsReqBuilder.build(), rpcCallback);
|
||||
ListLabelsResponse response = rpcCallback.get();
|
||||
if (controller.failedOnException()) {
|
||||
throw controller.getFailedOn();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
};
|
||||
public ListLabelsResponse call(VisibilityLabelsService service) throws IOException {
|
||||
ListLabelsRequest.Builder listAuthLabelsReqBuilder = ListLabelsRequest.newBuilder();
|
||||
if (regex != null) {
|
||||
// Compile the regex here to catch any regex exception earlier.
|
||||
Pattern pattern = Pattern.compile(regex);
|
||||
listAuthLabelsReqBuilder.setRegex(pattern.toString());
|
||||
}
|
||||
service.listLabels(controller, listAuthLabelsReqBuilder.build(), rpcCallback);
|
||||
ListLabelsResponse response = rpcCallback.get();
|
||||
if (controller.failedOnException()) {
|
||||
throw controller.getFailedOn();
|
||||
}
|
||||
return response;
|
||||
}
|
||||
};
|
||||
Map<byte[], ListLabelsResponse> result =
|
||||
table.coprocessorService(VisibilityLabelsService.class, HConstants.EMPTY_BYTE_ARRAY,
|
||||
HConstants.EMPTY_BYTE_ARRAY, callable);
|
||||
|
@ -217,22 +209,21 @@ public class VisibilityClient {
|
|||
|
||||
/**
|
||||
* Removes given labels from user's globally authorized list of labels.
|
||||
* @param conf
|
||||
* @param connection
|
||||
* @param auths
|
||||
* @param user
|
||||
* @return VisibilityLabelsResponse
|
||||
* @throws Throwable
|
||||
*/
|
||||
public static VisibilityLabelsResponse clearAuths(Configuration conf, final String[] auths,
|
||||
public static VisibilityLabelsResponse clearAuths(Connection connection, final String[] auths,
|
||||
final String user) throws Throwable {
|
||||
return setOrClearAuths(conf, auths, user, false);
|
||||
return setOrClearAuths(connection, auths, user, false);
|
||||
}
|
||||
|
||||
private static VisibilityLabelsResponse setOrClearAuths(Configuration conf, final String[] auths,
|
||||
final String user, final boolean setOrClear) throws IOException, ServiceException, Throwable {
|
||||
// TODO: Make it so caller passes in a Connection rather than have us do this expensive
|
||||
// setup each time. This class only used in test and shell at moment though.
|
||||
try (Connection connection = ConnectionFactory.createConnection(conf)) {
|
||||
private static VisibilityLabelsResponse setOrClearAuths(Connection connection,
|
||||
final String[] auths, final String user, final boolean setOrClear)
|
||||
throws IOException, ServiceException, Throwable {
|
||||
|
||||
try (Table table = connection.getTable(LABELS_TABLE_NAME)) {
|
||||
Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse> callable =
|
||||
new Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse>() {
|
||||
|
@ -266,6 +257,5 @@ public class VisibilityClient {
|
|||
return result.values().iterator().next(); // There will be exactly one region for labels
|
||||
// table and so one entry in result Map.
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -115,8 +115,8 @@ public class IntegrationTestIngestWithVisibilityLabels extends IntegrationTestIn
|
|||
|
||||
private void addLabels() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(util.getConfiguration(), LABELS);
|
||||
VisibilityClient.setAuths(util.getConfiguration(), LABELS, User.getCurrent().getName());
|
||||
VisibilityClient.addLabels(util.getConnection(), LABELS);
|
||||
VisibilityClient.setAuths(util.getConnection(), LABELS, User.getCurrent().getName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -385,8 +385,8 @@ public class IntegrationTestBigLinkedListWithVisibility extends IntegrationTestB
|
|||
|
||||
private void addLabels() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(util.getConfiguration(), labels.split(COMMA));
|
||||
VisibilityClient.setAuths(util.getConfiguration(), labels.split(COMMA), USER.getName());
|
||||
VisibilityClient.addLabels(util.getConnection(), labels.split(COMMA));
|
||||
VisibilityClient.setAuths(util.getConnection(), labels.split(COMMA), USER.getName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -141,10 +141,10 @@ public class IntegrationTestWithCellVisibilityLoadAndVerify extends IntegrationT
|
|||
|
||||
private void addLabelsAndAuths() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(util.getConfiguration(), LABELS);
|
||||
VisibilityClient.setAuths(util.getConfiguration(), new String[] { CONFIDENTIAL, TOPSECRET,
|
||||
VisibilityClient.addLabels(util.getConnection(), LABELS);
|
||||
VisibilityClient.setAuths(util.getConnection(), new String[] { CONFIDENTIAL, TOPSECRET,
|
||||
SECRET, PRIVATE }, USER1.getName());
|
||||
VisibilityClient.setAuths(util.getConfiguration(), new String[] { PUBLIC },
|
||||
VisibilityClient.setAuths(util.getConnection(), new String[] { PUBLIC },
|
||||
USER2.getName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
|
|
|
@ -24,6 +24,8 @@ import org.apache.hadoop.hbase.HTableDescriptor;
|
|||
import org.apache.hadoop.hbase.KeyValue;
|
||||
import org.apache.hadoop.hbase.TableName;
|
||||
import org.apache.hadoop.hbase.client.Admin;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.Durability;
|
||||
import org.apache.hadoop.hbase.client.Put;
|
||||
import org.apache.hadoop.hbase.client.Table;
|
||||
|
@ -165,8 +167,8 @@ public class TestScannersWithLabels {
|
|||
PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, PUBLIC, TOPSECRET };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
@ -177,8 +179,8 @@ public class TestScannersWithLabels {
|
|||
}
|
||||
private static void setAuths() throws Exception {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, PUBLIC, TOPSECRET };
|
||||
try {
|
||||
VisibilityClient.setAuths(conf, labels, User.getCurrent().getShortName());
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.setAuths(conn, labels, User.getCurrent().getShortName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -45,6 +45,8 @@ import org.apache.hadoop.hbase.TableName;
|
|||
import org.apache.hadoop.hbase.client.Admin;
|
||||
import org.apache.hadoop.hbase.testclassification.LargeTests;
|
||||
import org.apache.hadoop.hbase.testclassification.MapReduceTests;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.Delete;
|
||||
import org.apache.hadoop.hbase.client.HBaseAdmin;
|
||||
import org.apache.hadoop.hbase.client.HTable;
|
||||
|
@ -131,8 +133,8 @@ public class TestImportTSVWithVisibilityLabels implements Configurable {
|
|||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
LOG.info("Added labels ");
|
||||
} catch (Throwable t) {
|
||||
LOG.error("Error in adding labels" , t);
|
||||
|
|
|
@ -86,9 +86,9 @@ public class TestDefaultScanLabelGeneratorStack {
|
|||
// Set up for the test
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, new String[] { SECRET, CONFIDENTIAL });
|
||||
VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL }, TESTUSER.getShortName());
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, new String[] { SECRET, CONFIDENTIAL });
|
||||
VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL }, TESTUSER.getShortName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -84,9 +84,9 @@ public class TestEnforcingScanLabelGenerator {
|
|||
// Set up for the test
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, new String[] { SECRET, CONFIDENTIAL });
|
||||
VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, }, TESTUSER.getShortName());
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, new String[] { SECRET, CONFIDENTIAL });
|
||||
VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, }, TESTUSER.getShortName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -413,8 +413,8 @@ public abstract class TestVisibilityLabels {
|
|||
PrivilegedExceptionAction<Void> action = new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
String[] auths = { SECRET, CONFIDENTIAL };
|
||||
try {
|
||||
VisibilityClient.setAuths(conf, auths, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.setAuths(conn, auths, user);
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -439,8 +439,8 @@ public abstract class TestVisibilityLabels {
|
|||
action = new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
GetAuthsResponse authsResponse = null;
|
||||
try {
|
||||
authsResponse = VisibilityClient.getAuths(conf, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
authsResponse = VisibilityClient.getAuths(conn, user);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -461,10 +461,10 @@ public abstract class TestVisibilityLabels {
|
|||
public Void run() throws Exception {
|
||||
String[] auths1 = { SECRET, CONFIDENTIAL };
|
||||
GetAuthsResponse authsResponse = null;
|
||||
try {
|
||||
VisibilityClient.setAuths(conf, auths1, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.setAuths(conn, auths1, user);
|
||||
try {
|
||||
authsResponse = VisibilityClient.getAuths(conf, user);
|
||||
authsResponse = VisibilityClient.getAuths(conn, user);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -502,8 +502,8 @@ public abstract class TestVisibilityLabels {
|
|||
public Void run() throws Exception {
|
||||
String[] auths = { SECRET, CONFIDENTIAL, PRIVATE };
|
||||
String user = "testUser";
|
||||
try {
|
||||
VisibilityClient.setAuths(conf, auths, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.setAuths(conn, auths, user);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -511,8 +511,8 @@ public abstract class TestVisibilityLabels {
|
|||
// Passing a non existing auth also.
|
||||
auths = new String[] { SECRET, PUBLIC, CONFIDENTIAL };
|
||||
VisibilityLabelsResponse response = null;
|
||||
try {
|
||||
response = VisibilityClient.clearAuths(conf, auths, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
response = VisibilityClient.clearAuths(conn, auths, user);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -540,8 +540,8 @@ public abstract class TestVisibilityLabels {
|
|||
}
|
||||
|
||||
GetAuthsResponse authsResponse = null;
|
||||
try {
|
||||
authsResponse = VisibilityClient.getAuths(conf, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
authsResponse = VisibilityClient.getAuths(conn, user);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -826,8 +826,8 @@ public abstract class TestVisibilityLabels {
|
|||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE, COPYRIGHT, ACCENT,
|
||||
UNICODE_VIS_TAG, UC1, UC2 };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -28,6 +28,8 @@ import java.util.List;
|
|||
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.hbase.HBaseTestingUtility;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.GetAuthsResponse;
|
||||
import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse;
|
||||
import org.apache.hadoop.hbase.security.User;
|
||||
|
@ -84,8 +86,8 @@ public class TestVisibilityLabelsOpWithDifferentUsersNoACL {
|
|||
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
|
||||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -98,8 +100,8 @@ public class TestVisibilityLabelsOpWithDifferentUsersNoACL {
|
|||
// Ideally this should not be allowed. this operation should fail or do nothing.
|
||||
action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user3");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE }, "user3");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -114,8 +116,8 @@ public class TestVisibilityLabelsOpWithDifferentUsersNoACL {
|
|||
PrivilegedExceptionAction<GetAuthsResponse> action1 =
|
||||
new PrivilegedExceptionAction<GetAuthsResponse>() {
|
||||
public GetAuthsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.getAuths(conf, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.getAuths(conn, "user1");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -137,8 +139,9 @@ public class TestVisibilityLabelsOpWithDifferentUsersNoACL {
|
|||
PrivilegedExceptionAction<VisibilityLabelsResponse> action2 =
|
||||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.clearAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.clearAuths(conn, new String[] {
|
||||
CONFIDENTIAL, PRIVATE }, "user1");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -161,8 +164,8 @@ public class TestVisibilityLabelsOpWithDifferentUsersNoACL {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -350,8 +350,8 @@ public class TestVisibilityLabelsReplication {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE, UNICODE_VIS_TAG };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
@ -365,9 +365,9 @@ public class TestVisibilityLabelsReplication {
|
|||
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
|
||||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { SECRET, CONFIDENTIAL, PRIVATE,
|
||||
TOPSECRET, UNICODE_VIS_TAG }, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { SECRET,
|
||||
CONFIDENTIAL, PRIVATE, TOPSECRET, UNICODE_VIS_TAG }, "user1");
|
||||
} catch (Throwable e) {
|
||||
throw new Exception(e);
|
||||
}
|
||||
|
|
|
@ -115,7 +115,7 @@ public class TestVisibilityLabelsWithACL {
|
|||
public void testScanForUserWithFewerLabelAuthsThanLabelsInScanAuthorizations() throws Throwable {
|
||||
String[] auths = { SECRET };
|
||||
String user = "user2";
|
||||
VisibilityClient.setAuths(conf, auths, user);
|
||||
VisibilityClient.setAuths(TEST_UTIL.getConnection(), auths, user);
|
||||
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
|
||||
final Table table = createTableAndWriteDataWithLabels(tableName, SECRET + "&" + CONFIDENTIAL
|
||||
+ "&!" + PRIVATE, SECRET + "&!" + PRIVATE);
|
||||
|
@ -144,7 +144,9 @@ public class TestVisibilityLabelsWithACL {
|
|||
public void testScanForSuperUserWithFewerLabelAuths() throws Throwable {
|
||||
String[] auths = { SECRET };
|
||||
String user = "admin";
|
||||
VisibilityClient.setAuths(conf, auths, user);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.setAuths(conn, auths, user);
|
||||
}
|
||||
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
|
||||
final Table table = createTableAndWriteDataWithLabels(tableName, SECRET + "&" + CONFIDENTIAL
|
||||
+ "&!" + PRIVATE, SECRET + "&!" + PRIVATE);
|
||||
|
@ -168,7 +170,7 @@ public class TestVisibilityLabelsWithACL {
|
|||
public void testGetForSuperUserWithFewerLabelAuths() throws Throwable {
|
||||
String[] auths = { SECRET };
|
||||
String user = "admin";
|
||||
VisibilityClient.setAuths(conf, auths, user);
|
||||
VisibilityClient.setAuths(TEST_UTIL.getConnection(), auths, user);
|
||||
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
|
||||
final Table table = createTableAndWriteDataWithLabels(tableName, SECRET + "&" + CONFIDENTIAL
|
||||
+ "&!" + PRIVATE, SECRET + "&!" + PRIVATE);
|
||||
|
@ -191,8 +193,10 @@ public class TestVisibilityLabelsWithACL {
|
|||
public void testVisibilityLabelsForUserWithNoAuths() throws Throwable {
|
||||
String user = "admin";
|
||||
String[] auths = { SECRET };
|
||||
VisibilityClient.clearAuths(conf, auths, user); // Removing all auths if any.
|
||||
VisibilityClient.setAuths(conf, auths, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.clearAuths(conn, auths, user); // Removing all auths if any.
|
||||
VisibilityClient.setAuths(conn, auths, "user1");
|
||||
}
|
||||
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
|
||||
final Table table = createTableAndWriteDataWithLabels(tableName, SECRET);
|
||||
SecureTestUtil.grantOnTable(TEST_UTIL, NORMAL_USER1.getShortName(), tableName,
|
||||
|
@ -219,8 +223,8 @@ public class TestVisibilityLabelsWithACL {
|
|||
PrivilegedExceptionAction<VisibilityLabelsResponse> action =
|
||||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.addLabels(conf, new String[] { "l1", "l2" });
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.addLabels(conn, new String[] { "l1", "l2" });
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -234,8 +238,8 @@ public class TestVisibilityLabelsWithACL {
|
|||
|
||||
action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -249,8 +253,8 @@ public class TestVisibilityLabelsWithACL {
|
|||
|
||||
action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -262,8 +266,9 @@ public class TestVisibilityLabelsWithACL {
|
|||
|
||||
action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.clearAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.clearAuths(conn, new String[] {
|
||||
CONFIDENTIAL, PRIVATE }, "user1");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -275,16 +280,18 @@ public class TestVisibilityLabelsWithACL {
|
|||
assertEquals("org.apache.hadoop.hbase.security.AccessDeniedException", response.getResult(1)
|
||||
.getException().getName());
|
||||
|
||||
response = VisibilityClient.clearAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
|
||||
response = VisibilityClient.clearAuths(TEST_UTIL.getConnection(), new String[] { CONFIDENTIAL,
|
||||
PRIVATE }, "user1");
|
||||
assertTrue(response.getResult(0).getException().getValue().isEmpty());
|
||||
assertTrue(response.getResult(1).getException().getValue().isEmpty());
|
||||
|
||||
VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE }, "user3");
|
||||
VisibilityClient.setAuths(TEST_UTIL.getConnection(), new String[] { CONFIDENTIAL, PRIVATE },
|
||||
"user3");
|
||||
PrivilegedExceptionAction<GetAuthsResponse> action1 =
|
||||
new PrivilegedExceptionAction<GetAuthsResponse>() {
|
||||
public GetAuthsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.getAuths(conf, "user3");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.getAuths(conn, "user3");
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
return null;
|
||||
|
@ -328,7 +335,7 @@ public class TestVisibilityLabelsWithACL {
|
|||
private static void addLabels() throws IOException {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
VisibilityClient.addLabels(TEST_UTIL.getConnection(), labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -32,6 +32,8 @@ import java.util.concurrent.atomic.AtomicBoolean;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.apache.hadoop.hbase.HConstants;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.Result;
|
||||
import org.apache.hadoop.hbase.client.ResultScanner;
|
||||
import org.apache.hadoop.hbase.client.Scan;
|
||||
|
@ -85,8 +87,8 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
|
|||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { "L1", SECRET, "L2", "invalid~", "L3" };
|
||||
VisibilityLabelsResponse response = null;
|
||||
try {
|
||||
response = VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
response = VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have thrown exception");
|
||||
}
|
||||
|
@ -124,8 +126,8 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, "ABC", "XYZ" };
|
||||
try {
|
||||
VisibilityLabelsResponse resp = VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityLabelsResponse resp = VisibilityClient.addLabels(conn, labels);
|
||||
List<RegionActionResult> results = resp.getResultList();
|
||||
if (results.get(0).hasException()) {
|
||||
NameBytesPair pair = results.get(0).getException();
|
||||
|
@ -172,8 +174,8 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
|
|||
new PrivilegedExceptionAction<ListLabelsResponse>() {
|
||||
public ListLabelsResponse run() throws Exception {
|
||||
ListLabelsResponse response = null;
|
||||
try {
|
||||
response = VisibilityClient.listLabels(conf, null);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
response = VisibilityClient.listLabels(conn, null);
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have thrown exception");
|
||||
}
|
||||
|
@ -202,8 +204,8 @@ public class TestVisibilityLabelsWithDefaultVisLabelService extends TestVisibili
|
|||
new PrivilegedExceptionAction<ListLabelsResponse>() {
|
||||
public ListLabelsResponse run() throws Exception {
|
||||
ListLabelsResponse response = null;
|
||||
try {
|
||||
response = VisibilityClient.listLabels(conf, ".*secret");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
response = VisibilityClient.listLabels(conn, ".*secret");
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have thrown exception");
|
||||
}
|
||||
|
|
|
@ -1780,8 +1780,8 @@ public class TestVisibilityLabelsWithDeletes {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE, SECRET },
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE, SECRET },
|
||||
SUPERUSER.getShortName());
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
|
@ -1931,8 +1931,9 @@ public class TestVisibilityLabelsWithDeletes {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE, SECRET },
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL,
|
||||
PRIVATE, SECRET },
|
||||
SUPERUSER.getShortName());
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
|
@ -2460,8 +2461,9 @@ public class TestVisibilityLabelsWithDeletes {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL, PRIVATE, SECRET,
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL,
|
||||
PRIVATE, SECRET,
|
||||
TOPSECRET }, SUPERUSER.getShortName());
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
|
@ -2867,8 +2869,8 @@ public class TestVisibilityLabelsWithDeletes {
|
|||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -28,6 +28,8 @@ import org.apache.hadoop.conf.Configuration;
|
|||
import org.apache.hadoop.hbase.HBaseTestingUtility;
|
||||
import org.apache.hadoop.hbase.HConstants;
|
||||
import org.apache.hadoop.hbase.TableName;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.Put;
|
||||
import org.apache.hadoop.hbase.client.Result;
|
||||
import org.apache.hadoop.hbase.client.ResultScanner;
|
||||
|
@ -107,8 +109,8 @@ public class TestVisibilityLabelsWithSLGStack {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, CONFIDENTIAL };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
|
@ -97,10 +97,10 @@ public class TestVisibilityLablesWithGroups {
|
|||
// Set up for the test
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, new String[] { SECRET, CONFIDENTIAL });
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, new String[] { SECRET, CONFIDENTIAL });
|
||||
// set auth for @testgroup
|
||||
VisibilityClient.setAuths(conf, new String[] { CONFIDENTIAL }, "@testgroup");
|
||||
VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL }, "@testgroup");
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
@ -174,8 +174,8 @@ public class TestVisibilityLablesWithGroups {
|
|||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
GetAuthsResponse authsResponse = null;
|
||||
try {
|
||||
authsResponse = VisibilityClient.getAuths(conf, "@testgroup");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
authsResponse = VisibilityClient.getAuths(conn, "@testgroup");
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -267,8 +267,9 @@ public class TestVisibilityLablesWithGroups {
|
|||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
VisibilityLabelsResponse response = null;
|
||||
try {
|
||||
response = VisibilityClient.clearAuths(conf, new String[] { CONFIDENTIAL }, "@testgroup");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
response = VisibilityClient.clearAuths(conn, new String[] {
|
||||
CONFIDENTIAL }, "@testgroup");
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
@ -280,8 +281,8 @@ public class TestVisibilityLablesWithGroups {
|
|||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
GetAuthsResponse authsResponse = null;
|
||||
try {
|
||||
authsResponse = VisibilityClient.getAuths(conf, "@testgroup");
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
authsResponse = VisibilityClient.getAuths(conn, "@testgroup");
|
||||
} catch (Throwable e) {
|
||||
fail("Should not have failed");
|
||||
}
|
||||
|
|
|
@ -95,8 +95,8 @@ public class TestVisibilityWithCheckAuths {
|
|||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { TOPSECRET };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
@ -112,8 +112,8 @@ public class TestVisibilityWithCheckAuths {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { TOPSECRET },
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { TOPSECRET },
|
||||
USER.getShortName());
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
|
@ -158,8 +158,8 @@ public class TestVisibilityWithCheckAuths {
|
|||
new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
@Override
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
try {
|
||||
return VisibilityClient.setAuths(conf, new String[] { TOPSECRET },
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
return VisibilityClient.setAuths(conn, new String[] { TOPSECRET },
|
||||
USER.getShortName());
|
||||
} catch (Throwable e) {
|
||||
}
|
||||
|
|
|
@ -28,6 +28,8 @@ import org.apache.hadoop.conf.Configuration;
|
|||
import org.apache.hadoop.hbase.HBaseTestingUtility;
|
||||
import org.apache.hadoop.hbase.HConstants;
|
||||
import org.apache.hadoop.hbase.TableName;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.Put;
|
||||
import org.apache.hadoop.hbase.client.Result;
|
||||
import org.apache.hadoop.hbase.client.ResultScanner;
|
||||
|
@ -66,10 +68,11 @@ public class TestWithDisabledAuthorization {
|
|||
|
||||
private static User SUPERUSER;
|
||||
private static User USER_RW;
|
||||
private static Configuration conf;
|
||||
|
||||
@BeforeClass
|
||||
public static void setUpBeforeClass() throws Exception {
|
||||
Configuration conf = TEST_UTIL.getConfiguration();
|
||||
conf = TEST_UTIL.getConfiguration();
|
||||
|
||||
// Set up superuser
|
||||
SecureTestUtil.configureSuperuser(conf);
|
||||
|
@ -92,10 +95,10 @@ public class TestWithDisabledAuthorization {
|
|||
// Define test labels
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.addLabels(TEST_UTIL.getConfiguration(),
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn,
|
||||
new String[] { SECRET, CONFIDENTIAL, PRIVATE });
|
||||
VisibilityClient.setAuths(TEST_UTIL.getConfiguration(),
|
||||
VisibilityClient.setAuths(conn,
|
||||
new String[] { SECRET, CONFIDENTIAL },
|
||||
USER_RW.getShortName());
|
||||
} catch (Throwable t) {
|
||||
|
@ -117,8 +120,8 @@ public class TestWithDisabledAuthorization {
|
|||
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.setAuths(TEST_UTIL.getConfiguration(),
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.setAuths(conn,
|
||||
new String[] { SECRET, CONFIDENTIAL },
|
||||
USER_RW.getShortName());
|
||||
} catch (Throwable t) {
|
||||
|
@ -132,8 +135,8 @@ public class TestWithDisabledAuthorization {
|
|||
new PrivilegedExceptionAction<List<String>>() {
|
||||
public List<String> run() throws Exception {
|
||||
GetAuthsResponse authsResponse = null;
|
||||
try {
|
||||
authsResponse = VisibilityClient.getAuths(TEST_UTIL.getConfiguration(),
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
authsResponse = VisibilityClient.getAuths(conn,
|
||||
USER_RW.getShortName());
|
||||
} catch (Throwable t) {
|
||||
fail("Should not have failed");
|
||||
|
@ -153,8 +156,8 @@ public class TestWithDisabledAuthorization {
|
|||
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.clearAuths(TEST_UTIL.getConfiguration(),
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.clearAuths(conn,
|
||||
new String[] { SECRET },
|
||||
USER_RW.getShortName());
|
||||
} catch (Throwable t) {
|
||||
|
@ -170,8 +173,8 @@ public class TestWithDisabledAuthorization {
|
|||
|
||||
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
|
||||
public Void run() throws Exception {
|
||||
try {
|
||||
VisibilityClient.clearAuths(TEST_UTIL.getConfiguration(),
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.clearAuths(conn,
|
||||
new String[] { CONFIDENTIAL },
|
||||
USER_RW.getShortName());
|
||||
} catch (Throwable t) {
|
||||
|
|
|
@ -39,6 +39,8 @@ import org.apache.hadoop.hbase.HColumnDescriptor;
|
|||
import org.apache.hadoop.hbase.HTableDescriptor;
|
||||
import org.apache.hadoop.hbase.TableName;
|
||||
import org.apache.hadoop.hbase.client.Admin;
|
||||
import org.apache.hadoop.hbase.client.Connection;
|
||||
import org.apache.hadoop.hbase.client.ConnectionFactory;
|
||||
import org.apache.hadoop.hbase.client.HBaseAdmin;
|
||||
import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse;
|
||||
import org.apache.hadoop.hbase.security.User;
|
||||
|
@ -153,8 +155,8 @@ private static void createLabels() throws IOException, InterruptedException {
|
|||
PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
|
||||
public VisibilityLabelsResponse run() throws Exception {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, PUBLIC, TOPSECRET };
|
||||
try {
|
||||
VisibilityClient.addLabels(conf, labels);
|
||||
try (Connection conn = ConnectionFactory.createConnection(conf)) {
|
||||
VisibilityClient.addLabels(conn, labels);
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
@ -167,7 +169,7 @@ private static void createLabels() throws IOException, InterruptedException {
|
|||
private static void setAuths() throws IOException {
|
||||
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, PUBLIC, TOPSECRET };
|
||||
try {
|
||||
VisibilityClient.setAuths(conf, labels, User.getCurrent().getShortName());
|
||||
VisibilityClient.setAuths(UTIL.getConnection(), labels, User.getCurrent().getShortName());
|
||||
} catch (Throwable t) {
|
||||
throw new IOException(t);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue