use of org.apache.hadoop.hbase.client.Delete in project hbase by apache.
the class VisibilityController method preBatchMutate.
@Override
public void preBatchMutate(ObserverContext<RegionCoprocessorEnvironment> c, MiniBatchOperationInProgress<Mutation> miniBatchOp) throws IOException {
if (c.getEnvironment().getRegion().getRegionInfo().getTable().isSystemTable()) {
return;
}
// TODO this can be made as a global LRU cache at HRS level?
Map<String, List<Tag>> labelCache = new HashMap<>();
for (int i = 0; i < miniBatchOp.size(); i++) {
Mutation m = miniBatchOp.getOperation(i);
CellVisibility cellVisibility = null;
try {
cellVisibility = m.getCellVisibility();
} catch (DeserializationException de) {
miniBatchOp.setOperationStatus(i, new OperationStatus(SANITY_CHECK_FAILURE, de.getMessage()));
continue;
}
boolean sanityFailure = false;
boolean modifiedTagFound = false;
Pair<Boolean, Tag> pair = new Pair<>(false, null);
for (CellScanner cellScanner = m.cellScanner(); cellScanner.advance(); ) {
pair = checkForReservedVisibilityTagPresence(cellScanner.current(), pair);
if (!pair.getFirst()) {
// Don't disallow reserved tags if authorization is disabled
if (authorizationEnabled) {
miniBatchOp.setOperationStatus(i, new OperationStatus(SANITY_CHECK_FAILURE, "Mutation contains cell with reserved type tag"));
sanityFailure = true;
}
break;
} else {
// Indicates that the cell has a the tag which was modified in the src replication cluster
Tag tag = pair.getSecond();
if (cellVisibility == null && tag != null) {
// May need to store only the first one
cellVisibility = new CellVisibility(TagUtil.getValueAsString(tag));
modifiedTagFound = true;
}
}
}
if (!sanityFailure) {
if (cellVisibility != null) {
String labelsExp = cellVisibility.getExpression();
List<Tag> visibilityTags = labelCache.get(labelsExp);
if (visibilityTags == null) {
// Don't check user auths for labels with Mutations when the user is super user
boolean authCheck = authorizationEnabled && checkAuths && !(isSystemOrSuperUser());
try {
visibilityTags = this.visibilityLabelService.createVisibilityExpTags(labelsExp, true, authCheck);
} catch (InvalidLabelException e) {
miniBatchOp.setOperationStatus(i, new OperationStatus(SANITY_CHECK_FAILURE, e.getMessage()));
}
if (visibilityTags != null) {
labelCache.put(labelsExp, visibilityTags);
}
}
if (visibilityTags != null) {
List<Cell> updatedCells = new ArrayList<>();
for (CellScanner cellScanner = m.cellScanner(); cellScanner.advance(); ) {
Cell cell = cellScanner.current();
List<Tag> tags = CellUtil.getTags(cell);
if (modifiedTagFound) {
// Rewrite the tags by removing the modified tags.
removeReplicationVisibilityTag(tags);
}
tags.addAll(visibilityTags);
Cell updatedCell = CellUtil.createCell(cell, tags);
updatedCells.add(updatedCell);
}
m.getFamilyCellMap().clear();
// Clear and add new Cells to the Mutation.
for (Cell cell : updatedCells) {
if (m instanceof Put) {
Put p = (Put) m;
p.add(cell);
} else if (m instanceof Delete) {
Delete d = (Delete) m;
d.addDeleteMarker(cell);
}
}
}
}
}
}
}
use of org.apache.hadoop.hbase.client.Delete in project hbase by apache.
the class DefaultVisibilityLabelServiceImpl method clearAuths.
@Override
public OperationStatus[] clearAuths(byte[] user, List<byte[]> authLabels) throws IOException {
assert labelsRegion != null;
OperationStatus[] finalOpStatus = new OperationStatus[authLabels.size()];
List<String> currentAuths;
if (AuthUtil.isGroupPrincipal(Bytes.toString(user))) {
String group = AuthUtil.getGroupName(Bytes.toString(user));
currentAuths = this.getGroupAuths(new String[] { group }, true);
} else {
currentAuths = this.getUserAuths(user, true);
}
List<Mutation> deletes = new ArrayList<>(authLabels.size());
int i = 0;
for (byte[] authLabel : authLabels) {
String authLabelStr = Bytes.toString(authLabel);
if (currentAuths.contains(authLabelStr)) {
int labelOrdinal = this.labelsCache.getLabelOrdinal(authLabelStr);
assert labelOrdinal > 0;
Delete d = new Delete(Bytes.toBytes(labelOrdinal));
d.addColumns(LABELS_TABLE_FAMILY, user);
deletes.add(d);
} else {
// This label is not set for the user.
finalOpStatus[i] = new OperationStatus(OperationStatusCode.FAILURE, new InvalidLabelException("Label '" + authLabelStr + "' is not set for the user " + Bytes.toString(user)));
}
i++;
}
if (mutateLabelsRegion(deletes, finalOpStatus)) {
updateZk(false);
}
return finalOpStatus;
}
use of org.apache.hadoop.hbase.client.Delete in project hbase by apache.
the class TestRegionObserverBypass method checkRowAndDelete.
private void checkRowAndDelete(Table t, byte[] row, int count) throws IOException {
Get g = new Get(row);
Result r = t.get(g);
assertEquals(count, r.size());
Delete d = new Delete(row);
t.delete(d);
}
use of org.apache.hadoop.hbase.client.Delete in project hbase by apache.
the class TestRegionObserverForAddingMutationsFromCoprocessors method testDeleteFamily.
@Test
public void testDeleteFamily() throws Exception {
createTable(TestDeleteFamilyCoprocessor.class.getName());
try (Table t = util.getConnection().getTable(tableName)) {
t.put(Lists.newArrayList(new Put(row1).addColumn(test, dummy, dummy), new Put(row2).addColumn(test, dummy, dummy), new Put(row3).addColumn(test, dummy, dummy)));
assertRowCount(t, 3);
// delete non-existing row
t.delete(new Delete(test).addFamily(test));
assertRowCount(t, 1);
}
}
use of org.apache.hadoop.hbase.client.Delete in project hbase by apache.
the class TestRegionObserverForAddingMutationsFromCoprocessors method testDeleteCell.
@Test
public void testDeleteCell() throws Exception {
createTable(TestDeleteCellCoprocessor.class.getName());
try (Table t = util.getConnection().getTable(tableName)) {
t.put(Lists.newArrayList(new Put(row1).addColumn(test, dummy, dummy), new Put(row2).addColumn(test, dummy, dummy), new Put(row3).addColumn(test, dummy, dummy)));
assertRowCount(t, 3);
// delete non-existing row
t.delete(new Delete(test).addColumn(test, dummy));
assertRowCount(t, 1);
}
}
Aggregations