Examples with AuthenticatedClientUserResource alluxio.AuthenticatedClientUserResource used on opensource projects

Example 1 with AuthenticatedClientUserResource

use of alluxio.AuthenticatedClientUserResource in project alluxio by Alluxio.

the class FileSystemMasterTest method setAclWithoutOwner.

@Test
public void setAclWithoutOwner() throws Exception {
    createFileWithSingleBlock(NESTED_FILE_URI);
    mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
    Set<String> entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(3, entries.size());
    try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
        Set<String> newEntries = Sets.newHashSet("user::rwx", "group::rwx", "other::rwx");
        mThrown.expect(AccessControlException.class);
        mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), SetAclContext.defaults());
    }
}

Example 2 with AuthenticatedClientUserResource

use of alluxio.AuthenticatedClientUserResource in project alluxio by Alluxio.

the class FileSystemMasterTest method deleteDirRecursiveWithPermissions.

@Test
public void deleteDirRecursiveWithPermissions() throws Exception {
    // userA has permissions to delete directory and nested file
    createFileWithSingleBlock(NESTED_FILE_URI);
    mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
    mFileSystemMaster.setAttribute(NESTED_FILE_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
    try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
        mFileSystemMaster.delete(NESTED_URI, DeleteContext.mergeFrom(DeletePOptions.newBuilder().setRecursive(true)));
    }
    assertEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_URI));
    assertEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE_URI));
}

Example 3 with AuthenticatedClientUserResource

use of alluxio.AuthenticatedClientUserResource in project alluxio by Alluxio.

the class FileSystemMasterTest method deleteDirRecursiveWithInsufficientPermissions.

@Test
public void deleteDirRecursiveWithInsufficientPermissions() throws Exception {
    // userA has permissions to delete directory but not one of the nested files
    createFileWithSingleBlock(NESTED_FILE_URI);
    createFileWithSingleBlock(NESTED_FILE2_URI);
    mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
    mFileSystemMaster.setAttribute(NESTED_FILE_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0700).toProto())));
    mFileSystemMaster.setAttribute(NESTED_FILE2_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
    try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
        mFileSystemMaster.delete(NESTED_URI, DeleteContext.mergeFrom(DeletePOptions.newBuilder().setRecursive(true)));
        fail("Deleting a directory w/ insufficient permission on child should fail");
    } catch (AccessControlException e) {
        String expectedChildMessage = ExceptionMessage.PERMISSION_DENIED.getMessage("user=userA, access=-w-, path=" + NESTED_FILE_URI + ": failed at file");
        assertTrue(e.getMessage().startsWith(ExceptionMessage.DELETE_FAILED_DIR_CHILDREN.getMessage(NESTED_URI, expectedChildMessage)));
    }
    assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_URI));
    assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE_URI));
    assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE2_URI));
}

Example 4 with AuthenticatedClientUserResource

use of alluxio.AuthenticatedClientUserResource in project alluxio by Alluxio.

the class FileSystemMasterTest method setAclNestedWithoutOwner.

@Test
public void setAclNestedWithoutOwner() throws Exception {
    createFileWithSingleBlock(NESTED_FILE_URI);
    mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto()).setOwner("userA")));
    Set<String> entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(3, entries.size());
    // recursive setAcl should fail if one of the child is not owned by the user
    mThrown.expect(AccessControlException.class);
    try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
        Set<String> newEntries = Sets.newHashSet("user::rwx", "group::rwx", "other::rwx");
        mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), SetAclContext.mergeFrom(SetAclPOptions.newBuilder().setRecursive(true)));
        entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
        assertEquals(newEntries, entries);
    }
}