Examples with AclEntry alluxio.security.authorization.AclEntry used on opensource projects

Search in sources :

Example 11 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method removeExtendedAclMask.

@Test
public void removeExtendedAclMask() throws Exception {
    mFileSystemMaster.createDirectory(NESTED_URI, CreateDirectoryContext.mergeFrom(CreateDirectoryPOptions.newBuilder().setRecursive(true)));
    AclEntry newAcl = AclEntry.fromCliString("user:newuser:rwx");
    // Add an ACL
    addAcl(NESTED_URI, newAcl);
    assertThat(getInfo(NESTED_URI).getAcl().getEntries(), hasItem(newAcl));
    // Attempt to remove the ACL mask
    AclEntry maskEntry = AclEntry.fromCliString("mask::rwx");
    assertThat(getInfo(NESTED_URI).getAcl().getEntries(), hasItem(maskEntry));
    try {
        removeAcl(NESTED_URI, maskEntry);
        fail("Expected removing the mask from an extended ACL to fail");
    } catch (IOException e) {
        assertThat(e.getMessage(), containsString("mask"));
    }
    // Remove the extended ACL
    removeAcl(NESTED_URI, newAcl);
    // Now we can add and remove a mask
    addAcl(NESTED_URI, maskEntry);
    removeAcl(NESTED_URI, maskEntry);
}
Also used : AclEntry(alluxio.security.authorization.AclEntry) IOException(java.io.IOException) Test(org.junit.Test)

Example 12 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method removeExtendedDefaultAclMask.

@Test
public void removeExtendedDefaultAclMask() throws Exception {
    mFileSystemMaster.createDirectory(NESTED_URI, CreateDirectoryContext.mergeFrom(CreateDirectoryPOptions.newBuilder().setRecursive(true)));
    AclEntry newAcl = AclEntry.fromCliString("default:user:newuser:rwx");
    // Add an ACL
    addAcl(NESTED_URI, newAcl);
    assertThat(getInfo(NESTED_URI).getDefaultAcl().getEntries(), hasItem(newAcl));
    // Attempt to remove the ACL mask
    AclEntry maskEntry = AclEntry.fromCliString("default:mask::rwx");
    assertThat(getInfo(NESTED_URI).getDefaultAcl().getEntries(), hasItem(maskEntry));
    try {
        removeAcl(NESTED_URI, maskEntry);
        fail("Expected removing the mask from an extended ACL to fail");
    } catch (IOException e) {
        assertThat(e.getMessage(), containsString("mask"));
    }
    // Remove the extended ACL
    removeAcl(NESTED_URI, newAcl);
    // Now we can add and remove a mask
    addAcl(NESTED_URI, maskEntry);
    removeAcl(NESTED_URI, maskEntry);
}
Also used : AclEntry(alluxio.security.authorization.AclEntry) IOException(java.io.IOException) Test(org.junit.Test)

Example 13 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method setAclWithoutOwner.

@Test
public void setAclWithoutOwner() throws Exception {
    createFileWithSingleBlock(NESTED_FILE_URI);
    mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
    Set<String> entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(3, entries.size());
    try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
        Set<String> newEntries = Sets.newHashSet("user::rwx", "group::rwx", "other::rwx");
        mThrown.expect(AccessControlException.class);
        mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), SetAclContext.defaults());
    }
}
Also used : AuthenticatedClientUserResource(alluxio.AuthenticatedClientUserResource) Mode(alluxio.security.authorization.Mode) AclEntry(alluxio.security.authorization.AclEntry) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test)

Example 14 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method setDefaultAclforFile.

@Test
public void setDefaultAclforFile() throws Exception {
    SetAclContext context = SetAclContext.defaults();
    createFileWithSingleBlock(NESTED_FILE_URI);
    Set<String> newEntries = Sets.newHashSet("default:user::rwx", "default:group::rwx", "default:other::r-x");
    mThrown.expect(UnsupportedOperationException.class);
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
}
Also used : AclEntry(alluxio.security.authorization.AclEntry) SetAclContext(alluxio.master.file.contexts.SetAclContext) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test)

Example 15 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method setDefaultAcl.

@Test
public void setDefaultAcl() throws Exception {
    SetAclContext context = SetAclContext.defaults();
    createFileWithSingleBlock(NESTED_FILE_URI);
    Set<String> entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertEquals(0, entries.size());
    // replace
    Set<String> newEntries = Sets.newHashSet("default:user::rwx", "default:group::rwx", "default:other::r-x");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertEquals(newEntries, entries);
    // replace
    newEntries = Sets.newHashSet("default:user::rw-", "default:group::r--", "default:other::r--");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertEquals(newEntries, entries);
    // modify existing
    newEntries = Sets.newHashSet("default:user::rwx", "default:group::rw-", "default:other::r-x");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertEquals(newEntries, entries);
    // modify add
    Set<String> oldEntries = new HashSet<>(entries);
    newEntries = Sets.newHashSet("default:user:usera:---", "default:group:groupa:--x");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertTrue(entries.containsAll(oldEntries));
    assertTrue(entries.containsAll(newEntries));
    assertTrue(entries.contains("default:mask::rwx"));
    // modify existing and add
    newEntries = Sets.newHashSet("default:user:usera:---", "default:group:groupa:--x", "default:other::r-x");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertTrue(entries.containsAll(newEntries));
    // remove default
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.REMOVE_DEFAULT, Collections.emptyList(), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertEquals(0, entries.size());
    // remove
    newEntries = Sets.newHashSet("default:user:usera:---", "default:user:userb:rwx", "default:group:groupa:--x", "default:group:groupb:-wx");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    oldEntries = new HashSet<>(entries);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    assertTrue(entries.containsAll(oldEntries));
    Set<String> deleteEntries = Sets.newHashSet("default:user:userb:rwx", "default:group:groupa:--x");
    mFileSystemMaster.setAcl(NESTED_URI, SetAclAction.REMOVE, deleteEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_URI, GET_STATUS_CONTEXT).convertDefaultAclToStringEntries());
    Set<String> remainingEntries = new HashSet<>(newEntries);
    assertTrue(remainingEntries.removeAll(deleteEntries));
    assertTrue(entries.containsAll(remainingEntries));
    final Set<String> finalEntries = entries;
    assertTrue(deleteEntries.stream().noneMatch(finalEntries::contains));
}
Also used : AclEntry(alluxio.security.authorization.AclEntry) SetAclContext(alluxio.master.file.contexts.SetAclContext) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

AclEntry (alluxio.security.authorization.AclEntry)21 Test (org.junit.Test)11 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)8 Mode (alluxio.security.authorization.Mode)5 AlluxioURI (alluxio.AlluxioURI)4 SetAclContext (alluxio.master.file.contexts.SetAclContext)4 IOException (java.io.IOException)4 ArrayList (java.util.ArrayList)4 SetAclEntry (alluxio.proto.journal.File.SetAclEntry)3 DefaultAccessControlList (alluxio.security.authorization.DefaultAccessControlList)3 AuthenticatedClientUserResource (alluxio.AuthenticatedClientUserResource)2 FileSystemShell (alluxio.cli.fs.FileSystemShell)2 AbstractFileSystemShellTest (alluxio.client.cli.fs.AbstractFileSystemShellTest)2 FileSystemShellUtilsTest (alluxio.client.cli.fs.FileSystemShellUtilsTest)2 InstancedConfiguration (alluxio.conf.InstancedConfiguration)2 AccessControlException (alluxio.exception.AccessControlException)2 SetAclAction (alluxio.grpc.SetAclAction)2 SetAclPOptions (alluxio.grpc.SetAclPOptions)2 Inode (alluxio.master.file.meta.Inode)2 AccessControlList (alluxio.security.authorization.AccessControlList)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial