Example 21 with NamespaceMeta
use of co.cask.cdap.proto.NamespaceMeta in project cdap by caskdata.
the class FlowQueuePendingCorrector method run.
/**
* Corrects queue.pending metric for all flowlets in the CDAP instance.
*/
public void run() throws Exception {
System.out.println("Running queue.pending correction");
List<NamespaceMeta> namespaceMetas = namespaceQueryAdmin.list();
for (NamespaceMeta namespaceMeta : namespaceMetas) {
run(new NamespaceId(namespaceMeta.getName()));
}
}
Also used :
NamespaceMeta(co.cask.cdap.proto.NamespaceMeta)
NamespaceId(co.cask.cdap.proto.id.NamespaceId)
Example 22 with NamespaceMeta
use of co.cask.cdap.proto.NamespaceMeta in project cdap by caskdata.
the class FileSecureStoreTest method setUp.
@Before
public void setUp() throws Exception {
CConfiguration conf = CConfiguration.create();
conf.set(Constants.Security.Store.FILE_PATH, STORE_PATH);
SConfiguration sConf = SConfiguration.create();
sConf.set(Constants.Security.Store.FILE_PASSWORD, "secret");
InMemoryNamespaceClient namespaceClient = new InMemoryNamespaceClient();
NamespaceMeta namespaceMeta = new NamespaceMeta.Builder().setName(NAMESPACE1).build();
namespaceClient.create(namespaceMeta);
namespaceMeta = new NamespaceMeta.Builder().setName(NAMESPACE2).build();
namespaceClient.create(namespaceMeta);
FileSecureStore fileSecureStore = new FileSecureStore(conf, sConf, namespaceClient);
secureStoreManager = fileSecureStore;
secureStore = fileSecureStore;
}
Also used :
NamespaceMeta(co.cask.cdap.proto.NamespaceMeta)
SConfiguration(co.cask.cdap.common.conf.SConfiguration)
InMemoryNamespaceClient(co.cask.cdap.common.namespace.InMemoryNamespaceClient)
CConfiguration(co.cask.cdap.common.conf.CConfiguration)
Before(org.junit.Before)
Example 23 with NamespaceMeta
use of co.cask.cdap.proto.NamespaceMeta in project cdap by caskdata.
the class AuthorizationTest method testCrossNSSystemDatasetAccessWithAuthMapReduce.
private void testCrossNSSystemDatasetAccessWithAuthMapReduce(MapReduceManager mrManager) throws Exception {
addDatasetInstance(NamespaceId.SYSTEM.dataset("table1"), "keyValueTable").create();
addDatasetInstance(NamespaceId.SYSTEM.dataset("table2"), "keyValueTable").create();
NamespaceMeta otherNS = new NamespaceMeta.Builder().setName("otherNS").build();
getNamespaceAdmin().create(otherNS);
addDatasetInstance(otherNS.getNamespaceId().dataset("otherTable"), "keyValueTable").create();
addDummyData(NamespaceId.SYSTEM, "table1");
// first test that reading system namespace fails with valid table as output
Map<String, String> argsForMR = ImmutableMap.of(DatasetCrossNSAccessWithMAPApp.INPUT_DATASET_NS, NamespaceId.SYSTEM.getNamespace(), DatasetCrossNSAccessWithMAPApp.INPUT_DATASET_NAME, "table1", DatasetCrossNSAccessWithMAPApp.OUTPUT_DATASET_NS, otherNS.getNamespaceId().getNamespace(), DatasetCrossNSAccessWithMAPApp.OUTPUT_DATASET_NAME, "otherTable");
// give privilege to BOB on all the datasets
grantAndAssertSuccess(NamespaceId.SYSTEM.dataset("table1"), BOB, EnumSet.of(Action.READ));
grantAndAssertSuccess(NamespaceId.SYSTEM.dataset("table2"), BOB, EnumSet.of(Action.WRITE));
grantAndAssertSuccess(otherNS.getNamespaceId().dataset("otherTable"), BOB, ALL_ACTIONS);
// Switch to BOB and run the mapreduce job. The job will fail at the runtime since BOB is trying to read from
// system namespace
SecurityRequestContext.setUserId(BOB.getName());
assertProgramFailure(argsForMR, mrManager);
assertDatasetIsEmpty(otherNS.getNamespaceId(), "otherTable");
// now try reading a table from valid namespace and writing to system namespace
argsForMR = ImmutableMap.of(DatasetCrossNSAccessWithMAPApp.INPUT_DATASET_NS, otherNS.getName(), DatasetCrossNSAccessWithMAPApp.INPUT_DATASET_NAME, "otherTable", DatasetCrossNSAccessWithMAPApp.OUTPUT_DATASET_NS, NamespaceId.SYSTEM.getNamespace(), DatasetCrossNSAccessWithMAPApp.OUTPUT_DATASET_NAME, "table2");
addDummyData(otherNS.getNamespaceId(), "otherTable");
// verify that the program fails
assertProgramFailure(argsForMR, mrManager);
assertDatasetIsEmpty(NamespaceId.SYSTEM, "table2");
// switch to back to ALICE
SecurityRequestContext.setUserId(ALICE.getName());
// cleanup
deleteDatasetInstance(NamespaceId.SYSTEM.dataset("table1"));
deleteDatasetInstance(NamespaceId.SYSTEM.dataset("table2"));
getNamespaceAdmin().delete(otherNS.getNamespaceId());
}
Also used :
NamespaceMeta(co.cask.cdap.proto.NamespaceMeta)
Example 24 with NamespaceMeta
use of co.cask.cdap.proto.NamespaceMeta in project cdap by caskdata.
the class AuthorizationTest method testNamespaces.
@Test
public void testNamespaces() throws Exception {
NamespaceAdmin namespaceAdmin = getNamespaceAdmin();
Authorizer authorizer = getAuthorizer();
try {
namespaceAdmin.create(AUTH_NAMESPACE_META);
Assert.fail("Namespace create should have failed because alice is not authorized on " + instance);
} catch (UnauthorizedException expected) {
// expected
}
createAuthNamespace();
// No authorization currently for listing and retrieving namespace
namespaceAdmin.list();
namespaceAdmin.get(AUTH_NAMESPACE);
// revoke privileges
revokeAndAssertSuccess(AUTH_NAMESPACE);
try {
namespaceAdmin.deleteDatasets(AUTH_NAMESPACE);
Assert.fail("Namespace delete datasets should have failed because alice's privileges on the namespace have " + "been revoked");
} catch (UnauthorizedException expected) {
// expected
}
// grant privileges again
grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
namespaceAdmin.deleteDatasets(AUTH_NAMESPACE);
// deleting datasets does not revoke privileges.
Assert.assertEquals(ImmutableSet.of(new Privilege(instance, Action.ADMIN), new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
NamespaceMeta updated = new NamespaceMeta.Builder(AUTH_NAMESPACE_META).setDescription("new desc").build();
namespaceAdmin.updateProperties(AUTH_NAMESPACE, updated);
}
Also used :
NamespaceMeta(co.cask.cdap.proto.NamespaceMeta)
InMemoryAuthorizer(co.cask.cdap.security.authorization.InMemoryAuthorizer)
Authorizer(co.cask.cdap.security.spi.authorization.Authorizer)
NamespaceAdmin(co.cask.cdap.common.namespace.NamespaceAdmin)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
Privilege(co.cask.cdap.proto.security.Privilege)
Test(org.junit.Test)
Example 25 with NamespaceMeta
use of co.cask.cdap.proto.NamespaceMeta in project cdap by caskdata.
the class SparkTestRun method testScalaSparkCrossNSStream.
@Test
public void testScalaSparkCrossNSStream() throws Exception {
// create a namespace for stream and create the stream in it
NamespaceMeta crossNSStreamMeta = new NamespaceMeta.Builder().setName("streamSpaceForSpark").build();
getNamespaceAdmin().create(crossNSStreamMeta);
StreamManager streamManager = getStreamManager(crossNSStreamMeta.getNamespaceId().stream("testStream"));
// create a namespace for dataset and add the dataset instance in it
NamespaceMeta crossNSDatasetMeta = new NamespaceMeta.Builder().setName("crossNSDataset").build();
getNamespaceAdmin().create(crossNSDatasetMeta);
addDatasetInstance(crossNSDatasetMeta.getNamespaceId().dataset("count"), "keyValueTable");
// write something to the stream
streamManager.createStream();
for (int i = 0; i < 50; i++) {
streamManager.send(String.valueOf(i));
}
// deploy the spark app in another namespace (default)
ApplicationManager applicationManager = deploy(SparkAppUsingObjectStore.class);
Map<String, String> args = ImmutableMap.of(ScalaCrossNSProgram.STREAM_NAMESPACE(), crossNSStreamMeta.getNamespaceId().getNamespace(), ScalaCrossNSProgram.DATASET_NAMESPACE(), crossNSDatasetMeta.getNamespaceId().getNamespace(), ScalaCrossNSProgram.DATASET_NAME(), "count");
SparkManager sparkManager = applicationManager.getSparkManager(ScalaCrossNSProgram.class.getSimpleName()).start(args);
sparkManager.waitForRun(ProgramRunStatus.COMPLETED, 1, TimeUnit.MINUTES);
// get the dataset from the other namespace where we expect it to exist and compare the data
DataSetManager<KeyValueTable> countManager = getDataset(crossNSDatasetMeta.getNamespaceId().dataset("count"));
KeyValueTable results = countManager.get();
for (int i = 0; i < 50; i++) {
byte[] key = String.valueOf(i).getBytes(Charsets.UTF_8);
Assert.assertArrayEquals(key, results.read(key));
}
}
Also used :
ApplicationManager(co.cask.cdap.test.ApplicationManager)
SparkManager(co.cask.cdap.test.SparkManager)
NamespaceMeta(co.cask.cdap.proto.NamespaceMeta)
StreamManager(co.cask.cdap.test.StreamManager)
KeyValueTable(co.cask.cdap.api.dataset.lib.KeyValueTable)
Test(org.junit.Test)
Aggregations
NamespaceMeta (co.cask.cdap.proto.NamespaceMeta)58
NamespaceId (co.cask.cdap.proto.id.NamespaceId)26
Test (org.junit.Test)22
IOException (java.io.IOException)12
Location (org.apache.twill.filesystem.Location)6
KeyValueTable (co.cask.cdap.api.dataset.lib.KeyValueTable)5
BadRequestException (co.cask.cdap.common.BadRequestException)5
NamespaceNotFoundException (co.cask.cdap.common.NamespaceNotFoundException)5
ApplicationManager (co.cask.cdap.test.ApplicationManager)5
ExecutionException (java.util.concurrent.ExecutionException)5
NamespaceConfig (co.cask.cdap.proto.NamespaceConfig)4
UnauthorizedException (co.cask.cdap.security.spi.authorization.UnauthorizedException)4
DatasetManagementException (co.cask.cdap.api.dataset.DatasetManagementException)3
RowMaker (co.cask.cdap.cli.util.RowMaker)3
Table (co.cask.cdap.cli.util.table.Table)3
NotFoundException (co.cask.cdap.common.NotFoundException)3
CConfiguration (co.cask.cdap.common.conf.CConfiguration)3
NamespaceAdmin (co.cask.cdap.common.namespace.NamespaceAdmin)3
Id (co.cask.cdap.proto.Id)3
ApplicationId (co.cask.cdap.proto.id.ApplicationId)3
