Search in sources :

Example 1 with OwnerStore

use of co.cask.cdap.security.impersonation.OwnerStore in project cdap by caskdata.

the class DefaultOwnerStoreTest method createInjector.

@BeforeClass
public static void createInjector() {
    Injector injector = Guice.createInjector(new ConfigModule(), new DataSetsModules().getInMemoryModules(), new LocationRuntimeModule().getInMemoryModules(), new TransactionInMemoryModule(), new SystemDatasetRuntimeModule().getInMemoryModules(), new NamespaceClientRuntimeModule().getInMemoryModules(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule());
    TransactionManager txManager = injector.getInstance(TransactionManager.class);
    txManager.startAndWait();
    ownerStore = injector.getInstance(OwnerStore.class);
}
Also used : NamespaceClientRuntimeModule(co.cask.cdap.common.namespace.guice.NamespaceClientRuntimeModule) TransactionInMemoryModule(org.apache.tephra.runtime.TransactionInMemoryModule) Injector(com.google.inject.Injector) ConfigModule(co.cask.cdap.common.guice.ConfigModule) AuthenticationContextModules(co.cask.cdap.security.auth.context.AuthenticationContextModules) TransactionManager(org.apache.tephra.TransactionManager) DataSetsModules(co.cask.cdap.data.runtime.DataSetsModules) LocationRuntimeModule(co.cask.cdap.common.guice.LocationRuntimeModule) SystemDatasetRuntimeModule(co.cask.cdap.data.runtime.SystemDatasetRuntimeModule) AuthorizationTestModule(co.cask.cdap.security.authorization.AuthorizationTestModule) AuthorizationEnforcementModule(co.cask.cdap.security.authorization.AuthorizationEnforcementModule) OwnerStore(co.cask.cdap.security.impersonation.OwnerStore) BeforeClass(org.junit.BeforeClass)

Example 2 with OwnerStore

use of co.cask.cdap.security.impersonation.OwnerStore in project cdap by caskdata.

the class InMemoryOwnerStoreTest method createInjector.

@BeforeClass
public static void createInjector() {
    Injector injector = Guice.createInjector(new AbstractModule() {

        @Override
        protected void configure() {
            bind(OwnerStore.class).to(InMemoryOwnerStore.class);
        }
    });
    ownerStore = injector.getInstance(OwnerStore.class);
}
Also used : Injector(com.google.inject.Injector) InMemoryOwnerStore(co.cask.cdap.security.impersonation.InMemoryOwnerStore) OwnerStore(co.cask.cdap.security.impersonation.OwnerStore) InMemoryOwnerStore(co.cask.cdap.security.impersonation.InMemoryOwnerStore) AbstractModule(com.google.inject.AbstractModule) BeforeClass(org.junit.BeforeClass)

Example 3 with OwnerStore

use of co.cask.cdap.security.impersonation.OwnerStore in project cdap by caskdata.

the class OwnerStoreTest method test.

@Test
public void test() throws Exception {
    OwnerStore ownerStore = getOwnerStore();
    StreamId streamId = NamespaceId.DEFAULT.stream("fooStream");
    // No owner info should exist for above stream
    Assert.assertNull(ownerStore.getOwner(streamId));
    // delete behavior is idempotent, so won't throw NotFoundException
    ownerStore.delete(streamId);
    // Storing an owner for the first time should work
    KerberosPrincipalId kerberosPrincipalId = new KerberosPrincipalId("alice/somehost@SOMEKDC.NET");
    ownerStore.add(streamId, kerberosPrincipalId);
    // owner principal should exists
    Assert.assertTrue(ownerStore.exists(streamId));
    // Should be able to get the principal back
    Assert.assertEquals(kerberosPrincipalId, ownerStore.getOwner(streamId));
    // Should not be able to update the owner principal
    try {
        ownerStore.add(streamId, new KerberosPrincipalId("bob@SOMEKDC.NET"));
        Assert.fail();
    } catch (AlreadyExistsException e) {
    // expected
    }
    // Should not be able to update the owner principal
    try {
        ownerStore.add(streamId, new KerberosPrincipalId("somePrincipal"));
        Assert.fail();
    } catch (AlreadyExistsException e) {
    // expected
    }
    // trying to update with invalid principal should fail early on with IllegalArgumentException
    try {
        ownerStore.add(streamId, new KerberosPrincipalId("b@ob@SOMEKDC.NET"));
        Assert.fail();
    } catch (IllegalArgumentException e) {
    // expected
    }
    // Trying to store owner information for unsupported type should fail
    try {
        ownerStore.add(NamespaceId.DEFAULT.topic("anotherStream"), new KerberosPrincipalId("somePrincipal"));
        Assert.fail();
    } catch (IllegalArgumentException e) {
    // expected
    }
    // delete the owner information
    ownerStore.delete(streamId);
    Assert.assertFalse(ownerStore.exists(streamId));
    Assert.assertNull(ownerStore.getOwner(streamId));
}
Also used : StreamId(co.cask.cdap.proto.id.StreamId) AlreadyExistsException(co.cask.cdap.common.AlreadyExistsException) KerberosPrincipalId(co.cask.cdap.proto.id.KerberosPrincipalId) OwnerStore(co.cask.cdap.security.impersonation.OwnerStore) Test(org.junit.Test)

Aggregations

OwnerStore (co.cask.cdap.security.impersonation.OwnerStore)3 Injector (com.google.inject.Injector)2 BeforeClass (org.junit.BeforeClass)2 AlreadyExistsException (co.cask.cdap.common.AlreadyExistsException)1 ConfigModule (co.cask.cdap.common.guice.ConfigModule)1 LocationRuntimeModule (co.cask.cdap.common.guice.LocationRuntimeModule)1 NamespaceClientRuntimeModule (co.cask.cdap.common.namespace.guice.NamespaceClientRuntimeModule)1 DataSetsModules (co.cask.cdap.data.runtime.DataSetsModules)1 SystemDatasetRuntimeModule (co.cask.cdap.data.runtime.SystemDatasetRuntimeModule)1 KerberosPrincipalId (co.cask.cdap.proto.id.KerberosPrincipalId)1 StreamId (co.cask.cdap.proto.id.StreamId)1 AuthenticationContextModules (co.cask.cdap.security.auth.context.AuthenticationContextModules)1 AuthorizationEnforcementModule (co.cask.cdap.security.authorization.AuthorizationEnforcementModule)1 AuthorizationTestModule (co.cask.cdap.security.authorization.AuthorizationTestModule)1 InMemoryOwnerStore (co.cask.cdap.security.impersonation.InMemoryOwnerStore)1 AbstractModule (com.google.inject.AbstractModule)1 TransactionManager (org.apache.tephra.TransactionManager)1 TransactionInMemoryModule (org.apache.tephra.runtime.TransactionInMemoryModule)1 Test (org.junit.Test)1