Example 1 with OwnerStore
use of co.cask.cdap.security.impersonation.OwnerStore in project cdap by caskdata.
the class DefaultOwnerStoreTest method createInjector.
@BeforeClass
public static void createInjector() {
Injector injector = Guice.createInjector(new ConfigModule(), new DataSetsModules().getInMemoryModules(), new LocationRuntimeModule().getInMemoryModules(), new TransactionInMemoryModule(), new SystemDatasetRuntimeModule().getInMemoryModules(), new NamespaceClientRuntimeModule().getInMemoryModules(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule());
TransactionManager txManager = injector.getInstance(TransactionManager.class);
txManager.startAndWait();
ownerStore = injector.getInstance(OwnerStore.class);
}
Also used :
NamespaceClientRuntimeModule(co.cask.cdap.common.namespace.guice.NamespaceClientRuntimeModule)
TransactionInMemoryModule(org.apache.tephra.runtime.TransactionInMemoryModule)
Injector(com.google.inject.Injector)
ConfigModule(co.cask.cdap.common.guice.ConfigModule)
AuthenticationContextModules(co.cask.cdap.security.auth.context.AuthenticationContextModules)
TransactionManager(org.apache.tephra.TransactionManager)
DataSetsModules(co.cask.cdap.data.runtime.DataSetsModules)
LocationRuntimeModule(co.cask.cdap.common.guice.LocationRuntimeModule)
SystemDatasetRuntimeModule(co.cask.cdap.data.runtime.SystemDatasetRuntimeModule)
AuthorizationTestModule(co.cask.cdap.security.authorization.AuthorizationTestModule)
AuthorizationEnforcementModule(co.cask.cdap.security.authorization.AuthorizationEnforcementModule)
OwnerStore(co.cask.cdap.security.impersonation.OwnerStore)
BeforeClass(org.junit.BeforeClass)
Example 2 with OwnerStore
use of co.cask.cdap.security.impersonation.OwnerStore in project cdap by caskdata.
the class InMemoryOwnerStoreTest method createInjector.
@BeforeClass
public static void createInjector() {
Injector injector = Guice.createInjector(new AbstractModule() {
@Override
protected void configure() {
bind(OwnerStore.class).to(InMemoryOwnerStore.class);
}
});
ownerStore = injector.getInstance(OwnerStore.class);
}
Also used :
Injector(com.google.inject.Injector)
InMemoryOwnerStore(co.cask.cdap.security.impersonation.InMemoryOwnerStore)
OwnerStore(co.cask.cdap.security.impersonation.OwnerStore)
InMemoryOwnerStore(co.cask.cdap.security.impersonation.InMemoryOwnerStore)
AbstractModule(com.google.inject.AbstractModule)
BeforeClass(org.junit.BeforeClass)
Example 3 with OwnerStore
use of co.cask.cdap.security.impersonation.OwnerStore in project cdap by caskdata.
the class OwnerStoreTest method test.
@Test
public void test() throws Exception {
OwnerStore ownerStore = getOwnerStore();
StreamId streamId = NamespaceId.DEFAULT.stream("fooStream");
// No owner info should exist for above stream
Assert.assertNull(ownerStore.getOwner(streamId));
// delete behavior is idempotent, so won't throw NotFoundException
ownerStore.delete(streamId);
// Storing an owner for the first time should work
KerberosPrincipalId kerberosPrincipalId = new KerberosPrincipalId("alice/somehost@SOMEKDC.NET");
ownerStore.add(streamId, kerberosPrincipalId);
// owner principal should exists
Assert.assertTrue(ownerStore.exists(streamId));
// Should be able to get the principal back
Assert.assertEquals(kerberosPrincipalId, ownerStore.getOwner(streamId));
// Should not be able to update the owner principal
try {
ownerStore.add(streamId, new KerberosPrincipalId("bob@SOMEKDC.NET"));
Assert.fail();
} catch (AlreadyExistsException e) {
// expected
}
// Should not be able to update the owner principal
try {
ownerStore.add(streamId, new KerberosPrincipalId("somePrincipal"));
Assert.fail();
} catch (AlreadyExistsException e) {
// expected
}
// trying to update with invalid principal should fail early on with IllegalArgumentException
try {
ownerStore.add(streamId, new KerberosPrincipalId("b@ob@SOMEKDC.NET"));
Assert.fail();
} catch (IllegalArgumentException e) {
// expected
}
// Trying to store owner information for unsupported type should fail
try {
ownerStore.add(NamespaceId.DEFAULT.topic("anotherStream"), new KerberosPrincipalId("somePrincipal"));
Assert.fail();
} catch (IllegalArgumentException e) {
// expected
}
// delete the owner information
ownerStore.delete(streamId);
Assert.assertFalse(ownerStore.exists(streamId));
Assert.assertNull(ownerStore.getOwner(streamId));
}
Also used :
StreamId(co.cask.cdap.proto.id.StreamId)
AlreadyExistsException(co.cask.cdap.common.AlreadyExistsException)
KerberosPrincipalId(co.cask.cdap.proto.id.KerberosPrincipalId)
OwnerStore(co.cask.cdap.security.impersonation.OwnerStore)
Test(org.junit.Test)
Aggregations
OwnerStore (co.cask.cdap.security.impersonation.OwnerStore)3
Injector (com.google.inject.Injector)2
BeforeClass (org.junit.BeforeClass)2
AlreadyExistsException (co.cask.cdap.common.AlreadyExistsException)1
ConfigModule (co.cask.cdap.common.guice.ConfigModule)1
LocationRuntimeModule (co.cask.cdap.common.guice.LocationRuntimeModule)1
NamespaceClientRuntimeModule (co.cask.cdap.common.namespace.guice.NamespaceClientRuntimeModule)1
DataSetsModules (co.cask.cdap.data.runtime.DataSetsModules)1
SystemDatasetRuntimeModule (co.cask.cdap.data.runtime.SystemDatasetRuntimeModule)1
KerberosPrincipalId (co.cask.cdap.proto.id.KerberosPrincipalId)1
StreamId (co.cask.cdap.proto.id.StreamId)1
AuthenticationContextModules (co.cask.cdap.security.auth.context.AuthenticationContextModules)1
AuthorizationEnforcementModule (co.cask.cdap.security.authorization.AuthorizationEnforcementModule)1
AuthorizationTestModule (co.cask.cdap.security.authorization.AuthorizationTestModule)1
InMemoryOwnerStore (co.cask.cdap.security.impersonation.InMemoryOwnerStore)1
AbstractModule (com.google.inject.AbstractModule)1
TransactionManager (org.apache.tephra.TransactionManager)1
TransactionInMemoryModule (org.apache.tephra.runtime.TransactionInMemoryModule)1
Test (org.junit.Test)1
