Example 11 with ByteString
use of com.google.protobuf.ByteString in project hbase by apache.
the class TestWithDisabledAuthorization method testManageUserAuths.
@Test(timeout = 180000)
public void testManageUserAuths() throws Throwable {
// Even though authorization is disabled, we should be able to manage user auths
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityClient.setAuths(conn, new String[] { SECRET, CONFIDENTIAL }, USER_RW.getShortName());
} catch (Throwable t) {
fail("Should not have failed");
}
return null;
}
});
PrivilegedExceptionAction<List<String>> getAuths = new PrivilegedExceptionAction<List<String>>() {
public List<String> run() throws Exception {
GetAuthsResponse authsResponse = null;
try (Connection conn = ConnectionFactory.createConnection(conf)) {
authsResponse = VisibilityClient.getAuths(conn, USER_RW.getShortName());
} catch (Throwable t) {
fail("Should not have failed");
}
List<String> authsList = new ArrayList<>(authsResponse.getAuthList().size());
for (ByteString authBS : authsResponse.getAuthList()) {
authsList.add(Bytes.toString(authBS.toByteArray()));
}
return authsList;
}
};
List<String> authsList = SUPERUSER.runAs(getAuths);
assertEquals(2, authsList.size());
assertTrue(authsList.contains(SECRET));
assertTrue(authsList.contains(CONFIDENTIAL));
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityClient.clearAuths(conn, new String[] { SECRET }, USER_RW.getShortName());
} catch (Throwable t) {
fail("Should not have failed");
}
return null;
}
});
authsList = SUPERUSER.runAs(getAuths);
assertEquals(1, authsList.size());
assertTrue(authsList.contains(CONFIDENTIAL));
SUPERUSER.runAs(new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityClient.clearAuths(conn, new String[] { CONFIDENTIAL }, USER_RW.getShortName());
} catch (Throwable t) {
fail("Should not have failed");
}
return null;
}
});
authsList = SUPERUSER.runAs(getAuths);
assertEquals(0, authsList.size());
}
Also used :
ByteString(com.google.protobuf.ByteString)
Connection(org.apache.hadoop.hbase.client.Connection)
ArrayList(java.util.ArrayList)
ByteString(com.google.protobuf.ByteString)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
GetAuthsResponse(org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.GetAuthsResponse)
ArrayList(java.util.ArrayList)
List(java.util.List)
Test(org.junit.Test)
Example 12 with ByteString
use of com.google.protobuf.ByteString in project hbase by apache.
the class TestVisibilityLabelsWithDefaultVisLabelService method testListLabelsWithRegEx.
@Test
public void testListLabelsWithRegEx() throws Throwable {
PrivilegedExceptionAction<ListLabelsResponse> action = new PrivilegedExceptionAction<ListLabelsResponse>() {
public ListLabelsResponse run() throws Exception {
ListLabelsResponse response = null;
try (Connection conn = ConnectionFactory.createConnection(conf)) {
response = VisibilityClient.listLabels(conn, ".*secret");
} catch (Throwable e) {
fail("Should not have thrown exception");
}
// Only return the labels that end with 'secret'
List<ByteString> labels = response.getLabelList();
assertEquals(2, labels.size());
assertTrue(labels.contains(ByteString.copyFrom(SECRET.getBytes())));
assertTrue(labels.contains(ByteString.copyFrom(TOPSECRET.getBytes())));
return null;
}
};
SUPERUSER.runAs(action);
}
Also used :
ByteString(com.google.protobuf.ByteString)
Connection(org.apache.hadoop.hbase.client.Connection)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
ListLabelsResponse(org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.ListLabelsResponse)
Test(org.junit.Test)
Example 13 with ByteString
use of com.google.protobuf.ByteString in project hbase by apache.
the class TestVisibilityLabels method testClearUserAuths.
@Test
public void testClearUserAuths() throws Throwable {
PrivilegedExceptionAction<Void> action = new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
String[] auths = { SECRET, CONFIDENTIAL, PRIVATE };
String user = "testUser";
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityClient.setAuths(conn, auths, user);
} catch (Throwable e) {
fail("Should not have failed");
}
// Removing the auths for SECRET and CONFIDENTIAL for the user.
// Passing a non existing auth also.
auths = new String[] { SECRET, PUBLIC, CONFIDENTIAL };
VisibilityLabelsResponse response = null;
try (Connection conn = ConnectionFactory.createConnection(conf)) {
response = VisibilityClient.clearAuths(conn, auths, user);
} catch (Throwable e) {
fail("Should not have failed");
}
List<RegionActionResult> resultList = response.getResultList();
assertEquals(3, resultList.size());
assertTrue(resultList.get(0).getException().getValue().isEmpty());
assertEquals("org.apache.hadoop.hbase.DoNotRetryIOException", resultList.get(1).getException().getName());
assertTrue(Bytes.toString(resultList.get(1).getException().getValue().toByteArray()).contains("org.apache.hadoop.hbase.security.visibility.InvalidLabelException: " + "Label 'public' is not set for the user testUser"));
assertTrue(resultList.get(2).getException().getValue().isEmpty());
try (Connection connection = ConnectionFactory.createConnection(conf);
Table ht = connection.getTable(LABELS_TABLE_NAME)) {
ResultScanner scanner = ht.getScanner(new Scan());
Result result = null;
List<Result> results = new ArrayList<>();
while ((result = scanner.next()) != null) {
results.add(result);
}
List<String> curAuths = extractAuths(user, results);
assertTrue(curAuths.contains(PRIVATE));
assertEquals(1, curAuths.size());
}
GetAuthsResponse authsResponse = null;
try (Connection conn = ConnectionFactory.createConnection(conf)) {
authsResponse = VisibilityClient.getAuths(conn, user);
} catch (Throwable e) {
fail("Should not have failed");
}
List<String> authsList = new ArrayList<>(authsResponse.getAuthList().size());
for (ByteString authBS : authsResponse.getAuthList()) {
authsList.add(Bytes.toString(authBS.toByteArray()));
}
assertEquals(1, authsList.size());
assertTrue(authsList.contains(PRIVATE));
return null;
}
};
SUPERUSER.runAs(action);
}
Also used :
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
ByteString(com.google.protobuf.ByteString)
Connection(org.apache.hadoop.hbase.client.Connection)
ArrayList(java.util.ArrayList)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
ByteString(com.google.protobuf.ByteString)
RegionActionResult(org.apache.hadoop.hbase.protobuf.generated.ClientProtos.RegionActionResult)
RegionActionResult(org.apache.hadoop.hbase.protobuf.generated.ClientProtos.RegionActionResult)
Result(org.apache.hadoop.hbase.client.Result)
GetAuthsResponse(org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.GetAuthsResponse)
Scan(org.apache.hadoop.hbase.client.Scan)
VisibilityLabelsResponse(org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)
Test(org.junit.Test)
Example 14 with ByteString
use of com.google.protobuf.ByteString in project hbase by apache.
the class SparkSQLPushDownFilter method parseFrom.
/**
* @param pbBytes A pb serialized instance
* @return An instance of SparkSQLPushDownFilter
* @throws org.apache.hadoop.hbase.exceptions.DeserializationException
*/
@SuppressWarnings("unused")
public static SparkSQLPushDownFilter parseFrom(final byte[] pbBytes) throws DeserializationException {
SparkFilterProtos.SQLPredicatePushDownFilter proto;
try {
proto = SparkFilterProtos.SQLPredicatePushDownFilter.parseFrom(pbBytes);
} catch (InvalidProtocolBufferException e) {
throw new DeserializationException(e);
}
String encoder = proto.getEncoderClassName();
BytesEncoder enc = JavaBytesEncoder.create(encoder);
//Load DynamicLogicExpression
DynamicLogicExpression dynamicLogicExpression = DynamicLogicExpressionBuilder.build(proto.getDynamicLogicExpression(), enc);
//Load valuesFromQuery
final List<ByteString> valueFromQueryArrayList = proto.getValueFromQueryArrayList();
byte[][] valueFromQueryArray = new byte[valueFromQueryArrayList.size()][];
for (int i = 0; i < valueFromQueryArrayList.size(); i++) {
valueFromQueryArray[i] = valueFromQueryArrayList.get(i).toByteArray();
}
//Load mapping from HBase family/qualifier to Spark SQL columnName
HashMap<ByteArrayComparable, HashMap<ByteArrayComparable, String>> currentCellToColumnIndexMap = new HashMap<>();
for (SparkFilterProtos.SQLPredicatePushDownCellToColumnMapping sqlPredicatePushDownCellToColumnMapping : proto.getCellToColumnMappingList()) {
byte[] familyArray = sqlPredicatePushDownCellToColumnMapping.getColumnFamily().toByteArray();
ByteArrayComparable familyByteComparable = new ByteArrayComparable(familyArray, 0, familyArray.length);
HashMap<ByteArrayComparable, String> qualifierMap = currentCellToColumnIndexMap.get(familyByteComparable);
if (qualifierMap == null) {
qualifierMap = new HashMap<>();
currentCellToColumnIndexMap.put(familyByteComparable, qualifierMap);
}
byte[] qualifierArray = sqlPredicatePushDownCellToColumnMapping.getQualifier().toByteArray();
ByteArrayComparable qualifierByteComparable = new ByteArrayComparable(qualifierArray, 0, qualifierArray.length);
qualifierMap.put(qualifierByteComparable, sqlPredicatePushDownCellToColumnMapping.getColumnName());
}
return new SparkSQLPushDownFilter(dynamicLogicExpression, valueFromQueryArray, currentCellToColumnIndexMap, encoder);
}
Also used :
HashMap(java.util.HashMap)
ByteString(com.google.protobuf.ByteString)
SparkFilterProtos(org.apache.hadoop.hbase.spark.protobuf.generated.SparkFilterProtos)
InvalidProtocolBufferException(com.google.protobuf.InvalidProtocolBufferException)
ByteString(com.google.protobuf.ByteString)
BytesEncoder(org.apache.hadoop.hbase.spark.datasources.BytesEncoder)
JavaBytesEncoder(org.apache.hadoop.hbase.spark.datasources.JavaBytesEncoder)
DeserializationException(org.apache.hadoop.hbase.exceptions.DeserializationException)
Example 15 with ByteString
use of com.google.protobuf.ByteString in project hive by apache.
the class LlapTokenClient method getDelegationToken.
public Token<LlapTokenIdentifier> getDelegationToken(String appId) throws IOException {
if (!UserGroupInformation.isSecurityEnabled())
return null;
Iterator<ServiceInstance> llaps = null;
if (clientInstance == null) {
assert client == null;
llaps = getLlapServices(false).iterator();
clientInstance = llaps.next();
}
ByteString tokenBytes = null;
boolean hasRefreshed = false;
while (true) {
try {
tokenBytes = getTokenBytes(appId);
break;
} catch (IOException | ServiceException ex) {
LOG.error("Cannot get a token, trying a different instance", ex);
client = null;
clientInstance = null;
}
if (llaps == null || !llaps.hasNext()) {
if (hasRefreshed) {
// Only refresh once.
throw new RuntimeException("Cannot find any LLAPs to get the token from");
}
llaps = getLlapServices(true).iterator();
hasRefreshed = true;
}
clientInstance = llaps.next();
}
Token<LlapTokenIdentifier> token = extractToken(tokenBytes);
if (LOG.isInfoEnabled()) {
LOG.info("Obtained a LLAP delegation token from " + clientInstance + ": " + token);
}
return token;
}
Also used :
LlapTokenIdentifier(org.apache.hadoop.hive.llap.security.LlapTokenIdentifier)
ServiceException(com.google.protobuf.ServiceException)
ByteString(com.google.protobuf.ByteString)
ServiceInstance(org.apache.hadoop.hive.llap.registry.ServiceInstance)
IOException(java.io.IOException)
Aggregations
ByteString (com.google.protobuf.ByteString)151
Test (org.junit.Test)35
ArrayList (java.util.ArrayList)30
IOException (java.io.IOException)27
InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)18
ServerRequest (com.pokegoapi.main.ServerRequest)13
RequestFailedException (com.pokegoapi.exceptions.request.RequestFailedException)10
Map (java.util.Map)10
HashMap (java.util.HashMap)9
List (java.util.List)9
AggregateResponse (org.apache.hadoop.hbase.protobuf.generated.AggregateProtos.AggregateResponse)9
BeforeTest (org.testng.annotations.BeforeTest)9
Test (org.testng.annotations.Test)9
Connection (org.apache.hadoop.hbase.client.Connection)8
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)7
Scan (org.apache.hadoop.hbase.client.Scan)7
DeleteRangeResponse (com.coreos.jetcd.api.DeleteRangeResponse)6
RangeResponse (com.coreos.jetcd.api.RangeResponse)6
RpcCallback (com.google.protobuf.RpcCallback)6
RpcController (com.google.protobuf.RpcController)6
