Search in sources :

Example 6 with AuthorizationTestModule

use of io.cdap.cdap.security.authorization.AuthorizationTestModule in project cdap by caskdata.

the class TetheringClientHandlerTest method setup.

@BeforeClass
public static void setup() throws Exception {
    cConf = CConfiguration.create();
    injector = Guice.createInjector(new ConfigModule(cConf), RemoteAuthenticatorModules.getNoOpModule(), new SystemDatasetRuntimeModule().getInMemoryModules(), new TransactionModules().getInMemoryModules(), new TransactionExecutorModule(), new InMemoryDiscoveryModule(), new MessagingServerRuntimeModule().getInMemoryModules(), new StorageModule(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule(), new PrivateModule() {

        @Override
        protected void configure() {
            bind(MetricsCollectionService.class).to(NoOpMetricsCollectionService.class).in(Scopes.SINGLETON);
            expose(MetricsCollectionService.class);
        }
    });
    tetheringStore = new TetheringStore(injector.getInstance(TransactionRunner.class));
    txManager = injector.getInstance(TransactionManager.class);
    txManager.startAndWait();
}
Also used : InMemoryDiscoveryModule(io.cdap.cdap.common.guice.InMemoryDiscoveryModule) StorageModule(io.cdap.cdap.data.runtime.StorageModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) MessagingServerRuntimeModule(io.cdap.cdap.messaging.guice.MessagingServerRuntimeModule) NoOpMetricsCollectionService(io.cdap.cdap.common.metrics.NoOpMetricsCollectionService) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) TransactionModules(org.apache.tephra.runtime.TransactionModules) TransactionExecutorModule(io.cdap.cdap.data.runtime.TransactionExecutorModule) TransactionManager(org.apache.tephra.TransactionManager) SystemDatasetRuntimeModule(io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) PrivateModule(com.google.inject.PrivateModule) BeforeClass(org.junit.BeforeClass)

Example 7 with AuthorizationTestModule

use of io.cdap.cdap.security.authorization.AuthorizationTestModule in project cdap by caskdata.

the class TransactionServiceTest method createTxService.

static TransactionService createTxService(String zkConnectionString, int txServicePort, Configuration hConf, final File outPath, @Nullable CConfiguration cConfig) {
    final CConfiguration cConf = cConfig == null ? CConfiguration.create() : cConfig;
    // tests should use the current user for HDFS
    cConf.set(Constants.CFG_HDFS_USER, System.getProperty("user.name"));
    cConf.set(Constants.Zookeeper.QUORUM, zkConnectionString);
    cConf.set(Constants.CFG_LOCAL_DATA_DIR, outPath.getAbsolutePath());
    cConf.set(TxConstants.Service.CFG_DATA_TX_BIND_PORT, Integer.toString(txServicePort));
    // we want persisting for this test
    cConf.setBoolean(TxConstants.Manager.CFG_DO_PERSIST, true);
    cConf.setBoolean(TxConstants.TransactionPruning.PRUNE_ENABLE, false);
    final Injector injector = Guice.createInjector(new ConfigModule(cConf, hConf), new NonCustomLocationUnitTestModule(), new ZKClientModule(), new ZKDiscoveryModule(), new TransactionMetricsModule(), new AbstractModule() {

        @Override
        protected void configure() {
            bind(NamespaceQueryAdmin.class).to(SimpleNamespaceQueryAdmin.class);
            bind(UGIProvider.class).to(UnsupportedUGIProvider.class);
            bind(OwnerAdmin.class).to(DefaultOwnerAdmin.class);
        }
    }, new DataFabricModules().getDistributedModules(), new SystemDatasetRuntimeModule().getInMemoryModules(), new DataSetsModules().getInMemoryModules(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getNoOpModule());
    injector.getInstance(ZKClientService.class).startAndWait();
    return injector.getInstance(TransactionService.class);
}
Also used : UnsupportedUGIProvider(io.cdap.cdap.security.impersonation.UnsupportedUGIProvider) ZKDiscoveryModule(io.cdap.cdap.common.guice.ZKDiscoveryModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) DefaultOwnerAdmin(io.cdap.cdap.security.impersonation.DefaultOwnerAdmin) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) TransactionMetricsModule(io.cdap.cdap.data.runtime.TransactionMetricsModule) AbstractModule(com.google.inject.AbstractModule) ZKClientModule(io.cdap.cdap.common.guice.ZKClientModule) ZKClientService(org.apache.twill.zookeeper.ZKClientService) Injector(com.google.inject.Injector) SimpleNamespaceQueryAdmin(io.cdap.cdap.common.namespace.SimpleNamespaceQueryAdmin) SystemDatasetRuntimeModule(io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule) DataFabricModules(io.cdap.cdap.data.runtime.DataFabricModules) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule)

Example 8 with AuthorizationTestModule

use of io.cdap.cdap.security.authorization.AuthorizationTestModule in project cdap by caskdata.

the class TransactionServiceClientTest method beforeClass.

@BeforeClass
public static void beforeClass() throws Exception {
    HBaseTestingUtility hBaseTestingUtility = new HBaseTestingUtility();
    hBaseTestingUtility.startMiniDFSCluster(1);
    Configuration hConf = hBaseTestingUtility.getConfiguration();
    hConf.setBoolean("fs.hdfs.impl.disable.cache", true);
    zkServer = InMemoryZKServer.builder().build();
    zkServer.startAndWait();
    CConfiguration cConf = CConfiguration.create();
    // tests should use the current user for HDFS
    cConf.set(Constants.CFG_HDFS_USER, System.getProperty("user.name"));
    cConf.set(Constants.Zookeeper.QUORUM, zkServer.getConnectionStr());
    cConf.set(Constants.CFG_LOCAL_DATA_DIR, tmpFolder.newFolder().getAbsolutePath());
    cConf.setBoolean(TxConstants.TransactionPruning.PRUNE_ENABLE, false);
    // we want persisting for this test
    cConf.setBoolean(TxConstants.Manager.CFG_DO_PERSIST, true);
    // getCommonConfiguration() sets up an hConf with tx service configuration.
    // however, createTxService() will override these with defaults from the CConf.
    // hence, we must pass in these settings when creating the tx service.
    Configuration extraCConf = new Configuration();
    extraCConf.clear();
    extraCConf = getCommonConfiguration(extraCConf);
    for (Map.Entry<String, String> entry : extraCConf) {
        cConf.set(entry.getKey(), entry.getValue());
    }
    server = TransactionServiceTest.createTxService(zkServer.getConnectionStr(), Networks.getRandomPort(), hConf, tmpFolder.newFolder(), cConf);
    server.startAndWait();
    injector = Guice.createInjector(new ConfigModule(cConf, hConf), RemoteAuthenticatorModules.getNoOpModule(), new ZKClientModule(), new ZKDiscoveryModule(), new NonCustomLocationUnitTestModule(), new TransactionMetricsModule(), new DataFabricModules().getDistributedModules(), new AbstractModule() {

        @Override
        protected void configure() {
            bind(NamespaceQueryAdmin.class).to(SimpleNamespaceQueryAdmin.class);
            bind(UGIProvider.class).to(UnsupportedUGIProvider.class);
            bind(OwnerAdmin.class).to(DefaultOwnerAdmin.class);
        }
    }, Modules.override(new DataSetsModules().getDistributedModules()).with(new AbstractModule() {

        @Override
        protected void configure() {
            bind(MetadataStorage.class).to(NoopMetadataStorage.class);
        }
    }), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getNoOpModule());
    zkClient = injector.getInstance(ZKClientService.class);
    zkClient.startAndWait();
    txStateStorage = injector.getInstance(TransactionStateStorage.class);
    txStateStorage.startAndWait();
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) ZKDiscoveryModule(io.cdap.cdap.common.guice.ZKDiscoveryModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) UGIProvider(io.cdap.cdap.security.impersonation.UGIProvider) UnsupportedUGIProvider(io.cdap.cdap.security.impersonation.UnsupportedUGIProvider) DefaultOwnerAdmin(io.cdap.cdap.security.impersonation.DefaultOwnerAdmin) OwnerAdmin(io.cdap.cdap.security.impersonation.OwnerAdmin) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) TransactionMetricsModule(io.cdap.cdap.data.runtime.TransactionMetricsModule) AbstractModule(com.google.inject.AbstractModule) ZKClientModule(io.cdap.cdap.common.guice.ZKClientModule) NoopMetadataStorage(io.cdap.cdap.spi.metadata.noop.NoopMetadataStorage) ZKClientService(org.apache.twill.zookeeper.ZKClientService) HBaseTestingUtility(org.apache.hadoop.hbase.HBaseTestingUtility) NamespaceQueryAdmin(io.cdap.cdap.common.namespace.NamespaceQueryAdmin) SimpleNamespaceQueryAdmin(io.cdap.cdap.common.namespace.SimpleNamespaceQueryAdmin) TransactionStateStorage(org.apache.tephra.persist.TransactionStateStorage) Map(java.util.Map) DataFabricModules(io.cdap.cdap.data.runtime.DataFabricModules) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) BeforeClass(org.junit.BeforeClass)

Example 9 with AuthorizationTestModule

use of io.cdap.cdap.security.authorization.AuthorizationTestModule in project cdap by caskdata.

the class TransactionServiceTest method testHA.

@Test(timeout = 30000)
public void testHA() throws Exception {
    // NOTE: we play with blocking/nonblocking a lot below
    // as until we integrate with "leader election" stuff, service blocks on start if it is not a leader
    // TODO: fix this by integration with generic leader election stuff
    CConfiguration cConf = CConfiguration.create();
    // tests should use the current user for HDFS
    cConf.set(Constants.CFG_HDFS_USER, System.getProperty("user.name"));
    cConf.set(Constants.Zookeeper.QUORUM, zkServer.getConnectionStr());
    cConf.set(Constants.CFG_LOCAL_DATA_DIR, tmpFolder.newFolder().getAbsolutePath());
    Injector injector = Guice.createInjector(new ConfigModule(cConf), RemoteAuthenticatorModules.getNoOpModule(), new ZKClientModule(), new ZKDiscoveryModule(), new NonCustomLocationUnitTestModule(), new TransactionMetricsModule(), new AbstractModule() {

        @Override
        protected void configure() {
            bind(NamespaceQueryAdmin.class).to(SimpleNamespaceQueryAdmin.class);
            bind(UGIProvider.class).to(UnsupportedUGIProvider.class);
            bind(OwnerAdmin.class).to(DefaultOwnerAdmin.class);
        }
    }, new DataFabricModules().getDistributedModules(), Modules.override(new DataSetsModules().getDistributedModules()).with(new AbstractModule() {

        @Override
        protected void configure() {
            bind(MetadataStorage.class).to(NoopMetadataStorage.class);
        }
    }), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getNoOpModule());
    ZKClientService zkClient = injector.getInstance(ZKClientService.class);
    zkClient.startAndWait();
    try {
        final Table table = createTable("myTable");
        // tx service client
        // NOTE: we can init it earlier than we start services, it should pick them up when they are available
        TransactionSystemClient txClient = injector.getInstance(TransactionSystemClient.class);
        TransactionExecutor txExecutor = new DefaultTransactionExecutor(txClient, ImmutableList.of((TransactionAware) table));
        // starting tx service, tx client can pick it up
        TransactionService first = createTxService(zkServer.getConnectionStr(), Networks.getRandomPort(), hConf, tmpFolder.newFolder());
        first.startAndWait();
        Assert.assertNotNull(txClient.startShort());
        verifyGetAndPut(table, txExecutor, null, "val1");
        // starting another tx service should not hurt
        TransactionService second = createTxService(zkServer.getConnectionStr(), Networks.getRandomPort(), hConf, tmpFolder.newFolder());
        // NOTE: we don't have to wait for start as client should pick it up anyways, but we do wait to ensure
        // the case with two active is handled well
        second.startAndWait();
        // wait for affect a bit
        TimeUnit.SECONDS.sleep(1);
        Assert.assertNotNull(txClient.startShort());
        verifyGetAndPut(table, txExecutor, "val1", "val2");
        // shutting down the first one is fine: we have another one to pick up the leader role
        first.stopAndWait();
        Assert.assertNotNull(txClient.startShort());
        verifyGetAndPut(table, txExecutor, "val2", "val3");
        // doing same trick again to failover to the third one
        TransactionService third = createTxService(zkServer.getConnectionStr(), Networks.getRandomPort(), hConf, tmpFolder.newFolder());
        // NOTE: we don't have to wait for start as client should pick it up anyways
        third.start();
        // stopping second one
        second.stopAndWait();
        Assert.assertNotNull(txClient.startShort());
        verifyGetAndPut(table, txExecutor, "val3", "val4");
        // releasing resources
        third.stop();
    } finally {
        try {
            dropTable("myTable");
        } finally {
            zkClient.stopAndWait();
        }
    }
}
Also used : ZKDiscoveryModule(io.cdap.cdap.common.guice.ZKDiscoveryModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) TransactionMetricsModule(io.cdap.cdap.data.runtime.TransactionMetricsModule) ZKClientModule(io.cdap.cdap.common.guice.ZKClientModule) TransactionSystemClient(org.apache.tephra.TransactionSystemClient) Injector(com.google.inject.Injector) SimpleNamespaceQueryAdmin(io.cdap.cdap.common.namespace.SimpleNamespaceQueryAdmin) UnsupportedUGIProvider(io.cdap.cdap.security.impersonation.UnsupportedUGIProvider) Table(io.cdap.cdap.api.dataset.table.Table) InMemoryTable(io.cdap.cdap.data2.dataset2.lib.table.inmemory.InMemoryTable) TransactionService(org.apache.tephra.distributed.TransactionService) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) TransactionExecutor(org.apache.tephra.TransactionExecutor) DefaultTransactionExecutor(org.apache.tephra.DefaultTransactionExecutor) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) DefaultOwnerAdmin(io.cdap.cdap.security.impersonation.DefaultOwnerAdmin) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) AbstractModule(com.google.inject.AbstractModule) ZKClientService(org.apache.twill.zookeeper.ZKClientService) TransactionAware(org.apache.tephra.TransactionAware) MetadataStorage(io.cdap.cdap.spi.metadata.MetadataStorage) NoopMetadataStorage(io.cdap.cdap.spi.metadata.noop.NoopMetadataStorage) DefaultTransactionExecutor(org.apache.tephra.DefaultTransactionExecutor) DataFabricModules(io.cdap.cdap.data.runtime.DataFabricModules) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) Test(org.junit.Test)

Example 10 with AuthorizationTestModule

use of io.cdap.cdap.security.authorization.AuthorizationTestModule in project cdap by caskdata.

the class LevelDBMetricsTableTest method setup.

@BeforeClass
public static void setup() throws Exception {
    CConfiguration conf = CConfiguration.create();
    conf.set(Constants.CFG_LOCAL_DATA_DIR, tmpFolder.newFolder().getAbsolutePath());
    Injector injector = Guice.createInjector(new ConfigModule(conf), new NonCustomLocationUnitTestModule(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule(), new InMemoryDiscoveryModule(), new SystemDatasetRuntimeModule().getInMemoryModules(), new DataSetsModules().getInMemoryModules(), new DataFabricLevelDBModule(), new TransactionMetricsModule());
    dsFramework = injector.getInstance(DatasetFramework.class);
}
Also used : InMemoryDiscoveryModule(io.cdap.cdap.common.guice.InMemoryDiscoveryModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) DataFabricLevelDBModule(io.cdap.cdap.data.runtime.DataFabricLevelDBModule) TransactionMetricsModule(io.cdap.cdap.data.runtime.TransactionMetricsModule) DatasetFramework(io.cdap.cdap.data2.dataset2.DatasetFramework) Injector(com.google.inject.Injector) SystemDatasetRuntimeModule(io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) BeforeClass(org.junit.BeforeClass)

Aggregations

AuthenticationContextModules (io.cdap.cdap.security.auth.context.AuthenticationContextModules)66 AuthorizationTestModule (io.cdap.cdap.security.authorization.AuthorizationTestModule)66 ConfigModule (io.cdap.cdap.common.guice.ConfigModule)64 AuthorizationEnforcementModule (io.cdap.cdap.security.authorization.AuthorizationEnforcementModule)64 AbstractModule (com.google.inject.AbstractModule)54 NonCustomLocationUnitTestModule (io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule)48 DataSetsModules (io.cdap.cdap.data.runtime.DataSetsModules)46 CConfiguration (io.cdap.cdap.common.conf.CConfiguration)44 BeforeClass (org.junit.BeforeClass)42 UnsupportedUGIProvider (io.cdap.cdap.security.impersonation.UnsupportedUGIProvider)40 TransactionManager (org.apache.tephra.TransactionManager)38 InMemoryDiscoveryModule (io.cdap.cdap.common.guice.InMemoryDiscoveryModule)34 SystemDatasetRuntimeModule (io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule)34 NoOpMetricsCollectionService (io.cdap.cdap.common.metrics.NoOpMetricsCollectionService)32 DefaultOwnerAdmin (io.cdap.cdap.security.impersonation.DefaultOwnerAdmin)32 Injector (com.google.inject.Injector)30 StructuredTableAdmin (io.cdap.cdap.spi.data.StructuredTableAdmin)30 MetricsCollectionService (io.cdap.cdap.api.metrics.MetricsCollectionService)28 NamespaceAdminTestModule (io.cdap.cdap.common.guice.NamespaceAdminTestModule)28 StorageModule (io.cdap.cdap.data.runtime.StorageModule)28