Example 16 with ConditionalWriter
use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.
the class ProxyServer method closeConditionalWriter.
@Override
public void closeConditionalWriter(String conditionalWriter) throws TException {
ConditionalWriter cw = conditionalWriterCache.getIfPresent(UUID.fromString(conditionalWriter));
if (cw != null) {
cw.close();
conditionalWriterCache.invalidate(UUID.fromString(conditionalWriter));
}
}
Also used :
ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter)
Example 17 with ConditionalWriter
use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.
the class ConditionalWriterIT method testConstraints.
@Test
public void testConstraints() throws Exception {
// ensure constraint violations are properly reported
Connector conn = getConnector();
String tableName = getUniqueNames(1)[0];
conn.tableOperations().create(tableName);
conn.tableOperations().addConstraint(tableName, AlphaNumKeyConstraint.class.getName());
conn.tableOperations().clone(tableName, tableName + "_clone", true, new HashMap<>(), new HashSet<>());
try (ConditionalWriter cw = conn.createConditionalWriter(tableName + "_clone", new ConditionalWriterConfig());
Scanner scanner = conn.createScanner(tableName + "_clone", new Authorizations())) {
ConditionalMutation cm0 = new ConditionalMutation("99006+", new Condition("tx", "seq"));
cm0.put("tx", "seq", "1");
Assert.assertEquals(Status.VIOLATED, cw.write(cm0).getStatus());
Assert.assertFalse("Should find no results in the table is mutation result was violated", scanner.iterator().hasNext());
ConditionalMutation cm1 = new ConditionalMutation("99006", new Condition("tx", "seq"));
cm1.put("tx", "seq", "1");
Assert.assertEquals(Status.ACCEPTED, cw.write(cm1).getStatus());
Assert.assertTrue("Accepted result should be returned when reading table", scanner.iterator().hasNext());
}
}
Also used :
Condition(org.apache.accumulo.core.data.Condition)
Connector(org.apache.accumulo.core.client.Connector)
ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter)
IsolatedScanner(org.apache.accumulo.core.client.IsolatedScanner)
Scanner(org.apache.accumulo.core.client.Scanner)
Authorizations(org.apache.accumulo.core.security.Authorizations)
ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation)
ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig)
AlphaNumKeyConstraint(org.apache.accumulo.test.constraints.AlphaNumKeyConstraint)
Test(org.junit.Test)
Example 18 with ConditionalWriter
use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.
the class ConditionalWriterIT method testSecurity.
@Test
public void testSecurity() throws Exception {
// test against table user does not have read and/or write permissions for
Connector conn = getConnector();
String user = null;
ClientConfiguration clientConf = cluster.getClientConfig();
final boolean saslEnabled = clientConf.hasSasl();
// Create a new user
ClusterUser user1 = getUser(0);
user = user1.getPrincipal();
if (saslEnabled) {
conn.securityOperations().createLocalUser(user, null);
} else {
conn.securityOperations().createLocalUser(user, new PasswordToken(user1.getPassword()));
}
String[] tables = getUniqueNames(3);
String table1 = tables[0], table2 = tables[1], table3 = tables[2];
// Create three tables
conn.tableOperations().create(table1);
conn.tableOperations().create(table2);
conn.tableOperations().create(table3);
// Grant R on table1, W on table2, R/W on table3
conn.securityOperations().grantTablePermission(user, table1, TablePermission.READ);
conn.securityOperations().grantTablePermission(user, table2, TablePermission.WRITE);
conn.securityOperations().grantTablePermission(user, table3, TablePermission.READ);
conn.securityOperations().grantTablePermission(user, table3, TablePermission.WRITE);
// Login as the user
Connector conn2 = conn.getInstance().getConnector(user, user1.getToken());
ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
cm1.put("tx", "seq", "1");
cm1.put("data", "x", "a");
try (ConditionalWriter cw1 = conn2.createConditionalWriter(table1, new ConditionalWriterConfig());
ConditionalWriter cw2 = conn2.createConditionalWriter(table2, new ConditionalWriterConfig());
ConditionalWriter cw3 = conn2.createConditionalWriter(table3, new ConditionalWriterConfig())) {
// Should be able to conditional-update a table we have R/W on
Assert.assertEquals(Status.ACCEPTED, cw3.write(cm1).getStatus());
// Conditional-update to a table we only have read on should fail
try {
Status status = cw1.write(cm1).getStatus();
Assert.fail("Expected exception writing conditional mutation to table the user doesn't have write access to, Got status: " + status);
} catch (AccumuloSecurityException ase) {
}
// Conditional-update to a table we only have writer on should fail
try {
Status status = cw2.write(cm1).getStatus();
Assert.fail("Expected exception writing conditional mutation to table the user doesn't have read access to. Got status: " + status);
} catch (AccumuloSecurityException ase) {
}
}
}
Also used :
Condition(org.apache.accumulo.core.data.Condition)
Status(org.apache.accumulo.core.client.ConditionalWriter.Status)
Connector(org.apache.accumulo.core.client.Connector)
ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter)
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation)
ClusterUser(org.apache.accumulo.cluster.ClusterUser)
ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration)
Test(org.junit.Test)
Example 19 with ConditionalWriter
use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.
the class ConditionalWriterIT method testBadColVis.
@Test
public void testBadColVis() throws Exception {
// test when a user sets a col vis in a condition that can never be seen
Connector conn = getConnector();
String tableName = getUniqueNames(1)[0];
conn.tableOperations().create(tableName);
Authorizations auths = new Authorizations("A", "B");
conn.securityOperations().changeUserAuthorizations(getAdminPrincipal(), auths);
Authorizations filteredAuths = new Authorizations("A");
ColumnVisibility cva = new ColumnVisibility("A");
ColumnVisibility cvb = new ColumnVisibility("B");
ColumnVisibility cvc = new ColumnVisibility("C");
try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(filteredAuths))) {
// User has authorization, but didn't include it in the writer
ConditionalMutation cm0 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb));
cm0.put("name", "last", cva, "doe");
cm0.put("name", "first", cva, "john");
cm0.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm0).getStatus());
ConditionalMutation cm1 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"));
cm1.put("name", "last", cva, "doe");
cm1.put("name", "first", cva, "john");
cm1.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm1).getStatus());
// User does not have the authorization
ConditionalMutation cm2 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc));
cm2.put("name", "last", cva, "doe");
cm2.put("name", "first", cva, "john");
cm2.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm2).getStatus());
ConditionalMutation cm3 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc).setValue("1"));
cm3.put("name", "last", cva, "doe");
cm3.put("name", "first", cva, "john");
cm3.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm3).getStatus());
// if any visibility is bad, good visibilities don't override
ConditionalMutation cm4 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva));
cm4.put("name", "last", cva, "doe");
cm4.put("name", "first", cva, "john");
cm4.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm4).getStatus());
ConditionalMutation cm5 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
cm5.put("name", "last", cva, "doe");
cm5.put("name", "first", cva, "john");
cm5.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm5).getStatus());
ConditionalMutation cm6 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva));
cm6.put("name", "last", cva, "doe");
cm6.put("name", "first", cva, "john");
cm6.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm6).getStatus());
ConditionalMutation cm7 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
cm7.put("name", "last", cva, "doe");
cm7.put("name", "first", cva, "john");
cm7.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm7).getStatus());
}
// test passing auths that exceed users configured auths
Authorizations exceedingAuths = new Authorizations("A", "B", "D");
try (ConditionalWriter cw2 = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(exceedingAuths))) {
ConditionalMutation cm8 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
cm8.put("name", "last", cva, "doe");
cm8.put("name", "first", cva, "john");
cm8.put("tx", "seq", cva, "1");
try {
Status status = cw2.write(cm8).getStatus();
Assert.fail("Writing mutation with Authorizations the user doesn't have should fail. Got status: " + status);
} catch (AccumuloSecurityException ase) {
// expected, check specific failure?
}
}
}
Also used :
Condition(org.apache.accumulo.core.data.Condition)
Status(org.apache.accumulo.core.client.ConditionalWriter.Status)
Connector(org.apache.accumulo.core.client.Connector)
ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter)
Authorizations(org.apache.accumulo.core.security.Authorizations)
ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation)
ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
ColumnVisibility(org.apache.accumulo.core.security.ColumnVisibility)
Test(org.junit.Test)
Example 20 with ConditionalWriter
use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.
the class ConditionalWriterIT method testSameRow.
@Test
public void testSameRow() throws Exception {
// test multiple mutations for same row in same batch
Connector conn = getConnector();
String tableName = getUniqueNames(1)[0];
conn.tableOperations().create(tableName);
try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig())) {
ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
cm1.put("tx", "seq", "1");
cm1.put("data", "x", "a");
Assert.assertEquals(Status.ACCEPTED, cw.write(cm1).getStatus());
ConditionalMutation cm2 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
cm2.put("tx", "seq", "2");
cm2.put("data", "x", "b");
ConditionalMutation cm3 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
cm3.put("tx", "seq", "2");
cm3.put("data", "x", "c");
ConditionalMutation cm4 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
cm4.put("tx", "seq", "2");
cm4.put("data", "x", "d");
Iterator<Result> results = cw.write(Arrays.asList(cm2, cm3, cm4).iterator());
int accepted = 0;
int rejected = 0;
int total = 0;
while (results.hasNext()) {
Status status = results.next().getStatus();
if (status == Status.ACCEPTED)
accepted++;
if (status == Status.REJECTED)
rejected++;
total++;
}
Assert.assertEquals("Expected one accepted result", 1, accepted);
Assert.assertEquals("Expected two rejected results", 2, rejected);
Assert.assertEquals("Expected three total results", 3, total);
}
}
Also used :
Condition(org.apache.accumulo.core.data.Condition)
Status(org.apache.accumulo.core.client.ConditionalWriter.Status)
Connector(org.apache.accumulo.core.client.Connector)
ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter)
ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation)
ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig)
AlphaNumKeyConstraint(org.apache.accumulo.test.constraints.AlphaNumKeyConstraint)
Result(org.apache.accumulo.core.client.ConditionalWriter.Result)
Test(org.junit.Test)
Aggregations
ConditionalWriter (org.apache.accumulo.core.client.ConditionalWriter)26
ConditionalMutation (org.apache.accumulo.core.data.ConditionalMutation)24
ConditionalWriterConfig (org.apache.accumulo.core.client.ConditionalWriterConfig)23
Condition (org.apache.accumulo.core.data.Condition)20
Connector (org.apache.accumulo.core.client.Connector)19
Test (org.junit.Test)18
Result (org.apache.accumulo.core.client.ConditionalWriter.Result)12
IsolatedScanner (org.apache.accumulo.core.client.IsolatedScanner)12
Scanner (org.apache.accumulo.core.client.Scanner)12
Status (org.apache.accumulo.core.client.ConditionalWriter.Status)10
Value (org.apache.accumulo.core.data.Value)10
Key (org.apache.accumulo.core.data.Key)9
AccumuloException (org.apache.accumulo.core.client.AccumuloException)8
Range (org.apache.accumulo.core.data.Range)8
Text (org.apache.hadoop.io.Text)8
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)7
Authorizations (org.apache.accumulo.core.security.Authorizations)7
TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)6
ArrayList (java.util.ArrayList)5
IteratorSetting (org.apache.accumulo.core.client.IteratorSetting)5
