Search in sources :

Example 16 with ConditionalWriter

use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.

the class ProxyServer method closeConditionalWriter.

@Override
public void closeConditionalWriter(String conditionalWriter) throws TException {
    ConditionalWriter cw = conditionalWriterCache.getIfPresent(UUID.fromString(conditionalWriter));
    if (cw != null) {
        cw.close();
        conditionalWriterCache.invalidate(UUID.fromString(conditionalWriter));
    }
}
Also used : ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter)

Example 17 with ConditionalWriter

use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.

the class ConditionalWriterIT method testConstraints.

@Test
public void testConstraints() throws Exception {
    // ensure constraint violations are properly reported
    Connector conn = getConnector();
    String tableName = getUniqueNames(1)[0];
    conn.tableOperations().create(tableName);
    conn.tableOperations().addConstraint(tableName, AlphaNumKeyConstraint.class.getName());
    conn.tableOperations().clone(tableName, tableName + "_clone", true, new HashMap<>(), new HashSet<>());
    try (ConditionalWriter cw = conn.createConditionalWriter(tableName + "_clone", new ConditionalWriterConfig());
        Scanner scanner = conn.createScanner(tableName + "_clone", new Authorizations())) {
        ConditionalMutation cm0 = new ConditionalMutation("99006+", new Condition("tx", "seq"));
        cm0.put("tx", "seq", "1");
        Assert.assertEquals(Status.VIOLATED, cw.write(cm0).getStatus());
        Assert.assertFalse("Should find no results in the table is mutation result was violated", scanner.iterator().hasNext());
        ConditionalMutation cm1 = new ConditionalMutation("99006", new Condition("tx", "seq"));
        cm1.put("tx", "seq", "1");
        Assert.assertEquals(Status.ACCEPTED, cw.write(cm1).getStatus());
        Assert.assertTrue("Accepted result should be returned when reading table", scanner.iterator().hasNext());
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) IsolatedScanner(org.apache.accumulo.core.client.IsolatedScanner) Scanner(org.apache.accumulo.core.client.Scanner) Authorizations(org.apache.accumulo.core.security.Authorizations) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AlphaNumKeyConstraint(org.apache.accumulo.test.constraints.AlphaNumKeyConstraint) Test(org.junit.Test)

Example 18 with ConditionalWriter

use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.

the class ConditionalWriterIT method testSecurity.

@Test
public void testSecurity() throws Exception {
    // test against table user does not have read and/or write permissions for
    Connector conn = getConnector();
    String user = null;
    ClientConfiguration clientConf = cluster.getClientConfig();
    final boolean saslEnabled = clientConf.hasSasl();
    // Create a new user
    ClusterUser user1 = getUser(0);
    user = user1.getPrincipal();
    if (saslEnabled) {
        conn.securityOperations().createLocalUser(user, null);
    } else {
        conn.securityOperations().createLocalUser(user, new PasswordToken(user1.getPassword()));
    }
    String[] tables = getUniqueNames(3);
    String table1 = tables[0], table2 = tables[1], table3 = tables[2];
    // Create three tables
    conn.tableOperations().create(table1);
    conn.tableOperations().create(table2);
    conn.tableOperations().create(table3);
    // Grant R on table1, W on table2, R/W on table3
    conn.securityOperations().grantTablePermission(user, table1, TablePermission.READ);
    conn.securityOperations().grantTablePermission(user, table2, TablePermission.WRITE);
    conn.securityOperations().grantTablePermission(user, table3, TablePermission.READ);
    conn.securityOperations().grantTablePermission(user, table3, TablePermission.WRITE);
    // Login as the user
    Connector conn2 = conn.getInstance().getConnector(user, user1.getToken());
    ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
    cm1.put("tx", "seq", "1");
    cm1.put("data", "x", "a");
    try (ConditionalWriter cw1 = conn2.createConditionalWriter(table1, new ConditionalWriterConfig());
        ConditionalWriter cw2 = conn2.createConditionalWriter(table2, new ConditionalWriterConfig());
        ConditionalWriter cw3 = conn2.createConditionalWriter(table3, new ConditionalWriterConfig())) {
        // Should be able to conditional-update a table we have R/W on
        Assert.assertEquals(Status.ACCEPTED, cw3.write(cm1).getStatus());
        // Conditional-update to a table we only have read on should fail
        try {
            Status status = cw1.write(cm1).getStatus();
            Assert.fail("Expected exception writing conditional mutation to table the user doesn't have write access to, Got status: " + status);
        } catch (AccumuloSecurityException ase) {
        }
        // Conditional-update to a table we only have writer on should fail
        try {
            Status status = cw2.write(cm1).getStatus();
            Assert.fail("Expected exception writing conditional mutation to table the user doesn't have read access to. Got status: " + status);
        } catch (AccumuloSecurityException ase) {
        }
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ClusterUser(org.apache.accumulo.cluster.ClusterUser) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) Test(org.junit.Test)

Example 19 with ConditionalWriter

use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.

the class ConditionalWriterIT method testBadColVis.

@Test
public void testBadColVis() throws Exception {
    // test when a user sets a col vis in a condition that can never be seen
    Connector conn = getConnector();
    String tableName = getUniqueNames(1)[0];
    conn.tableOperations().create(tableName);
    Authorizations auths = new Authorizations("A", "B");
    conn.securityOperations().changeUserAuthorizations(getAdminPrincipal(), auths);
    Authorizations filteredAuths = new Authorizations("A");
    ColumnVisibility cva = new ColumnVisibility("A");
    ColumnVisibility cvb = new ColumnVisibility("B");
    ColumnVisibility cvc = new ColumnVisibility("C");
    try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(filteredAuths))) {
        // User has authorization, but didn't include it in the writer
        ConditionalMutation cm0 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb));
        cm0.put("name", "last", cva, "doe");
        cm0.put("name", "first", cva, "john");
        cm0.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm0).getStatus());
        ConditionalMutation cm1 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"));
        cm1.put("name", "last", cva, "doe");
        cm1.put("name", "first", cva, "john");
        cm1.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm1).getStatus());
        // User does not have the authorization
        ConditionalMutation cm2 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc));
        cm2.put("name", "last", cva, "doe");
        cm2.put("name", "first", cva, "john");
        cm2.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm2).getStatus());
        ConditionalMutation cm3 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc).setValue("1"));
        cm3.put("name", "last", cva, "doe");
        cm3.put("name", "first", cva, "john");
        cm3.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm3).getStatus());
        // if any visibility is bad, good visibilities don't override
        ConditionalMutation cm4 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva));
        cm4.put("name", "last", cva, "doe");
        cm4.put("name", "first", cva, "john");
        cm4.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm4).getStatus());
        ConditionalMutation cm5 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
        cm5.put("name", "last", cva, "doe");
        cm5.put("name", "first", cva, "john");
        cm5.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm5).getStatus());
        ConditionalMutation cm6 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva));
        cm6.put("name", "last", cva, "doe");
        cm6.put("name", "first", cva, "john");
        cm6.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm6).getStatus());
        ConditionalMutation cm7 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
        cm7.put("name", "last", cva, "doe");
        cm7.put("name", "first", cva, "john");
        cm7.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm7).getStatus());
    }
    // test passing auths that exceed users configured auths
    Authorizations exceedingAuths = new Authorizations("A", "B", "D");
    try (ConditionalWriter cw2 = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(exceedingAuths))) {
        ConditionalMutation cm8 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
        cm8.put("name", "last", cva, "doe");
        cm8.put("name", "first", cva, "john");
        cm8.put("tx", "seq", cva, "1");
        try {
            Status status = cw2.write(cm8).getStatus();
            Assert.fail("Writing mutation with Authorizations the user doesn't have should fail. Got status: " + status);
        } catch (AccumuloSecurityException ase) {
        // expected, check specific failure?
        }
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) Authorizations(org.apache.accumulo.core.security.Authorizations) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ColumnVisibility(org.apache.accumulo.core.security.ColumnVisibility) Test(org.junit.Test)

Example 20 with ConditionalWriter

use of org.apache.accumulo.core.client.ConditionalWriter in project accumulo by apache.

the class ConditionalWriterIT method testSameRow.

@Test
public void testSameRow() throws Exception {
    // test multiple mutations for same row in same batch
    Connector conn = getConnector();
    String tableName = getUniqueNames(1)[0];
    conn.tableOperations().create(tableName);
    try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig())) {
        ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
        cm1.put("tx", "seq", "1");
        cm1.put("data", "x", "a");
        Assert.assertEquals(Status.ACCEPTED, cw.write(cm1).getStatus());
        ConditionalMutation cm2 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
        cm2.put("tx", "seq", "2");
        cm2.put("data", "x", "b");
        ConditionalMutation cm3 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
        cm3.put("tx", "seq", "2");
        cm3.put("data", "x", "c");
        ConditionalMutation cm4 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
        cm4.put("tx", "seq", "2");
        cm4.put("data", "x", "d");
        Iterator<Result> results = cw.write(Arrays.asList(cm2, cm3, cm4).iterator());
        int accepted = 0;
        int rejected = 0;
        int total = 0;
        while (results.hasNext()) {
            Status status = results.next().getStatus();
            if (status == Status.ACCEPTED)
                accepted++;
            if (status == Status.REJECTED)
                rejected++;
            total++;
        }
        Assert.assertEquals("Expected one accepted result", 1, accepted);
        Assert.assertEquals("Expected two rejected results", 2, rejected);
        Assert.assertEquals("Expected three total results", 3, total);
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AlphaNumKeyConstraint(org.apache.accumulo.test.constraints.AlphaNumKeyConstraint) Result(org.apache.accumulo.core.client.ConditionalWriter.Result) Test(org.junit.Test)

Aggregations

ConditionalWriter (org.apache.accumulo.core.client.ConditionalWriter)26 ConditionalMutation (org.apache.accumulo.core.data.ConditionalMutation)24 ConditionalWriterConfig (org.apache.accumulo.core.client.ConditionalWriterConfig)23 Condition (org.apache.accumulo.core.data.Condition)20 Connector (org.apache.accumulo.core.client.Connector)19 Test (org.junit.Test)18 Result (org.apache.accumulo.core.client.ConditionalWriter.Result)12 IsolatedScanner (org.apache.accumulo.core.client.IsolatedScanner)12 Scanner (org.apache.accumulo.core.client.Scanner)12 Status (org.apache.accumulo.core.client.ConditionalWriter.Status)10 Value (org.apache.accumulo.core.data.Value)10 Key (org.apache.accumulo.core.data.Key)9 AccumuloException (org.apache.accumulo.core.client.AccumuloException)8 Range (org.apache.accumulo.core.data.Range)8 Text (org.apache.hadoop.io.Text)8 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)7 Authorizations (org.apache.accumulo.core.security.Authorizations)7 TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)6 ArrayList (java.util.ArrayList)5 IteratorSetting (org.apache.accumulo.core.client.IteratorSetting)5