Example 81 with Connector
use of org.apache.accumulo.core.client.Connector in project accumulo by apache.
the class MockConnectorTest method testDelete.
@Test
public void testDelete() throws Exception {
Connector c = new MockConnector("root", new MockInstance());
c.tableOperations().create("test");
BatchWriter bw = c.createBatchWriter("test", new BatchWriterConfig());
Mutation m1 = new Mutation("r1");
m1.put("cf1", "cq1", 1, "v1");
bw.addMutation(m1);
bw.flush();
Mutation m2 = new Mutation("r1");
m2.putDelete("cf1", "cq1", 2);
bw.addMutation(m2);
bw.flush();
Scanner scanner = c.createScanner("test", Authorizations.EMPTY);
int count = Iterators.size(scanner.iterator());
assertEquals(0, count);
try {
c.tableOperations().create("test_this_$tableName");
assertTrue(false);
} catch (IllegalArgumentException iae) {
}
}
Also used :
Connector(org.apache.accumulo.core.client.Connector)
BatchScanner(org.apache.accumulo.core.client.BatchScanner)
Scanner(org.apache.accumulo.core.client.Scanner)
BatchWriterConfig(org.apache.accumulo.core.client.BatchWriterConfig)
MultiTableBatchWriter(org.apache.accumulo.core.client.MultiTableBatchWriter)
BatchWriter(org.apache.accumulo.core.client.BatchWriter)
Mutation(org.apache.accumulo.core.data.Mutation)
Test(org.junit.Test)
Example 82 with Connector
use of org.apache.accumulo.core.client.Connector in project accumulo by apache.
the class TestBatchScanner821 method test.
@Test
public void test() throws Exception {
MockInstance inst = new MockInstance();
Connector conn = inst.getConnector("root", new PasswordToken(""));
conn.tableOperations().create("test");
BatchWriter bw = conn.createBatchWriter("test", new BatchWriterConfig());
for (String row : "A,B,C,D".split(",")) {
Mutation m = new Mutation(row);
m.put("cf", "cq", "");
bw.addMutation(m);
}
bw.flush();
BatchScanner bs = conn.createBatchScanner("test", Authorizations.EMPTY, 1);
IteratorSetting cfg = new IteratorSetting(100, TransformIterator.class);
bs.addScanIterator(cfg);
bs.setRanges(Collections.singletonList(new Range("A", "Z")));
StringBuilder sb = new StringBuilder();
String comma = "";
for (Entry<Key, Value> entry : bs) {
sb.append(comma);
sb.append(entry.getKey().getRow());
comma = ",";
}
assertEquals("a,b,c,d", sb.toString());
}
Also used :
Connector(org.apache.accumulo.core.client.Connector)
BatchScanner(org.apache.accumulo.core.client.BatchScanner)
Range(org.apache.accumulo.core.data.Range)
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
IteratorSetting(org.apache.accumulo.core.client.IteratorSetting)
Value(org.apache.accumulo.core.data.Value)
BatchWriterConfig(org.apache.accumulo.core.client.BatchWriterConfig)
BatchWriter(org.apache.accumulo.core.client.BatchWriter)
Mutation(org.apache.accumulo.core.data.Mutation)
Key(org.apache.accumulo.core.data.Key)
Test(org.junit.Test)
Example 83 with Connector
use of org.apache.accumulo.core.client.Connector in project accumulo by apache.
the class KerberosIT method testUserPrivilegesForTable.
@Test
public void testUserPrivilegesForTable() throws Exception {
String user1 = testName.getMethodName();
final File user1Keytab = new File(kdc.getKeytabDir(), user1 + ".keytab");
if (user1Keytab.exists() && !user1Keytab.delete()) {
log.warn("Unable to delete {}", user1Keytab);
}
// Create some new users -- cannot contain realm
kdc.createPrincipal(user1Keytab, user1);
final String qualifiedUser1 = kdc.qualifyUser(user1);
// Log in as user1
UserGroupInformation ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(qualifiedUser1, user1Keytab.getAbsolutePath());
log.info("Logged in as {}", user1);
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
// Indirectly creates this user when we use it
Connector conn = mac.getConnector(qualifiedUser1, new KerberosToken());
log.info("Created connector as {}", qualifiedUser1);
// The new user should have no system permissions
for (SystemPermission perm : SystemPermission.values()) {
assertFalse(conn.securityOperations().hasSystemPermission(qualifiedUser1, perm));
}
return null;
}
});
final String table = testName.getMethodName() + "_user_table";
final String viz = "viz";
ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(rootUser.getPrincipal(), rootUser.getKeytab().getAbsolutePath());
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
Connector conn = mac.getConnector(rootUser.getPrincipal(), new KerberosToken());
conn.tableOperations().create(table);
// Give our unprivileged user permission on the table we made for them
conn.securityOperations().grantTablePermission(qualifiedUser1, table, TablePermission.READ);
conn.securityOperations().grantTablePermission(qualifiedUser1, table, TablePermission.WRITE);
conn.securityOperations().grantTablePermission(qualifiedUser1, table, TablePermission.ALTER_TABLE);
conn.securityOperations().grantTablePermission(qualifiedUser1, table, TablePermission.DROP_TABLE);
conn.securityOperations().changeUserAuthorizations(qualifiedUser1, new Authorizations(viz));
return null;
}
});
// Switch back to the original user
ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(qualifiedUser1, user1Keytab.getAbsolutePath());
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
Connector conn = mac.getConnector(qualifiedUser1, new KerberosToken());
// Make sure we can actually use the table we made
// Write data
final long ts = 1000l;
BatchWriter bw = conn.createBatchWriter(table, new BatchWriterConfig());
Mutation m = new Mutation("a");
m.put("b", "c", new ColumnVisibility(viz.getBytes()), ts, "d");
bw.addMutation(m);
bw.close();
// Compact
conn.tableOperations().compact(table, new CompactionConfig().setWait(true).setFlush(true));
// Alter
conn.tableOperations().setProperty(table, Property.TABLE_BLOOM_ENABLED.getKey(), "true");
// Read (and proper authorizations)
try (Scanner s = conn.createScanner(table, new Authorizations(viz))) {
Iterator<Entry<Key, Value>> iter = s.iterator();
assertTrue("No results from iterator", iter.hasNext());
Entry<Key, Value> entry = iter.next();
assertEquals(new Key("a", "b", "c", viz, ts), entry.getKey());
assertEquals(new Value("d".getBytes()), entry.getValue());
assertFalse("Had more results from iterator", iter.hasNext());
return null;
}
}
});
}
Also used :
Connector(org.apache.accumulo.core.client.Connector)
BatchScanner(org.apache.accumulo.core.client.BatchScanner)
Scanner(org.apache.accumulo.core.client.Scanner)
Authorizations(org.apache.accumulo.core.security.Authorizations)
KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken)
TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException)
TableExistsException(org.apache.accumulo.core.client.TableExistsException)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
AccumuloException(org.apache.accumulo.core.client.AccumuloException)
SystemPermission(org.apache.accumulo.core.security.SystemPermission)
Entry(java.util.Map.Entry)
CompactionConfig(org.apache.accumulo.core.client.admin.CompactionConfig)
Iterator(java.util.Iterator)
Value(org.apache.accumulo.core.data.Value)
BatchWriterConfig(org.apache.accumulo.core.client.BatchWriterConfig)
BatchWriter(org.apache.accumulo.core.client.BatchWriter)
Mutation(org.apache.accumulo.core.data.Mutation)
ColumnVisibility(org.apache.accumulo.core.security.ColumnVisibility)
File(java.io.File)
Key(org.apache.accumulo.core.data.Key)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Test(org.junit.Test)
Example 84 with Connector
use of org.apache.accumulo.core.client.Connector in project accumulo by apache.
the class KerberosIT method testNewUser.
@Test
public void testNewUser() throws Exception {
String newUser = testName.getMethodName();
final File newUserKeytab = new File(kdc.getKeytabDir(), newUser + ".keytab");
if (newUserKeytab.exists() && !newUserKeytab.delete()) {
log.warn("Unable to delete {}", newUserKeytab);
}
// Create a new user
kdc.createPrincipal(newUserKeytab, newUser);
final String newQualifiedUser = kdc.qualifyUser(newUser);
final HashSet<String> users = Sets.newHashSet(rootUser.getPrincipal());
// Login as the "root" user
UserGroupInformation ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(rootUser.getPrincipal(), rootUser.getKeytab().getAbsolutePath());
log.info("Logged in as {}", rootUser.getPrincipal());
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
Connector conn = mac.getConnector(rootUser.getPrincipal(), new KerberosToken());
log.info("Created connector as {}", rootUser.getPrincipal());
assertEquals(rootUser.getPrincipal(), conn.whoami());
// Make sure the system user doesn't exist -- this will force some RPC to happen server-side
createTableWithDataAndCompact(conn);
assertEquals(users, conn.securityOperations().listLocalUsers());
return null;
}
});
// Switch to a new user
ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(newQualifiedUser, newUserKeytab.getAbsolutePath());
log.info("Logged in as {}", newQualifiedUser);
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
Connector conn = mac.getConnector(newQualifiedUser, new KerberosToken());
log.info("Created connector as {}", newQualifiedUser);
assertEquals(newQualifiedUser, conn.whoami());
// The new user should have no system permissions
for (SystemPermission perm : SystemPermission.values()) {
assertFalse(conn.securityOperations().hasSystemPermission(newQualifiedUser, perm));
}
users.add(newQualifiedUser);
// Same users as before, plus the new user we just created
assertEquals(users, conn.securityOperations().listLocalUsers());
return null;
}
});
}
Also used :
SystemPermission(org.apache.accumulo.core.security.SystemPermission)
Connector(org.apache.accumulo.core.client.Connector)
KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken)
File(java.io.File)
TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException)
TableExistsException(org.apache.accumulo.core.client.TableExistsException)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
AccumuloException(org.apache.accumulo.core.client.AccumuloException)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Test(org.junit.Test)
Example 85 with Connector
use of org.apache.accumulo.core.client.Connector in project accumulo by apache.
the class KerberosIT method testGetDelegationTokenDenied.
@Test
public void testGetDelegationTokenDenied() throws Exception {
String newUser = testName.getMethodName();
final File newUserKeytab = new File(kdc.getKeytabDir(), newUser + ".keytab");
if (newUserKeytab.exists() && !newUserKeytab.delete()) {
log.warn("Unable to delete {}", newUserKeytab);
}
// Create a new user
kdc.createPrincipal(newUserKeytab, newUser);
final String qualifiedNewUser = kdc.qualifyUser(newUser);
// Login as a normal user
UserGroupInformation ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(qualifiedNewUser, newUserKeytab.getAbsolutePath());
try {
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
// As the "root" user, open up the connection and get a delegation token
Connector conn = mac.getConnector(qualifiedNewUser, new KerberosToken());
log.info("Created connector as {}", qualifiedNewUser);
assertEquals(qualifiedNewUser, conn.whoami());
conn.securityOperations().getDelegationToken(new DelegationTokenConfig());
return null;
}
});
} catch (UndeclaredThrowableException ex) {
assertTrue(ex.getCause() instanceof AccumuloSecurityException);
}
}
Also used :
Connector(org.apache.accumulo.core.client.Connector)
DelegationTokenConfig(org.apache.accumulo.core.client.admin.DelegationTokenConfig)
KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
File(java.io.File)
TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException)
TableExistsException(org.apache.accumulo.core.client.TableExistsException)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
AccumuloException(org.apache.accumulo.core.client.AccumuloException)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Test(org.junit.Test)
Aggregations
Connector (org.apache.accumulo.core.client.Connector)622
Test (org.junit.Test)415
BatchWriter (org.apache.accumulo.core.client.BatchWriter)171
Value (org.apache.accumulo.core.data.Value)162
Text (org.apache.hadoop.io.Text)160
Scanner (org.apache.accumulo.core.client.Scanner)158
Mutation (org.apache.accumulo.core.data.Mutation)152
BatchWriterConfig (org.apache.accumulo.core.client.BatchWriterConfig)143
Key (org.apache.accumulo.core.data.Key)139
PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)101
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)87
AccumuloException (org.apache.accumulo.core.client.AccumuloException)83
IteratorSetting (org.apache.accumulo.core.client.IteratorSetting)75
Range (org.apache.accumulo.core.data.Range)74
TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)65
Authorizations (org.apache.accumulo.core.security.Authorizations)60
HashSet (java.util.HashSet)57
Instance (org.apache.accumulo.core.client.Instance)55
ArrayList (java.util.ArrayList)53
Entry (java.util.Map.Entry)53
