Example 11 with SecurityOperations
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class StatementPatternStorageTest method setUp.
@Override
public void setUp() throws Exception {
super.setUp();
connector = new MockInstance(instance).getConnector(user, pwd.getBytes());
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_PO_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_OSP_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_NS_SUFFIX);
SecurityOperations secOps = connector.securityOperations();
secOps.createUser(user, pwd.getBytes(), auths);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_PO_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_OSP_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_NS_SUFFIX, TablePermission.READ);
conf = new AccumuloRdfConfiguration();
ryaDAO = new AccumuloRyaDAO();
ryaDAO.setConnector(connector);
conf.setTablePrefix(tablePrefix);
ryaDAO.setConf(conf);
ryaDAO.init();
}
Also used :
AccumuloRyaDAO(org.apache.rya.accumulo.AccumuloRyaDAO)
MockInstance(org.apache.accumulo.core.client.mock.MockInstance)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
AccumuloRdfConfiguration(org.apache.rya.accumulo.AccumuloRdfConfiguration)
Example 12 with SecurityOperations
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class RdfFileInputToolTest method setUp.
@Override
public void setUp() throws Exception {
super.setUp();
connector = new MockInstance(instance).getConnector(user, new PasswordToken(pwd));
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_PO_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_OSP_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_NS_SUFFIX);
connector.tableOperations().create(tablePrefix + RdfCloudTripleStoreConstants.TBL_EVAL_SUFFIX);
SecurityOperations secOps = connector.securityOperations();
secOps.createLocalUser(user, new PasswordToken(pwd));
secOps.changeUserAuthorizations(user, auths);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_PO_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_OSP_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_NS_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_EVAL_SUFFIX, TablePermission.READ);
secOps.grantTablePermission(user, tablePrefix + RdfCloudTripleStoreConstants.TBL_EVAL_SUFFIX, TablePermission.WRITE);
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
MockInstance(org.apache.accumulo.core.client.mock.MockInstance)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
Example 13 with SecurityOperations
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class PcjVisibilityIT method setupTestUsers.
private void setupTestUsers(final Connector accumuloConn, final String ryaInstanceName, final String pcjId) throws AccumuloException, AccumuloSecurityException {
final PasswordToken pass = new PasswordToken("password");
final SecurityOperations secOps = accumuloConn.securityOperations();
// We need the table name so that we can update security for the users.
final String pcjTableName = new PcjTableNameFactory().makeTableName(ryaInstanceName, pcjId);
// Give the 'roor' user authorizations to see everything.
secOps.changeUserAuthorizations("root", new Authorizations("A", "B", "C", "D", "E"));
// Create a user that can see things with A and B.
secOps.createLocalUser("abUser", pass);
secOps.changeUserAuthorizations("abUser", new Authorizations("A", "B"));
secOps.grantTablePermission("abUser", pcjTableName, TablePermission.READ);
// Create a user that can see things with A, B, and C.
secOps.createLocalUser("abcUser", pass);
secOps.changeUserAuthorizations("abcUser", new Authorizations("A", "B", "C"));
secOps.grantTablePermission("abcUser", pcjTableName, TablePermission.READ);
// Create a user that can see things with A, D, and E.
secOps.createLocalUser("adeUser", pass);
secOps.changeUserAuthorizations("adeUser", new Authorizations("A", "D", "E"));
secOps.grantTablePermission("adeUser", pcjTableName, TablePermission.READ);
// Create a user that can't see anything.
secOps.createLocalUser("noAuth", pass);
secOps.changeUserAuthorizations("noAuth", new Authorizations());
secOps.grantTablePermission("noAuth", pcjTableName, TablePermission.READ);
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
Authorizations(org.apache.accumulo.core.security.Authorizations)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
PcjTableNameFactory(org.apache.rya.indexing.pcj.storage.accumulo.PcjTableNameFactory)
Example 14 with SecurityOperations
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class TablePermissions method grantAllPermissions.
/**
* Grants the following Table Permissions for an Accumulo user to an Accumulo table.
* <ul>
* <li>ALTER_TABLE</li>
* <li>BULK_IMPORT</li>
* <li>DROP_TABLE</li>
* <li>GRANT</li>
* <li>READ</li>
* <li>WRITE</li>
* </ul>
*
* @param user - The user who will be granted the permissions. (not null)
* @param table - The Accumulo table the permissions are granted to. (not null)
* @param conn - The connector that is used to access the Accumulo instance
* that hosts the the {@code user} and {@code table}. (not null)
* @throws AccumuloSecurityException If a general error occurs.
* @throws AccumuloException If the user does not have permission to grant a user permissions.
*/
public void grantAllPermissions(final String user, final String table, final Connector conn) throws AccumuloException, AccumuloSecurityException {
requireNonNull(user);
requireNonNull(table);
requireNonNull(conn);
final SecurityOperations secOps = conn.securityOperations();
secOps.grantTablePermission(user, table, TablePermission.ALTER_TABLE);
secOps.grantTablePermission(user, table, TablePermission.BULK_IMPORT);
secOps.grantTablePermission(user, table, TablePermission.DROP_TABLE);
secOps.grantTablePermission(user, table, TablePermission.GRANT);
secOps.grantTablePermission(user, table, TablePermission.READ);
secOps.grantTablePermission(user, table, TablePermission.WRITE);
}
Also used :
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
Example 15 with SecurityOperations
use of org.apache.accumulo.core.client.admin.SecurityOperations in project accumulo by apache.
the class DeleteAuthsCommandTest method deleteNonExistingAuth.
@Test
public void deleteNonExistingAuth() throws Exception {
AccumuloClient client = EasyMock.createMock(AccumuloClient.class);
CommandLine cli = EasyMock.createMock(CommandLine.class);
Shell shellState = EasyMock.createMock(Shell.class);
LineReader reader = EasyMock.createMock(LineReader.class);
SecurityOperations secOps = EasyMock.createMock(SecurityOperations.class);
EasyMock.expect(shellState.getAccumuloClient()).andReturn(client);
// We're the root user
EasyMock.expect(client.whoami()).andReturn("root");
EasyMock.expect(cli.getOptionValue("u", "root")).andReturn("foo");
EasyMock.expect(cli.getOptionValue("s")).andReturn("def");
EasyMock.expect(client.securityOperations()).andReturn(secOps);
EasyMock.expect(client.securityOperations()).andReturn(secOps);
EasyMock.expect(secOps.getUserAuthorizations("foo")).andReturn(new Authorizations("abc", "123"));
secOps.changeUserAuthorizations("foo", new Authorizations("abc", "123"));
EasyMock.expectLastCall();
EasyMock.replay(client, cli, shellState, reader, secOps);
cmd.execute("deleteauths -u foo -s def", cli, shellState);
EasyMock.verify(client, cli, shellState, reader, secOps);
}
Also used :
AccumuloClient(org.apache.accumulo.core.client.AccumuloClient)
CommandLine(org.apache.commons.cli.CommandLine)
Shell(org.apache.accumulo.shell.Shell)
Authorizations(org.apache.accumulo.core.security.Authorizations)
LineReader(org.jline.reader.LineReader)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
Test(org.junit.Test)
Aggregations
SecurityOperations (org.apache.accumulo.core.client.admin.SecurityOperations)36
Test (org.junit.Test)15
PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)14
Authorizations (org.apache.accumulo.core.security.Authorizations)10
AccumuloClient (org.apache.accumulo.core.client.AccumuloClient)9
AccumuloRdfConfiguration (org.apache.rya.accumulo.AccumuloRdfConfiguration)8
MockInstance (org.apache.accumulo.core.client.mock.MockInstance)7
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)6
RyaClient (org.apache.rya.api.client.RyaClient)6
Connector (org.apache.accumulo.core.client.Connector)5
IOException (java.io.IOException)4
AccumuloException (org.apache.accumulo.core.client.AccumuloException)4
Scanner (org.apache.accumulo.core.client.Scanner)4
Shell (org.apache.accumulo.shell.Shell)4
CommandLine (org.apache.commons.cli.CommandLine)4
AccumuloRyaDAO (org.apache.rya.accumulo.AccumuloRyaDAO)4
LineReader (org.jline.reader.LineReader)4
Entry (java.util.Map.Entry)3
Credentials (org.apache.accumulo.core.clientImpl.Credentials)3
TCredentials (org.apache.accumulo.core.securityImpl.thrift.TCredentials)3
