Examples with SecurityOperations - org.apache.accumulo.core.client.admin.SecurityOperations

Example 16 with SecurityOperations

use of org.apache.accumulo.core.client.admin.SecurityOperations in project accumulo by apache.

the class DeleteAuthsCommandTest method deleteAllAuth.

@Test
public void deleteAllAuth() throws Exception {
    AccumuloClient client = EasyMock.createMock(AccumuloClient.class);
    CommandLine cli = EasyMock.createMock(CommandLine.class);
    Shell shellState = EasyMock.createMock(Shell.class);
    LineReader reader = EasyMock.createMock(LineReader.class);
    SecurityOperations secOps = EasyMock.createMock(SecurityOperations.class);
    EasyMock.expect(shellState.getAccumuloClient()).andReturn(client);
    // We're the root user
    EasyMock.expect(client.whoami()).andReturn("root");
    EasyMock.expect(cli.getOptionValue("u", "root")).andReturn("foo");
    EasyMock.expect(cli.getOptionValue("s")).andReturn("abc,123");
    EasyMock.expect(client.securityOperations()).andReturn(secOps);
    EasyMock.expect(client.securityOperations()).andReturn(secOps);
    EasyMock.expect(secOps.getUserAuthorizations("foo")).andReturn(new Authorizations("abc", "123"));
    secOps.changeUserAuthorizations("foo", new Authorizations());
    EasyMock.expectLastCall();
    EasyMock.replay(client, cli, shellState, reader, secOps);
    cmd.execute("deleteauths -u foo -s abc,123", cli, shellState);
    EasyMock.verify(client, cli, shellState, reader, secOps);
}

Also used : AccumuloClient(org.apache.accumulo.core.client.AccumuloClient) CommandLine(org.apache.commons.cli.CommandLine) Shell(org.apache.accumulo.shell.Shell) Authorizations(org.apache.accumulo.core.security.Authorizations) LineReader(org.jline.reader.LineReader) SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations) Test(org.junit.Test)

Example 17 with SecurityOperations

use of org.apache.accumulo.core.client.admin.SecurityOperations in project accumulo by apache.

the class DeleteAuthsCommandTest method deleteExistingAuth.

@Test
public void deleteExistingAuth() throws Exception {
    AccumuloClient client = EasyMock.createMock(AccumuloClient.class);
    CommandLine cli = EasyMock.createMock(CommandLine.class);
    Shell shellState = EasyMock.createMock(Shell.class);
    LineReader reader = EasyMock.createMock(LineReader.class);
    SecurityOperations secOps = EasyMock.createMock(SecurityOperations.class);
    EasyMock.expect(shellState.getAccumuloClient()).andReturn(client);
    // We're the root user
    EasyMock.expect(client.whoami()).andReturn("root");
    EasyMock.expect(cli.getOptionValue("u", "root")).andReturn("foo");
    EasyMock.expect(cli.getOptionValue("s")).andReturn("abc");
    EasyMock.expect(client.securityOperations()).andReturn(secOps);
    EasyMock.expect(client.securityOperations()).andReturn(secOps);
    EasyMock.expect(secOps.getUserAuthorizations("foo")).andReturn(new Authorizations("abc", "123"));
    secOps.changeUserAuthorizations("foo", new Authorizations("123"));
    EasyMock.expectLastCall();
    EasyMock.replay(client, cli, shellState, reader, secOps);
    cmd.execute("deleteauths -u foo -s abc", cli, shellState);
    EasyMock.verify(client, cli, shellState, reader, secOps);
}

Example 18 with SecurityOperations

use of org.apache.accumulo.core.client.admin.SecurityOperations in project accumulo by apache.

the class DropUserCommandTest method dropUserWithoutForcePrompts.

@Test
public void dropUserWithoutForcePrompts() throws Exception {
    AccumuloClient client = EasyMock.createMock(AccumuloClient.class);
    CommandLine cli = EasyMock.createMock(CommandLine.class);
    Shell shellState = EasyMock.createMock(Shell.class);
    LineReader reader = EasyMock.createMock(LineReader.class);
    PrintWriter pw = EasyMock.createMock(PrintWriter.class);
    SecurityOperations secOps = EasyMock.createMock(SecurityOperations.class);
    EasyMock.expect(shellState.getAccumuloClient()).andReturn(client);
    // The user we want to remove
    EasyMock.expect(cli.getArgs()).andReturn(new String[] { "user" });
    // We're the root user
    EasyMock.expect(client.whoami()).andReturn("root");
    // Force option was not provided
    EasyMock.expect(cli.hasOption("f")).andReturn(false);
    EasyMock.expect(shellState.getReader()).andReturn(reader);
    EasyMock.expect(shellState.getWriter()).andReturn(pw);
    pw.flush();
    EasyMock.expectLastCall().once();
    // Fake a "yes" response
    EasyMock.expect(reader.readLine(EasyMock.anyObject(String.class))).andReturn("yes");
    EasyMock.expect(shellState.getAccumuloClient()).andReturn(client);
    EasyMock.expect(client.securityOperations()).andReturn(secOps);
    secOps.dropLocalUser("user");
    EasyMock.expectLastCall();
    EasyMock.replay(client, cli, shellState, reader, secOps);
    cmd.execute("dropuser foo -f", cli, shellState);
    EasyMock.verify(client, cli, shellState, reader, secOps);
}

Also used : AccumuloClient(org.apache.accumulo.core.client.AccumuloClient) CommandLine(org.apache.commons.cli.CommandLine) Shell(org.apache.accumulo.shell.Shell) LineReader(org.jline.reader.LineReader) SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations) PrintWriter(java.io.PrintWriter) Test(org.junit.Test)

Example 19 with SecurityOperations

use of org.apache.accumulo.core.client.admin.SecurityOperations in project accumulo by apache.

the class ManagerApiIT method setup.

@BeforeClass
public static void setup() throws Exception {
    // need to pretend to be a server, so we can bypass all of
    // the singleton resource management in this test
    SingletonManager.setMode(Mode.SERVER);
    SharedMiniClusterBase.startMiniCluster();
    rootUser = new Credentials(getPrincipal(), getToken());
    regularUser = new Credentials("regularUser", new PasswordToken("regularUser"));
    privilegedUser = new Credentials("privilegedUser", new PasswordToken("privilegedUser"));
    try (AccumuloClient client = Accumulo.newClient().from(getClientProps()).build()) {
        SecurityOperations rootSecOps = client.securityOperations();
        for (Credentials user : Arrays.asList(regularUser, privilegedUser)) rootSecOps.createLocalUser(user.getPrincipal(), (PasswordToken) user.getToken());
        rootSecOps.grantSystemPermission(privilegedUser.getPrincipal(), SystemPermission.SYSTEM);
    }
}

Also used : AccumuloClient(org.apache.accumulo.core.client.AccumuloClient) PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations) TCredentials(org.apache.accumulo.core.securityImpl.thrift.TCredentials) Credentials(org.apache.accumulo.core.clientImpl.Credentials) BeforeClass(org.junit.BeforeClass)

Example 20 with SecurityOperations

use of org.apache.accumulo.core.client.admin.SecurityOperations in project accumulo by apache.

the class UsersIT method testCreateExistingUser.

@Test
public void testCreateExistingUser() throws Exception {
    ClusterUser user0 = getUser(0);
    try (AccumuloClient client = Accumulo.newClient().from(getClientProps()).build()) {
        SecurityOperations securityOperations = client.securityOperations();
        Set<String> currentUsers = securityOperations.listLocalUsers();
        final String user0Principal = user0.getPrincipal();
        // Ensure that the user exists
        if (!currentUsers.contains(user0Principal)) {
            PasswordToken token = null;
            if (!saslEnabled()) {
                token = new PasswordToken(user0.getPassword());
            }
            securityOperations.createLocalUser(user0Principal, token);
        }
        final PasswordToken badToken = new PasswordToken("better_fail");
        var ase = assertThrows("Creating a user that already exists should throw an exception", AccumuloSecurityException.class, () -> securityOperations.createLocalUser(user0Principal, badToken));
        assertSame("Expected USER_EXISTS error", SecurityErrorCode.USER_EXISTS, ase.getSecurityErrorCode());
        String msg = ase.getMessage();
        assertTrue("Error message didn't contain principal: '" + msg + "'", msg.contains(user0Principal));
    }
}

Also used : AccumuloClient(org.apache.accumulo.core.client.AccumuloClient) PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations) ClusterUser(org.apache.accumulo.cluster.ClusterUser) Test(org.junit.Test)

Aggregations

SecurityOperations (org.apache.accumulo.core.client.admin.SecurityOperations)36 Test (org.junit.Test)15 PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)14 Authorizations (org.apache.accumulo.core.security.Authorizations)10 AccumuloClient (org.apache.accumulo.core.client.AccumuloClient)9 AccumuloRdfConfiguration (org.apache.rya.accumulo.AccumuloRdfConfiguration)8 MockInstance (org.apache.accumulo.core.client.mock.MockInstance)7 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)6 RyaClient (org.apache.rya.api.client.RyaClient)6 Connector (org.apache.accumulo.core.client.Connector)5 IOException (java.io.IOException)4 AccumuloException (org.apache.accumulo.core.client.AccumuloException)4 Scanner (org.apache.accumulo.core.client.Scanner)4 Shell (org.apache.accumulo.shell.Shell)4 CommandLine (org.apache.commons.cli.CommandLine)4 AccumuloRyaDAO (org.apache.rya.accumulo.AccumuloRyaDAO)4 LineReader (org.jline.reader.LineReader)4 Entry (java.util.Map.Entry)3 Credentials (org.apache.accumulo.core.clientImpl.Credentials)3 TCredentials (org.apache.accumulo.core.securityImpl.thrift.TCredentials)3