use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class CopyToolTest method testCopyTool.
@Test
public void testCopyTool() throws Exception {
final RyaStatement ryaStatementOutOfTimeRange = createRyaStatement("coach", "called", "timeout", LAST_MONTH);
final RyaStatement ryaStatementShouldCopy1 = createRyaStatement("bob", "catches", "ball", YESTERDAY);
final RyaStatement ryaStatementShouldCopy2 = createRyaStatement("bill", "talks to", "john", YESTERDAY);
final RyaStatement ryaStatementShouldCopy3 = createRyaStatement("susan", "eats", "burgers", TODAY);
final RyaStatement ryaStatementShouldCopy4 = createRyaStatement("ronnie", "plays", "guitar", TODAY);
final RyaStatement ryaStatementDoesNotExist1 = createRyaStatement("nobody", "was", "here", LAST_MONTH);
final RyaStatement ryaStatementDoesNotExist2 = createRyaStatement("statement", "not", "found", YESTERDAY);
final RyaStatement ryaStatementDoesNotExist3 = createRyaStatement("key", "does not", "exist", TODAY);
// This statement was modified by the child to change the column visibility.
// The parent should combine the child's visibility with its visibility.
final RyaStatement ryaStatementVisibilityDifferent = createRyaStatement("I", "see", "you", YESTERDAY);
ryaStatementVisibilityDifferent.setColumnVisibility(PARENT_COLUMN_VISIBILITY.getExpression());
// Setup initial parent instance with 7 rows
// This is the state of the parent data (as it is today) before merging occurs which will use the specified start time of yesterday.
// Process should NOT copy statement
parentDao.add(ryaStatementOutOfTimeRange);
// Process should copy statement
parentDao.add(ryaStatementShouldCopy1);
// Process should copy statement
parentDao.add(ryaStatementShouldCopy2);
// Process should copy statement
parentDao.add(ryaStatementShouldCopy3);
// Process should copy statement
parentDao.add(ryaStatementShouldCopy4);
// Process should copy and update statement
parentDao.add(ryaStatementVisibilityDifferent);
AccumuloRyaUtils.printTable(PARENT_TABLE_PREFIX + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX, parentConfig);
// AccumuloRyaUtils.printTable(CHILD_TABLE_PREFIX + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX, childConfig);
log.info("Starting copy tool. Copying all data after the specified start time: " + YESTERDAY);
isImporting = false;
copyToolRun(YESTERDAY);
// Copy Tool made child instance so hook the tables and dao into the driver.
final String childUser = accumuloDualInstanceDriver.getChildUser();
final Connector childConnector = ConfigUtils.getConnector(childConfig);
accumuloDualInstanceDriver.getChildAccumuloInstanceDriver().setConnector(childConnector);
accumuloDualInstanceDriver.getChildAccumuloInstanceDriver().setUpTables();
accumuloDualInstanceDriver.getChildAccumuloInstanceDriver().setUpDao();
childDao = accumuloDualInstanceDriver.getChildDao();
// Update child config to include changes made from copy process
final SecurityOperations childSecOps = accumuloDualInstanceDriver.getChildSecOps();
Authorizations newChildAuths = AccumuloRyaUtils.addUserAuths(childUser, childSecOps, PARENT_AUTH);
childSecOps.changeUserAuthorizations(childUser, newChildAuths);
final String childAuthString = newChildAuths.toString();
final List<String> duplicateKeys = MergeTool.DUPLICATE_KEY_MAP.get(MRUtils.AC_AUTH_PROP);
childConfig.set(MRUtils.AC_AUTH_PROP, childAuthString);
for (final String key : duplicateKeys) {
childConfig.set(key, childAuthString);
}
AccumuloRyaUtils.printTablePretty(CHILD_TABLE_PREFIX + RdfCloudTripleStoreConstants.TBL_PO_SUFFIX, childConfig);
AccumuloRyaUtils.printTablePretty(CHILD_TABLE_PREFIX + RdfCloudTripleStoreConstants.TBL_OSP_SUFFIX, childConfig);
AccumuloRyaUtils.printTablePretty(CHILD_TABLE_PREFIX + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX, childConfig);
final Scanner scanner = AccumuloRyaUtils.getScanner(CHILD_TABLE_PREFIX + RdfCloudTripleStoreConstants.TBL_SPO_SUFFIX, childConfig);
final Iterator<Entry<Key, Value>> iterator = scanner.iterator();
int count = 0;
while (iterator.hasNext()) {
iterator.next();
count++;
}
// Make sure we have all of them in the parent.
assertEquals(5, count);
assertStatementInChild("Child included statement that was out of time range", 0, ryaStatementOutOfTimeRange);
assertStatementInChild("Child missing statement 1 that was in parent", 1, ryaStatementShouldCopy1);
assertStatementInChild("Child missing statement 2 that was in parent", 1, ryaStatementShouldCopy2);
assertStatementInChild("Child missing statement 3 that was in parent", 1, ryaStatementShouldCopy3);
assertStatementInChild("Child missing statement 4 that was in parent", 1, ryaStatementShouldCopy4);
assertStatementInChild("Child included statement 1 that was not in parent", 0, ryaStatementDoesNotExist1);
assertStatementInChild("Child included statement 2 that was not in parent", 0, ryaStatementDoesNotExist2);
assertStatementInChild("Child included statement 3 that was not in parent", 0, ryaStatementDoesNotExist3);
// Check that it can be queried with child's visibility
assertStatementInChild("Child missing statement with child visibility", 1, ryaStatementVisibilityDifferent);
// Check that it can be queried with parent's visibility
childConfig.set(RdfCloudTripleStoreConfiguration.CONF_QUERY_AUTH, PARENT_AUTH);
final SecurityOperations secOps = IS_MOCK ? accumuloDualInstanceDriver.getChildSecOps() : childSecOps;
newChildAuths = AccumuloRyaUtils.addUserAuths(accumuloDualInstanceDriver.getChildUser(), secOps, PARENT_AUTH);
secOps.changeUserAuthorizations(accumuloDualInstanceDriver.getChildUser(), newChildAuths);
assertStatementInChild("Child missing statement with parent visibility", 1, ryaStatementVisibilityDifferent);
// Check that it can NOT be queried with some other visibility
childConfig.set(RdfCloudTripleStoreConfiguration.CONF_QUERY_AUTH, "bad_auth");
final CloseableIteration<RyaStatement, RyaDAOException> iter = childDao.getQueryEngine().query(ryaStatementVisibilityDifferent, childConfig);
count = 0;
try {
while (iter.hasNext()) {
iter.next();
count++;
}
} catch (final Exception e) {
// Expected
if (!(e.getCause() instanceof AccumuloSecurityException)) {
fail();
}
}
iter.close();
assertEquals(0, count);
// reset auth
childConfig.set(RdfCloudTripleStoreConfiguration.CONF_QUERY_AUTH, childAuthString);
log.info("DONE");
}
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class BaseCopyToolMapper method copyAuthorizations.
protected void copyAuthorizations() throws IOException {
try {
final SecurityOperations parentSecOps = parentConnector.securityOperations();
final SecurityOperations childSecOps = childConnector.securityOperations();
final Authorizations parentAuths = parentSecOps.getUserAuthorizations(parentUser);
final Authorizations childAuths = childSecOps.getUserAuthorizations(childUser);
// Add any parent authorizations that the child doesn't have.
if (!childAuths.equals(parentAuths)) {
log.info("Adding the authorization, \"" + parentAuths.toString() + "\", to the child user, \"" + childUser + "\"");
final Authorizations newChildAuths = AccumuloRyaUtils.addUserAuths(childUser, childSecOps, parentAuths);
childSecOps.changeUserAuthorizations(childUser, newChildAuths);
}
} catch (AccumuloException | AccumuloSecurityException e) {
throw new IOException(e);
}
}
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class AccumuloAddUserIT method beforeClass.
@Before
public void beforeClass() throws Exception {
final SecurityOperations secOps = super.getConnector().securityOperations();
// Create the user that will install the instance of Rya.
secOps.createLocalUser(ADMIN_USER, new PasswordToken(ADMIN_USER));
secOps.grantSystemPermission(ADMIN_USER, SystemPermission.CREATE_TABLE);
}
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class AccumuloAddUserIT method userAddedAlsoAddedToRyaDetails.
/**
* Ensure that when a user is added to a Rya instance that its details are updated to include the new user.
*/
@Test
public void userAddedAlsoAddedToRyaDetails() throws Exception {
final String user = testInstance.createUniqueUser();
final SecurityOperations secOps = super.getConnector().securityOperations();
final RyaClient userAClient = AccumuloRyaClientFactory.build(new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()), super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));
// Create the user that will be added to the instance of Rya.
secOps.createLocalUser(user, new PasswordToken(user));
// Install the instance of Rya.
userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());
// Add the user.
userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
// Ensure the Rya instance's details have been updated to include the added user.
final ImmutableList<String> expectedUsers = ImmutableList.<String>builder().add(ADMIN_USER).add(user).build();
final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
assertEquals(expectedUsers, details.getUsers());
}
use of org.apache.accumulo.core.client.admin.SecurityOperations in project incubator-rya by apache.
the class AccumuloAddUserIT method afterClass.
@After
public void afterClass() throws Exception {
final SecurityOperations secOps = super.getConnector().securityOperations();
secOps.dropLocalUser(ADMIN_USER);
}
Aggregations