use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.
the class ClientServiceHandler method getDiskUsage.
@Override
public List<TDiskUsage> getDiskUsage(Set<String> tables, TCredentials credentials) throws ThriftTableOperationException, ThriftSecurityException, TException {
try {
HashSet<Table.ID> tableIds = new HashSet<>();
for (String table : tables) {
// ensure that table table exists
Table.ID tableId = checkTableId(instance, table, null);
tableIds.add(tableId);
Namespace.ID namespaceId = Tables.getNamespaceId(instance, tableId);
if (!security.canScan(credentials, tableId, namespaceId))
throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
}
// use the same set of tableIds that were validated above to avoid race conditions
Map<TreeSet<String>, Long> diskUsage = TableDiskUsage.getDiskUsage(tableIds, fs, context.getConnector());
List<TDiskUsage> retUsages = new ArrayList<>();
for (Map.Entry<TreeSet<String>, Long> usageItem : diskUsage.entrySet()) {
retUsages.add(new TDiskUsage(new ArrayList<>(usageItem.getKey()), usageItem.getValue()));
}
return retUsages;
} catch (AccumuloSecurityException e) {
throw e.asThriftException();
} catch (AccumuloException | TableNotFoundException | IOException e) {
throw new TException(e);
}
}
use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.
the class ClientServiceHandler method checkNamespaceClass.
@Override
public boolean checkNamespaceClass(TInfo tinfo, TCredentials credentials, String ns, String className, String interfaceMatch) throws TException, ThriftTableOperationException, ThriftSecurityException {
security.authenticateUser(credentials, credentials);
Namespace.ID namespaceId = checkNamespaceId(instance, ns, null);
ClassLoader loader = getClass().getClassLoader();
Class<?> shouldMatch;
try {
shouldMatch = loader.loadClass(interfaceMatch);
AccumuloConfiguration conf = context.getServerConfigurationFactory().getNamespaceConfiguration(namespaceId);
String context = conf.get(Property.TABLE_CLASSPATH);
ClassLoader currentLoader;
if (context != null && !context.equals("")) {
currentLoader = AccumuloVFSClassLoader.getContextManager().getClassLoader(context);
} else {
currentLoader = AccumuloVFSClassLoader.getClassLoader();
}
Class<?> test = currentLoader.loadClass(className).asSubclass(shouldMatch);
test.newInstance();
return true;
} catch (Exception e) {
log.warn("Error checking object types", e);
return false;
}
}
use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.
the class ClientServiceHandler method createLocalUser.
@Override
public void createLocalUser(TInfo tinfo, TCredentials credentials, String principal, ByteBuffer password) throws ThriftSecurityException {
AuthenticationToken token;
if (null != context.getSaslParams()) {
try {
token = new KerberosToken();
} catch (IOException e) {
log.warn("Failed to create KerberosToken");
throw new ThriftSecurityException(e.getMessage(), SecurityErrorCode.DEFAULT_SECURITY_ERROR);
}
} else {
token = new PasswordToken(password);
}
Credentials newUser = new Credentials(principal, token);
security.createUser(credentials, newUser, new Authorizations());
}
use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.
the class TableOperationsImpl method getDiskUsage.
@Override
public List<DiskUsage> getDiskUsage(Set<String> tableNames) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
List<TDiskUsage> diskUsages = null;
while (diskUsages == null) {
Pair<String, Client> pair = null;
try {
// this operation may us a lot of memory... its likely that connections to tabletservers hosting metadata tablets will be cached, so do not use cached
// connections
pair = ServerClient.getConnection(context, false);
diskUsages = pair.getSecond().getDiskUsage(tableNames, context.rpcCreds());
} catch (ThriftTableOperationException e) {
switch(e.getType()) {
case NOTFOUND:
throw new TableNotFoundException(e);
case NAMESPACE_NOTFOUND:
throw new TableNotFoundException(e.getTableName(), new NamespaceNotFoundException(e));
default:
throw new AccumuloException(e.description, e);
}
} catch (ThriftSecurityException e) {
throw new AccumuloSecurityException(e.getUser(), e.getCode());
} catch (TTransportException e) {
// some sort of communication error occurred, retry
if (pair == null) {
log.debug("Disk usage request failed. Pair is null. Retrying request...", e);
} else {
log.debug("Disk usage request failed {}, retrying ... ", pair.getFirst(), e);
}
sleepUninterruptibly(100, TimeUnit.MILLISECONDS);
} catch (TException e) {
// may be a TApplicationException which indicates error on the server side
throw new AccumuloException(e);
} finally {
// must always return thrift connection
if (pair != null)
ServerClient.close(pair.getSecond());
}
}
List<DiskUsage> finalUsages = new ArrayList<>();
for (TDiskUsage diskUsage : diskUsages) {
finalUsages.add(new DiskUsage(new TreeSet<>(diskUsage.getTables()), diskUsage.getUsage()));
}
return finalUsages;
}
use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.
the class TableOperationsImpl method testClassLoad.
@Override
public boolean testClassLoad(final String tableName, final String className, final String asTypeName) throws TableNotFoundException, AccumuloException, AccumuloSecurityException {
checkArgument(tableName != null, "tableName is null");
checkArgument(className != null, "className is null");
checkArgument(asTypeName != null, "asTypeName is null");
try {
return ServerClient.executeRaw(context, new ClientExecReturn<Boolean, ClientService.Client>() {
@Override
public Boolean execute(ClientService.Client client) throws Exception {
return client.checkTableClass(Tracer.traceInfo(), context.rpcCreds(), tableName, className, asTypeName);
}
});
} catch (ThriftTableOperationException e) {
switch(e.getType()) {
case NOTFOUND:
throw new TableNotFoundException(e);
case NAMESPACE_NOTFOUND:
throw new TableNotFoundException(tableName, new NamespaceNotFoundException(e));
default:
throw new AccumuloException(e.description, e);
}
} catch (ThriftSecurityException e) {
throw new AccumuloSecurityException(e.user, e.code, e);
} catch (AccumuloException e) {
throw e;
} catch (Exception e) {
throw new AccumuloException(e);
}
}
Aggregations