Search in sources :

Example 16 with Condition

use of org.apache.accumulo.core.data.Condition in project accumulo by apache.

the class ConditionalWriterIT method testSecurity.

@Test
public void testSecurity() throws Exception {
    // test against table user does not have read and/or write permissions for
    Connector conn = getConnector();
    String user = null;
    ClientConfiguration clientConf = cluster.getClientConfig();
    final boolean saslEnabled = clientConf.hasSasl();
    // Create a new user
    ClusterUser user1 = getUser(0);
    user = user1.getPrincipal();
    if (saslEnabled) {
        conn.securityOperations().createLocalUser(user, null);
    } else {
        conn.securityOperations().createLocalUser(user, new PasswordToken(user1.getPassword()));
    }
    String[] tables = getUniqueNames(3);
    String table1 = tables[0], table2 = tables[1], table3 = tables[2];
    // Create three tables
    conn.tableOperations().create(table1);
    conn.tableOperations().create(table2);
    conn.tableOperations().create(table3);
    // Grant R on table1, W on table2, R/W on table3
    conn.securityOperations().grantTablePermission(user, table1, TablePermission.READ);
    conn.securityOperations().grantTablePermission(user, table2, TablePermission.WRITE);
    conn.securityOperations().grantTablePermission(user, table3, TablePermission.READ);
    conn.securityOperations().grantTablePermission(user, table3, TablePermission.WRITE);
    // Login as the user
    Connector conn2 = conn.getInstance().getConnector(user, user1.getToken());
    ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
    cm1.put("tx", "seq", "1");
    cm1.put("data", "x", "a");
    try (ConditionalWriter cw1 = conn2.createConditionalWriter(table1, new ConditionalWriterConfig());
        ConditionalWriter cw2 = conn2.createConditionalWriter(table2, new ConditionalWriterConfig());
        ConditionalWriter cw3 = conn2.createConditionalWriter(table3, new ConditionalWriterConfig())) {
        // Should be able to conditional-update a table we have R/W on
        Assert.assertEquals(Status.ACCEPTED, cw3.write(cm1).getStatus());
        // Conditional-update to a table we only have read on should fail
        try {
            Status status = cw1.write(cm1).getStatus();
            Assert.fail("Expected exception writing conditional mutation to table the user doesn't have write access to, Got status: " + status);
        } catch (AccumuloSecurityException ase) {
        }
        // Conditional-update to a table we only have writer on should fail
        try {
            Status status = cw2.write(cm1).getStatus();
            Assert.fail("Expected exception writing conditional mutation to table the user doesn't have read access to. Got status: " + status);
        } catch (AccumuloSecurityException ase) {
        }
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ClusterUser(org.apache.accumulo.cluster.ClusterUser) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) Test(org.junit.Test)

Example 17 with Condition

use of org.apache.accumulo.core.data.Condition in project accumulo by apache.

the class ConditionalWriterIT method testBadColVis.

@Test
public void testBadColVis() throws Exception {
    // test when a user sets a col vis in a condition that can never be seen
    Connector conn = getConnector();
    String tableName = getUniqueNames(1)[0];
    conn.tableOperations().create(tableName);
    Authorizations auths = new Authorizations("A", "B");
    conn.securityOperations().changeUserAuthorizations(getAdminPrincipal(), auths);
    Authorizations filteredAuths = new Authorizations("A");
    ColumnVisibility cva = new ColumnVisibility("A");
    ColumnVisibility cvb = new ColumnVisibility("B");
    ColumnVisibility cvc = new ColumnVisibility("C");
    try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(filteredAuths))) {
        // User has authorization, but didn't include it in the writer
        ConditionalMutation cm0 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb));
        cm0.put("name", "last", cva, "doe");
        cm0.put("name", "first", cva, "john");
        cm0.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm0).getStatus());
        ConditionalMutation cm1 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"));
        cm1.put("name", "last", cva, "doe");
        cm1.put("name", "first", cva, "john");
        cm1.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm1).getStatus());
        // User does not have the authorization
        ConditionalMutation cm2 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc));
        cm2.put("name", "last", cva, "doe");
        cm2.put("name", "first", cva, "john");
        cm2.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm2).getStatus());
        ConditionalMutation cm3 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc).setValue("1"));
        cm3.put("name", "last", cva, "doe");
        cm3.put("name", "first", cva, "john");
        cm3.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm3).getStatus());
        // if any visibility is bad, good visibilities don't override
        ConditionalMutation cm4 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva));
        cm4.put("name", "last", cva, "doe");
        cm4.put("name", "first", cva, "john");
        cm4.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm4).getStatus());
        ConditionalMutation cm5 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
        cm5.put("name", "last", cva, "doe");
        cm5.put("name", "first", cva, "john");
        cm5.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm5).getStatus());
        ConditionalMutation cm6 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva));
        cm6.put("name", "last", cva, "doe");
        cm6.put("name", "first", cva, "john");
        cm6.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm6).getStatus());
        ConditionalMutation cm7 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
        cm7.put("name", "last", cva, "doe");
        cm7.put("name", "first", cva, "john");
        cm7.put("tx", "seq", cva, "1");
        Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm7).getStatus());
    }
    // test passing auths that exceed users configured auths
    Authorizations exceedingAuths = new Authorizations("A", "B", "D");
    try (ConditionalWriter cw2 = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(exceedingAuths))) {
        ConditionalMutation cm8 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
        cm8.put("name", "last", cva, "doe");
        cm8.put("name", "first", cva, "john");
        cm8.put("tx", "seq", cva, "1");
        try {
            Status status = cw2.write(cm8).getStatus();
            Assert.fail("Writing mutation with Authorizations the user doesn't have should fail. Got status: " + status);
        } catch (AccumuloSecurityException ase) {
        // expected, check specific failure?
        }
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) Authorizations(org.apache.accumulo.core.security.Authorizations) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ColumnVisibility(org.apache.accumulo.core.security.ColumnVisibility) Test(org.junit.Test)

Example 18 with Condition

use of org.apache.accumulo.core.data.Condition in project accumulo by apache.

the class ConditionalWriterIT method testSameRow.

@Test
public void testSameRow() throws Exception {
    // test multiple mutations for same row in same batch
    Connector conn = getConnector();
    String tableName = getUniqueNames(1)[0];
    conn.tableOperations().create(tableName);
    try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig())) {
        ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
        cm1.put("tx", "seq", "1");
        cm1.put("data", "x", "a");
        Assert.assertEquals(Status.ACCEPTED, cw.write(cm1).getStatus());
        ConditionalMutation cm2 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
        cm2.put("tx", "seq", "2");
        cm2.put("data", "x", "b");
        ConditionalMutation cm3 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
        cm3.put("tx", "seq", "2");
        cm3.put("data", "x", "c");
        ConditionalMutation cm4 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
        cm4.put("tx", "seq", "2");
        cm4.put("data", "x", "d");
        Iterator<Result> results = cw.write(Arrays.asList(cm2, cm3, cm4).iterator());
        int accepted = 0;
        int rejected = 0;
        int total = 0;
        while (results.hasNext()) {
            Status status = results.next().getStatus();
            if (status == Status.ACCEPTED)
                accepted++;
            if (status == Status.REJECTED)
                rejected++;
            total++;
        }
        Assert.assertEquals("Expected one accepted result", 1, accepted);
        Assert.assertEquals("Expected two rejected results", 2, rejected);
        Assert.assertEquals("Expected three total results", 3, total);
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) AlphaNumKeyConstraint(org.apache.accumulo.test.constraints.AlphaNumKeyConstraint) Result(org.apache.accumulo.core.client.ConditionalWriter.Result) Test(org.junit.Test)

Example 19 with Condition

use of org.apache.accumulo.core.data.Condition in project accumulo by apache.

the class ConditionalWriterIT method testError.

@Test
public void testError() throws Exception {
    String table = getUniqueNames(1)[0];
    Connector conn = getConnector();
    conn.tableOperations().create(table);
    try (ConditionalWriter cw = conn.createConditionalWriter(table, new ConditionalWriterConfig())) {
        IteratorSetting iterSetting = new IteratorSetting(5, BadIterator.class);
        ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq").setIterators(iterSetting));
        cm1.put("tx", "seq", "1");
        cm1.put("data", "x", "a");
        Result result = cw.write(cm1);
        try {
            Status status = result.getStatus();
            Assert.fail("Expected exception using iterator which throws an error, Got status: " + status);
        } catch (AccumuloException ae) {
        }
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Status(org.apache.accumulo.core.client.ConditionalWriter.Status) Connector(org.apache.accumulo.core.client.Connector) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) AccumuloException(org.apache.accumulo.core.client.AccumuloException) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) IteratorSetting(org.apache.accumulo.core.client.IteratorSetting) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) Result(org.apache.accumulo.core.client.ConditionalWriter.Result) Test(org.junit.Test)

Example 20 with Condition

use of org.apache.accumulo.core.data.Condition in project accumulo by apache.

the class ConditionalWriterIT method testBigBatch.

@Test
public void testBigBatch() throws Exception {
    Connector conn = getConnector();
    String tableName = getUniqueNames(1)[0];
    conn.tableOperations().create(tableName);
    conn.tableOperations().addSplits(tableName, nss("2", "4", "6"));
    sleepUninterruptibly(2, TimeUnit.SECONDS);
    int num = 100;
    ArrayList<byte[]> rows = new ArrayList<>(num);
    ArrayList<ConditionalMutation> cml = new ArrayList<>(num);
    Random r = new Random();
    byte[] e = new byte[0];
    for (int i = 0; i < num; i++) {
        rows.add(FastFormat.toZeroPaddedString(abs(r.nextLong()), 16, 16, e));
    }
    for (int i = 0; i < num; i++) {
        ConditionalMutation cm = new ConditionalMutation(rows.get(i), new Condition("meta", "seq"));
        cm.put("meta", "seq", "1");
        cm.put("meta", "tx", UUID.randomUUID().toString());
        cml.add(cm);
    }
    try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig())) {
        Iterator<Result> results = cw.write(cml.iterator());
        int count = 0;
        // TODO check got each row back
        while (results.hasNext()) {
            Result result = results.next();
            Assert.assertEquals(Status.ACCEPTED, result.getStatus());
            count++;
        }
        Assert.assertEquals("Did not receive the expected number of results", num, count);
        ArrayList<ConditionalMutation> cml2 = new ArrayList<>(num);
        for (int i = 0; i < num; i++) {
            ConditionalMutation cm = new ConditionalMutation(rows.get(i), new Condition("meta", "seq").setValue("1"));
            cm.put("meta", "seq", "2");
            cm.put("meta", "tx", UUID.randomUUID().toString());
            cml2.add(cm);
        }
        count = 0;
        results = cw.write(cml2.iterator());
        while (results.hasNext()) {
            Result result = results.next();
            Assert.assertEquals(Status.ACCEPTED, result.getStatus());
            count++;
        }
        Assert.assertEquals("Did not receive the expected number of results", num, count);
    }
}
Also used : Condition(org.apache.accumulo.core.data.Condition) Connector(org.apache.accumulo.core.client.Connector) ArrayList(java.util.ArrayList) AlphaNumKeyConstraint(org.apache.accumulo.test.constraints.AlphaNumKeyConstraint) Result(org.apache.accumulo.core.client.ConditionalWriter.Result) ConditionalWriter(org.apache.accumulo.core.client.ConditionalWriter) ConditionalMutation(org.apache.accumulo.core.data.ConditionalMutation) Random(java.util.Random) ConditionalWriterConfig(org.apache.accumulo.core.client.ConditionalWriterConfig) Test(org.junit.Test)

Aggregations

Condition (org.apache.accumulo.core.data.Condition)23 ConditionalMutation (org.apache.accumulo.core.data.ConditionalMutation)21 ConditionalWriter (org.apache.accumulo.core.client.ConditionalWriter)20 ConditionalWriterConfig (org.apache.accumulo.core.client.ConditionalWriterConfig)19 Connector (org.apache.accumulo.core.client.Connector)17 Test (org.junit.Test)17 IsolatedScanner (org.apache.accumulo.core.client.IsolatedScanner)11 Scanner (org.apache.accumulo.core.client.Scanner)11 Value (org.apache.accumulo.core.data.Value)11 Result (org.apache.accumulo.core.client.ConditionalWriter.Result)10 Status (org.apache.accumulo.core.client.ConditionalWriter.Status)10 Key (org.apache.accumulo.core.data.Key)9 Range (org.apache.accumulo.core.data.Range)8 Authorizations (org.apache.accumulo.core.security.Authorizations)7 Text (org.apache.hadoop.io.Text)7 AccumuloException (org.apache.accumulo.core.client.AccumuloException)5 ColumnVisibility (org.apache.accumulo.core.security.ColumnVisibility)5 AlphaNumKeyConstraint (org.apache.accumulo.test.constraints.AlphaNumKeyConstraint)5 ArrayList (java.util.ArrayList)4 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)4