use of org.apache.accumulo.core.data.Condition in project accumulo by apache.
the class ConditionalWriterIT method testSecurity.
@Test
public void testSecurity() throws Exception {
// test against table user does not have read and/or write permissions for
Connector conn = getConnector();
String user = null;
ClientConfiguration clientConf = cluster.getClientConfig();
final boolean saslEnabled = clientConf.hasSasl();
// Create a new user
ClusterUser user1 = getUser(0);
user = user1.getPrincipal();
if (saslEnabled) {
conn.securityOperations().createLocalUser(user, null);
} else {
conn.securityOperations().createLocalUser(user, new PasswordToken(user1.getPassword()));
}
String[] tables = getUniqueNames(3);
String table1 = tables[0], table2 = tables[1], table3 = tables[2];
// Create three tables
conn.tableOperations().create(table1);
conn.tableOperations().create(table2);
conn.tableOperations().create(table3);
// Grant R on table1, W on table2, R/W on table3
conn.securityOperations().grantTablePermission(user, table1, TablePermission.READ);
conn.securityOperations().grantTablePermission(user, table2, TablePermission.WRITE);
conn.securityOperations().grantTablePermission(user, table3, TablePermission.READ);
conn.securityOperations().grantTablePermission(user, table3, TablePermission.WRITE);
// Login as the user
Connector conn2 = conn.getInstance().getConnector(user, user1.getToken());
ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
cm1.put("tx", "seq", "1");
cm1.put("data", "x", "a");
try (ConditionalWriter cw1 = conn2.createConditionalWriter(table1, new ConditionalWriterConfig());
ConditionalWriter cw2 = conn2.createConditionalWriter(table2, new ConditionalWriterConfig());
ConditionalWriter cw3 = conn2.createConditionalWriter(table3, new ConditionalWriterConfig())) {
// Should be able to conditional-update a table we have R/W on
Assert.assertEquals(Status.ACCEPTED, cw3.write(cm1).getStatus());
// Conditional-update to a table we only have read on should fail
try {
Status status = cw1.write(cm1).getStatus();
Assert.fail("Expected exception writing conditional mutation to table the user doesn't have write access to, Got status: " + status);
} catch (AccumuloSecurityException ase) {
}
// Conditional-update to a table we only have writer on should fail
try {
Status status = cw2.write(cm1).getStatus();
Assert.fail("Expected exception writing conditional mutation to table the user doesn't have read access to. Got status: " + status);
} catch (AccumuloSecurityException ase) {
}
}
}
use of org.apache.accumulo.core.data.Condition in project accumulo by apache.
the class ConditionalWriterIT method testBadColVis.
@Test
public void testBadColVis() throws Exception {
// test when a user sets a col vis in a condition that can never be seen
Connector conn = getConnector();
String tableName = getUniqueNames(1)[0];
conn.tableOperations().create(tableName);
Authorizations auths = new Authorizations("A", "B");
conn.securityOperations().changeUserAuthorizations(getAdminPrincipal(), auths);
Authorizations filteredAuths = new Authorizations("A");
ColumnVisibility cva = new ColumnVisibility("A");
ColumnVisibility cvb = new ColumnVisibility("B");
ColumnVisibility cvc = new ColumnVisibility("C");
try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(filteredAuths))) {
// User has authorization, but didn't include it in the writer
ConditionalMutation cm0 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb));
cm0.put("name", "last", cva, "doe");
cm0.put("name", "first", cva, "john");
cm0.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm0).getStatus());
ConditionalMutation cm1 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"));
cm1.put("name", "last", cva, "doe");
cm1.put("name", "first", cva, "john");
cm1.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm1).getStatus());
// User does not have the authorization
ConditionalMutation cm2 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc));
cm2.put("name", "last", cva, "doe");
cm2.put("name", "first", cva, "john");
cm2.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm2).getStatus());
ConditionalMutation cm3 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvc).setValue("1"));
cm3.put("name", "last", cva, "doe");
cm3.put("name", "first", cva, "john");
cm3.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm3).getStatus());
// if any visibility is bad, good visibilities don't override
ConditionalMutation cm4 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva));
cm4.put("name", "last", cva, "doe");
cm4.put("name", "first", cva, "john");
cm4.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm4).getStatus());
ConditionalMutation cm5 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
cm5.put("name", "last", cva, "doe");
cm5.put("name", "first", cva, "john");
cm5.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm5).getStatus());
ConditionalMutation cm6 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb).setValue("1"), new Condition("tx", "seq").setVisibility(cva));
cm6.put("name", "last", cva, "doe");
cm6.put("name", "first", cva, "john");
cm6.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm6).getStatus());
ConditionalMutation cm7 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
cm7.put("name", "last", cva, "doe");
cm7.put("name", "first", cva, "john");
cm7.put("tx", "seq", cva, "1");
Assert.assertEquals(Status.INVISIBLE_VISIBILITY, cw.write(cm7).getStatus());
}
// test passing auths that exceed users configured auths
Authorizations exceedingAuths = new Authorizations("A", "B", "D");
try (ConditionalWriter cw2 = conn.createConditionalWriter(tableName, new ConditionalWriterConfig().setAuthorizations(exceedingAuths))) {
ConditionalMutation cm8 = new ConditionalMutation("99006", new Condition("tx", "seq").setVisibility(cvb), new Condition("tx", "seq").setVisibility(cva).setValue("1"));
cm8.put("name", "last", cva, "doe");
cm8.put("name", "first", cva, "john");
cm8.put("tx", "seq", cva, "1");
try {
Status status = cw2.write(cm8).getStatus();
Assert.fail("Writing mutation with Authorizations the user doesn't have should fail. Got status: " + status);
} catch (AccumuloSecurityException ase) {
// expected, check specific failure?
}
}
}
use of org.apache.accumulo.core.data.Condition in project accumulo by apache.
the class ConditionalWriterIT method testSameRow.
@Test
public void testSameRow() throws Exception {
// test multiple mutations for same row in same batch
Connector conn = getConnector();
String tableName = getUniqueNames(1)[0];
conn.tableOperations().create(tableName);
try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig())) {
ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq"));
cm1.put("tx", "seq", "1");
cm1.put("data", "x", "a");
Assert.assertEquals(Status.ACCEPTED, cw.write(cm1).getStatus());
ConditionalMutation cm2 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
cm2.put("tx", "seq", "2");
cm2.put("data", "x", "b");
ConditionalMutation cm3 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
cm3.put("tx", "seq", "2");
cm3.put("data", "x", "c");
ConditionalMutation cm4 = new ConditionalMutation("r1", new Condition("tx", "seq").setValue("1"));
cm4.put("tx", "seq", "2");
cm4.put("data", "x", "d");
Iterator<Result> results = cw.write(Arrays.asList(cm2, cm3, cm4).iterator());
int accepted = 0;
int rejected = 0;
int total = 0;
while (results.hasNext()) {
Status status = results.next().getStatus();
if (status == Status.ACCEPTED)
accepted++;
if (status == Status.REJECTED)
rejected++;
total++;
}
Assert.assertEquals("Expected one accepted result", 1, accepted);
Assert.assertEquals("Expected two rejected results", 2, rejected);
Assert.assertEquals("Expected three total results", 3, total);
}
}
use of org.apache.accumulo.core.data.Condition in project accumulo by apache.
the class ConditionalWriterIT method testError.
@Test
public void testError() throws Exception {
String table = getUniqueNames(1)[0];
Connector conn = getConnector();
conn.tableOperations().create(table);
try (ConditionalWriter cw = conn.createConditionalWriter(table, new ConditionalWriterConfig())) {
IteratorSetting iterSetting = new IteratorSetting(5, BadIterator.class);
ConditionalMutation cm1 = new ConditionalMutation("r1", new Condition("tx", "seq").setIterators(iterSetting));
cm1.put("tx", "seq", "1");
cm1.put("data", "x", "a");
Result result = cw.write(cm1);
try {
Status status = result.getStatus();
Assert.fail("Expected exception using iterator which throws an error, Got status: " + status);
} catch (AccumuloException ae) {
}
}
}
use of org.apache.accumulo.core.data.Condition in project accumulo by apache.
the class ConditionalWriterIT method testBigBatch.
@Test
public void testBigBatch() throws Exception {
Connector conn = getConnector();
String tableName = getUniqueNames(1)[0];
conn.tableOperations().create(tableName);
conn.tableOperations().addSplits(tableName, nss("2", "4", "6"));
sleepUninterruptibly(2, TimeUnit.SECONDS);
int num = 100;
ArrayList<byte[]> rows = new ArrayList<>(num);
ArrayList<ConditionalMutation> cml = new ArrayList<>(num);
Random r = new Random();
byte[] e = new byte[0];
for (int i = 0; i < num; i++) {
rows.add(FastFormat.toZeroPaddedString(abs(r.nextLong()), 16, 16, e));
}
for (int i = 0; i < num; i++) {
ConditionalMutation cm = new ConditionalMutation(rows.get(i), new Condition("meta", "seq"));
cm.put("meta", "seq", "1");
cm.put("meta", "tx", UUID.randomUUID().toString());
cml.add(cm);
}
try (ConditionalWriter cw = conn.createConditionalWriter(tableName, new ConditionalWriterConfig())) {
Iterator<Result> results = cw.write(cml.iterator());
int count = 0;
// TODO check got each row back
while (results.hasNext()) {
Result result = results.next();
Assert.assertEquals(Status.ACCEPTED, result.getStatus());
count++;
}
Assert.assertEquals("Did not receive the expected number of results", num, count);
ArrayList<ConditionalMutation> cml2 = new ArrayList<>(num);
for (int i = 0; i < num; i++) {
ConditionalMutation cm = new ConditionalMutation(rows.get(i), new Condition("meta", "seq").setValue("1"));
cm.put("meta", "seq", "2");
cm.put("meta", "tx", UUID.randomUUID().toString());
cml2.add(cm);
}
count = 0;
results = cw.write(cml2.iterator());
while (results.hasNext()) {
Result result = results.next();
Assert.assertEquals(Status.ACCEPTED, result.getStatus());
count++;
}
Assert.assertEquals("Did not receive the expected number of results", num, count);
}
}
Aggregations