Example 81 with Authorizations
use of org.apache.accumulo.core.security.Authorizations in project incubator-rya by apache.
the class MergeTool method createTempTableIfNeeded.
/**
* Creates the temp child table if it doesn't already exist in the parent.
* @param childTableName the name of the child table.
* @throws IOException
*/
public void createTempTableIfNeeded(final String childTableName) throws IOException {
try {
final AccumuloRdfConfiguration accumuloRdfConfiguration = new AccumuloRdfConfiguration(conf);
accumuloRdfConfiguration.setTablePrefix(childTablePrefix);
final Connector connector = AccumuloRyaUtils.setupConnector(accumuloRdfConfiguration);
if (!connector.tableOperations().exists(childTableName)) {
log.info("Creating table: " + childTableName);
connector.tableOperations().create(childTableName);
log.info("Created table: " + childTableName);
log.info("Granting authorizations to table: " + childTableName);
final SecurityOperations secOps = connector.securityOperations();
secOps.grantTablePermission(userName, childTableName, TablePermission.WRITE);
log.info("Granted authorizations to table: " + childTableName);
final Authorizations parentAuths = secOps.getUserAuthorizations(userName);
// Add child authorizations so the temp parent table can be accessed.
if (!parentAuths.equals(childAuthorizations)) {
final List<String> childAuthList = findUniqueAuthsFromChild(parentAuths.toString(), childAuthorizations.toString());
tempChildAuths = Joiner.on(",").join(childAuthList);
log.info("Adding the authorization, \"" + tempChildAuths + "\", to the parent user, \"" + userName + "\"");
final Authorizations newAuths = AccumuloRyaUtils.addUserAuths(userName, secOps, new Authorizations(tempChildAuths));
secOps.changeUserAuthorizations(userName, newAuths);
}
}
} catch (TableExistsException | AccumuloException | AccumuloSecurityException e) {
throw new IOException(e);
}
}
Also used :
Connector(org.apache.accumulo.core.client.Connector)
AccumuloException(org.apache.accumulo.core.client.AccumuloException)
Authorizations(org.apache.accumulo.core.security.Authorizations)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
TableExistsException(org.apache.accumulo.core.client.TableExistsException)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
IOException(java.io.IOException)
AccumuloRdfConfiguration(org.apache.rya.accumulo.AccumuloRdfConfiguration)
Example 82 with Authorizations
use of org.apache.accumulo.core.security.Authorizations in project incubator-rya by apache.
the class RowRuleMapper method flush.
private void flush(final Context context) throws IOException, InterruptedException {
try {
childDao.flush();
} catch (final RyaDAOException e) {
throw new IOException("Error writing to in-memory table", e);
}
final TableOperations ops = childConnector.tableOperations();
final SecurityOperations secOps = childConnector.securityOperations();
Authorizations childAuths;
try {
childAuths = secOps.getUserAuthorizations(childUser);
} catch (AccumuloException | AccumuloSecurityException e) {
throw new IOException("Error connecting to mock instance", e);
}
for (final String table : ops.list()) {
// Only copy Rya tables (skip system tables)
if (!table.startsWith(childTablePrefix)) {
continue;
}
compositeKey.setGroup(table);
try {
// Output every row in this mock table
int rows = 0;
final Scanner scanner = childDao.getConnector().createScanner(table, childAuths);
for (final Map.Entry<Key, Value> row : scanner) {
compositeKey.setKey(row.getKey());
compositeVal.setKey(row.getKey());
compositeVal.setValue(row.getValue());
context.write(compositeKey, compositeVal);
rows++;
}
log.info("Flushed " + rows + " in-memory rows to output (" + table + ").");
// Then clear the table
if (rows > 0) {
ops.deleteRows(table, null, null);
}
} catch (TableNotFoundException | AccumuloException | AccumuloSecurityException e) {
throw new IOException("Error flushing in-memory table", e);
}
}
// All tables should be empty
cachedStatements = 0;
}
Also used :
AccumuloException(org.apache.accumulo.core.client.AccumuloException)
Scanner(org.apache.accumulo.core.client.Scanner)
Authorizations(org.apache.accumulo.core.security.Authorizations)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
IOException(java.io.IOException)
TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException)
TableOperations(org.apache.accumulo.core.client.admin.TableOperations)
Value(org.apache.accumulo.core.data.Value)
RyaDAOException(org.apache.rya.api.persist.RyaDAOException)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
Map(java.util.Map)
Key(org.apache.accumulo.core.data.Key)
Example 83 with Authorizations
use of org.apache.accumulo.core.security.Authorizations in project incubator-rya by apache.
the class AccumuloInstanceDriver method addAuths.
/**
* Adds authorizations to the {@link SecurityOperations} of this instance's user.
* @param auths the list of authorizations to add.
* @throws AccumuloException
* @throws AccumuloSecurityException
*/
public void addAuths(final String... auths) throws AccumuloException, AccumuloSecurityException {
final Authorizations newAuths = AccumuloRyaUtils.addUserAuths(user, secOps, auths);
secOps.changeUserAuthorizations(user, newAuths);
}
Also used :
Authorizations(org.apache.accumulo.core.security.Authorizations)
Example 84 with Authorizations
use of org.apache.accumulo.core.security.Authorizations in project incubator-rya by apache.
the class AccumuloRyaUtils method addUserAuths.
/**
* Adds authorizations to a user's authorizations list.
* @param user the name of the user to add authorizations for.
* @param secOps the {@link SecurityOperations}.
* @param auths the list of authorizations to add
* @return the {@link Authorizations}.
* @throws AccumuloException
* @throws AccumuloSecurityException
*/
public static Authorizations addUserAuths(final String user, final SecurityOperations secOps, final String... auths) throws AccumuloException, AccumuloSecurityException {
final Authorizations currentUserAuths = secOps.getUserAuthorizations(user);
final List<byte[]> authList = new ArrayList<>();
for (final byte[] currentAuth : currentUserAuths.getAuthorizations()) {
authList.add(currentAuth);
}
for (final String newAuth : auths) {
authList.add(newAuth.getBytes(StandardCharsets.UTF_8));
}
final Authorizations result = new Authorizations(authList);
return result;
}
Also used :
Authorizations(org.apache.accumulo.core.security.Authorizations)
ArrayList(java.util.ArrayList)
Example 85 with Authorizations
use of org.apache.accumulo.core.security.Authorizations in project incubator-rya by apache.
the class HistoricStreamingVisibilityIT method historicResults.
/**
* Ensure historic matches are included in the result.
*/
@Test
public void historicResults() throws Exception {
// A query that finds people who talk to Eve and work at Chipotle.
final String sparql = "SELECT ?x " + "WHERE { " + "?x <http://talksTo> <http://Eve>. " + "?x <http://worksAt> <http://Chipotle>." + "}";
final Connector accumuloConn = super.getAccumuloConnector();
accumuloConn.securityOperations().changeUserAuthorizations(getUsername(), new Authorizations("U", "V", "W"));
final AccumuloRyaDAO dao = new AccumuloRyaDAO();
dao.setConnector(accumuloConn);
dao.setConf(makeConfig());
dao.init();
// Triples that are loaded into Rya before the PCJ is created.
final ValueFactory vf = new ValueFactoryImpl();
final Set<RyaStatement> historicTriples = Sets.newHashSet(makeRyaStatement(vf.createStatement(vf.createURI("http://Alice"), vf.createURI("http://talksTo"), vf.createURI("http://Eve")), "U"), makeRyaStatement(vf.createStatement(vf.createURI("http://Bob"), vf.createURI("http://talksTo"), vf.createURI("http://Eve")), "V"), makeRyaStatement(vf.createStatement(vf.createURI("http://Charlie"), vf.createURI("http://talksTo"), vf.createURI("http://Eve")), "W"), makeRyaStatement(vf.createStatement(vf.createURI("http://Eve"), vf.createURI("http://helps"), vf.createURI("http://Kevin")), "U"), makeRyaStatement(vf.createStatement(vf.createURI("http://Bob"), vf.createURI("http://worksAt"), vf.createURI("http://Chipotle")), "W"), makeRyaStatement(vf.createStatement(vf.createURI("http://Charlie"), vf.createURI("http://worksAt"), vf.createURI("http://Chipotle")), "V"), makeRyaStatement(vf.createStatement(vf.createURI("http://Eve"), vf.createURI("http://worksAt"), vf.createURI("http://Chipotle")), "U"), makeRyaStatement(vf.createStatement(vf.createURI("http://David"), vf.createURI("http://worksAt"), vf.createURI("http://Chipotle")), "V"));
dao.add(historicTriples.iterator());
dao.flush();
// The expected results of the SPARQL query once the PCJ has been computed.
final Set<BindingSet> expected = new HashSet<>();
MapBindingSet bs = new MapBindingSet();
bs.addBinding("x", vf.createURI("http://Bob"));
expected.add(bs);
bs = new MapBindingSet();
bs.addBinding("x", vf.createURI("http://Charlie"));
expected.add(bs);
// Create the PCJ table.
final PrecomputedJoinStorage pcjStorage = new AccumuloPcjStorage(accumuloConn, getRyaInstanceName());
final String pcjId = pcjStorage.createPcj(sparql);
try (FluoClient fluoClient = FluoFactory.newClient(super.getFluoConfiguration())) {
new CreateFluoPcj().withRyaIntegration(pcjId, pcjStorage, fluoClient, accumuloConn, getRyaInstanceName());
}
// Verify the end results of the query match the expected results.
super.getMiniFluo().waitForObservers();
final Set<BindingSet> results = Sets.newHashSet(pcjStorage.listResults(pcjId));
Assert.assertEquals(expected, results);
}
Also used :
Connector(org.apache.accumulo.core.client.Connector)
AccumuloRyaDAO(org.apache.rya.accumulo.AccumuloRyaDAO)
MapBindingSet(org.openrdf.query.impl.MapBindingSet)
BindingSet(org.openrdf.query.BindingSet)
Authorizations(org.apache.accumulo.core.security.Authorizations)
FluoClient(org.apache.fluo.api.client.FluoClient)
AccumuloPcjStorage(org.apache.rya.indexing.pcj.storage.accumulo.AccumuloPcjStorage)
ValueFactoryImpl(org.openrdf.model.impl.ValueFactoryImpl)
RyaStatement(org.apache.rya.api.domain.RyaStatement)
CreateFluoPcj(org.apache.rya.indexing.pcj.fluo.api.CreateFluoPcj)
ValueFactory(org.openrdf.model.ValueFactory)
PrecomputedJoinStorage(org.apache.rya.indexing.pcj.storage.PrecomputedJoinStorage)
MapBindingSet(org.openrdf.query.impl.MapBindingSet)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Aggregations
Authorizations (org.apache.accumulo.core.security.Authorizations)242
Test (org.junit.Test)118
Scanner (org.apache.accumulo.core.client.Scanner)117
Key (org.apache.accumulo.core.data.Key)113
Value (org.apache.accumulo.core.data.Value)112
Text (org.apache.hadoop.io.Text)97
Mutation (org.apache.accumulo.core.data.Mutation)74
BatchWriter (org.apache.accumulo.core.client.BatchWriter)70
IteratorSetting (org.apache.accumulo.core.client.IteratorSetting)68
Range (org.apache.accumulo.core.data.Range)59
Map (java.util.Map)53
Entry (java.util.Map.Entry)47
PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)39
Connector (org.apache.accumulo.core.client.Connector)34
ArrayList (java.util.ArrayList)31
TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)30
AccumuloClient (org.apache.accumulo.core.client.AccumuloClient)29
AccumuloException (org.apache.accumulo.core.client.AccumuloException)28
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)26
Configuration (org.apache.hadoop.conf.Configuration)24
