Example 6 with TablePermission
use of org.apache.accumulo.core.security.TablePermission in project incubator-rya by apache.
the class AccumuloInstanceDriver method setUpTables.
/**
* Sets up all the tables and indices.
* @throws Exception
*/
public void setUpTables() throws Exception {
// Setup tables and permissions
log.info("Setting up " + driverName + " tables and permissions");
for (final String tableSuffix : TABLE_NAME_SUFFIXES) {
final String tableName = tablePrefix + tableSuffix;
tableList.add(tableName);
if (!connector.tableOperations().exists(tableName)) {
connector.tableOperations().create(tableName);
}
}
if (shouldCreateIndices) {
indices = Arrays.asList();
tableList.addAll(indices);
log.info("Setting up " + driverName + " indices");
for (final String index : indices) {
if (!connector.tableOperations().exists(index)) {
connector.tableOperations().create(index);
}
}
}
// Setup user with authorizations
log.info("Creating " + driverName + " user and authorizations");
secOps = connector.securityOperations();
if (!user.equals(ROOT_USER_NAME)) {
secOps.createLocalUser(user, new PasswordToken(userpwd));
}
addAuths(auth);
final TablePermission tablePermission = isReadOnly ? TablePermission.READ : TablePermission.WRITE;
for (final String tableSuffix : TABLE_NAME_SUFFIXES) {
log.info("Giving user: " + user + " " + tablePermission.toString() + " permissions on table " + tablePrefix + tableSuffix);
secOps.grantTablePermission(user, tablePrefix + tableSuffix, tablePermission);
}
if (shouldCreateIndices) {
for (final String index : indices) {
log.info("Giving user: " + user + " " + tablePermission.toString() + " permissions on table " + index);
secOps.grantTablePermission(user, index, tablePermission);
}
}
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
TablePermission(org.apache.accumulo.core.security.TablePermission)
Example 7 with TablePermission
use of org.apache.accumulo.core.security.TablePermission in project incubator-rya by apache.
the class AccumuloInstanceDriver method setUpTables.
/**
* Sets up all the tables and indices.
* @throws Exception
*/
public void setUpTables() throws Exception {
// Setup tables and permissions
log.info("Setting up " + driverName + " tables and permissions");
for (final String tableSuffix : TABLE_NAME_SUFFIXES) {
final String tableName = tablePrefix + tableSuffix;
tableList.add(tableName);
if (!connector.tableOperations().exists(tableName)) {
connector.tableOperations().create(tableName);
}
}
if (shouldCreateIndices) {
indices = Arrays.asList();
tableList.addAll(indices);
log.info("Setting up " + driverName + " indices");
for (final String index : indices) {
if (!connector.tableOperations().exists(index)) {
connector.tableOperations().create(index);
}
}
}
// Setup user with authorizations
log.info("Creating " + driverName + " user and authorizations");
secOps = connector.securityOperations();
if (!user.equals(ROOT_USER_NAME)) {
secOps.createLocalUser(user, new PasswordToken(userpwd));
}
addAuths(auth);
final TablePermission tablePermission = isReadOnly ? TablePermission.READ : TablePermission.WRITE;
for (final String tableSuffix : TABLE_NAME_SUFFIXES) {
secOps.grantTablePermission(user, tablePrefix + tableSuffix, tablePermission);
}
if (shouldCreateIndices) {
for (final String index : indices) {
secOps.grantTablePermission(user, index, tablePermission);
}
}
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
TablePermission(org.apache.accumulo.core.security.TablePermission)
Example 8 with TablePermission
use of org.apache.accumulo.core.security.TablePermission in project accumulo by apache.
the class ZKAuthenticatorTest method testTableConversion.
public void testTableConversion() {
Set<TablePermission> perms = new TreeSet<>();
for (TablePermission s : TablePermission.values()) perms.add(s);
Set<TablePermission> converted = ZKSecurityTool.convertTablePermissions(ZKSecurityTool.convertTablePermissions(perms));
assertTrue(perms.size() == converted.size());
for (TablePermission s : perms) assertTrue(converted.contains(s));
}
Also used :
TreeSet(java.util.TreeSet)
TablePermission(org.apache.accumulo.core.security.TablePermission)
Example 9 with TablePermission
use of org.apache.accumulo.core.security.TablePermission in project accumulo by apache.
the class MockSecurityOperations method revokeTablePermission.
@Override
public void revokeTablePermission(String principal, String tableName, TablePermission permission) throws AccumuloException, AccumuloSecurityException {
if (acu.users.get(principal) == null)
throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
MockTable table = acu.tables.get(tableName);
if (table == null)
throw new AccumuloSecurityException(tableName, SecurityErrorCode.TABLE_DOESNT_EXIST);
EnumSet<TablePermission> perms = table.userPermissions.get(principal);
if (perms != null)
perms.remove(permission);
}
Also used :
TablePermission(org.apache.accumulo.core.security.TablePermission)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
Example 10 with TablePermission
use of org.apache.accumulo.core.security.TablePermission in project accumulo by apache.
the class Admin method printUserConfiguration.
private static void printUserConfiguration(Connector connector, String user, File outputDirectory) throws IOException, AccumuloException, AccumuloSecurityException {
File userScript = new File(outputDirectory, user + USER_FILE_SUFFIX);
FileWriter userWriter = new FileWriter(userScript);
userWriter.write(createUserFormat.format(new String[] { user }));
Authorizations auths = connector.securityOperations().getUserAuthorizations(user);
userWriter.write(userAuthsFormat.format(new String[] { user, auths.toString() }));
for (SystemPermission sp : SystemPermission.values()) {
if (connector.securityOperations().hasSystemPermission(user, sp)) {
userWriter.write(sysPermFormat.format(new String[] { sp.name(), user }));
}
}
for (String namespace : connector.namespaceOperations().list()) {
for (NamespacePermission np : NamespacePermission.values()) {
if (connector.securityOperations().hasNamespacePermission(user, namespace, np)) {
userWriter.write(nsPermFormat.format(new String[] { np.name(), namespace, user }));
}
}
}
for (String tableName : connector.tableOperations().list()) {
for (TablePermission perm : TablePermission.values()) {
if (connector.securityOperations().hasTablePermission(user, tableName, perm)) {
userWriter.write(tablePermFormat.format(new String[] { perm.name(), tableName, user }));
}
}
}
userWriter.close();
}
Also used :
SystemPermission(org.apache.accumulo.core.security.SystemPermission)
Authorizations(org.apache.accumulo.core.security.Authorizations)
FileWriter(java.io.FileWriter)
TablePermission(org.apache.accumulo.core.security.TablePermission)
File(java.io.File)
NamespacePermission(org.apache.accumulo.core.security.NamespacePermission)
Aggregations
TablePermission (org.apache.accumulo.core.security.TablePermission)12
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)5
PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)3
TreeSet (java.util.TreeSet)2
NamespacePermission (org.apache.accumulo.core.security.NamespacePermission)2
SystemPermission (org.apache.accumulo.core.security.SystemPermission)2
KeeperException (org.apache.zookeeper.KeeperException)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
DataOutputStream (java.io.DataOutputStream)1
File (java.io.File)1
FileWriter (java.io.FileWriter)1
IOException (java.io.IOException)1
ClusterUser (org.apache.accumulo.cluster.ClusterUser)1
Connector (org.apache.accumulo.core.client.Connector)1
AuthenticationToken (org.apache.accumulo.core.client.security.tokens.AuthenticationToken)1
Authorizations (org.apache.accumulo.core.security.Authorizations)1
IZooReaderWriter (org.apache.accumulo.fate.zookeeper.IZooReaderWriter)1
Test (org.junit.Test)1
