Examples with TablePermission org.apache.accumulo.core.security.TablePermission used on opensource projects

Search in sources :

Example 11 with TablePermission

use of org.apache.accumulo.core.security.TablePermission in project accumulo by apache.

the class ZKPermHandler method revokeTablePermission.

@Override
public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException {
    byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table);
    // User had no table permission, nothing to revoke.
    if (serializedPerms == null)
        return;
    Set<TablePermission> tablePerms = ZKSecurityTool.convertTablePermissions(serializedPerms);
    try {
        if (tablePerms.remove(permission)) {
            zooCache.clear();
            IZooReaderWriter zoo = ZooReaderWriter.getInstance();
            if (tablePerms.size() == 0)
                zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, NodeMissingPolicy.SKIP);
            else
                zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, ZKSecurityTool.convertTablePermissions(tablePerms), NodeExistsPolicy.OVERWRITE);
        }
    } catch (KeeperException e) {
        log.error("{}", e.getMessage(), e);
        throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
    } catch (InterruptedException e) {
        log.error("{}", e.getMessage(), e);
        throw new RuntimeException(e);
    }
}
Also used : IZooReaderWriter(org.apache.accumulo.fate.zookeeper.IZooReaderWriter) TablePermission(org.apache.accumulo.core.security.TablePermission) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) KeeperException(org.apache.zookeeper.KeeperException)

Example 12 with TablePermission

use of org.apache.accumulo.core.security.TablePermission in project accumulo by apache.

the class PermissionsIT method tablePermissionTest.

@Test
public void tablePermissionTest() throws Exception {
    // create the test user
    ClusterUser testUser = getUser(0), rootUser = getAdminUser();
    String principal = testUser.getPrincipal();
    AuthenticationToken token = testUser.getToken();
    PasswordToken passwordToken = null;
    if (token instanceof PasswordToken) {
        passwordToken = (PasswordToken) token;
    }
    loginAs(rootUser);
    Connector c = getConnector();
    c.securityOperations().createLocalUser(principal, passwordToken);
    loginAs(testUser);
    Connector test_user_conn = c.getInstance().getConnector(principal, token);
    // check for read-only access to metadata table
    loginAs(rootUser);
    verifyHasOnlyTheseTablePermissions(c, c.whoami(), MetadataTable.NAME, TablePermission.READ, TablePermission.ALTER_TABLE);
    verifyHasOnlyTheseTablePermissions(c, principal, MetadataTable.NAME, TablePermission.READ);
    String tableName = getUniqueNames(1)[0] + "__TABLE_PERMISSION_TEST__";
    // test each permission
    for (TablePermission perm : TablePermission.values()) {
        log.debug("Verifying the {} permission", perm);
        // test permission before and after granting it
        createTestTable(c, principal, tableName);
        loginAs(testUser);
        testMissingTablePermission(test_user_conn, testUser, perm, tableName);
        loginAs(rootUser);
        c.securityOperations().grantTablePermission(principal, tableName, perm);
        verifyHasOnlyTheseTablePermissions(c, principal, tableName, perm);
        loginAs(testUser);
        testGrantedTablePermission(test_user_conn, testUser, perm, tableName);
        loginAs(rootUser);
        createTestTable(c, principal, tableName);
        c.securityOperations().revokeTablePermission(principal, tableName, perm);
        verifyHasNoTablePermissions(c, principal, tableName, perm);
    }
}
Also used : Connector(org.apache.accumulo.core.client.Connector) PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) AuthenticationToken(org.apache.accumulo.core.client.security.tokens.AuthenticationToken) TablePermission(org.apache.accumulo.core.security.TablePermission) ClusterUser(org.apache.accumulo.cluster.ClusterUser) Test(org.junit.Test)

Aggregations

TablePermission (org.apache.accumulo.core.security.TablePermission)12 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)5 PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)3 TreeSet (java.util.TreeSet)2 NamespacePermission (org.apache.accumulo.core.security.NamespacePermission)2 SystemPermission (org.apache.accumulo.core.security.SystemPermission)2 KeeperException (org.apache.zookeeper.KeeperException)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 DataOutputStream (java.io.DataOutputStream)1 File (java.io.File)1 FileWriter (java.io.FileWriter)1 IOException (java.io.IOException)1 ClusterUser (org.apache.accumulo.cluster.ClusterUser)1 Connector (org.apache.accumulo.core.client.Connector)1 AuthenticationToken (org.apache.accumulo.core.client.security.tokens.AuthenticationToken)1 Authorizations (org.apache.accumulo.core.security.Authorizations)1 IZooReaderWriter (org.apache.accumulo.fate.zookeeper.IZooReaderWriter)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial