Search in sources :

Example 26 with TCredentials

use of org.apache.accumulo.core.securityImpl.thrift.TCredentials in project accumulo by apache.

the class ManagerClientServiceHandler method initiateFlush.

@Override
public long initiateFlush(TInfo tinfo, TCredentials c, String tableIdStr) throws ThriftSecurityException, ThriftTableOperationException {
    TableId tableId = TableId.of(tableIdStr);
    NamespaceId namespaceId = getNamespaceIdFromTableId(TableOperation.FLUSH, tableId);
    if (!manager.security.canFlush(c, tableId, namespaceId))
        throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    String zTablePath = Constants.ZROOT + "/" + manager.getInstanceID() + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_FLUSH_ID;
    ZooReaderWriter zoo = manager.getContext().getZooReaderWriter();
    byte[] fid;
    try {
        fid = zoo.mutateExisting(zTablePath, currentValue -> {
            long flushID = Long.parseLong(new String(currentValue, UTF_8));
            return Long.toString(flushID + 1).getBytes(UTF_8);
        });
    } catch (NoNodeException nne) {
        throw new ThriftTableOperationException(tableId.canonical(), null, TableOperation.FLUSH, TableOperationExceptionType.NOTFOUND, null);
    } catch (Exception e) {
        Manager.log.warn("{}", e.getMessage(), e);
        throw new ThriftTableOperationException(tableId.canonical(), null, TableOperation.FLUSH, TableOperationExceptionType.OTHER, null);
    }
    return Long.parseLong(new String(fid));
}
Also used : TableId(org.apache.accumulo.core.data.TableId) TableId(org.apache.accumulo.core.data.TableId) TabletsMetadata(org.apache.accumulo.core.metadata.schema.TabletsMetadata) ManagerMonitorInfo(org.apache.accumulo.core.manager.thrift.ManagerMonitorInfo) LoggerFactory(org.slf4j.LoggerFactory) Status(org.apache.accumulo.server.replication.proto.Replication.Status) Text(org.apache.hadoop.io.Text) MetadataTable(org.apache.accumulo.core.metadata.MetadataTable) TServerInstance(org.apache.accumulo.core.metadata.TServerInstance) ByteBuffer(java.nio.ByteBuffer) TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException) BatchScanner(org.apache.accumulo.core.client.BatchScanner) TInfo(org.apache.accumulo.core.trace.thrift.TInfo) RootTable(org.apache.accumulo.core.metadata.RootTable) Value(org.apache.accumulo.core.data.Value) ReplicationSection(org.apache.accumulo.core.metadata.schema.MetadataSchema.ReplicationSection) PREV_ROW(org.apache.accumulo.core.metadata.schema.TabletMetadata.ColumnType.PREV_ROW) TablePropUtil(org.apache.accumulo.server.util.TablePropUtil) Property(org.apache.accumulo.core.conf.Property) TDelegationTokenConfig(org.apache.accumulo.core.securityImpl.thrift.TDelegationTokenConfig) InvalidProtocolBufferException(com.google.protobuf.InvalidProtocolBufferException) ClientContext(org.apache.accumulo.core.clientImpl.ClientContext) Set(java.util.Set) DelegationTokenConfigSerializer(org.apache.accumulo.core.clientImpl.DelegationTokenConfigSerializer) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException) TCredentials(org.apache.accumulo.core.securityImpl.thrift.TCredentials) TabletLoadState(org.apache.accumulo.core.manager.thrift.TabletLoadState) AccumuloClient(org.apache.accumulo.core.client.AccumuloClient) TabletDeletedException(org.apache.accumulo.core.metadata.schema.TabletDeletedException) List(java.util.List) DeprecatedPropertyUtil(org.apache.accumulo.core.conf.DeprecatedPropertyUtil) AuthenticationTokenSecretManager(org.apache.accumulo.server.security.delegation.AuthenticationTokenSecretManager) ManagerState(org.apache.accumulo.core.manager.thrift.ManagerState) Entry(java.util.Map.Entry) ShutdownTServer(org.apache.accumulo.manager.tserverOps.ShutdownTServer) NamespaceId(org.apache.accumulo.core.data.NamespaceId) UtilWaitThread.sleepUninterruptibly(org.apache.accumulo.fate.util.UtilWaitThread.sleepUninterruptibly) TabletSplit(org.apache.accumulo.core.manager.thrift.TabletSplit) ByteBufferUtil(org.apache.accumulo.core.util.ByteBufferUtil) DelegationTokenConfig(org.apache.accumulo.core.client.admin.DelegationTokenConfig) ProtobufUtil(org.apache.accumulo.core.protobuf.ProtobufUtil) FLUSH_ID(org.apache.accumulo.core.metadata.schema.TabletMetadata.ColumnType.FLUSH_ID) ArrayList(java.util.ArrayList) TabletMetadata(org.apache.accumulo.core.metadata.schema.TabletMetadata) NamespacePropUtil(org.apache.accumulo.server.util.NamespacePropUtil) HashSet(java.util.HashSet) ManagerGoalState(org.apache.accumulo.core.manager.thrift.ManagerGoalState) Key(org.apache.accumulo.core.data.Key) SystemPropUtil(org.apache.accumulo.server.util.SystemPropUtil) TableOperationExceptionType(org.apache.accumulo.core.clientImpl.thrift.TableOperationExceptionType) ManagerClientService(org.apache.accumulo.core.manager.thrift.ManagerClientService) ZooReaderWriter(org.apache.accumulo.fate.zookeeper.ZooReaderWriter) TDelegationToken(org.apache.accumulo.core.securityImpl.thrift.TDelegationToken) TKeyExtent(org.apache.accumulo.core.dataImpl.thrift.TKeyExtent) TServerConnection(org.apache.accumulo.server.manager.LiveTServerSet.TServerConnection) LOCATION(org.apache.accumulo.core.metadata.schema.TabletMetadata.ColumnType.LOCATION) Logger(org.slf4j.Logger) SecurityErrorCode(org.apache.accumulo.core.clientImpl.thrift.SecurityErrorCode) KeeperException(org.apache.zookeeper.KeeperException) UTF_8(java.nio.charset.StandardCharsets.UTF_8) KeyExtent(org.apache.accumulo.core.dataImpl.KeyExtent) AuthenticationTokenIdentifier(org.apache.accumulo.core.clientImpl.AuthenticationTokenIdentifier) ClientServiceHandler(org.apache.accumulo.server.client.ClientServiceHandler) TException(org.apache.thrift.TException) Constants(org.apache.accumulo.core.Constants) Authorizations(org.apache.accumulo.core.security.Authorizations) Token(org.apache.hadoop.security.token.Token) Range(org.apache.accumulo.core.data.Range) TimeUnit(java.util.concurrent.TimeUnit) TableOperation(org.apache.accumulo.core.clientImpl.thrift.TableOperation) ThriftTableOperationException(org.apache.accumulo.core.clientImpl.thrift.ThriftTableOperationException) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException) TraceRepo(org.apache.accumulo.manager.tableOps.TraceRepo) Collections(java.util.Collections) LOGS(org.apache.accumulo.core.metadata.schema.TabletMetadata.ColumnType.LOGS) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException) ZooReaderWriter(org.apache.accumulo.fate.zookeeper.ZooReaderWriter) ThriftTableOperationException(org.apache.accumulo.core.clientImpl.thrift.ThriftTableOperationException) NamespaceId(org.apache.accumulo.core.data.NamespaceId) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException) TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException) InvalidProtocolBufferException(com.google.protobuf.InvalidProtocolBufferException) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException) TabletDeletedException(org.apache.accumulo.core.metadata.schema.TabletDeletedException) KeeperException(org.apache.zookeeper.KeeperException) TException(org.apache.thrift.TException) ThriftTableOperationException(org.apache.accumulo.core.clientImpl.thrift.ThriftTableOperationException) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException)

Example 27 with TCredentials

use of org.apache.accumulo.core.securityImpl.thrift.TCredentials in project accumulo by apache.

the class ThriftClientHandler method startMultiScan.

@Override
public InitialMultiScan startMultiScan(TInfo tinfo, TCredentials credentials, Map<TKeyExtent, List<TRange>> tbatch, List<TColumn> tcolumns, List<IterInfo> ssiList, Map<String, Map<String, String>> ssio, List<ByteBuffer> authorizations, boolean waitForWrites, TSamplerConfiguration tSamplerConfig, long batchTimeOut, String contextArg, Map<String, String> executionHints) throws ThriftSecurityException, TSampleNotPresentException {
    // find all of the tables that need to be scanned
    final HashSet<TableId> tables = new HashSet<>();
    for (TKeyExtent keyExtent : tbatch.keySet()) {
        tables.add(TableId.of(new String(keyExtent.getTable(), UTF_8)));
    }
    if (tables.size() != 1) {
        throw new IllegalArgumentException("Cannot batch scan over multiple tables");
    }
    // check if user has permission to the tables
    for (TableId tableId : tables) {
        NamespaceId namespaceId = getNamespaceId(credentials, tableId);
        if (!security.canScan(credentials, tableId, namespaceId, tbatch, tcolumns, ssiList, ssio, authorizations)) {
            throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
        }
    }
    try {
        if (!security.authenticatedUserHasAuthorizations(credentials, authorizations)) {
            throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS);
        }
    } catch (ThriftSecurityException tse) {
        log.error("{} is not authorized", credentials.getPrincipal(), tse);
        throw tse;
    }
    // @formatter:off
    Map<KeyExtent, List<Range>> batch = tbatch.entrySet().stream().collect(Collectors.toMap(entry -> KeyExtent.fromThrift(entry.getKey()), entry -> entry.getValue().stream().map(Range::new).collect(Collectors.toList())));
    // @formatter:on
    // This is used to determine which thread pool to use
    KeyExtent threadPoolExtent = batch.keySet().iterator().next();
    if (waitForWrites) {
        writeTracker.waitForWrites(TabletType.type(batch.keySet()));
    }
    Set<Column> columnSet = tcolumns.isEmpty() ? Collections.emptySet() : new HashSet<>(Collections2.transform(tcolumns, Column::new));
    ScanParameters scanParams = new ScanParameters(-1, new Authorizations(authorizations), columnSet, ssiList, ssio, false, SamplerConfigurationImpl.fromThrift(tSamplerConfig), batchTimeOut, contextArg);
    final MultiScanSession mss = new MultiScanSession(credentials, threadPoolExtent, batch, scanParams, executionHints);
    mss.numTablets = batch.size();
    for (List<Range> ranges : batch.values()) {
        mss.numRanges += ranges.size();
    }
    long sid = server.sessionManager.createSession(mss, true);
    MultiScanResult result;
    try {
        result = continueMultiScan(sid, mss);
    } finally {
        server.sessionManager.unreserveSession(sid);
    }
    return new InitialMultiScan(sid, result);
}
Also used : TableId(org.apache.accumulo.core.data.TableId) FileSystem(org.apache.hadoop.fs.FileSystem) TooManyFilesException(org.apache.accumulo.server.fs.TooManyFilesException) Text(org.apache.hadoop.io.Text) Collections2(com.google.common.collect.Collections2) ConstraintViolationSummary(org.apache.accumulo.core.data.ConstraintViolationSummary) TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException) Future(java.util.concurrent.Future) TSummaries(org.apache.accumulo.core.dataImpl.thrift.TSummaries) CompressedIterators(org.apache.accumulo.core.clientImpl.CompressedIterators) ExternalCompactionId(org.apache.accumulo.core.metadata.schema.ExternalCompactionId) ScanResult(org.apache.accumulo.core.dataImpl.thrift.ScanResult) Map(java.util.Map) RootTable(org.apache.accumulo.core.metadata.RootTable) MapFileInfo(org.apache.accumulo.core.dataImpl.thrift.MapFileInfo) BulkImportState(org.apache.accumulo.core.master.thrift.BulkImportState) NoSuchScanIDException(org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException) Property(org.apache.accumulo.core.conf.Property) VolumeManager(org.apache.accumulo.server.fs.VolumeManager) CancellationException(java.util.concurrent.CancellationException) Column(org.apache.accumulo.core.data.Column) TSummaryRequest(org.apache.accumulo.core.dataImpl.thrift.TSummaryRequest) TabletStats(org.apache.accumulo.core.tabletserver.thrift.TabletStats) PreparedMutations(org.apache.accumulo.tserver.tablet.PreparedMutations) TConditionalSession(org.apache.accumulo.core.dataImpl.thrift.TConditionalSession) Set(java.util.Set) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException) TCMStatus(org.apache.accumulo.core.dataImpl.thrift.TCMStatus) TCredentials(org.apache.accumulo.core.securityImpl.thrift.TCredentials) TExternalCompactionJob(org.apache.accumulo.core.tabletserver.thrift.TExternalCompactionJob) TSamplerConfiguration(org.apache.accumulo.core.tabletserver.thrift.TSamplerConfiguration) ScanDispatcher(org.apache.accumulo.core.spi.scan.ScanDispatcher) RowLock(org.apache.accumulo.tserver.RowLocks.RowLock) ServiceLock(org.apache.accumulo.fate.zookeeper.ServiceLock) UtilWaitThread.sleepUninterruptibly(org.apache.accumulo.fate.util.UtilWaitThread.sleepUninterruptibly) TRange(org.apache.accumulo.core.dataImpl.thrift.TRange) SamplerConfigurationImpl(org.apache.accumulo.core.sample.impl.SamplerConfigurationImpl) KVEntry(org.apache.accumulo.tserver.tablet.KVEntry) SummaryCollection(org.apache.accumulo.core.summary.SummaryCollection) MINUTES(java.util.concurrent.TimeUnit.MINUTES) Threads(org.apache.accumulo.core.util.threads.Threads) ZooUtil(org.apache.accumulo.fate.zookeeper.ZooUtil) DurabilityImpl(org.apache.accumulo.core.clientImpl.DurabilityImpl) ArrayList(java.util.ArrayList) MultiScanSession(org.apache.accumulo.tserver.session.MultiScanSession) TSampleNotPresentException(org.apache.accumulo.core.tabletserver.thrift.TSampleNotPresentException) Gatherer(org.apache.accumulo.core.summary.Gatherer) ActiveCompaction(org.apache.accumulo.core.tabletserver.thrift.ActiveCompaction) LookupTask(org.apache.accumulo.tserver.scan.LookupTask) FSError(org.apache.hadoop.fs.FSError) Key(org.apache.accumulo.core.data.Key) FileSystemResolver(org.apache.accumulo.core.summary.Gatherer.FileSystemResolver) CommitSession(org.apache.accumulo.tserver.tablet.CommitSession) TabletFile(org.apache.accumulo.core.metadata.TabletFile) InitialScan(org.apache.accumulo.core.dataImpl.thrift.InitialScan) TKeyExtent(org.apache.accumulo.core.dataImpl.thrift.TKeyExtent) ServerMutation(org.apache.accumulo.server.data.ServerMutation) TConditionalMutation(org.apache.accumulo.core.dataImpl.thrift.TConditionalMutation) TColumn(org.apache.accumulo.core.dataImpl.thrift.TColumn) KeyExtent(org.apache.accumulo.core.dataImpl.KeyExtent) ConstraintViolationException(org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException) TException(org.apache.thrift.TException) IOException(java.io.IOException) Range(org.apache.accumulo.core.data.Range) ExecutionException(java.util.concurrent.ExecutionException) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException) ActiveScan(org.apache.accumulo.core.tabletserver.thrift.ActiveScan) TableId(org.apache.accumulo.core.data.TableId) FileCompactor(org.apache.accumulo.server.compaction.FileCompactor) NextBatchTask(org.apache.accumulo.tserver.scan.NextBatchTask) TabletServerStatus(org.apache.accumulo.core.master.thrift.TabletServerStatus) MultiScanResult(org.apache.accumulo.core.dataImpl.thrift.MultiScanResult) LoggerFactory(org.slf4j.LoggerFactory) TimeoutException(java.util.concurrent.TimeoutException) MetadataTable(org.apache.accumulo.core.metadata.MetadataTable) TabletLogger(org.apache.accumulo.core.logging.TabletLogger) TServerUtils(org.apache.accumulo.server.rpc.TServerUtils) Mutation(org.apache.accumulo.core.data.Mutation) TKeyValue(org.apache.accumulo.core.dataImpl.thrift.TKeyValue) IterInfo(org.apache.accumulo.core.dataImpl.thrift.IterInfo) ScanParameters(org.apache.accumulo.tserver.scan.ScanParameters) ByteBuffer(java.nio.ByteBuffer) BlockCache(org.apache.accumulo.core.spi.cache.BlockCache) ConditionalSession(org.apache.accumulo.tserver.session.ConditionalSession) TInfo(org.apache.accumulo.core.trace.thrift.TInfo) UpdateSession(org.apache.accumulo.tserver.session.UpdateSession) TCMResult(org.apache.accumulo.core.dataImpl.thrift.TCMResult) TabletClientService(org.apache.accumulo.core.tabletserver.thrift.TabletClientService) Path(org.apache.hadoop.fs.Path) TUnloadTabletGoal(org.apache.accumulo.core.tabletserver.thrift.TUnloadTabletGoal) SingleScanSession(org.apache.accumulo.tserver.session.SingleScanSession) ConditionChecker(org.apache.accumulo.tserver.ConditionCheckerContext.ConditionChecker) ServerConditionalMutation(org.apache.accumulo.tserver.data.ServerConditionalMutation) Span(io.opentelemetry.api.trace.Span) Collection(java.util.Collection) Durability(org.apache.accumulo.core.client.Durability) TransactionWatcher(org.apache.accumulo.server.zookeeper.TransactionWatcher) Collectors(java.util.stream.Collectors) TabletClosedException(org.apache.accumulo.tserver.tablet.TabletClosedException) List(java.util.List) TableConfiguration(org.apache.accumulo.server.conf.TableConfiguration) Pair(org.apache.accumulo.core.util.Pair) Entry(java.util.Map.Entry) NamespaceId(org.apache.accumulo.core.data.NamespaceId) TraceUtil(org.apache.accumulo.core.trace.TraceUtil) ByteBufferUtil(org.apache.accumulo.core.util.ByteBufferUtil) IterationInterruptedException(org.apache.accumulo.core.iteratorsImpl.system.IterationInterruptedException) TRowRange(org.apache.accumulo.core.dataImpl.thrift.TRowRange) TCompactionQueueSummary(org.apache.accumulo.core.tabletserver.thrift.TCompactionQueueSummary) HashMap(java.util.HashMap) CompactionConfig(org.apache.accumulo.core.client.admin.CompactionConfig) HashSet(java.util.HashSet) NotServingTabletException(org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException) SummarySession(org.apache.accumulo.tserver.session.SummarySession) Halt(org.apache.accumulo.core.util.Halt) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) InitialMultiScan(org.apache.accumulo.core.dataImpl.thrift.InitialMultiScan) TableOperationExceptionType(org.apache.accumulo.core.clientImpl.thrift.TableOperationExceptionType) ExecutorService(java.util.concurrent.ExecutorService) UpdateErrors(org.apache.accumulo.core.dataImpl.thrift.UpdateErrors) TMutation(org.apache.accumulo.core.dataImpl.thrift.TMutation) Logger(org.slf4j.Logger) Iterator(java.util.Iterator) SecurityErrorCode(org.apache.accumulo.core.clientImpl.thrift.SecurityErrorCode) Scope(io.opentelemetry.context.Scope) UTF_8(java.nio.charset.StandardCharsets.UTF_8) ClientServiceHandler(org.apache.accumulo.server.client.ClientServiceHandler) CompactionInfo(org.apache.accumulo.server.compaction.CompactionInfo) SampleNotPresentException(org.apache.accumulo.core.client.SampleNotPresentException) Constants(org.apache.accumulo.core.Constants) Authorizations(org.apache.accumulo.core.security.Authorizations) ScanBatch(org.apache.accumulo.tserver.tablet.ScanBatch) TimeUnit(java.util.concurrent.TimeUnit) Collectors.toList(java.util.stream.Collectors.toList) ThriftTableOperationException(org.apache.accumulo.core.clientImpl.thrift.ThriftTableOperationException) TabletType(org.apache.accumulo.core.clientImpl.TabletType) TDurability(org.apache.accumulo.core.tabletserver.thrift.TDurability) Tablet(org.apache.accumulo.tserver.tablet.Tablet) Cache(com.google.common.cache.Cache) Collections(java.util.Collections) Authorizations(org.apache.accumulo.core.security.Authorizations) InitialMultiScan(org.apache.accumulo.core.dataImpl.thrift.InitialMultiScan) TKeyExtent(org.apache.accumulo.core.dataImpl.thrift.TKeyExtent) TRange(org.apache.accumulo.core.dataImpl.thrift.TRange) Range(org.apache.accumulo.core.data.Range) TRowRange(org.apache.accumulo.core.dataImpl.thrift.TRowRange) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException) TKeyExtent(org.apache.accumulo.core.dataImpl.thrift.TKeyExtent) KeyExtent(org.apache.accumulo.core.dataImpl.KeyExtent) MultiScanResult(org.apache.accumulo.core.dataImpl.thrift.MultiScanResult) Column(org.apache.accumulo.core.data.Column) TColumn(org.apache.accumulo.core.dataImpl.thrift.TColumn) ScanParameters(org.apache.accumulo.tserver.scan.ScanParameters) MultiScanSession(org.apache.accumulo.tserver.session.MultiScanSession) ArrayList(java.util.ArrayList) List(java.util.List) Collectors.toList(java.util.stream.Collectors.toList) NamespaceId(org.apache.accumulo.core.data.NamespaceId) HashSet(java.util.HashSet)

Aggregations

TCredentials (org.apache.accumulo.core.securityImpl.thrift.TCredentials)27 Test (org.junit.Test)18 KerberosToken (org.apache.accumulo.core.client.security.tokens.KerberosToken)7 ArrayList (java.util.ArrayList)6 TabletClientService (org.apache.accumulo.core.tabletserver.thrift.TabletClientService)6 PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)5 AccumuloConfiguration (org.apache.accumulo.core.conf.AccumuloConfiguration)5 TServerInstance (org.apache.accumulo.core.metadata.TServerInstance)5 TCompactionQueueSummary (org.apache.accumulo.core.tabletserver.thrift.TCompactionQueueSummary)5 Client (org.apache.accumulo.core.tabletserver.thrift.TabletClientService.Client)5 TInfo (org.apache.accumulo.core.trace.thrift.TInfo)5 HostAndPort (org.apache.accumulo.core.util.HostAndPort)5 AbstractServer (org.apache.accumulo.server.AbstractServer)5 ServerContext (org.apache.accumulo.server.ServerContext)5 LiveTServerSet (org.apache.accumulo.server.manager.LiveTServerSet)5 ServerAddress (org.apache.accumulo.server.rpc.ServerAddress)5 AuditedSecurityOperation (org.apache.accumulo.server.security.AuditedSecurityOperation)5 HashSet (java.util.HashSet)4 TreeSet (java.util.TreeSet)4 Credentials (org.apache.accumulo.core.clientImpl.Credentials)4