Example 56 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project helios by spotify.
the class ZooKeeperAclProvidersTest method testMasterPermissions.
// Masters should have CRWD permissions on ALL nodes
@Test
public void testMasterPermissions() {
final ACL acl = new ACL(CREATE | READ | WRITE | DELETE, MASTER_ID);
assertThat(aclProvider.getAclForPath("/"), hasItem(acl));
assertThat(aclProvider.getAclForPath("/some/random/path"), hasItem(acl));
assertThat(aclProvider.getAclForPath("/config/hosts/foo"), hasItem(acl));
assertThat(aclProvider.getAclForPath("/status/hosts/foo"), hasItem(acl));
}Example 57 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project helios by spotify.
the class RuleBasedZooKeeperAclProviderTest method testMultipleMatchingRules.
@Test
public void testMultipleMatchingRules() {
final Id id1 = new Id("some_scheme", "id1");
final Id id2 = new Id("some_scheme", "id2");
final RuleBasedZooKeeperAclProvider aclProvider = RuleBasedZooKeeperAclProvider.builder().rule("/foo.*", DELETE, id1).rule("/foo/bar", CREATE, id1).rule(".*", READ, id2).rule("/foo/bar/baz", WRITE, id2).build();
assertThat(aclProvider.getAclForPath("/foo/bar"), containsInAnyOrder(new ACL(CREATE | DELETE, id1), new ACL(READ, id2)));
}Example 58 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project exhibitor by soabase.
the class ExhibitorCreator method getAclProvider.
private ACLProvider getAclProvider(ExhibitorCLI cli, String aclId, String aclScheme, String aclPerms) throws ExhibitorCreatorExit {
int perms;
if (notNullOrEmpty(aclPerms)) {
perms = 0;
for (String verb : aclPerms.split(",")) {
verb = verb.trim();
if (verb.equalsIgnoreCase("read")) {
perms |= ZooDefs.Perms.READ;
} else if (verb.equalsIgnoreCase("write")) {
perms |= ZooDefs.Perms.WRITE;
} else if (verb.equalsIgnoreCase("create")) {
perms |= ZooDefs.Perms.CREATE;
} else if (verb.equalsIgnoreCase("delete")) {
perms |= ZooDefs.Perms.DELETE;
} else if (verb.equalsIgnoreCase("admin")) {
perms |= ZooDefs.Perms.ADMIN;
} else {
log.error("Unknown ACL perm value: " + verb);
throw new ExhibitorCreatorExit(cli);
}
}
} else {
perms = ZooDefs.Perms.ALL;
}
if (aclId == null) {
aclId = "";
}
if (aclScheme == null) {
aclScheme = "";
}
final ACL acl = new ACL(perms, new Id(aclScheme, aclId));
return new ACLProvider() {
@Override
public List<ACL> getDefaultAcl() {
return Collections.singletonList(acl);
}
@Override
public List<ACL> getAclForPath(String path) {
return Collections.singletonList(acl);
}
};
}
Also used :
ACLProvider(org.apache.curator.framework.api.ACLProvider)
ACL(org.apache.zookeeper.data.ACL)
Id(org.apache.zookeeper.data.Id)
Constraint(org.mortbay.jetty.security.Constraint)
Example 59 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project hbase by apache.
the class TestZKUtilNoServer method testCreateACLWithSameUser.
@Test
public void testCreateACLWithSameUser() throws IOException {
Configuration conf = HBaseConfiguration.create();
conf.set(Superusers.SUPERUSER_CONF_KEY, "user4,@group1,user5,user6");
UserGroupInformation.setLoginUser(UserGroupInformation.createRemoteUser("user4"));
String node = "/hbase/testCreateACL";
ZKWatcher watcher = new ZKWatcher(conf, node, null, false);
List<ACL> aclList = watcher.createACL(node, true);
// 3, since service user the same as one of superuser
assertEquals(3, aclList.size());
assertFalse(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "@group1"))));
assertTrue(aclList.contains(new ACL(Perms.ALL, new Id("auth", ""))));
assertTrue(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "user5"))));
assertTrue(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "user6"))));
}
Also used :
HBaseConfiguration(org.apache.hadoop.hbase.HBaseConfiguration)
Configuration(org.apache.hadoop.conf.Configuration)
ACL(org.apache.zookeeper.data.ACL)
Id(org.apache.zookeeper.data.Id)
Test(org.junit.Test)
Example 60 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project hbase by apache.
the class TestZKUtilNoServer method testCreateACL.
@Test
public void testCreateACL() throws IOException {
Configuration conf = HBaseConfiguration.create();
conf.set(Superusers.SUPERUSER_CONF_KEY, "user1,@group1,user2,@group2,user3");
String node = "/hbase/testCreateACL";
ZKWatcher watcher = new ZKWatcher(conf, node, null, false);
List<ACL> aclList = watcher.createACL(node, true);
// 3+1, since ACL will be set for the creator by default
assertEquals(4, aclList.size());
assertFalse(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "@group1"))));
assertFalse(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "@group2"))));
assertTrue(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "user1"))));
assertTrue(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "user2"))));
assertTrue(aclList.contains(new ACL(Perms.ALL, new Id("sasl", "user3"))));
}
Also used :
HBaseConfiguration(org.apache.hadoop.hbase.HBaseConfiguration)
Configuration(org.apache.hadoop.conf.Configuration)
ACL(org.apache.zookeeper.data.ACL)
Id(org.apache.zookeeper.data.Id)
Test(org.junit.Test)
Aggregations
ACL (org.apache.zookeeper.data.ACL)215
Id (org.apache.zookeeper.data.Id)85
ArrayList (java.util.ArrayList)61
Test (org.junit.Test)56
Stat (org.apache.zookeeper.data.Stat)45
KeeperException (org.apache.zookeeper.KeeperException)35
Test (org.testng.annotations.Test)32
CuratorFramework (org.apache.curator.framework.CuratorFramework)20
Test (org.junit.jupiter.api.Test)18
Configuration (org.apache.hadoop.conf.Configuration)17
ZooKeeper (org.apache.zookeeper.ZooKeeper)16
ACLProvider (org.apache.curator.framework.api.ACLProvider)15
List (java.util.List)11
IOException (java.io.IOException)10
CountDownLatch (java.util.concurrent.CountDownLatch)9
ExponentialBackoffRetry (org.apache.curator.retry.ExponentialBackoffRetry)8
TestableZooKeeper (org.apache.zookeeper.TestableZooKeeper)7
ByteArrayOutputStream (java.io.ByteArrayOutputStream)6
HashMap (java.util.HashMap)6
CreateMode (org.apache.zookeeper.CreateMode)6
