Example 66 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project hbase by apache.
the class TestZooKeeperACL method testHBaseIDZNodeACL.
/**
* When authentication is enabled on ZooKeeper, /hbase/hbaseid should be
* created with 2 ACLs: one specifies that the hbase user has full access
* to the node; the other, that it is world-readable.
*/
@Test
public void testHBaseIDZNodeACL() throws Exception {
if (!secureZKAvailable) {
return;
}
List<ACL> acls = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/hbase/hbaseid", new Stat());
assertEquals(2, acls.size());
boolean foundWorldReadableAcl = false;
boolean foundHBaseOwnerAcl = false;
for (int i = 0; i < 2; i++) {
if (acls.get(i).getId().getScheme().equals("world") == true) {
assertEquals("anyone", acls.get(0).getId().getId());
assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
foundWorldReadableAcl = true;
} else {
if (acls.get(i).getId().getScheme().equals("sasl") == true) {
assertEquals("hbase", acls.get(1).getId().getId());
assertEquals("sasl", acls.get(1).getId().getScheme());
foundHBaseOwnerAcl = true;
} else {
// error: should not get here: test fails.
assertTrue(false);
}
}
}
assertTrue(foundWorldReadableAcl);
assertTrue(foundHBaseOwnerAcl);
}Example 67 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project rest.li by linkedin.
the class AclAwareZookeeperTest method TestAclApply.
@Test
public void TestAclApply() throws IOException, KeeperException, InterruptedException {
List<ACL> acls = new ArrayList<>();
acls.addAll(ZooDefs.Ids.READ_ACL_UNSAFE);
acls.addAll(ZooDefs.Ids.CREATOR_ALL_ACL);
ZooKeeper aclAwareZk = getAclAwareZookeeper(acls, "test:123".getBytes(), "digest");
aclAwareZk.create("/d2", "data".getBytes(), null, CreateMode.EPHEMERAL);
// now try getting the Acls from a bystander
Stat stat = new Stat();
List<ACL> retrievedAcls = _verificationZKClient.getACL("/d2", stat);
Assert.assertEquals(acls.size(), retrievedAcls.size());
int version = stat.getVersion();
// Acl should already being enforced
Assert.assertThrows(() -> _verificationZKClient.setData("/d2", "newdata".getBytes(), version));
}Example 68 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project rest.li by linkedin.
the class AclAwareZookeeperTest method TestAclNoApply.
@Test
public void TestAclNoApply() throws IOException, KeeperException, InterruptedException {
List<ACL> acls = new ArrayList<>();
acls.addAll(ZooDefs.Ids.READ_ACL_UNSAFE);
acls.addAll(ZooDefs.Ids.CREATOR_ALL_ACL);
ZooKeeper aclAwareZk = getAclAwareZookeeper(acls, null, null);
aclAwareZk.create("/d2", "data".getBytes(), ZooDefs.Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
// if createMode is persistent, the user provided acl will be used
List<ACL> retrievedAcls = _verificationZKClient.getACL("/d2", new Stat());
Assert.assertTrue(retrievedAcls.size() == 1);
Assert.assertTrue(retrievedAcls.equals(ZooDefs.Ids.OPEN_ACL_UNSAFE));
}Example 69 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project incubator-atlas by apache.
the class ActiveInstanceStateTest method testSharedPathIsCreatedWithRightACLIfNotExists.
@Test
public void testSharedPathIsCreatedWithRightACLIfNotExists() throws Exception {
when(configuration.getString(HAConfiguration.ATLAS_SERVER_ADDRESS_PREFIX + "id1")).thenReturn(HOST_PORT);
when(configuration.getString(HAConfiguration.HA_ZOOKEEPER_ACL)).thenReturn("sasl:myclient@EXAMPLE.COM");
when(configuration.getString(HAConfiguration.ATLAS_SERVER_HA_ZK_ROOT_KEY, HAConfiguration.ATLAS_SERVER_ZK_ROOT_DEFAULT)).thenReturn(HAConfiguration.ATLAS_SERVER_ZK_ROOT_DEFAULT);
when(curatorFactory.clientInstance()).thenReturn(curatorFramework);
ExistsBuilder existsBuilder = mock(ExistsBuilder.class);
when(curatorFramework.checkExists()).thenReturn(existsBuilder);
when(existsBuilder.forPath(getPath())).thenReturn(null);
CreateBuilder createBuilder = mock(CreateBuilder.class);
when(curatorFramework.create()).thenReturn(createBuilder);
when(createBuilder.withMode(CreateMode.EPHEMERAL)).thenReturn(createBuilder);
ACL expectedAcl = new ACL(ZooDefs.Perms.ALL, new Id("sasl", "myclient@EXAMPLE.COM"));
when(createBuilder.withACL(Arrays.asList(new ACL[] { expectedAcl }))).thenReturn(createBuilder);
SetDataBuilder setDataBuilder = mock(SetDataBuilder.class);
when(curatorFramework.setData()).thenReturn(setDataBuilder);
ActiveInstanceState activeInstanceState = new ActiveInstanceState(configuration, curatorFactory);
activeInstanceState.update("id1");
verify(createBuilder).forPath(getPath());
}
Also used :
SetDataBuilder(org.apache.curator.framework.api.SetDataBuilder)
CreateBuilder(org.apache.curator.framework.api.CreateBuilder)
ExistsBuilder(org.apache.curator.framework.api.ExistsBuilder)
ACL(org.apache.zookeeper.data.ACL)
Id(org.apache.zookeeper.data.Id)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
Example 70 with ACL
use of org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.data.ACL in project incubator-atlas by apache.
the class CuratorFactoryTest method shouldAddAclProviderWithRightACL.
@Test
public void shouldAddAclProviderWithRightACL() {
when(zookeeperProperties.hasAcl()).thenReturn(true);
when(zookeeperProperties.getAcl()).thenReturn("sasl:myclient@EXAMPLE.COM");
when(zookeeperProperties.hasAuth()).thenReturn(false);
CuratorFactory curatorFactory = new CuratorFactory(configuration) {
@Override
protected void initializeCuratorFramework() {
}
};
curatorFactory.enhanceBuilderWithSecurityParameters(zookeeperProperties, builder);
verify(builder).aclProvider(argThat(new ArgumentMatcher<ACLProvider>() {
@Override
public boolean matches(Object o) {
ACLProvider aclProvider = (ACLProvider) o;
ACL acl = aclProvider.getDefaultAcl().get(0);
return acl.getId().getId().equals("myclient@EXAMPLE.COM") && acl.getId().getScheme().equals("sasl");
}
}));
}
Also used :
ACLProvider(org.apache.curator.framework.api.ACLProvider)
ArgumentMatcher(org.mockito.ArgumentMatcher)
ACL(org.apache.zookeeper.data.ACL)
Test(org.testng.annotations.Test)
Aggregations
ACL (org.apache.zookeeper.data.ACL)215
Id (org.apache.zookeeper.data.Id)85
ArrayList (java.util.ArrayList)61
Test (org.junit.Test)56
Stat (org.apache.zookeeper.data.Stat)45
KeeperException (org.apache.zookeeper.KeeperException)35
Test (org.testng.annotations.Test)32
CuratorFramework (org.apache.curator.framework.CuratorFramework)20
Test (org.junit.jupiter.api.Test)18
Configuration (org.apache.hadoop.conf.Configuration)17
ZooKeeper (org.apache.zookeeper.ZooKeeper)16
ACLProvider (org.apache.curator.framework.api.ACLProvider)15
List (java.util.List)11
IOException (java.io.IOException)10
CountDownLatch (java.util.concurrent.CountDownLatch)9
ExponentialBackoffRetry (org.apache.curator.retry.ExponentialBackoffRetry)8
TestableZooKeeper (org.apache.zookeeper.TestableZooKeeper)7
ByteArrayOutputStream (java.io.ByteArrayOutputStream)6
HashMap (java.util.HashMap)6
CreateMode (org.apache.zookeeper.CreateMode)6
