Example 76 with Result
use of org.apache.hadoop.hbase.client.Result in project hbase by apache.
the class TestWithDisabledAuthorization method testPassiveVisibility.
@Test(timeout = 180000)
public void testPassiveVisibility() throws Exception {
// No values should be filtered regardless of authorization if we are passive
try (Table t = createTableAndWriteDataWithLabels(TableName.valueOf(TEST_NAME.getMethodName()), SECRET, PRIVATE, SECRET + "|" + CONFIDENTIAL, PRIVATE + "|" + CONFIDENTIAL)) {
Scan s = new Scan();
s.setAuthorizations(new Authorizations());
try (ResultScanner scanner = t.getScanner(s)) {
Result[] next = scanner.next(10);
assertEquals(next.length, 4);
}
s = new Scan();
s.setAuthorizations(new Authorizations(SECRET));
try (ResultScanner scanner = t.getScanner(s)) {
Result[] next = scanner.next(10);
assertEquals(next.length, 4);
}
s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, CONFIDENTIAL));
try (ResultScanner scanner = t.getScanner(s)) {
Result[] next = scanner.next(10);
assertEquals(next.length, 4);
}
s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, CONFIDENTIAL, PRIVATE));
try (ResultScanner scanner = t.getScanner(s)) {
Result[] next = scanner.next(10);
assertEquals(next.length, 4);
}
}
}
Also used :
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
Scan(org.apache.hadoop.hbase.client.Scan)
Result(org.apache.hadoop.hbase.client.Result)
Test(org.junit.Test)
Example 77 with Result
use of org.apache.hadoop.hbase.client.Result in project hbase by apache.
the class TestVisibilityLabelsWithACL method testScanForUserWithFewerLabelAuthsThanLabelsInScanAuthorizations.
@Test
public void testScanForUserWithFewerLabelAuthsThanLabelsInScanAuthorizations() throws Throwable {
String[] auths = { SECRET };
String user = "user2";
VisibilityClient.setAuths(TEST_UTIL.getConnection(), auths, user);
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
final Table table = createTableAndWriteDataWithLabels(tableName, SECRET + "&" + CONFIDENTIAL + "&!" + PRIVATE, SECRET + "&!" + PRIVATE);
SecureTestUtil.grantOnTable(TEST_UTIL, NORMAL_USER2.getShortName(), tableName, null, null, Permission.Action.READ);
PrivilegedExceptionAction<Void> scanAction = new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, CONFIDENTIAL));
try (Connection connection = ConnectionFactory.createConnection(conf);
Table t = connection.getTable(table.getName())) {
ResultScanner scanner = t.getScanner(s);
Result result = scanner.next();
assertTrue(!result.isEmpty());
assertTrue(Bytes.equals(Bytes.toBytes("row2"), result.getRow()));
result = scanner.next();
assertNull(result);
}
return null;
}
};
NORMAL_USER2.runAs(scanAction);
}
Also used :
TableName(org.apache.hadoop.hbase.TableName)
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
Connection(org.apache.hadoop.hbase.client.Connection)
Scan(org.apache.hadoop.hbase.client.Scan)
ByteString(com.google.protobuf.ByteString)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
Result(org.apache.hadoop.hbase.client.Result)
Test(org.junit.Test)
Example 78 with Result
use of org.apache.hadoop.hbase.client.Result in project hbase by apache.
the class TestVisibilityLabelsWithACL method testGetForSuperUserWithFewerLabelAuths.
@Test
public void testGetForSuperUserWithFewerLabelAuths() throws Throwable {
String[] auths = { SECRET };
String user = "admin";
VisibilityClient.setAuths(TEST_UTIL.getConnection(), auths, user);
TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
final Table table = createTableAndWriteDataWithLabels(tableName, SECRET + "&" + CONFIDENTIAL + "&!" + PRIVATE, SECRET + "&!" + PRIVATE);
PrivilegedExceptionAction<Void> scanAction = new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
Get g = new Get(row1);
g.setAuthorizations(new Authorizations(SECRET, CONFIDENTIAL));
try (Connection connection = ConnectionFactory.createConnection(conf);
Table t = connection.getTable(table.getName())) {
Result result = t.get(g);
assertTrue(!result.isEmpty());
}
return null;
}
};
SUPERUSER.runAs(scanAction);
}
Also used :
TableName(org.apache.hadoop.hbase.TableName)
Table(org.apache.hadoop.hbase.client.Table)
Get(org.apache.hadoop.hbase.client.Get)
Connection(org.apache.hadoop.hbase.client.Connection)
ByteString(com.google.protobuf.ByteString)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
Result(org.apache.hadoop.hbase.client.Result)
Test(org.junit.Test)
Example 79 with Result
use of org.apache.hadoop.hbase.client.Result in project hbase by apache.
the class TestVisibilityLabelsWithDefaultVisLabelService method testAddVisibilityLabelsOnRSRestart.
@Test(timeout = 60 * 1000)
public void testAddVisibilityLabelsOnRSRestart() throws Exception {
List<RegionServerThread> regionServerThreads = TEST_UTIL.getHBaseCluster().getRegionServerThreads();
for (RegionServerThread rsThread : regionServerThreads) {
rsThread.getRegionServer().abort("Aborting ");
}
// Start one new RS
RegionServerThread rs = TEST_UTIL.getHBaseCluster().startRegionServer();
waitForLabelsRegionAvailability(rs.getRegionServer());
final AtomicBoolean vcInitialized = new AtomicBoolean(true);
do {
PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
public VisibilityLabelsResponse run() throws Exception {
String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, "ABC", "XYZ" };
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityLabelsResponse resp = VisibilityClient.addLabels(conn, labels);
List<RegionActionResult> results = resp.getResultList();
if (results.get(0).hasException()) {
NameBytesPair pair = results.get(0).getException();
Throwable t = ProtobufUtil.toException(pair);
LOG.debug("Got exception writing labels", t);
if (t instanceof VisibilityControllerNotReadyException) {
vcInitialized.set(false);
LOG.warn("VisibilityController was not yet initialized");
Threads.sleep(10);
} else {
vcInitialized.set(true);
}
} else
LOG.debug("new labels added: " + resp);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(action);
} while (!vcInitialized.get());
// Scan the visibility label
Scan s = new Scan();
s.setAuthorizations(new Authorizations(VisibilityUtils.SYSTEM_LABEL));
int i = 0;
try (Table ht = TEST_UTIL.getConnection().getTable(LABELS_TABLE_NAME);
ResultScanner scanner = ht.getScanner(s)) {
while (true) {
Result next = scanner.next();
if (next == null) {
break;
}
i++;
}
}
// One label is the "system" label.
Assert.assertEquals("The count should be 13", 13, i);
}
Also used :
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
Connection(org.apache.hadoop.hbase.client.Connection)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
ByteString(com.google.protobuf.ByteString)
RegionActionResult(org.apache.hadoop.hbase.protobuf.generated.ClientProtos.RegionActionResult)
IOException(java.io.IOException)
RegionActionResult(org.apache.hadoop.hbase.protobuf.generated.ClientProtos.RegionActionResult)
Result(org.apache.hadoop.hbase.client.Result)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
NameBytesPair(org.apache.hadoop.hbase.protobuf.generated.HBaseProtos.NameBytesPair)
Scan(org.apache.hadoop.hbase.client.Scan)
RegionServerThread(org.apache.hadoop.hbase.util.JVMClusterUtil.RegionServerThread)
VisibilityLabelsResponse(org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)
Test(org.junit.Test)
Example 80 with Result
use of org.apache.hadoop.hbase.client.Result in project hbase by apache.
the class TestVisibilityLabelsWithDefaultVisLabelService method testVisibilityLabelsOnWALReplay.
@Test(timeout = 60 * 1000)
public void testVisibilityLabelsOnWALReplay() throws Exception {
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
try (Table table = createTableAndWriteDataWithLabels(tableName, "(" + SECRET + "|" + CONFIDENTIAL + ")", PRIVATE)) {
List<RegionServerThread> regionServerThreads = TEST_UTIL.getHBaseCluster().getRegionServerThreads();
for (RegionServerThread rsThread : regionServerThreads) {
rsThread.getRegionServer().abort("Aborting ");
}
// Start one new RS
RegionServerThread rs = TEST_UTIL.getHBaseCluster().startRegionServer();
waitForLabelsRegionAvailability(rs.getRegionServer());
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
}
}
Also used :
TableName(org.apache.hadoop.hbase.TableName)
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
Scan(org.apache.hadoop.hbase.client.Scan)
RegionServerThread(org.apache.hadoop.hbase.util.JVMClusterUtil.RegionServerThread)
RegionActionResult(org.apache.hadoop.hbase.protobuf.generated.ClientProtos.RegionActionResult)
Result(org.apache.hadoop.hbase.client.Result)
Test(org.junit.Test)
Aggregations
Result (org.apache.hadoop.hbase.client.Result)753
ResultScanner (org.apache.hadoop.hbase.client.ResultScanner)302
Test (org.junit.Test)295
Scan (org.apache.hadoop.hbase.client.Scan)287
Get (org.apache.hadoop.hbase.client.Get)282
Table (org.apache.hadoop.hbase.client.Table)228
Cell (org.apache.hadoop.hbase.Cell)203
Put (org.apache.hadoop.hbase.client.Put)183
IOException (java.io.IOException)172
ArrayList (java.util.ArrayList)160
TableName (org.apache.hadoop.hbase.TableName)125
Delete (org.apache.hadoop.hbase.client.Delete)111
Connection (org.apache.hadoop.hbase.client.Connection)102
KeyValue (org.apache.hadoop.hbase.KeyValue)76
Configuration (org.apache.hadoop.conf.Configuration)72
HTableDescriptor (org.apache.hadoop.hbase.HTableDescriptor)62
InterruptedIOException (java.io.InterruptedIOException)59
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)50
CellScanner (org.apache.hadoop.hbase.CellScanner)47
HColumnDescriptor (org.apache.hadoop.hbase.HColumnDescriptor)45
