use of org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.ListLabelsResponse in project hbase by apache.
the class VisibilityController method listLabels.
@Override
public synchronized void listLabels(RpcController controller, ListLabelsRequest request, RpcCallback<ListLabelsResponse> done) {
ListLabelsResponse.Builder response = ListLabelsResponse.newBuilder();
if (!initialized) {
controller.setFailed("VisibilityController not yet initialized");
} else {
List<String> labels = null;
String regex = request.hasRegex() ? request.getRegex() : null;
try {
// AccessController CP methods.
if (authorizationEnabled && accessControllerAvailable && !isSystemOrSuperUser()) {
User requestingUser = VisibilityUtils.getActiveUser();
throw new AccessDeniedException("User '" + (requestingUser != null ? requestingUser.getShortName() : "null") + "' is not authorized to perform this action.");
}
labels = this.visibilityLabelService.listLabels(regex);
logResult(false, "listLabels", "Listing labels allowed", null, null, regex);
} catch (AccessDeniedException e) {
logResult(false, "listLabels", e.getMessage(), null, null, regex);
CoprocessorRpcUtils.setControllerException(controller, e);
} catch (IOException e) {
CoprocessorRpcUtils.setControllerException(controller, e);
}
if (labels != null && !labels.isEmpty()) {
for (String label : labels) {
response.addLabel(ByteStringer.wrap(Bytes.toBytes(label)));
}
}
}
done.run(response.build());
}
use of org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.ListLabelsResponse in project hbase by apache.
the class TestVisibilityLabelsWithDefaultVisLabelService method testListLabelsWithRegEx.
@Test
public void testListLabelsWithRegEx() throws Throwable {
PrivilegedExceptionAction<ListLabelsResponse> action = new PrivilegedExceptionAction<ListLabelsResponse>() {
public ListLabelsResponse run() throws Exception {
ListLabelsResponse response = null;
try (Connection conn = ConnectionFactory.createConnection(conf)) {
response = VisibilityClient.listLabels(conn, ".*secret");
} catch (Throwable e) {
fail("Should not have thrown exception");
}
// Only return the labels that end with 'secret'
List<ByteString> labels = response.getLabelList();
assertEquals(2, labels.size());
assertTrue(labels.contains(ByteString.copyFrom(SECRET.getBytes())));
assertTrue(labels.contains(ByteString.copyFrom(TOPSECRET.getBytes())));
return null;
}
};
SUPERUSER.runAs(action);
}
use of org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.ListLabelsResponse in project hbase by apache.
the class TestVisibilityLabelsWithDefaultVisLabelService method testListLabels.
@Test
public void testListLabels() throws Throwable {
PrivilegedExceptionAction<ListLabelsResponse> action = new PrivilegedExceptionAction<ListLabelsResponse>() {
public ListLabelsResponse run() throws Exception {
ListLabelsResponse response = null;
try (Connection conn = ConnectionFactory.createConnection(conf)) {
response = VisibilityClient.listLabels(conn, null);
} catch (Throwable e) {
fail("Should not have thrown exception");
}
// The addLabels() in setup added:
// { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE, COPYRIGHT, ACCENT,
// UNICODE_VIS_TAG, UC1, UC2 };
// The previous tests added 2 more labels: ABC, XYZ
// The 'system' label is excluded.
List<ByteString> labels = response.getLabelList();
assertEquals(12, labels.size());
assertTrue(labels.contains(ByteString.copyFrom(SECRET.getBytes())));
assertTrue(labels.contains(ByteString.copyFrom(TOPSECRET.getBytes())));
assertTrue(labels.contains(ByteString.copyFrom(CONFIDENTIAL.getBytes())));
assertTrue(labels.contains(ByteString.copyFrom("ABC".getBytes())));
assertTrue(labels.contains(ByteString.copyFrom("XYZ".getBytes())));
assertFalse(labels.contains(ByteString.copyFrom(SYSTEM_LABEL.getBytes())));
return null;
}
};
SUPERUSER.runAs(action);
}
use of org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.ListLabelsResponse in project hbase by apache.
the class VisibilityClient method listLabels.
/**
* Retrieve the list of visibility labels defined in the system.
* @param connection The Connection instance to use.
* @param regex The regular expression to filter which labels are returned.
* @return labels The list of visibility labels defined in the system.
* @throws Throwable
*/
public static ListLabelsResponse listLabels(Connection connection, final String regex) throws Throwable {
Table table = null;
try {
table = connection.getTable(LABELS_TABLE_NAME);
Batch.Call<VisibilityLabelsService, ListLabelsResponse> callable = new Batch.Call<VisibilityLabelsService, ListLabelsResponse>() {
ServerRpcController controller = new ServerRpcController();
CoprocessorRpcUtils.BlockingRpcCallback<ListLabelsResponse> rpcCallback = new CoprocessorRpcUtils.BlockingRpcCallback<>();
public ListLabelsResponse call(VisibilityLabelsService service) throws IOException {
ListLabelsRequest.Builder listAuthLabelsReqBuilder = ListLabelsRequest.newBuilder();
if (regex != null) {
// Compile the regex here to catch any regex exception earlier.
Pattern pattern = Pattern.compile(regex);
listAuthLabelsReqBuilder.setRegex(pattern.toString());
}
service.listLabels(controller, listAuthLabelsReqBuilder.build(), rpcCallback);
ListLabelsResponse response = rpcCallback.get();
if (controller.failedOnException()) {
throw controller.getFailedOn();
}
return response;
}
};
Map<byte[], ListLabelsResponse> result = table.coprocessorService(VisibilityLabelsService.class, HConstants.EMPTY_BYTE_ARRAY, HConstants.EMPTY_BYTE_ARRAY, callable);
// There will be exactly one region for labels
return result.values().iterator().next();
// table and so one entry in result Map.
} finally {
if (table != null) {
table.close();
}
if (connection != null) {
connection.close();
}
}
}
Aggregations