Example 6 with Authorizations
use of org.apache.hadoop.hbase.security.visibility.Authorizations in project hbase by apache.
the class DefaultVisibilityExpressionResolver method init.
@Override
public void init() {
// Reading all the labels and ordinal.
// This scan should be done by user with global_admin privileges.. Ensure that it works
Table labelsTable = null;
Connection connection = null;
try {
connection = ConnectionFactory.createConnection(conf);
try {
labelsTable = connection.getTable(LABELS_TABLE_NAME);
} catch (IOException e) {
LOG.error("Error opening 'labels' table", e);
return;
}
Scan scan = new Scan();
scan.setAuthorizations(new Authorizations(VisibilityUtils.SYSTEM_LABEL));
scan.addColumn(LABELS_TABLE_FAMILY, LABEL_QUALIFIER);
ResultScanner scanner = null;
try {
scanner = labelsTable.getScanner(scan);
Result next = null;
while ((next = scanner.next()) != null) {
byte[] row = next.getRow();
byte[] value = next.getValue(LABELS_TABLE_FAMILY, LABEL_QUALIFIER);
labels.put(Bytes.toString(value), Bytes.toInt(row));
}
} catch (TableNotFoundException e) {
// Table not found. So just return
return;
} catch (IOException e) {
LOG.error("Error scanning 'labels' table", e);
} finally {
if (scanner != null)
scanner.close();
}
} catch (IOException ioe) {
LOG.error("Failed reading 'labels' tags", ioe);
return;
} finally {
if (labelsTable != null) {
try {
labelsTable.close();
} catch (IOException ioe) {
LOG.warn("Error closing 'labels' table", ioe);
}
}
if (connection != null)
try {
connection.close();
} catch (IOException ioe) {
LOG.warn("Failed close of temporary connection", ioe);
}
}
}
Also used :
TableNotFoundException(org.apache.hadoop.hbase.TableNotFoundException)
Authorizations(org.apache.hadoop.hbase.security.visibility.Authorizations)
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
Connection(org.apache.hadoop.hbase.client.Connection)
Scan(org.apache.hadoop.hbase.client.Scan)
IOException(java.io.IOException)
Result(org.apache.hadoop.hbase.client.Result)
Example 7 with Authorizations
use of org.apache.hadoop.hbase.security.visibility.Authorizations in project hbase by apache.
the class TestImportTSVWithVisibilityLabels method validateTable.
/**
* Confirm ImportTsv via data in online table.
*/
private static void validateTable(Configuration conf, TableName tableName, String family, int valueMultiplier) throws IOException {
LOG.debug("Validating table.");
Table table = util.getConnection().getTable(tableName);
boolean verified = false;
long pause = conf.getLong("hbase.client.pause", 5 * 1000);
int numRetries = conf.getInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 5);
for (int i = 0; i < numRetries; i++) {
try {
Scan scan = new Scan();
// Scan entire family.
scan.addFamily(Bytes.toBytes(family));
scan.setAuthorizations(new Authorizations("secret", "private"));
ResultScanner resScanner = table.getScanner(scan);
Result[] next = resScanner.next(5);
assertEquals(1, next.length);
for (Result res : resScanner) {
LOG.debug("Getting results " + res.size());
assertTrue(res.size() == 2);
List<Cell> kvs = res.listCells();
assertTrue(CellUtil.matchingRow(kvs.get(0), Bytes.toBytes("KEY")));
assertTrue(CellUtil.matchingRow(kvs.get(1), Bytes.toBytes("KEY")));
assertTrue(CellUtil.matchingValue(kvs.get(0), Bytes.toBytes("VALUE" + valueMultiplier)));
assertTrue(CellUtil.matchingValue(kvs.get(1), Bytes.toBytes("VALUE" + 2 * valueMultiplier)));
// Only one result set is expected, so let it loop.
}
verified = true;
break;
} catch (NullPointerException e) {
// If here, a cell was empty. Presume its because updates came in
// after the scanner had been opened. Wait a while and retry.
}
try {
Thread.sleep(pause);
} catch (InterruptedException e) {
// continue
}
}
table.close();
assertTrue(verified);
}
Also used :
Authorizations(org.apache.hadoop.hbase.security.visibility.Authorizations)
Table(org.apache.hadoop.hbase.client.Table)
ResultScanner(org.apache.hadoop.hbase.client.ResultScanner)
Result(org.apache.hadoop.hbase.client.Result)
Scan(org.apache.hadoop.hbase.client.Scan)
Cell(org.apache.hadoop.hbase.Cell)
Example 8 with Authorizations
use of org.apache.hadoop.hbase.security.visibility.Authorizations in project hbase by apache.
the class IntegrationTestWithCellVisibilityLoadAndVerify method doVerify.
private Job doVerify(Configuration conf, HTableDescriptor htd, String... auths) throws IOException, InterruptedException, ClassNotFoundException {
Path outputDir = getTestDir(TEST_NAME, "verify-output");
Job job = new Job(conf);
job.setJarByClass(this.getClass());
job.setJobName(TEST_NAME + " Verification for " + htd.getTableName());
setJobScannerConf(job);
Scan scan = new Scan();
scan.setAuthorizations(new Authorizations(auths));
TableMapReduceUtil.initTableMapperJob(htd.getTableName().getNameAsString(), scan, VerifyMapper.class, NullWritable.class, NullWritable.class, job);
TableMapReduceUtil.addDependencyJarsForClasses(job.getConfiguration(), AbstractHBaseTool.class);
int scannerCaching = conf.getInt("verify.scannercaching", SCANNER_CACHING);
TableMapReduceUtil.setScannerCaching(job, scannerCaching);
job.setNumReduceTasks(0);
FileOutputFormat.setOutputPath(job, outputDir);
assertTrue(job.waitForCompletion(true));
return job;
}
Also used :
Path(org.apache.hadoop.fs.Path)
Authorizations(org.apache.hadoop.hbase.security.visibility.Authorizations)
Scan(org.apache.hadoop.hbase.client.Scan)
Job(org.apache.hadoop.mapreduce.Job)
Example 9 with Authorizations
use of org.apache.hadoop.hbase.security.visibility.Authorizations in project hbase by apache.
the class ScannerModel method fromScan.
/**
* @param scan the scan specification
* @throws Exception
*/
public static ScannerModel fromScan(Scan scan) throws Exception {
ScannerModel model = new ScannerModel();
model.setStartRow(scan.getStartRow());
model.setEndRow(scan.getStopRow());
Map<byte[], NavigableSet<byte[]>> families = scan.getFamilyMap();
if (families != null) {
for (Map.Entry<byte[], NavigableSet<byte[]>> entry : families.entrySet()) {
if (entry.getValue() != null) {
for (byte[] qualifier : entry.getValue()) {
model.addColumn(Bytes.add(entry.getKey(), COLUMN_DIVIDER, qualifier));
}
} else {
model.addColumn(entry.getKey());
}
}
}
model.setStartTime(scan.getTimeRange().getMin());
model.setEndTime(scan.getTimeRange().getMax());
int caching = scan.getCaching();
if (caching > 0) {
model.setCaching(caching);
}
int batch = scan.getBatch();
if (batch > 0) {
model.setBatch(batch);
}
int maxVersions = scan.getMaxVersions();
if (maxVersions > 0) {
model.setMaxVersions(maxVersions);
}
Filter filter = scan.getFilter();
if (filter != null) {
model.setFilter(stringifyFilter(filter));
}
// Add the visbility labels if found in the attributes
Authorizations authorizations = scan.getAuthorizations();
if (authorizations != null) {
List<String> labels = authorizations.getLabels();
for (String label : labels) {
model.addLabel(label);
}
}
return model;
}
Also used :
NavigableSet(java.util.NavigableSet)
Authorizations(org.apache.hadoop.hbase.security.visibility.Authorizations)
InclusiveStopFilter(org.apache.hadoop.hbase.filter.InclusiveStopFilter)
RandomRowFilter(org.apache.hadoop.hbase.filter.RandomRowFilter)
RowFilter(org.apache.hadoop.hbase.filter.RowFilter)
FirstKeyOnlyFilter(org.apache.hadoop.hbase.filter.FirstKeyOnlyFilter)
ColumnCountGetFilter(org.apache.hadoop.hbase.filter.ColumnCountGetFilter)
SingleColumnValueExcludeFilter(org.apache.hadoop.hbase.filter.SingleColumnValueExcludeFilter)
WhileMatchFilter(org.apache.hadoop.hbase.filter.WhileMatchFilter)
DependentColumnFilter(org.apache.hadoop.hbase.filter.DependentColumnFilter)
PrefixFilter(org.apache.hadoop.hbase.filter.PrefixFilter)
QualifierFilter(org.apache.hadoop.hbase.filter.QualifierFilter)
PageFilter(org.apache.hadoop.hbase.filter.PageFilter)
Filter(org.apache.hadoop.hbase.filter.Filter)
KeyOnlyFilter(org.apache.hadoop.hbase.filter.KeyOnlyFilter)
SingleColumnValueFilter(org.apache.hadoop.hbase.filter.SingleColumnValueFilter)
FamilyFilter(org.apache.hadoop.hbase.filter.FamilyFilter)
ColumnPrefixFilter(org.apache.hadoop.hbase.filter.ColumnPrefixFilter)
ColumnPaginationFilter(org.apache.hadoop.hbase.filter.ColumnPaginationFilter)
MultiRowRangeFilter(org.apache.hadoop.hbase.filter.MultiRowRangeFilter)
ValueFilter(org.apache.hadoop.hbase.filter.ValueFilter)
SkipFilter(org.apache.hadoop.hbase.filter.SkipFilter)
TimestampsFilter(org.apache.hadoop.hbase.filter.TimestampsFilter)
ColumnRangeFilter(org.apache.hadoop.hbase.filter.ColumnRangeFilter)
CompareFilter(org.apache.hadoop.hbase.filter.CompareFilter)
MultipleColumnPrefixFilter(org.apache.hadoop.hbase.filter.MultipleColumnPrefixFilter)
ByteString(com.google.protobuf.ByteString)
Map(java.util.Map)
Example 10 with Authorizations
use of org.apache.hadoop.hbase.security.visibility.Authorizations in project hbase by apache.
the class TestScan method testSetAuthorizations.
@Test
public void testSetAuthorizations() {
Scan scan = new Scan();
try {
scan.setAuthorizations(new Authorizations("+|)"));
scan.setAuthorizations(new Authorizations("A", "B", "0123", "A0", "1A1", "_a"));
scan.setAuthorizations(new Authorizations("A|B"));
scan.setAuthorizations(new Authorizations("A&B"));
scan.setAuthorizations(new Authorizations("!B"));
scan.setAuthorizations(new Authorizations("A", "(A)"));
scan.setAuthorizations(new Authorizations("A", "{A"));
scan.setAuthorizations(new Authorizations(" "));
scan.setAuthorizations(new Authorizations(":B"));
scan.setAuthorizations(new Authorizations("-B"));
scan.setAuthorizations(new Authorizations(".B"));
scan.setAuthorizations(new Authorizations("/B"));
} catch (IllegalArgumentException e) {
fail("should not throw exception");
}
}
Also used :
Authorizations(org.apache.hadoop.hbase.security.visibility.Authorizations)
Test(org.junit.Test)
Aggregations
Authorizations (org.apache.hadoop.hbase.security.visibility.Authorizations)10
Scan (org.apache.hadoop.hbase.client.Scan)5
Result (org.apache.hadoop.hbase.client.Result)3
ResultScanner (org.apache.hadoop.hbase.client.ResultScanner)3
Table (org.apache.hadoop.hbase.client.Table)3
IOException (java.io.IOException)2
Map (java.util.Map)2
ParseFilter (org.apache.hadoop.hbase.filter.ParseFilter)2
TColumn (org.apache.hadoop.hbase.thrift2.generated.TColumn)2
ByteString (com.google.protobuf.ByteString)1
ByteBuffer (java.nio.ByteBuffer)1
NavigableSet (java.util.NavigableSet)1
Path (org.apache.hadoop.fs.Path)1
Cell (org.apache.hadoop.hbase.Cell)1
DoNotRetryIOException (org.apache.hadoop.hbase.DoNotRetryIOException)1
HBaseIOException (org.apache.hadoop.hbase.HBaseIOException)1
TableNotFoundException (org.apache.hadoop.hbase.TableNotFoundException)1
Connection (org.apache.hadoop.hbase.client.Connection)1
Delete (org.apache.hadoop.hbase.client.Delete)1
Get (org.apache.hadoop.hbase.client.Get)1
