Examples with VisibilityLabelsResponse org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse used on opensource projects

Example 1 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class VisibilityClient method addLabels.

/**
 * Utility method for adding labels to the system.
 *
 * @param connection
 * @param labels
 * @return VisibilityLabelsResponse
 * @throws Throwable
 */
public static VisibilityLabelsResponse addLabels(Connection connection, final String[] labels) throws Throwable {
    try (Table table = connection.getTable(LABELS_TABLE_NAME)) {
        Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse> callable = new Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse>() {

            ServerRpcController controller = new ServerRpcController();

            CoprocessorRpcUtils.BlockingRpcCallback<VisibilityLabelsResponse> rpcCallback = new CoprocessorRpcUtils.BlockingRpcCallback<>();

            @Override
            public VisibilityLabelsResponse call(VisibilityLabelsService service) throws IOException {
                VisibilityLabelsRequest.Builder builder = VisibilityLabelsRequest.newBuilder();
                for (String label : labels) {
                    if (label.length() > 0) {
                        VisibilityLabel.Builder newBuilder = VisibilityLabel.newBuilder();
                        newBuilder.setLabel(UnsafeByteOperations.unsafeWrap((Bytes.toBytes(label))));
                        builder.addVisLabel(newBuilder.build());
                    }
                }
                service.addLabels(controller, builder.build(), rpcCallback);
                VisibilityLabelsResponse response = rpcCallback.get();
                if (controller.failedOnException()) {
                    throw controller.getFailedOn();
                }
                return response;
            }
        };
        Map<byte[], VisibilityLabelsResponse> result = table.coprocessorService(VisibilityLabelsService.class, HConstants.EMPTY_BYTE_ARRAY, HConstants.EMPTY_BYTE_ARRAY, callable);
        // There will be exactly one region for labels
        return result.values().iterator().next();
    // table and so one entry in result Map.
    }
}

Example 2 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class VisibilityClient method setOrClearAuths.

private static VisibilityLabelsResponse setOrClearAuths(Connection connection, final String[] auths, final String user, final boolean setOrClear) throws IOException, ServiceException, Throwable {
    try (Table table = connection.getTable(LABELS_TABLE_NAME)) {
        Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse> callable = new Batch.Call<VisibilityLabelsService, VisibilityLabelsResponse>() {

            ServerRpcController controller = new ServerRpcController();

            CoprocessorRpcUtils.BlockingRpcCallback<VisibilityLabelsResponse> rpcCallback = new CoprocessorRpcUtils.BlockingRpcCallback<>();

            @Override
            public VisibilityLabelsResponse call(VisibilityLabelsService service) throws IOException {
                SetAuthsRequest.Builder setAuthReqBuilder = SetAuthsRequest.newBuilder();
                setAuthReqBuilder.setUser(UnsafeByteOperations.unsafeWrap(Bytes.toBytes(user)));
                for (String auth : auths) {
                    if (auth.length() > 0) {
                        setAuthReqBuilder.addAuth((ByteString.copyFromUtf8(auth)));
                    }
                }
                if (setOrClear) {
                    service.setAuths(controller, setAuthReqBuilder.build(), rpcCallback);
                } else {
                    service.clearAuths(controller, setAuthReqBuilder.build(), rpcCallback);
                }
                VisibilityLabelsResponse response = rpcCallback.get();
                if (controller.failedOnException()) {
                    throw controller.getFailedOn();
                }
                return response;
            }
        };
        Map<byte[], VisibilityLabelsResponse> result = table.coprocessorService(VisibilityLabelsService.class, HConstants.EMPTY_BYTE_ARRAY, HConstants.EMPTY_BYTE_ARRAY, callable);
        // There will be exactly one region for labels
        return result.values().iterator().next();
    // table and so one entry in result Map.
    }
}

Example 3 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class TestVisibilityLabelsWithDefaultVisLabelService method testAddVisibilityLabelsOnRSRestart.

@Test
public void testAddVisibilityLabelsOnRSRestart() throws Exception {
    List<RegionServerThread> regionServerThreads = TEST_UTIL.getHBaseCluster().getRegionServerThreads();
    for (RegionServerThread rsThread : regionServerThreads) {
        rsThread.getRegionServer().abort("Aborting ");
    }
    // Start one new RS
    RegionServerThread rs = TEST_UTIL.getHBaseCluster().startRegionServer();
    waitForLabelsRegionAvailability(rs.getRegionServer());
    final AtomicBoolean vcInitialized = new AtomicBoolean(true);
    do {
        PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {

            @Override
            public VisibilityLabelsResponse run() throws Exception {
                String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, "ABC", "XYZ" };
                try (Connection conn = ConnectionFactory.createConnection(conf)) {
                    VisibilityLabelsResponse resp = VisibilityClient.addLabels(conn, labels);
                    List<RegionActionResult> results = resp.getResultList();
                    if (results.get(0).hasException()) {
                        NameBytesPair pair = results.get(0).getException();
                        Throwable t = ProtobufUtil.toException(pair);
                        LOG.debug("Got exception writing labels", t);
                        if (t instanceof VisibilityControllerNotReadyException) {
                            vcInitialized.set(false);
                            LOG.warn("VisibilityController was not yet initialized");
                            Threads.sleep(10);
                        } else {
                            vcInitialized.set(true);
                        }
                    } else
                        LOG.debug("new labels added: " + resp);
                } catch (Throwable t) {
                    throw new IOException(t);
                }
                return null;
            }
        };
        SUPERUSER.runAs(action);
    } while (!vcInitialized.get());
    // Scan the visibility label
    Scan s = new Scan();
    s.setAuthorizations(new Authorizations(VisibilityUtils.SYSTEM_LABEL));
    int i = 0;
    try (Table ht = TEST_UTIL.getConnection().getTable(LABELS_TABLE_NAME);
        ResultScanner scanner = ht.getScanner(s)) {
        while (true) {
            Result next = scanner.next();
            if (next == null) {
                break;
            }
            i++;
        }
    }
    // One label is the "system" label.
    Assert.assertEquals("The count should be 13", 13, i);
}

Example 4 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class TestVisibilityLabelsWithDefaultVisLabelService method testAddLabels.

@Test
public void testAddLabels() throws Throwable {
    PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {

        @Override
        public VisibilityLabelsResponse run() throws Exception {
            String[] labels = { "L1", SECRET, "L2", "invalid~", "L3" };
            VisibilityLabelsResponse response = null;
            try (Connection conn = ConnectionFactory.createConnection(conf)) {
                response = VisibilityClient.addLabels(conn, labels);
            } catch (Throwable e) {
                throw new IOException(e);
            }
            List<RegionActionResult> resultList = response.getResultList();
            assertEquals(5, resultList.size());
            assertTrue(resultList.get(0).getException().getValue().isEmpty());
            assertEquals("org.apache.hadoop.hbase.DoNotRetryIOException", resultList.get(1).getException().getName());
            assertTrue(Bytes.toString(resultList.get(1).getException().getValue().toByteArray()).contains("org.apache.hadoop.hbase.security.visibility.LabelAlreadyExistsException: " + "Label 'secret' already exists"));
            assertTrue(resultList.get(2).getException().getValue().isEmpty());
            assertTrue(resultList.get(3).getException().getValue().isEmpty());
            assertTrue(resultList.get(4).getException().getValue().isEmpty());
            return null;
        }
    };
    SUPERUSER.runAs(action);
}

Example 5 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class TestVisibilityLabelsWithSLGStack method addLabels.

private static void addLabels() throws Exception {
    PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {

        @Override
        public VisibilityLabelsResponse run() throws Exception {
            String[] labels = { SECRET, CONFIDENTIAL };
            try (Connection conn = ConnectionFactory.createConnection(conf)) {
                VisibilityClient.addLabels(conn, labels);
            } catch (Throwable t) {
                throw new IOException(t);
            }
            return null;
        }
    };
    SUPERUSER.runAs(action);
}