Examples with VisibilityLabelsResponse org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse used on opensource projects

Search in sources :

Example 11 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class VisibilityController method setAuths.

@Override
public synchronized void setAuths(RpcController controller, SetAuthsRequest request, RpcCallback<VisibilityLabelsResponse> done) {
    VisibilityLabelsResponse.Builder response = VisibilityLabelsResponse.newBuilder();
    List<ByteString> auths = request.getAuthList();
    if (!initialized) {
        setExceptionResults(auths.size(), new VisibilityControllerNotReadyException("VisibilityController not yet initialized!"), response);
    } else {
        byte[] user = request.getUser().toByteArray();
        List<byte[]> labelAuths = new ArrayList<>(auths.size());
        try {
            if (authorizationEnabled) {
                checkCallingUserAuth();
            }
            for (ByteString authBS : auths) {
                labelAuths.add(authBS.toByteArray());
            }
            OperationStatus[] opStatus = this.visibilityLabelService.setAuths(user, labelAuths);
            logResult(true, "setAuths", "Setting authorization for labels allowed", user, labelAuths, null);
            RegionActionResult successResult = RegionActionResult.newBuilder().build();
            for (OperationStatus status : opStatus) {
                if (status.getOperationStatusCode() == SUCCESS) {
                    response.addResult(successResult);
                } else {
                    RegionActionResult.Builder failureResultBuilder = RegionActionResult.newBuilder();
                    failureResultBuilder.setException(buildException(new DoNotRetryIOException(status.getExceptionMsg())));
                    response.addResult(failureResultBuilder.build());
                }
            }
        } catch (AccessDeniedException e) {
            logResult(false, "setAuths", e.getMessage(), user, labelAuths, null);
            LOG.error("User is not having required permissions to set authorization", e);
            setExceptionResults(auths.size(), e, response);
        } catch (IOException e) {
            LOG.error(e.toString(), e);
            setExceptionResults(auths.size(), e, response);
        }
    }
    done.run(response.build());
}
Also used : AccessDeniedException(org.apache.hadoop.hbase.security.AccessDeniedException) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) ByteString(org.apache.hbase.thirdparty.com.google.protobuf.ByteString) ArrayList(java.util.ArrayList) RegionActionResult(org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.RegionActionResult) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) IOException(java.io.IOException) OperationStatus(org.apache.hadoop.hbase.regionserver.OperationStatus) VisibilityLabelsResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)

Example 12 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class TestImportTSVWithVisibilityLabels method createLabels.

private static void createLabels() throws IOException, InterruptedException {
    PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {

        @Override
        public VisibilityLabelsResponse run() throws Exception {
            String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE };
            try (Connection conn = ConnectionFactory.createConnection(conf)) {
                VisibilityClient.addLabels(conn, labels);
                LOG.info("Added labels ");
            } catch (Throwable t) {
                LOG.error("Error in adding labels", t);
                throw new IOException(t);
            }
            return null;
        }
    };
    SUPERUSER.runAs(action);
}
Also used : Connection(org.apache.hadoop.hbase.client.Connection) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) IOException(java.io.IOException) VisibilityLabelsResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)

Example 13 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class VisibilityController method clearAuths.

@Override
public synchronized void clearAuths(RpcController controller, SetAuthsRequest request, RpcCallback<VisibilityLabelsResponse> done) {
    VisibilityLabelsResponse.Builder response = VisibilityLabelsResponse.newBuilder();
    List<ByteString> auths = request.getAuthList();
    if (!initialized) {
        setExceptionResults(auths.size(), new CoprocessorException("VisibilityController not yet initialized"), response);
    } else {
        byte[] requestUser = request.getUser().toByteArray();
        List<byte[]> labelAuths = new ArrayList<>(auths.size());
        try {
            // When AC is ON, do AC based user auth check
            if (authorizationEnabled && accessControllerAvailable && !isSystemOrSuperUser()) {
                User user = VisibilityUtils.getActiveUser();
                throw new AccessDeniedException("User '" + (user != null ? user.getShortName() : "null") + " is not authorized to perform this action.");
            }
            if (authorizationEnabled) {
                // When AC is not in place the calling user should have
                checkCallingUserAuth();
            // SYSTEM_LABEL auth to do this action.
            }
            for (ByteString authBS : auths) {
                labelAuths.add(authBS.toByteArray());
            }
            OperationStatus[] opStatus = this.visibilityLabelService.clearAuths(requestUser, labelAuths);
            logResult(true, "clearAuths", "Removing authorization for labels allowed", requestUser, labelAuths, null);
            RegionActionResult successResult = RegionActionResult.newBuilder().build();
            for (OperationStatus status : opStatus) {
                if (status.getOperationStatusCode() == SUCCESS) {
                    response.addResult(successResult);
                } else {
                    RegionActionResult.Builder failureResultBuilder = RegionActionResult.newBuilder();
                    failureResultBuilder.setException(buildException(new DoNotRetryIOException(status.getExceptionMsg())));
                    response.addResult(failureResultBuilder.build());
                }
            }
        } catch (AccessDeniedException e) {
            logResult(false, "clearAuths", e.getMessage(), requestUser, labelAuths, null);
            LOG.error("User is not having required permissions to clear authorization", e);
            setExceptionResults(auths.size(), e, response);
        } catch (IOException e) {
            LOG.error(e.toString(), e);
            setExceptionResults(auths.size(), e, response);
        }
    }
    done.run(response.build());
}
Also used : AccessDeniedException(org.apache.hadoop.hbase.security.AccessDeniedException) User(org.apache.hadoop.hbase.security.User) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) ByteString(org.apache.hbase.thirdparty.com.google.protobuf.ByteString) ArrayList(java.util.ArrayList) RegionActionResult(org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.RegionActionResult) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) IOException(java.io.IOException) OperationStatus(org.apache.hadoop.hbase.regionserver.OperationStatus) VisibilityLabelsResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse) CoprocessorException(org.apache.hadoop.hbase.coprocessor.CoprocessorException)

Example 14 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class VisibilityController method addLabels.

/**
 **************************** VisibilityEndpoint service related methods *****************************
 */
@Override
public synchronized void addLabels(RpcController controller, VisibilityLabelsRequest request, RpcCallback<VisibilityLabelsResponse> done) {
    VisibilityLabelsResponse.Builder response = VisibilityLabelsResponse.newBuilder();
    List<VisibilityLabel> visLabels = request.getVisLabelList();
    if (!initialized) {
        setExceptionResults(visLabels.size(), new VisibilityControllerNotReadyException("VisibilityController not yet initialized!"), response);
    } else {
        List<byte[]> labels = new ArrayList<>(visLabels.size());
        try {
            if (authorizationEnabled) {
                checkCallingUserAuth();
            }
            RegionActionResult successResult = RegionActionResult.newBuilder().build();
            for (VisibilityLabel visLabel : visLabels) {
                byte[] label = visLabel.getLabel().toByteArray();
                labels.add(label);
                // Just mark as success. Later it will get reset
                response.addResult(successResult);
            // based on the result from
            // visibilityLabelService.addLabels ()
            }
            if (!labels.isEmpty()) {
                OperationStatus[] opStatus = this.visibilityLabelService.addLabels(labels);
                logResult(true, "addLabels", "Adding labels allowed", null, labels, null);
                int i = 0;
                for (OperationStatus status : opStatus) {
                    while (!Objects.equals(response.getResult(i), successResult)) {
                        i++;
                    }
                    if (status.getOperationStatusCode() != SUCCESS) {
                        RegionActionResult.Builder failureResultBuilder = RegionActionResult.newBuilder();
                        failureResultBuilder.setException(buildException(new DoNotRetryIOException(status.getExceptionMsg())));
                        response.setResult(i, failureResultBuilder.build());
                    }
                    i++;
                }
            }
        } catch (AccessDeniedException e) {
            logResult(false, "addLabels", e.getMessage(), null, labels, null);
            LOG.error("User is not having required permissions to add labels", e);
            setExceptionResults(visLabels.size(), e, response);
        } catch (IOException e) {
            LOG.error(e.toString(), e);
            setExceptionResults(visLabels.size(), e, response);
        }
    }
    done.run(response.build());
}
Also used : AccessDeniedException(org.apache.hadoop.hbase.security.AccessDeniedException) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) ArrayList(java.util.ArrayList) RegionActionResult(org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.RegionActionResult) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) IOException(java.io.IOException) VisibilityLabel(org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabel) OperationStatus(org.apache.hadoop.hbase.regionserver.OperationStatus) VisibilityLabelsResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)

Example 15 with VisibilityLabelsResponse

use of org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse in project hbase by apache.

the class TestThriftHBaseServiceHandlerWithLabels method createLabels.

private static void createLabels() throws IOException, InterruptedException {
    PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {

        @Override
        public VisibilityLabelsResponse run() throws Exception {
            String[] labels = { SECRET, CONFIDENTIAL, PRIVATE, PUBLIC, TOPSECRET };
            try (Connection conn = ConnectionFactory.createConnection(conf)) {
                VisibilityClient.addLabels(conn, labels);
            } catch (Throwable t) {
                throw new IOException(t);
            }
            return null;
        }
    };
    SUPERUSER.runAs(action);
}
Also used : Connection(org.apache.hadoop.hbase.client.Connection) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) IOException(java.io.IOException) VisibilityLabelsResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)

Aggregations

VisibilityLabelsResponse (org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)25 IOException (java.io.IOException)22 Connection (org.apache.hadoop.hbase.client.Connection)20 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)19 ByteString (org.apache.hbase.thirdparty.com.google.protobuf.ByteString)12 Test (org.junit.Test)10 Table (org.apache.hadoop.hbase.client.Table)9 ArrayList (java.util.ArrayList)7 RegionActionResult (org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.RegionActionResult)6 TableName (org.apache.hadoop.hbase.TableName)5 Result (org.apache.hadoop.hbase.client.Result)5 ResultScanner (org.apache.hadoop.hbase.client.ResultScanner)5 Scan (org.apache.hadoop.hbase.client.Scan)5 GetAuthsResponse (org.apache.hadoop.hbase.shaded.protobuf.generated.VisibilityLabelsProtos.GetAuthsResponse)4 Cell (org.apache.hadoop.hbase.Cell)3 CellScanner (org.apache.hadoop.hbase.CellScanner)3 DoNotRetryIOException (org.apache.hadoop.hbase.DoNotRetryIOException)3 Put (org.apache.hadoop.hbase.client.Put)3 OperationStatus (org.apache.hadoop.hbase.regionserver.OperationStatus)3 AccessDeniedException (org.apache.hadoop.hbase.security.AccessDeniedException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial