use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.
the class TestKeyManagerImpl method testInvalidPrefixAcl.
@Test
public void testInvalidPrefixAcl() throws IOException {
String volumeName = "vol1";
String bucketName = "bucket1";
String prefix1 = "pf1/";
// Invalid prefix not ending with "/"
String invalidPrefix = "invalid/pf";
OzoneAcl ozAcl1 = new OzoneAcl(ACLIdentityType.USER, "user1", ACLType.READ, ACCESS);
OzoneObj ozInvalidPrefix = new OzoneObjInfo.Builder().setVolumeName(volumeName).setBucketName(bucketName).setPrefixName(invalidPrefix).setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).build();
// add acl with invalid prefix name
exception.expect(OMException.class);
exception.expectMessage("Invalid prefix name");
prefixManager.addAcl(ozInvalidPrefix, ozAcl1);
OzoneObj ozPrefix1 = new OzoneObjInfo.Builder().setVolumeName(volumeName).setBucketName(bucketName).setPrefixName(prefix1).setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).build();
prefixManager.addAcl(ozPrefix1, ozAcl1);
List<OzoneAcl> ozAclGet = prefixManager.getAcl(ozPrefix1);
Assert.assertEquals(1, ozAclGet.size());
Assert.assertEquals(ozAcl1, ozAclGet.get(0));
// get acl with invalid prefix name
exception.expect(OMException.class);
exception.expectMessage("Invalid prefix name");
prefixManager.getAcl(ozInvalidPrefix);
// set acl with invalid prefix name
List<OzoneAcl> ozoneAcls = new ArrayList<OzoneAcl>();
ozoneAcls.add(ozAcl1);
exception.expect(OMException.class);
exception.expectMessage("Invalid prefix name");
prefixManager.setAcl(ozInvalidPrefix, ozoneAcls);
// remove acl with invalid prefix name
exception.expect(OMException.class);
exception.expectMessage("Invalid prefix name");
prefixManager.removeAcl(ozInvalidPrefix, ozAcl1);
}
use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.
the class TestKeyManagerImpl method testPrefixAclOps.
@Test
public void testPrefixAclOps() throws IOException {
String volumeName = "vol1";
String bucketName = "bucket1";
String prefix1 = "pf1/";
OzoneObj ozPrefix1 = new OzoneObjInfo.Builder().setVolumeName(volumeName).setBucketName(bucketName).setPrefixName(prefix1).setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).build();
OzoneAcl ozAcl1 = new OzoneAcl(ACLIdentityType.USER, "user1", ACLType.READ, ACCESS);
writeClient.addAcl(ozPrefix1, ozAcl1);
List<OzoneAcl> ozAclGet = writeClient.getAcl(ozPrefix1);
Assert.assertEquals(1, ozAclGet.size());
Assert.assertEquals(ozAcl1, ozAclGet.get(0));
List<OzoneAcl> acls = new ArrayList<>();
OzoneAcl ozAcl2 = new OzoneAcl(ACLIdentityType.USER, "admin", ACLType.ALL, ACCESS);
BitSet rwRights = new BitSet();
rwRights.set(IAccessAuthorizer.ACLType.WRITE.ordinal());
rwRights.set(IAccessAuthorizer.ACLType.READ.ordinal());
OzoneAcl ozAcl3 = new OzoneAcl(ACLIdentityType.GROUP, "dev", rwRights, ACCESS);
BitSet wRights = new BitSet();
wRights.set(IAccessAuthorizer.ACLType.WRITE.ordinal());
OzoneAcl ozAcl4 = new OzoneAcl(ACLIdentityType.GROUP, "dev", wRights, ACCESS);
BitSet rRights = new BitSet();
rRights.set(IAccessAuthorizer.ACLType.READ.ordinal());
OzoneAcl ozAcl5 = new OzoneAcl(ACLIdentityType.GROUP, "dev", rRights, ACCESS);
acls.add(ozAcl2);
acls.add(ozAcl3);
writeClient.setAcl(ozPrefix1, acls);
ozAclGet = writeClient.getAcl(ozPrefix1);
Assert.assertEquals(2, ozAclGet.size());
int matchEntries = 0;
for (OzoneAcl acl : ozAclGet) {
if (acl.getType() == ACLIdentityType.GROUP) {
Assert.assertEquals(ozAcl3, acl);
matchEntries++;
}
if (acl.getType() == ACLIdentityType.USER) {
Assert.assertEquals(ozAcl2, acl);
matchEntries++;
}
}
Assert.assertEquals(2, matchEntries);
boolean result = writeClient.removeAcl(ozPrefix1, ozAcl4);
Assert.assertEquals(true, result);
ozAclGet = writeClient.getAcl(ozPrefix1);
Assert.assertEquals(2, ozAclGet.size());
result = writeClient.removeAcl(ozPrefix1, ozAcl3);
Assert.assertEquals(true, result);
ozAclGet = writeClient.getAcl(ozPrefix1);
Assert.assertEquals(1, ozAclGet.size());
Assert.assertEquals(ozAcl2, ozAclGet.get(0));
// add dev:w
writeClient.addAcl(ozPrefix1, ozAcl4);
ozAclGet = writeClient.getAcl(ozPrefix1);
Assert.assertEquals(2, ozAclGet.size());
// add dev:r and validate the acl bitset combined
writeClient.addAcl(ozPrefix1, ozAcl5);
ozAclGet = writeClient.getAcl(ozPrefix1);
Assert.assertEquals(2, ozAclGet.size());
matchEntries = 0;
for (OzoneAcl acl : ozAclGet) {
if (acl.getType() == ACLIdentityType.GROUP) {
Assert.assertEquals(ozAcl3, acl);
matchEntries++;
}
if (acl.getType() == ACLIdentityType.USER) {
Assert.assertEquals(ozAcl2, acl);
matchEntries++;
}
}
Assert.assertEquals(2, matchEntries);
}
use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.
the class TestBucketOwner method testVolumeOwner.
@Test
public void testVolumeOwner() throws Exception {
// Test Key Operations for Volume Owner
UserGroupInformation.setLoginUser(user2);
OzoneVolume volume = cluster.getClient().getObjectStore().getVolume("volume1");
OzoneBucket ozoneBucket = volume.getBucket("bucket1");
// Key Create
createKey(ozoneBucket, "key2", 10, new byte[10]);
// Key Delete
ozoneBucket.deleteKey("key2");
// List Keys
ozoneBucket.listKeys("key");
// Get Acls
ozoneBucket.getAcls();
// Add Acls
OzoneAcl acl = new OzoneAcl(USER, "testuser2", IAccessAuthorizer.ACLType.ALL, DEFAULT);
ozoneBucket.addAcl(acl);
// Bucket Delete
volume.deleteBucket("bucket2");
}
use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.
the class TestOMKeyAclRequest method testKeySetAclRequest.
@Test
public void testKeySetAclRequest() throws Exception {
OMRequestTestUtils.addVolumeAndBucketToDB(volumeName, bucketName, omMetadataManager, getBucketLayout());
String ozoneKey = addKeyToTable();
OmKeyInfo omKeyInfo = omMetadataManager.getKeyTable(getBucketLayout()).get(ozoneKey);
// As we added manually to key table.
Assert.assertNotNull(omKeyInfo);
OzoneAcl acl = OzoneAcl.parseAcl("user:bilbo:rwdlncxy[ACCESS]");
OMRequest setAclRequest = createSetAclKeyRequest(acl);
OMKeyAclRequest omKeySetAclRequest = getOmKeySetAclRequest(setAclRequest);
OMRequest preExecuteRequest = omKeySetAclRequest.preExecute(ozoneManager);
// When preExecute() of setting acl,
// the new modification time is greater than origin one.
long originModTime = setAclRequest.getSetAclRequest().getModificationTime();
long newModTime = preExecuteRequest.getSetAclRequest().getModificationTime();
Assert.assertTrue(newModTime > originModTime);
OMClientResponse omClientResponse = omKeySetAclRequest.validateAndUpdateCache(ozoneManager, 100L, ozoneManagerDoubleBufferHelper);
OMResponse omSetAclResponse = omClientResponse.getOMResponse();
Assert.assertNotNull(omSetAclResponse.getSetAclResponse());
Assert.assertEquals(OzoneManagerProtocolProtos.Status.OK, omSetAclResponse.getStatus());
// Verify result of setting acl.
List<OzoneAcl> newAcls = omMetadataManager.getKeyTable(getBucketLayout()).get(ozoneKey).getAcls();
Assert.assertEquals(newAcls.get(0), acl);
}
use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.
the class TestOMKeyAclRequest method testKeyAddAclRequest.
@Test
public void testKeyAddAclRequest() throws Exception {
// Manually add volume, bucket and key to DB
OMRequestTestUtils.addVolumeAndBucketToDB(volumeName, bucketName, omMetadataManager, getBucketLayout());
String ozoneKey = addKeyToTable();
OmKeyInfo omKeyInfo = omMetadataManager.getKeyTable(getBucketLayout()).get(ozoneKey);
// As we added manually to key table.
Assert.assertNotNull(omKeyInfo);
OzoneAcl acl = OzoneAcl.parseAcl("user:bilbo:rwdlncxy[ACCESS]");
// Create KeyAddAcl request
OMRequest originalRequest = createAddAclkeyRequest(acl);
OMKeyAclRequest omKeyAddAclRequest = getOmKeyAddAclRequest(originalRequest);
OMRequest preExecuteRequest = omKeyAddAclRequest.preExecute(ozoneManager);
// When preExecute() of adding acl,
// the new modification time is greater than origin one.
long originModTime = originalRequest.getAddAclRequest().getModificationTime();
long newModTime = preExecuteRequest.getAddAclRequest().getModificationTime();
Assert.assertTrue(newModTime > originModTime);
// Execute original request
OMClientResponse omClientResponse = omKeyAddAclRequest.validateAndUpdateCache(ozoneManager, 100L, ozoneManagerDoubleBufferHelper);
Assert.assertEquals(OzoneManagerProtocolProtos.Status.OK, omClientResponse.getOMResponse().getStatus());
}
Aggregations