Search in sources :

Example 6 with AdminACLsManager

use of org.apache.hadoop.yarn.security.AdminACLsManager in project hadoop by apache.

the class TestTimelineWebServices method testPostEntitiesToDefaultDomain.

@Test
public void testPostEntitiesToDefaultDomain() throws Exception {
    AdminACLsManager oldAdminACLsManager = timelineACLsManager.setAdminACLsManager(adminACLsManager);
    try {
        TimelineEntities entities = new TimelineEntities();
        TimelineEntity entity = new TimelineEntity();
        entity.setEntityId("test id 7");
        entity.setEntityType("test type 7");
        entity.setStartTime(System.currentTimeMillis());
        entities.addEntity(entity);
        WebResource r = resource();
        ClientResponse response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "anybody_1").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        TimelinePutResponse putResposne = response.getEntity(TimelinePutResponse.class);
        Assert.assertNotNull(putResposne);
        Assert.assertEquals(0, putResposne.getErrors().size());
        // verify the entity exists in the store
        response = r.path("ws").path("v1").path("timeline").path("test type 7").path("test id 7").queryParam("user.name", "any_body_2").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        entity = response.getEntity(TimelineEntity.class);
        Assert.assertNotNull(entity);
        Assert.assertEquals("test id 7", entity.getEntityId());
        Assert.assertEquals("test type 7", entity.getEntityType());
        Assert.assertEquals(TimelineDataManager.DEFAULT_DOMAIN_ID, entity.getDomainId());
    } finally {
        timelineACLsManager.setAdminACLsManager(oldAdminACLsManager);
    }
}
Also used : ClientResponse(com.sun.jersey.api.client.ClientResponse) AdminACLsManager(org.apache.hadoop.yarn.security.AdminACLsManager) TimelineEntities(org.apache.hadoop.yarn.api.records.timeline.TimelineEntities) WebResource(com.sun.jersey.api.client.WebResource) TimelinePutResponse(org.apache.hadoop.yarn.api.records.timeline.TimelinePutResponse) TimelineEntity(org.apache.hadoop.yarn.api.records.timeline.TimelineEntity) Test(org.junit.Test)

Example 7 with AdminACLsManager

use of org.apache.hadoop.yarn.security.AdminACLsManager in project hadoop by apache.

the class TestTimelineWebServices method testGetEventsWithYarnACLsEnabled.

@Test
public void testGetEventsWithYarnACLsEnabled() {
    AdminACLsManager oldAdminACLsManager = timelineACLsManager.setAdminACLsManager(adminACLsManager);
    try {
        // Put entity [5, 5] in domain 1
        TimelineEntities entities = new TimelineEntities();
        TimelineEntity entity = new TimelineEntity();
        entity.setEntityId("test id 5");
        entity.setEntityType("test type 5");
        entity.setStartTime(System.currentTimeMillis());
        entity.setDomainId("domain_id_1");
        TimelineEvent event = new TimelineEvent();
        event.setEventType("event type 1");
        event.setTimestamp(System.currentTimeMillis());
        entity.addEvent(event);
        entities.addEntity(entity);
        WebResource r = resource();
        ClientResponse response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "writer_user_1").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        TimelinePutResponse putResponse = response.getEntity(TimelinePutResponse.class);
        Assert.assertEquals(0, putResponse.getErrors().size());
        // Put entity [5, 6] in domain 2
        entities = new TimelineEntities();
        entity = new TimelineEntity();
        entity.setEntityId("test id 6");
        entity.setEntityType("test type 5");
        entity.setStartTime(System.currentTimeMillis());
        entity.setDomainId("domain_id_2");
        event = new TimelineEvent();
        event.setEventType("event type 2");
        event.setTimestamp(System.currentTimeMillis());
        entity.addEvent(event);
        entities.addEntity(entity);
        r = resource();
        response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "writer_user_3").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        putResponse = response.getEntity(TimelinePutResponse.class);
        Assert.assertEquals(0, putResponse.getErrors().size());
        // Query events belonging to the entities of type 4
        response = r.path("ws").path("v1").path("timeline").path("test type 5").path("events").queryParam("user.name", "reader_user_1").queryParam("entityId", "test id 5,test id 6").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        TimelineEvents events = response.getEntity(TimelineEvents.class);
        // Reader 1 should just have the access to the events of entity [5, 5]
        assertEquals(1, events.getAllEvents().size());
        assertEquals("test id 5", events.getAllEvents().get(0).getEntityId());
    } finally {
        timelineACLsManager.setAdminACLsManager(oldAdminACLsManager);
    }
}
Also used : TimelineEvent(org.apache.hadoop.yarn.api.records.timeline.TimelineEvent) ClientResponse(com.sun.jersey.api.client.ClientResponse) AdminACLsManager(org.apache.hadoop.yarn.security.AdminACLsManager) TimelineEntities(org.apache.hadoop.yarn.api.records.timeline.TimelineEntities) TimelineEvents(org.apache.hadoop.yarn.api.records.timeline.TimelineEvents) WebResource(com.sun.jersey.api.client.WebResource) TimelinePutResponse(org.apache.hadoop.yarn.api.records.timeline.TimelinePutResponse) TimelineEntity(org.apache.hadoop.yarn.api.records.timeline.TimelineEntity) Test(org.junit.Test)

Example 8 with AdminACLsManager

use of org.apache.hadoop.yarn.security.AdminACLsManager in project hadoop by apache.

the class TestTimelineWebServices method testPostEntitiesWithYarnACLsEnabled.

@Test
public void testPostEntitiesWithYarnACLsEnabled() throws Exception {
    AdminACLsManager oldAdminACLsManager = timelineACLsManager.setAdminACLsManager(adminACLsManager);
    try {
        TimelineEntities entities = new TimelineEntities();
        TimelineEntity entity = new TimelineEntity();
        entity.setEntityId("test id 2");
        entity.setEntityType("test type 2");
        entity.setStartTime(System.currentTimeMillis());
        entity.setDomainId("domain_id_1");
        entities.addEntity(entity);
        WebResource r = resource();
        ClientResponse response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "writer_user_1").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        TimelinePutResponse putResponse = response.getEntity(TimelinePutResponse.class);
        Assert.assertNotNull(putResponse);
        Assert.assertEquals(0, putResponse.getErrors().size());
        // override/append timeline data in the same entity with different user
        response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "writer_user_3").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        putResponse = response.getEntity(TimelinePutResponse.class);
        Assert.assertNotNull(putResponse);
        Assert.assertEquals(1, putResponse.getErrors().size());
        Assert.assertEquals(TimelinePutResponse.TimelinePutError.ACCESS_DENIED, putResponse.getErrors().get(0).getErrorCode());
        // Cross domain relationship will be rejected
        entities = new TimelineEntities();
        entity = new TimelineEntity();
        entity.setEntityId("test id 3");
        entity.setEntityType("test type 2");
        entity.setStartTime(System.currentTimeMillis());
        entity.setDomainId("domain_id_2");
        entity.setRelatedEntities(Collections.singletonMap("test type 2", Collections.singleton("test id 2")));
        entities.addEntity(entity);
        r = resource();
        response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "writer_user_3").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        putResponse = response.getEntity(TimelinePutResponse.class);
        Assert.assertNotNull(putResponse);
        Assert.assertEquals(1, putResponse.getErrors().size());
        Assert.assertEquals(TimelinePutError.FORBIDDEN_RELATION, putResponse.getErrors().get(0).getErrorCode());
        // Make sure the entity has been added anyway even though the
        // relationship is been excluded
        response = r.path("ws").path("v1").path("timeline").path("test type 2").path("test id 3").queryParam("user.name", "reader_user_3").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        entity = response.getEntity(TimelineEntity.class);
        Assert.assertNotNull(entity);
        Assert.assertEquals("test id 3", entity.getEntityId());
        Assert.assertEquals("test type 2", entity.getEntityType());
    } finally {
        timelineACLsManager.setAdminACLsManager(oldAdminACLsManager);
    }
}
Also used : ClientResponse(com.sun.jersey.api.client.ClientResponse) AdminACLsManager(org.apache.hadoop.yarn.security.AdminACLsManager) TimelineEntities(org.apache.hadoop.yarn.api.records.timeline.TimelineEntities) WebResource(com.sun.jersey.api.client.WebResource) TimelinePutResponse(org.apache.hadoop.yarn.api.records.timeline.TimelinePutResponse) TimelineEntity(org.apache.hadoop.yarn.api.records.timeline.TimelineEntity) Test(org.junit.Test)

Example 9 with AdminACLsManager

use of org.apache.hadoop.yarn.security.AdminACLsManager in project hadoop by apache.

the class TestTimelineWebServices method testGetEntityWithYarnACLsEnabled.

@Test
public void testGetEntityWithYarnACLsEnabled() throws Exception {
    AdminACLsManager oldAdminACLsManager = timelineACLsManager.setAdminACLsManager(adminACLsManager);
    try {
        TimelineEntities entities = new TimelineEntities();
        TimelineEntity entity = new TimelineEntity();
        entity.setEntityId("test id 3");
        entity.setEntityType("test type 3");
        entity.setStartTime(System.currentTimeMillis());
        entity.setDomainId("domain_id_1");
        entities.addEntity(entity);
        WebResource r = resource();
        ClientResponse response = r.path("ws").path("v1").path("timeline").queryParam("user.name", "writer_user_1").accept(MediaType.APPLICATION_JSON).type(MediaType.APPLICATION_JSON).post(ClientResponse.class, entities);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        TimelinePutResponse putResponse = response.getEntity(TimelinePutResponse.class);
        Assert.assertEquals(0, putResponse.getErrors().size());
        // verify the system data will not be exposed
        // 1. No field specification
        response = r.path("ws").path("v1").path("timeline").path("test type 3").path("test id 3").queryParam("user.name", "reader_user_1").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        entity = response.getEntity(TimelineEntity.class);
        Assert.assertNull(entity.getPrimaryFilters().get(TimelineStore.SystemFilter.ENTITY_OWNER.toString()));
        // 2. other field
        response = r.path("ws").path("v1").path("timeline").path("test type 3").path("test id 3").queryParam("fields", "relatedentities").queryParam("user.name", "reader_user_1").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        entity = response.getEntity(TimelineEntity.class);
        Assert.assertNull(entity.getPrimaryFilters().get(TimelineStore.SystemFilter.ENTITY_OWNER.toString()));
        // 3. primaryfilters field
        response = r.path("ws").path("v1").path("timeline").path("test type 3").path("test id 3").queryParam("fields", "primaryfilters").queryParam("user.name", "reader_user_1").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        entity = response.getEntity(TimelineEntity.class);
        Assert.assertNull(entity.getPrimaryFilters().get(TimelineStore.SystemFilter.ENTITY_OWNER.toString()));
        // get entity with other user
        response = r.path("ws").path("v1").path("timeline").path("test type 3").path("test id 3").queryParam("user.name", "reader_user_2").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        assertResponseStatusCode(Status.NOT_FOUND, response.getStatusInfo());
    } finally {
        timelineACLsManager.setAdminACLsManager(oldAdminACLsManager);
    }
}
Also used : ClientResponse(com.sun.jersey.api.client.ClientResponse) AdminACLsManager(org.apache.hadoop.yarn.security.AdminACLsManager) TimelineEntities(org.apache.hadoop.yarn.api.records.timeline.TimelineEntities) WebResource(com.sun.jersey.api.client.WebResource) TimelinePutResponse(org.apache.hadoop.yarn.api.records.timeline.TimelinePutResponse) TimelineEntity(org.apache.hadoop.yarn.api.records.timeline.TimelineEntity) Test(org.junit.Test)

Example 10 with AdminACLsManager

use of org.apache.hadoop.yarn.security.AdminACLsManager in project hadoop by apache.

the class TestTimelineWebServices method testGetDomainYarnACLsEnabled.

@Test
public void testGetDomainYarnACLsEnabled() {
    AdminACLsManager oldAdminACLsManager = timelineACLsManager.setAdminACLsManager(adminACLsManager);
    try {
        WebResource r = resource();
        ClientResponse response = r.path("ws").path("v1").path("timeline").path("domain").path("domain_id_1").queryParam("user.name", "owner_1").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        TimelineDomain domain = response.getEntity(TimelineDomain.class);
        verifyDomain(domain, "domain_id_1");
        response = r.path("ws").path("v1").path("timeline").path("domain").path("domain_id_1").queryParam("user.name", "tester").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
        assertEquals(MediaType.APPLICATION_JSON + "; " + JettyUtils.UTF_8, response.getType().toString());
        assertResponseStatusCode(Status.NOT_FOUND, response.getStatusInfo());
    } finally {
        timelineACLsManager.setAdminACLsManager(oldAdminACLsManager);
    }
}
Also used : ClientResponse(com.sun.jersey.api.client.ClientResponse) AdminACLsManager(org.apache.hadoop.yarn.security.AdminACLsManager) WebResource(com.sun.jersey.api.client.WebResource) TimelineDomain(org.apache.hadoop.yarn.api.records.timeline.TimelineDomain) Test(org.junit.Test)

Aggregations

AdminACLsManager (org.apache.hadoop.yarn.security.AdminACLsManager)11 Test (org.junit.Test)9 ClientResponse (com.sun.jersey.api.client.ClientResponse)8 WebResource (com.sun.jersey.api.client.WebResource)8 TimelineEntities (org.apache.hadoop.yarn.api.records.timeline.TimelineEntities)6 TimelineEntity (org.apache.hadoop.yarn.api.records.timeline.TimelineEntity)5 TimelinePutResponse (org.apache.hadoop.yarn.api.records.timeline.TimelinePutResponse)5 TimelineDomain (org.apache.hadoop.yarn.api.records.timeline.TimelineDomain)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 File (java.io.File)1 Private (org.apache.hadoop.classification.InterfaceAudience.Private)1 Configuration (org.apache.hadoop.conf.Configuration)1 Path (org.apache.hadoop.fs.Path)1 TimelineDomains (org.apache.hadoop.yarn.api.records.timeline.TimelineDomains)1 TimelineEvent (org.apache.hadoop.yarn.api.records.timeline.TimelineEvent)1 TimelineEvents (org.apache.hadoop.yarn.api.records.timeline.TimelineEvents)1 YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)1 TimelineACLsManager (org.apache.hadoop.yarn.server.timeline.security.TimelineACLsManager)1 Before (org.junit.Before)1