Examples with TenantInfoImpl org.apache.pulsar.common.policies.data.TenantInfoImpl used on opensource projects

Example 6 with TenantInfoImpl

use of org.apache.pulsar.common.policies.data.TenantInfoImpl in project pulsar by apache.

the class AdminApiSchemaValidationEnforced method setup.

@BeforeMethod
@Override
public void setup() throws Exception {
    super.internalSetup();
    admin.clusters().createCluster("test", ClusterData.builder().serviceUrl(pulsar.getWebServiceAddress()).build());
    TenantInfoImpl tenantInfo = new TenantInfoImpl(Sets.newHashSet("role1", "role2"), Sets.newHashSet("test"));
    admin.tenants().createTenant("schema-validation-enforced", tenantInfo);
}

Example 7 with TenantInfoImpl

use of org.apache.pulsar.common.policies.data.TenantInfoImpl in project pulsar by apache.

the class AdminApiTest method testTopicBundleRangeLookup.

@Test
public void testTopicBundleRangeLookup() throws PulsarAdminException, PulsarServerException, Exception {
    admin.clusters().createCluster("usw", ClusterData.builder().build());
    TenantInfoImpl tenantInfo = new TenantInfoImpl(Sets.newHashSet("role1", "role2"), Sets.newHashSet("test", "usw"));
    admin.tenants().updateTenant("prop-xyz", tenantInfo);
    admin.namespaces().createNamespace("prop-xyz/getBundleNs", 100);
    assertEquals(admin.namespaces().getPolicies("prop-xyz/getBundleNs").bundles.getNumBundles(), 100);
    // (1) create a topic
    final String topicName = "persistent://prop-xyz/getBundleNs/topic1";
    String bundleRange = admin.lookups().getBundleRange(topicName);
    assertEquals(bundleRange, pulsar.getNamespaceService().getBundle(TopicName.get(topicName)).getBundleRange());
}

Example 8 with TenantInfoImpl

use of org.apache.pulsar.common.policies.data.TenantInfoImpl in project pulsar by apache.

the class AdminApiTest method namespaces.

@Test
public void namespaces() throws Exception {
    admin.clusters().createCluster("usw", ClusterData.builder().build());
    TenantInfoImpl tenantInfo = new TenantInfoImpl(Sets.newHashSet("role1", "role2"), Sets.newHashSet("test", "usw"));
    admin.tenants().updateTenant("prop-xyz", tenantInfo);
    assertEquals(admin.namespaces().getPolicies("prop-xyz/ns1").bundles, PoliciesUtil.defaultBundle());
    admin.namespaces().createNamespace("prop-xyz/ns2", Sets.newHashSet("test"));
    admin.namespaces().createNamespace("prop-xyz/ns3", 4);
    admin.namespaces().setNamespaceReplicationClusters("prop-xyz/ns3", Sets.newHashSet("test"));
    assertEquals(admin.namespaces().getPolicies("prop-xyz/ns3").bundles.getNumBundles(), 4);
    assertEquals(admin.namespaces().getPolicies("prop-xyz/ns3").bundles.getBoundaries().size(), 5);
    admin.namespaces().deleteNamespace("prop-xyz/ns3");
    try {
        admin.namespaces().createNamespace("non-existing/ns1");
        fail("Should not have passed");
    } catch (NotFoundException e) {
    // Ok
    }
    assertEquals(admin.namespaces().getNamespaces("prop-xyz"), Lists.newArrayList("prop-xyz/ns1", "prop-xyz/ns2"));
    assertEquals(admin.namespaces().getNamespaces("prop-xyz"), Lists.newArrayList("prop-xyz/ns1", "prop-xyz/ns2"));
    try {
        admin.namespaces().createNamespace("prop-xyz/ns4", Sets.newHashSet("usc"));
        fail("Should not have passed");
    } catch (NotAuthorizedException e) {
    // Ok, got the non authorized exception since usc cluster is not in the allowed clusters list.
    }
    // test with url style role.
    admin.namespaces().grantPermissionOnNamespace("prop-xyz/ns1", "spiffe://developer/passport-role", EnumSet.allOf(AuthAction.class));
    admin.namespaces().grantPermissionOnNamespace("prop-xyz/ns1", "my-role", EnumSet.allOf(AuthAction.class));
    Policies policies = new Policies();
    policies.replication_clusters = Sets.newHashSet("test");
    policies.bundles = PoliciesUtil.defaultBundle();
    policies.auth_policies.getNamespaceAuthentication().put("spiffe://developer/passport-role", EnumSet.allOf(AuthAction.class));
    policies.auth_policies.getNamespaceAuthentication().put("my-role", EnumSet.allOf(AuthAction.class));
    policies.is_allow_auto_update_schema = conf.isAllowAutoUpdateSchemaEnabled();
    assertEquals(admin.namespaces().getPolicies("prop-xyz/ns1"), policies);
    assertEquals(admin.namespaces().getPermissions("prop-xyz/ns1"), policies.auth_policies.getNamespaceAuthentication());
    assertEquals(admin.namespaces().getTopics("prop-xyz/ns1"), Lists.newArrayList());
    admin.namespaces().revokePermissionsOnNamespace("prop-xyz/ns1", "spiffe://developer/passport-role");
    admin.namespaces().revokePermissionsOnNamespace("prop-xyz/ns1", "my-role");
    policies.auth_policies.getNamespaceAuthentication().remove("spiffe://developer/passport-role");
    policies.auth_policies.getNamespaceAuthentication().remove("my-role");
    policies.is_allow_auto_update_schema = conf.isAllowAutoUpdateSchemaEnabled();
    assertEquals(admin.namespaces().getPolicies("prop-xyz/ns1"), policies);
    assertEquals(admin.namespaces().getPersistence("prop-xyz/ns1"), null);
    admin.namespaces().setPersistence("prop-xyz/ns1", new PersistencePolicies(3, 2, 1, 10.0));
    assertEquals(admin.namespaces().getPersistence("prop-xyz/ns1"), new PersistencePolicies(3, 2, 1, 10.0));
    // Force topic creation and namespace being loaded
    Producer<byte[]> producer = pulsarClient.newProducer(Schema.BYTES).topic("persistent://prop-xyz/ns1/my-topic").enableBatching(false).messageRoutingMode(MessageRoutingMode.SinglePartition).create();
    producer.close();
    admin.topics().delete("persistent://prop-xyz/ns1/my-topic");
    admin.namespaces().unloadNamespaceBundle("prop-xyz/ns1", "0x00000000_0xffffffff");
    NamespaceName ns = NamespaceName.get("prop-xyz/ns1");
    // Now, w/ bundle policies, we will use default bundle
    NamespaceBundle defaultBundle = bundleFactory.getFullBundle(ns);
    int i = 0;
    for (; i < 10; i++) {
        Optional<NamespaceEphemeralData> data1 = pulsar.getNamespaceService().getOwnershipCache().getOwnerAsync(defaultBundle).get();
        if (!data1.isPresent()) {
            // Already unloaded
            break;
        }
        LOG.info("Waiting for unload namespace {} to complete. Current service unit isDisabled: {}", defaultBundle, data1.get().isDisabled());
        Thread.sleep(1000);
    }
    assertTrue(i < 10);
    admin.namespaces().deleteNamespace("prop-xyz/ns1");
    assertEquals(admin.namespaces().getNamespaces("prop-xyz"), Lists.newArrayList("prop-xyz/ns2"));
    try {
        admin.namespaces().unload("prop-xyz/ns1");
        fail("should have raised exception");
    } catch (Exception e) {
    // OK excepted
    }
    // Force topic creation and namespace being loaded
    producer = pulsarClient.newProducer(Schema.BYTES).topic("persistent://prop-xyz/ns2/my-topic").create();
    producer.close();
    admin.topics().delete("persistent://prop-xyz/ns2/my-topic");
// both unload and delete should succeed for ns2 on other broker with a redirect
// otheradmin.namespaces().unload("prop-xyz/use/ns2");
}

Example 9 with TenantInfoImpl

use of org.apache.pulsar.common.policies.data.TenantInfoImpl in project pulsar by apache.

the class AdminApiTest method properties.

@Test
public void properties() throws PulsarAdminException {
    try {
        admin.tenants().getTenantInfo("does-not-exist");
        fail("should have failed");
    } catch (PulsarAdminException e) {
        assertTrue(e instanceof NotFoundException);
    }
    Set<String> allowedClusters = Sets.newHashSet("test");
    TenantInfoImpl tenantInfo = new TenantInfoImpl(Sets.newHashSet("role1", "role2"), allowedClusters);
    admin.tenants().updateTenant("prop-xyz", tenantInfo);
    assertEquals(admin.tenants().getTenants(), Lists.newArrayList("prop-xyz"));
    assertEquals(admin.tenants().getTenantInfo("prop-xyz"), tenantInfo);
    TenantInfoImpl newTenantAdmin = new TenantInfoImpl(Sets.newHashSet("role3", "role4"), allowedClusters);
    admin.tenants().updateTenant("prop-xyz", newTenantAdmin);
    assertEquals(admin.tenants().getTenantInfo("prop-xyz"), newTenantAdmin);
    try {
        admin.tenants().deleteTenant("prop-xyz");
        fail("should have failed");
    } catch (PulsarAdminException e) {
        assertTrue(e instanceof ConflictException);
        assertEquals(e.getStatusCode(), 409);
        assertEquals(e.getMessage(), "The tenant still has active namespaces");
    }
    admin.namespaces().deleteNamespace("prop-xyz/ns1");
    admin.tenants().deleteTenant("prop-xyz");
    assertEquals(admin.tenants().getTenants(), Lists.newArrayList());
    // Check name validation
    try {
        admin.tenants().createTenant("prop-xyz&", tenantInfo);
        fail("should have failed");
    } catch (PulsarAdminException e) {
        assertTrue(e instanceof PreconditionFailedException);
    }
}

Example 10 with TenantInfoImpl

use of org.apache.pulsar.common.policies.data.TenantInfoImpl in project pulsar by apache.

the class IncrementPartitionsTest method setup.

@BeforeMethod
@Override
public void setup() throws Exception {
    conf.setLoadBalancerEnabled(true);
    super.internalSetup();
    // create otherbroker to test redirect on calls that need
    // namespace ownership
    mockPulsarSetup = new MockedPulsarService(this.conf);
    mockPulsarSetup.setup();
    // Setup namespaces
    admin.clusters().createCluster("use", ClusterData.builder().serviceUrl(pulsar.getWebServiceAddress()).build());
    TenantInfoImpl tenantInfo = new TenantInfoImpl(Sets.newHashSet("role1", "role2"), Sets.newHashSet("use"));
    admin.tenants().createTenant("prop-xyz", tenantInfo);
    admin.namespaces().createNamespace("prop-xyz/use/ns1");
}