Search in sources :

Example 31 with SettableBlobMeta

use of org.apache.storm.generated.SettableBlobMeta in project storm by apache.

the class LocalFsBlobStore method setBlobMeta.

@Override
public void setBlobMeta(String key, SettableBlobMeta meta, Subject who) throws AuthorizationException, KeyNotFoundException {
    validateKey(key);
    checkForBlobOrDownload(key);
    _aclHandler.normalizeSettableBlobMeta(key, meta, who, ADMIN);
    BlobStoreAclHandler.validateSettableACLs(key, meta.get_acl());
    SettableBlobMeta orig = getStoredBlobMeta(key);
    _aclHandler.hasPermissions(orig.get_acl(), ADMIN, who, key);
    BlobStoreFileOutputStream mOut = null;
    try {
        mOut = new BlobStoreFileOutputStream(fbs.write(META_PREFIX + key, false));
        mOut.write(Utils.thriftSerialize(meta));
        mOut.close();
        mOut = null;
    } catch (IOException e) {
        throw new RuntimeException(e);
    } finally {
        if (mOut != null) {
            try {
                mOut.cancel();
            } catch (IOException e) {
            //Ignored
            }
        }
    }
}
Also used : IOException(java.io.IOException) SettableBlobMeta(org.apache.storm.generated.SettableBlobMeta)

Example 32 with SettableBlobMeta

use of org.apache.storm.generated.SettableBlobMeta in project storm by apache.

the class BlobStoreTest method testDeleteAfterFailedCreate.

@Test
public void testDeleteAfterFailedCreate() throws Exception {
    LocalFsBlobStore store = initLocalFs();
    SettableBlobMeta metadata = new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING);
    AtomicOutputStream out = store.createBlob("test", metadata, null);
    out.write(1);
    store.deleteBlob("test", null);
}
Also used : SettableBlobMeta(org.apache.storm.generated.SettableBlobMeta) Test(org.junit.Test)

Example 33 with SettableBlobMeta

use of org.apache.storm.generated.SettableBlobMeta in project storm by apache.

the class BlobStoreTest method testMultiple.

public void testMultiple(BlobStore store) throws Exception {
    assertStoreHasExactly(store);
    LOG.info("Creating test");
    try (AtomicOutputStream out = store.createBlob("test", new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING), null)) {
        out.write(1);
    }
    assertStoreHasExactly(store, "test");
    readAssertEquals(store, "test", 1);
    LOG.info("Creating other");
    try (AtomicOutputStream out = store.createBlob("other", new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING), null)) {
        out.write(2);
    }
    assertStoreHasExactly(store, "test", "other");
    readAssertEquals(store, "test", 1);
    readAssertEquals(store, "other", 2);
    LOG.info("Updating other");
    try (AtomicOutputStream out = store.updateBlob("other", null)) {
        out.write(5);
    }
    assertStoreHasExactly(store, "test", "other");
    readAssertEquals(store, "test", 1);
    readAssertEquals(store, "other", 5);
    LOG.info("Deleting test");
    store.deleteBlob("test", null);
    assertStoreHasExactly(store, "other");
    readAssertEquals(store, "other", 5);
    LOG.info("Creating test again");
    try (AtomicOutputStream out = store.createBlob("test", new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING), null)) {
        out.write(2);
    }
    assertStoreHasExactly(store, "test", "other");
    readAssertEquals(store, "test", 2);
    readAssertEquals(store, "other", 5);
    LOG.info("Updating test");
    try (AtomicOutputStream out = store.updateBlob("test", null)) {
        out.write(3);
    }
    assertStoreHasExactly(store, "test", "other");
    readAssertEquals(store, "test", 3);
    readAssertEquals(store, "other", 5);
    LOG.info("Deleting other");
    store.deleteBlob("other", null);
    assertStoreHasExactly(store, "test");
    readAssertEquals(store, "test", 3);
    LOG.info("Updating test again");
    // intended to not guarding with try-with-resource since otherwise test will fail
    AtomicOutputStream out = store.updateBlob("test", null);
    out.write(4);
    out.flush();
    LOG.info("SLEEPING");
    Thread.sleep(2);
    if (store instanceof LocalFsBlobStore) {
        ((LocalFsBlobStore) store).fullCleanup(1);
    } else {
        fail("Error the blobstore is of unknowntype");
    }
    assertStoreHasExactly(store, "test");
    readAssertEquals(store, "test", 3);
    try {
        out.close();
    } catch (IOException e) {
    // This is likely to happen when we try to commit something that
    // was cleaned up.  This is expected and acceptable.
    }
}
Also used : IOException(java.io.IOException) SettableBlobMeta(org.apache.storm.generated.SettableBlobMeta)

Example 34 with SettableBlobMeta

use of org.apache.storm.generated.SettableBlobMeta in project storm by apache.

the class BlobStoreTest method testBasic.

public void testBasic(BlobStore store) throws Exception {
    assertStoreHasExactly(store);
    LOG.info("Creating test");
    // Tests for case when subject == null (security turned off) and
    // acls for the blob are set to WORLD_EVERYTHING
    SettableBlobMeta metadata = new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING);
    try (AtomicOutputStream out = store.createBlob("test", metadata, null)) {
        out.write(1);
    }
    assertStoreHasExactly(store, "test");
    // Testing whether acls are set to WORLD_EVERYTHING
    assertTrue("ACL does not contain WORLD_EVERYTHING", metadata.toString().contains("AccessControl(type:OTHER, access:7)"));
    readAssertEquals(store, "test", 1);
    LOG.info("Deleting test");
    store.deleteBlob("test", null);
    assertStoreHasExactly(store);
    // The following tests are run for both hdfs and local store to test the
    // update blob interface
    metadata = new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING);
    LOG.info("Creating test again");
    try (AtomicOutputStream out = store.createBlob("test", metadata, null)) {
        out.write(2);
    }
    assertStoreHasExactly(store, "test");
    if (store instanceof LocalFsBlobStore) {
        assertTrue("ACL does not contain WORLD_EVERYTHING", metadata.toString().contains("AccessControl(type:OTHER, access:7)"));
    }
    readAssertEquals(store, "test", 2);
    LOG.info("Updating test");
    try (AtomicOutputStream out = store.updateBlob("test", null)) {
        out.write(3);
    }
    assertStoreHasExactly(store, "test");
    readAssertEquals(store, "test", 3);
    LOG.info("Updating test again");
    try (AtomicOutputStream out = store.updateBlob("test", null)) {
        out.write(4);
        out.flush();
        LOG.info("SLEEPING");
        Thread.sleep(2);
    }
    // acls for the blob are set to DEFAULT (Empty ACL List) only for LocalFsBlobstore
    if (store instanceof LocalFsBlobStore) {
        metadata = new SettableBlobMeta(BlobStoreAclHandler.DEFAULT);
        LOG.info("Creating test for empty acls when security is off");
        try (AtomicOutputStream out = store.createBlob("test-empty-acls", metadata, null)) {
            LOG.info("metadata {}", metadata);
            out.write(2);
        }
        assertStoreHasExactly(store, "test-empty-acls", "test");
        // Testing whether acls are set to WORLD_EVERYTHING, Here we are testing only for LocalFsBlobstore
        // as the HdfsBlobstore gets the subject information of the local system user and behaves as it is
        // always authenticated.
        assertTrue("ACL does not contain WORLD_EVERYTHING", metadata.get_acl().toString().contains("OTHER"));
        LOG.info("Deleting test-empty-acls");
        store.deleteBlob("test-empty-acls", null);
    }
    if (store instanceof LocalFsBlobStore) {
        ((LocalFsBlobStore) store).fullCleanup(1);
    } else {
        fail("Error the blobstore is of unknowntype");
    }
}
Also used : SettableBlobMeta(org.apache.storm.generated.SettableBlobMeta)

Example 35 with SettableBlobMeta

use of org.apache.storm.generated.SettableBlobMeta in project storm by apache.

the class BlobStoreTest method testWithAuthentication.

// Check for Blobstore with authentication
public void testWithAuthentication(BlobStore store) throws Exception {
    //Test for Nimbus Admin
    Subject admin = getSubject("admin");
    assertStoreHasExactly(store);
    SettableBlobMeta metadata = new SettableBlobMeta(BlobStoreAclHandler.DEFAULT);
    try (AtomicOutputStream out = store.createBlob("test", metadata, admin)) {
        assertStoreHasExactly(store, "test");
        out.write(1);
    }
    store.deleteBlob("test", admin);
    //Test for Supervisor Admin
    Subject supervisor = getSubject("supervisor");
    assertStoreHasExactly(store);
    metadata = new SettableBlobMeta(BlobStoreAclHandler.DEFAULT);
    try (AtomicOutputStream out = store.createBlob("test", metadata, supervisor)) {
        assertStoreHasExactly(store, "test");
        out.write(1);
    }
    store.deleteBlob("test", supervisor);
    //Test for Nimbus itself as a user
    Subject nimbus = getNimbusSubject();
    assertStoreHasExactly(store);
    metadata = new SettableBlobMeta(BlobStoreAclHandler.DEFAULT);
    try (AtomicOutputStream out = store.createBlob("test", metadata, nimbus)) {
        assertStoreHasExactly(store, "test");
        out.write(1);
    }
    store.deleteBlob("test", nimbus);
    // Test with a dummy test_subject for cases where subject !=null (security turned on)
    Subject who = getSubject("test_subject");
    assertStoreHasExactly(store);
    // Tests for case when subject != null (security turned on) and
    // acls for the blob are set to WORLD_EVERYTHING
    metadata = new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING);
    try (AtomicOutputStream out = store.createBlob("test", metadata, who)) {
        out.write(1);
    }
    assertStoreHasExactly(store, "test");
    // Testing whether acls are set to WORLD_EVERYTHING
    assertTrue("ACL does not contain WORLD_EVERYTHING", metadata.toString().contains("AccessControl(type:OTHER, access:7)"));
    readAssertEqualsWithAuth(store, who, "test", 1);
    LOG.info("Deleting test");
    store.deleteBlob("test", who);
    assertStoreHasExactly(store);
    // Tests for case when subject != null (security turned on) and
    // acls are not set for the blob (DEFAULT)
    LOG.info("Creating test again");
    metadata = new SettableBlobMeta(BlobStoreAclHandler.DEFAULT);
    try (AtomicOutputStream out = store.createBlob("test", metadata, who)) {
        out.write(2);
    }
    assertStoreHasExactly(store, "test");
    // Testing whether acls are set to WORLD_EVERYTHING. Here the acl should not contain WORLD_EVERYTHING because
    // the subject is neither null nor empty. The ACL should however contain USER_EVERYTHING as user needs to have
    // complete access to the blob
    assertTrue("ACL does not contain WORLD_EVERYTHING", !metadata.toString().contains("AccessControl(type:OTHER, access:7)"));
    readAssertEqualsWithAuth(store, who, "test", 2);
    LOG.info("Updating test");
    try (AtomicOutputStream out = store.updateBlob("test", who)) {
        out.write(3);
    }
    assertStoreHasExactly(store, "test");
    readAssertEqualsWithAuth(store, who, "test", 3);
    LOG.info("Updating test again");
    try (AtomicOutputStream out = store.updateBlob("test", who)) {
        out.write(4);
        out.flush();
        LOG.info("SLEEPING");
        Thread.sleep(2);
        assertStoreHasExactly(store, "test");
        readAssertEqualsWithAuth(store, who, "test", 3);
    }
    // Test for subject with no principals and acls set to WORLD_EVERYTHING
    who = new Subject();
    metadata = new SettableBlobMeta(BlobStoreAclHandler.WORLD_EVERYTHING);
    LOG.info("Creating test");
    try (AtomicOutputStream out = store.createBlob("test-empty-subject-WE", metadata, who)) {
        out.write(2);
    }
    assertStoreHasExactly(store, "test-empty-subject-WE", "test");
    // Testing whether acls are set to WORLD_EVERYTHING
    assertTrue("ACL does not contain WORLD_EVERYTHING", metadata.toString().contains("AccessControl(type:OTHER, access:7)"));
    readAssertEqualsWithAuth(store, who, "test-empty-subject-WE", 2);
    // Test for subject with no principals and acls set to DEFAULT
    who = new Subject();
    metadata = new SettableBlobMeta(BlobStoreAclHandler.DEFAULT);
    LOG.info("Creating other");
    try (AtomicOutputStream out = store.createBlob("test-empty-subject-DEF", metadata, who)) {
        out.write(2);
    }
    assertStoreHasExactly(store, "test-empty-subject-DEF", "test", "test-empty-subject-WE");
    // Testing whether acls are set to WORLD_EVERYTHING
    assertTrue("ACL does not contain WORLD_EVERYTHING", metadata.toString().contains("AccessControl(type:OTHER, access:7)"));
    readAssertEqualsWithAuth(store, who, "test-empty-subject-DEF", 2);
    if (store instanceof LocalFsBlobStore) {
        ((LocalFsBlobStore) store).fullCleanup(1);
    } else {
        fail("Error the blobstore is of unknowntype");
    }
}
Also used : SettableBlobMeta(org.apache.storm.generated.SettableBlobMeta) Subject(javax.security.auth.Subject)

Aggregations

SettableBlobMeta (org.apache.storm.generated.SettableBlobMeta)38 IOException (java.io.IOException)16 Test (org.junit.Test)12 ReadableBlobMeta (org.apache.storm.generated.ReadableBlobMeta)10 AccessControl (org.apache.storm.generated.AccessControl)8 File (java.io.File)6 AtomicOutputStream (org.apache.storm.blobstore.AtomicOutputStream)5 Subject (javax.security.auth.Subject)4 BlobStoreFile (org.apache.storm.blobstore.BlobStoreFile)4 FileInputStream (java.io.FileInputStream)3 OutputStream (java.io.OutputStream)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 List (java.util.List)2 Map (java.util.Map)2 FileSystem (org.apache.hadoop.fs.FileSystem)2 BufferedInputStream (java.io.BufferedInputStream)1 LinkedList (java.util.LinkedList)1 Path (org.apache.hadoop.fs.Path)1 BlobStore (org.apache.storm.blobstore.BlobStore)1