Example 66 with ACL
use of org.apache.zookeeper.data.ACL in project zookeeper by apache.
the class ZooInspectorManagerImpl method getACLs.
/*
* (non-Javadoc)
*
* @see
* org.apache.zookeeper.inspector.manager.ZooInspectorReadOnlyManager#getACLs
* (java.lang.String)
*/
public List<Map<String, String>> getACLs(String nodePath) {
List<Map<String, String>> returnACLs = new ArrayList<Map<String, String>>();
if (connected) {
try {
if (nodePath.length() == 0) {
nodePath = "/";
}
Stat s = zooKeeper.exists(nodePath, false);
if (s != null) {
List<ACL> acls = zooKeeper.getACL(nodePath, s);
for (ACL acl : acls) {
Map<String, String> aclMap = new LinkedHashMap<String, String>();
aclMap.put(ACL_SCHEME, acl.getId().getScheme());
aclMap.put(ACL_ID, acl.getId().getId());
StringBuilder sb = new StringBuilder();
int perms = acl.getPerms();
boolean addedPerm = false;
if ((perms & Perms.READ) == Perms.READ) {
sb.append("Read");
addedPerm = true;
}
if (addedPerm) {
sb.append(", ");
}
if ((perms & Perms.WRITE) == Perms.WRITE) {
sb.append("Write");
addedPerm = true;
}
if (addedPerm) {
sb.append(", ");
}
if ((perms & Perms.CREATE) == Perms.CREATE) {
sb.append("Create");
addedPerm = true;
}
if (addedPerm) {
sb.append(", ");
}
if ((perms & Perms.DELETE) == Perms.DELETE) {
sb.append("Delete");
addedPerm = true;
}
if (addedPerm) {
sb.append(", ");
}
if ((perms & Perms.ADMIN) == Perms.ADMIN) {
sb.append("Admin");
addedPerm = true;
}
aclMap.put(ACL_PERMS, sb.toString());
returnACLs.add(aclMap);
}
}
} catch (InterruptedException e) {
LoggerFactory.getLogger().error("Error occurred retrieving ACLs of node: " + nodePath, e);
} catch (KeeperException e) {
LoggerFactory.getLogger().error("Error occurred retrieving ACLs of node: " + nodePath, e);
}
}
return returnACLs;
}
Also used :
ArrayList(java.util.ArrayList)
ACL(org.apache.zookeeper.data.ACL)
LinkedHashMap(java.util.LinkedHashMap)
Stat(org.apache.zookeeper.data.Stat)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
KeeperException(org.apache.zookeeper.KeeperException)
Example 67 with ACL
use of org.apache.zookeeper.data.ACL in project hbase by apache.
the class TestZooKeeperACL method testHBaseMasterServerZNodeACL.
/**
* When authentication is enabled on ZooKeeper, /hbase/master should be
* created with 2 ACLs: one specifies that the hbase user has full access
* to the node; the other, that it is world-readable.
*/
@Test(timeout = 30000)
public void testHBaseMasterServerZNodeACL() throws Exception {
if (!secureZKAvailable) {
return;
}
List<ACL> acls = zkw.getRecoverableZooKeeper().getZooKeeper().getACL("/hbase/master", new Stat());
assertEquals(acls.size(), 2);
boolean foundWorldReadableAcl = false;
boolean foundHBaseOwnerAcl = false;
for (int i = 0; i < 2; i++) {
if (acls.get(i).getId().getScheme().equals("world") == true) {
assertEquals(acls.get(0).getId().getId(), "anyone");
assertEquals(acls.get(0).getPerms(), ZooDefs.Perms.READ);
foundWorldReadableAcl = true;
} else {
if (acls.get(i).getId().getScheme().equals("sasl") == true) {
assertEquals(acls.get(1).getId().getId(), "hbase");
assertEquals(acls.get(1).getId().getScheme(), "sasl");
foundHBaseOwnerAcl = true;
} else {
// error: should not get here: test fails.
assertTrue(false);
}
}
}
assertTrue(foundWorldReadableAcl);
assertTrue(foundHBaseOwnerAcl);
}Example 68 with ACL
use of org.apache.zookeeper.data.ACL in project zookeeper by apache.
the class ReferenceCountedACLCache method serialize.
public synchronized void serialize(OutputArchive oa) throws IOException {
oa.writeInt(longKeyMap.size(), "map");
Set<Map.Entry<Long, List<ACL>>> set = longKeyMap.entrySet();
for (Map.Entry<Long, List<ACL>> val : set) {
oa.writeLong(val.getKey(), "long");
List<ACL> aclList = val.getValue();
oa.startVector(aclList, "acls");
for (ACL acl : aclList) {
acl.serialize(oa, "acl");
}
oa.endVector(aclList, "acls");
}
}Example 69 with ACL
use of org.apache.zookeeper.data.ACL in project zookeeper by apache.
the class ReferenceCountedACLCache method deserialize.
public synchronized void deserialize(InputArchive ia) throws IOException {
clear();
int i = ia.readInt("map");
while (i > 0) {
Long val = ia.readLong("long");
if (aclIndex < val) {
aclIndex = val;
}
List<ACL> aclList = new ArrayList<ACL>();
Index j = ia.startVector("acls");
while (!j.done()) {
ACL acl = new ACL();
acl.deserialize(ia, "acl");
aclList.add(acl);
j.incr();
}
longKeyMap.put(val, aclList);
aclKeyMap.put(aclList, val);
referenceCounter.put(val, new AtomicLongWithEquals(0));
i--;
}
}
Also used :
AtomicLong(java.util.concurrent.atomic.AtomicLong)
ArrayList(java.util.ArrayList)
ACL(org.apache.zookeeper.data.ACL)
Index(org.apache.jute.Index)
Example 70 with ACL
use of org.apache.zookeeper.data.ACL in project zookeeper by apache.
the class SaslAuthDesignatedClientTest method testReadAccessUser.
@Test
public void testReadAccessUser() throws Exception {
System.setProperty("zookeeper.letAnySaslUserDoX", "anyone");
ZooKeeper zk = createClient();
List<ACL> aclList = new ArrayList<ACL>();
ACL acl = new ACL(Perms.ADMIN | Perms.CREATE | Perms.WRITE | Perms.DELETE, new Id("sasl", "fakeuser"));
ACL acl1 = new ACL(Perms.READ, new Id("sasl", "anyone"));
aclList.add(acl);
aclList.add(acl1);
try {
zk.create("/abc", "testData".getBytes(), aclList, CreateMode.PERSISTENT);
} catch (KeeperException e) {
Assert.fail("Unable to create znode");
}
zk.close();
Thread.sleep(100);
// try to access it with different user (myuser)
zk = createClient();
try {
zk.setData("/abc", "testData1".getBytes(), -1);
Assert.fail("Should not be able to set data");
} catch (KeeperException.NoAuthException e) {
// success
}
try {
byte[] bytedata = zk.getData("/abc", null, null);
String data = new String(bytedata);
Assert.assertTrue("testData".equals(data));
} catch (KeeperException e) {
Assert.fail("failed to get data");
}
zk.close();
Thread.sleep(100);
// disable Client Sasl
System.setProperty(ZKClientConfig.ENABLE_CLIENT_SASL_KEY, "false");
try {
zk = createClient();
try {
zk.getData("/abc", null, null);
Assert.fail("Should not be able to read data when not authenticated");
} catch (KeeperException.NoAuthException e) {
// success
}
zk.close();
} finally {
// enable Client Sasl
System.setProperty(ZKClientConfig.ENABLE_CLIENT_SASL_KEY, "true");
}
}Aggregations
ACL (org.apache.zookeeper.data.ACL)108
Id (org.apache.zookeeper.data.Id)43
Test (org.junit.Test)43
ArrayList (java.util.ArrayList)33
Stat (org.apache.zookeeper.data.Stat)19
KeeperException (org.apache.zookeeper.KeeperException)17
Configuration (org.apache.hadoop.conf.Configuration)10
ZooKeeper (org.apache.zookeeper.ZooKeeper)10
Test (org.testng.annotations.Test)9
CuratorFramework (org.apache.curator.framework.CuratorFramework)8
IOException (java.io.IOException)6
File (java.io.File)5
ACLProvider (org.apache.curator.framework.api.ACLProvider)5
TestableZooKeeper (org.apache.zookeeper.TestableZooKeeper)5
HashMap (java.util.HashMap)4
List (java.util.List)4
Map (java.util.Map)4
ByteArrayInputStream (java.io.ByteArrayInputStream)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)3
HBaseConfiguration (org.apache.hadoop.hbase.HBaseConfiguration)3
