Examples with ACL org.apache.zookeeper.data.ACL used on opensource projects

Example 91 with ACL

use of org.apache.zookeeper.data.ACL in project helios by spotify.

the class RuleBasedZooKeeperAclProvider method getAclForPath.

@Override
public List<ACL> getAclForPath(final String path) {
    // id -> permissions
    final Map<Id, Integer> matching = Maps.newHashMap();
    for (final Rule rule : rules) {
        if (rule.matches(path)) {
            final int existingPerms = matching.containsKey(rule.id) ? matching.get(rule.id) : 0;
            matching.put(rule.id, rule.perms | existingPerms);
        }
    }
    if (matching.isEmpty()) {
        return null;
    }
    final List<ACL> acls = Lists.newArrayList();
    for (final Map.Entry<Id, Integer> e : matching.entrySet()) {
        acls.add(new ACL(e.getValue(), e.getKey()));
    }
    return acls;
}

Example 92 with ACL

use of org.apache.zookeeper.data.ACL in project helios by spotify.

the class RuleBasedZooKeeperAclProviderTest method testSimple.

@Test
public void testSimple() {
    final Id id1 = new Id("some_scheme", "id1");
    final Id id2 = new Id("some_scheme", "id2");
    final RuleBasedZooKeeperAclProvider aclProvider = RuleBasedZooKeeperAclProvider.builder().rule("/foo/baz", DELETE, id1).rule("/foo/bar", CREATE, id1).rule("/foo/qux", READ | WRITE, id2).build();
    assertThat(aclProvider.getAclForPath("/foo/baz"), contains(new ACL(DELETE, id1)));
    assertThat(aclProvider.getAclForPath("/foo/bar"), contains(new ACL(CREATE, id1)));
    assertThat(aclProvider.getAclForPath("/foo/qux"), contains(new ACL(READ | WRITE, id2)));
}

Example 93 with ACL

use of org.apache.zookeeper.data.ACL in project hadoop by apache.

the class TestZKDelegationTokenSecretManager method testACLs.

@Test
public void testACLs() throws Exception {
    DelegationTokenManager tm1;
    String connectString = zkServer.getConnectString();
    Configuration conf = getSecretConf(connectString);
    RetryPolicy retryPolicy = new ExponentialBackoffRetry(1000, 3);
    String userPass = "myuser:mypass";
    final ACL digestACL = new ACL(ZooDefs.Perms.ALL, new Id("digest", DigestAuthenticationProvider.generateDigest(userPass)));
    ACLProvider digestAclProvider = new ACLProvider() {

        @Override
        public List<ACL> getAclForPath(String path) {
            return getDefaultAcl();
        }

        @Override
        public List<ACL> getDefaultAcl() {
            List<ACL> ret = new ArrayList<ACL>();
            ret.add(digestACL);
            return ret;
        }
    };
    CuratorFramework curatorFramework = CuratorFrameworkFactory.builder().connectString(connectString).retryPolicy(retryPolicy).aclProvider(digestAclProvider).authorization("digest", userPass.getBytes("UTF-8")).build();
    curatorFramework.start();
    ZKDelegationTokenSecretManager.setCurator(curatorFramework);
    tm1 = new DelegationTokenManager(conf, new Text("bla"));
    tm1.init();
    // check ACL
    String workingPath = conf.get(ZKDelegationTokenSecretManager.ZK_DTSM_ZNODE_WORKING_PATH);
    verifyACL(curatorFramework, "/" + workingPath, digestACL);
    tm1.destroy();
    ZKDelegationTokenSecretManager.setCurator(null);
    curatorFramework.close();
}

Example 94 with ACL

use of org.apache.zookeeper.data.ACL in project pulsar by yahoo.

the class MockedZooKeeperClientFactoryImpl method create.

@Override
public CompletableFuture<ZooKeeper> create(String serverList, SessionType sessionType, int zkSessionTimeoutMillis) {
    MockZooKeeper mockZooKeeper = MockZooKeeper.newInstance();
    // not used for mock mode
    List<ACL> dummyAclList = new ArrayList<ACL>(0);
    try {
        ZkUtils.createFullPathOptimistic(mockZooKeeper, "/ledgers/available/192.168.1.1:" + 5000, "".getBytes(ZookeeperClientFactoryImpl.ENCODING_SCHEME), dummyAclList, CreateMode.PERSISTENT);
        mockZooKeeper.create("/ledgers/LAYOUT", "1\nflat:1".getBytes(ZookeeperClientFactoryImpl.ENCODING_SCHEME), dummyAclList, CreateMode.PERSISTENT);
        return CompletableFuture.completedFuture(mockZooKeeper);
    } catch (KeeperException | InterruptedException e) {
        CompletableFuture<ZooKeeper> future = new CompletableFuture<>();
        future.completeExceptionally(e);
        return future;
    }
}

Example 95 with ACL

use of org.apache.zookeeper.data.ACL in project incubator-atlas by apache.

the class CuratorFactory method getAclProvider.

private ACLProvider getAclProvider(HAConfiguration.ZookeeperProperties zookeeperProperties) {
    ACLProvider aclProvider = null;
    if (zookeeperProperties.hasAcl()) {
        final ACL acl = AtlasZookeeperSecurityProperties.parseAcl(zookeeperProperties.getAcl());
        LOG.info("Setting ACL for id {} with scheme {} and perms {}.", getIdForLogging(acl.getId().getScheme(), acl.getId().getId()), acl.getId().getScheme(), acl.getPerms());
        LOG.info("Current logged in user: {}", getCurrentUser());
        final List<ACL> acls = Arrays.asList(acl);
        aclProvider = new ACLProvider() {

            @Override
            public List<ACL> getDefaultAcl() {
                return acls;
            }

            @Override
            public List<ACL> getAclForPath(String path) {
                return acls;
            }
        };
    }
    return aclProvider;
}