You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ae...@apache.org on 2018/01/30 19:29:05 UTC
[26/37] hadoop git commit: HDFS-12974. Exception message is not
printed when creating an encryption zone fails with AuthorizationException.
Contributed by fang zhenyi.
HDFS-12974. Exception message is not printed when creating an encryption zone fails with AuthorizationException. Contributed by fang zhenyi.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/b63dcd58
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/b63dcd58
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/b63dcd58
Branch: refs/heads/HDFS-7240
Commit: b63dcd583f0b98e785831004f41bd7c7de8b3c18
Parents: 6bc2f7f
Author: Xiao Chen <xi...@apache.org>
Authored: Sun Jan 28 22:15:58 2018 -0800
Committer: Xiao Chen <xi...@apache.org>
Committed: Sun Jan 28 22:19:49 2018 -0800
----------------------------------------------------------------------
.../authorize/AuthorizationException.java | 6 ++--
.../namenode/EncryptionFaultInjector.java | 3 ++
.../server/namenode/FSDirEncryptionZoneOp.java | 1 +
.../apache/hadoop/hdfs/TestEncryptionZones.java | 31 +++++++++++++++++++-
4 files changed, 38 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/b63dcd58/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
index 03f4d99..79c7d18 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
@@ -64,17 +64,19 @@ public class AuthorizationException extends AccessControlException {
@Override
public void printStackTrace() {
- // Do not provide the stack-trace
+ printStackTrace(System.err);
}
@Override
public void printStackTrace(PrintStream s) {
// Do not provide the stack-trace
+ s.println(this);
}
@Override
public void printStackTrace(PrintWriter s) {
// Do not provide the stack-trace
+ s.println(this);
}
-
+
}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/b63dcd58/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java
index e4a035e..938eacd 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java
@@ -51,4 +51,7 @@ public class EncryptionFaultInjector {
@VisibleForTesting
public void reencryptUpdaterProcessCheckpoint() throws IOException {}
+
+ @VisibleForTesting
+ public void ensureKeyIsInitialized() throws IOException {}
}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/b63dcd58/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java
index 7dcb8ab..943e60d 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java
@@ -121,6 +121,7 @@ final class FSDirEncryptionZoneOp {
throw new IOException("Must specify a key name when creating an "
+ "encryption zone");
}
+ EncryptionFaultInjector.getInstance().ensureKeyIsInitialized();
KeyProvider.Metadata metadata = provider.getMetadata(keyName);
if (metadata == null) {
/*
http://git-wip-us.apache.org/repos/asf/hadoop/blob/b63dcd58/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
index 4497e23..ea867a8 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
@@ -80,9 +80,11 @@ import org.apache.hadoop.hdfs.web.WebHdfsConstants;
import org.apache.hadoop.hdfs.web.WebHdfsFileSystem;
import org.apache.hadoop.hdfs.web.WebHdfsTestUtil;
import org.apache.hadoop.io.EnumSetWritable;
+import org.apache.hadoop.ipc.RemoteException;
import org.apache.hadoop.security.AccessControlException;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.util.DataChecksum;
import org.apache.hadoop.util.ToolRunner;
@@ -149,6 +151,9 @@ public class TestEncryptionZones {
private File testRootDir;
protected final String TEST_KEY = "test_key";
private static final String NS_METRICS = "FSNamesystem";
+ private static final String AUTHORIZATION_EXCEPTION_MESSAGE =
+ "User [root] is not authorized to perform [READ] on key " +
+ "with ACL name [key2]!!";
protected FileSystemTestWrapper fsWrapper;
protected FileContextTestWrapper fcWrapper;
@@ -447,7 +452,6 @@ public class TestEncryptionZones {
dfsAdmin.createEncryptionZone(zone2, myKeyName, NO_TRASH);
assertNumZones(++numZones);
assertZonePresent(myKeyName, zone2.toString());
-
/* Test failure of create encryption zones as a non super user. */
final UserGroupInformation user = UserGroupInformation.
createUserForTesting("user", new String[] { "mygroup" });
@@ -1057,6 +1061,31 @@ public class TestEncryptionZones {
}
}
+ private class AuthorizationExceptionInjector extends EncryptionFaultInjector {
+ @Override
+ public void ensureKeyIsInitialized() throws IOException {
+ throw new AuthorizationException(AUTHORIZATION_EXCEPTION_MESSAGE);
+ }
+ }
+
+ @Test
+ public void testExceptionInformationReturn() {
+ /* Test exception information can be returned when
+ creating transparent encryption zone.*/
+ final Path zone1 = new Path("/zone1");
+ EncryptionFaultInjector.instance = new AuthorizationExceptionInjector();
+ try {
+ dfsAdmin.createEncryptionZone(zone1, TEST_KEY, NO_TRASH);
+ fail("exception information can be returned when creating " +
+ "transparent encryption zone");
+ } catch (IOException e) {
+ assertTrue(e instanceof RemoteException);
+ assertTrue(((RemoteException) e).unwrapRemoteException()
+ instanceof AuthorizationException);
+ assertExceptionContains(AUTHORIZATION_EXCEPTION_MESSAGE, e);
+ }
+ }
+
private class MyInjector extends EncryptionFaultInjector {
volatile int generateCount;
CountDownLatch ready;
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org