You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by vi...@apache.org on 2014/03/06 21:06:24 UTC
[1/3] git commit: Revert "ACCUMULO-2316 No more namespacenotfound for
table requests"
Repository: accumulo
Updated Branches:
refs/heads/master 384bc842d -> 6ba354d25
Revert "ACCUMULO-2316 No more namespacenotfound for table requests"
This reverts commit 98e374b0ea342136d4ef68cd3a266653ea07de11.
Conflicts:
test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/5c0ca2cb
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/5c0ca2cb
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/5c0ca2cb
Branch: refs/heads/master
Commit: 5c0ca2cb78f11efb9a46ec328c633aa7a79f34ba
Parents: 75c3f28
Author: John Vines <vi...@apache.org>
Authored: Wed Mar 5 16:30:42 2014 -0500
Committer: John Vines <vi...@apache.org>
Committed: Thu Mar 6 12:18:53 2014 -0500
----------------------------------------------------------------------
.../client/admin/SecurityOperationsImpl.java | 4 ----
.../server/client/ClientServiceHandler.java | 19 ++++++++-----------
.../accumulo/master/FateServiceHandler.java | 12 ++++++------
.../master/MasterClientServiceHandler.java | 4 ++--
.../org/apache/accumulo/test/NamespacesIT.java | 5 +++--
5 files changed, 19 insertions(+), 25 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/5c0ca2cb/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java b/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
index 17feb9b..ebd79ad 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
@@ -53,8 +53,6 @@ public class SecurityOperationsImpl implements SecurityOperations {
// recast missing table
if (ttoe.getType() == TableOperationExceptionType.NOTFOUND)
throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST);
- else if (ttoe.getType() == TableOperationExceptionType.NAMESPACE_NOTFOUND)
- throw new AccumuloSecurityException(null, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
else
throw new AccumuloException(ttoe);
} catch (ThriftSecurityException e) {
@@ -73,8 +71,6 @@ public class SecurityOperationsImpl implements SecurityOperations {
// recast missing table
if (ttoe.getType() == TableOperationExceptionType.NOTFOUND)
throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST);
- else if (ttoe.getType() == TableOperationExceptionType.NAMESPACE_NOTFOUND)
- throw new AccumuloSecurityException(null, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
else
throw new AccumuloException(ttoe);
} catch (ThriftSecurityException e) {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/5c0ca2cb/server/base/src/main/java/org/apache/accumulo/server/client/ClientServiceHandler.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/client/ClientServiceHandler.java b/server/base/src/main/java/org/apache/accumulo/server/client/ClientServiceHandler.java
index d62ccc1..3571d7f 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/client/ClientServiceHandler.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/client/ClientServiceHandler.java
@@ -80,15 +80,12 @@ public class ClientServiceHandler implements ClientService.Iface {
this.fs = fs;
}
- public static String checkTableId(Instance instance, String tableName, TableOperation operation, boolean allowNamespaceNotFound) throws ThriftTableOperationException {
+ public static String checkTableId(Instance instance, String tableName, TableOperation operation) throws ThriftTableOperationException {
TableOperationExceptionType reason = null;
try {
return Tables._getTableId(instance, tableName);
} catch (NamespaceNotFoundException e) {
- if (allowNamespaceNotFound)
- reason = TableOperationExceptionType.NAMESPACE_NOTFOUND;
- else
- reason = TableOperationExceptionType.NOTFOUND;
+ reason = TableOperationExceptionType.NAMESPACE_NOTFOUND;
} catch (TableNotFoundException e) {
reason = TableOperationExceptionType.NOTFOUND;
}
@@ -185,7 +182,7 @@ public class ClientServiceHandler implements ClientService.Iface {
@Override
public void grantTablePermission(TInfo tinfo, TCredentials credentials, String user, String tableName, byte permission) throws ThriftSecurityException,
ThriftTableOperationException {
- String tableId = checkTableId(instance, tableName, TableOperation.PERMISSION, false);
+ String tableId = checkTableId(instance, tableName, TableOperation.PERMISSION);
String namespaceId = Tables.getNamespaceId(instance, tableId);
security.grantTablePermission(credentials, user, tableId, TablePermission.getPermissionById(permission), namespaceId);
@@ -206,7 +203,7 @@ public class ClientServiceHandler implements ClientService.Iface {
@Override
public void revokeTablePermission(TInfo tinfo, TCredentials credentials, String user, String tableName, byte permission) throws ThriftSecurityException,
ThriftTableOperationException {
- String tableId = checkTableId(instance, tableName, TableOperation.PERMISSION, false);
+ String tableId = checkTableId(instance, tableName, TableOperation.PERMISSION);
String namespaceId = Tables.getNamespaceId(instance, tableId);
security.revokeTablePermission(credentials, user, tableId, TablePermission.getPermissionById(permission), namespaceId);
@@ -220,7 +217,7 @@ public class ClientServiceHandler implements ClientService.Iface {
@Override
public boolean hasTablePermission(TInfo tinfo, TCredentials credentials, String user, String tableName, byte tblPerm) throws ThriftSecurityException,
ThriftTableOperationException {
- String tableId = checkTableId(instance, tableName, TableOperation.PERMISSION, false);
+ String tableId = checkTableId(instance, tableName, TableOperation.PERMISSION);
return security.hasTablePermission(credentials, user, tableId, TablePermission.getPermissionById(tblPerm));
}
@@ -271,7 +268,7 @@ public class ClientServiceHandler implements ClientService.Iface {
@Override
public Map<String,String> getTableConfiguration(TInfo tinfo, TCredentials credentials, String tableName) throws TException, ThriftTableOperationException {
- String tableId = checkTableId(instance, tableName, null, true);
+ String tableId = checkTableId(instance, tableName, null);
AccumuloConfiguration config = ServerConfiguration.getTableConfiguration(instance, tableId);
return conf(credentials, config);
}
@@ -334,7 +331,7 @@ public class ClientServiceHandler implements ClientService.Iface {
security.authenticateUser(credentials, credentials);
- String tableId = checkTableId(instance, tableName, null, true);
+ String tableId = checkTableId(instance, tableName, null);
ClassLoader loader = getClass().getClassLoader();
Class<?> shouldMatch;
@@ -406,7 +403,7 @@ public class ClientServiceHandler implements ClientService.Iface {
for (String table : tables) {
// ensure that table table exists
- String tableId = checkTableId(instance, table, null, true);
+ String tableId = checkTableId(instance, table, null);
tableIds.add(tableId);
String namespaceId = Tables.getNamespaceId(instance, tableId);
if (!security.canScan(credentials, tableId, namespaceId))
http://git-wip-us.apache.org/repos/asf/accumulo/blob/5c0ca2cb/server/master/src/main/java/org/apache/accumulo/master/FateServiceHandler.java
----------------------------------------------------------------------
diff --git a/server/master/src/main/java/org/apache/accumulo/master/FateServiceHandler.java b/server/master/src/main/java/org/apache/accumulo/master/FateServiceHandler.java
index 7e274c0..555e3e4 100644
--- a/server/master/src/main/java/org/apache/accumulo/master/FateServiceHandler.java
+++ b/server/master/src/main/java/org/apache/accumulo/master/FateServiceHandler.java
@@ -160,7 +160,7 @@ class FateServiceHandler implements FateService.Iface {
});
- String tableId = ClientServiceHandler.checkTableId(master.getInstance(), oldTableName, tableOp, true);
+ String tableId = ClientServiceHandler.checkTableId(master.getInstance(), oldTableName, tableOp);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canRenameTable(c, tableId, oldTableName, newTableName, namespaceId))
@@ -215,7 +215,7 @@ class FateServiceHandler implements FateService.Iface {
TableOperation tableOp = TableOperation.DELETE;
String tableName = validateTableNameArgument(arguments.get(0), tableOp, Tables.NOT_SYSTEM);
- final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp, true);
+ final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canDeleteTable(c, tableId, namespaceId))
@@ -251,7 +251,7 @@ class FateServiceHandler implements FateService.Iface {
Text startRow = ByteBufferUtil.toText(arguments.get(1));
Text endRow = ByteBufferUtil.toText(arguments.get(2));
- final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp, true);
+ final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canMerge(c, tableId, namespaceId))
@@ -267,7 +267,7 @@ class FateServiceHandler implements FateService.Iface {
Text startRow = ByteBufferUtil.toText(arguments.get(1));
Text endRow = ByteBufferUtil.toText(arguments.get(2));
- final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp, true);
+ final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canDeleteRange(c, tableId, tableName, startRow, endRow, namespaceId))
@@ -283,7 +283,7 @@ class FateServiceHandler implements FateService.Iface {
String failDir = ByteBufferUtil.toString(arguments.get(2));
boolean setTime = Boolean.parseBoolean(ByteBufferUtil.toString(arguments.get(3)));
- final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp, true);
+ final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canBulkImport(c, tableId, tableName, dir, failDir, namespaceId))
@@ -339,7 +339,7 @@ class FateServiceHandler implements FateService.Iface {
String tableName = validateTableNameArgument(arguments.get(0), tableOp, Tables.NOT_SYSTEM);
String exportDir = ByteBufferUtil.toString(arguments.get(1));
- String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp, true);
+ String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, tableOp);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canExport(c, tableId, tableName, exportDir, namespaceId))
http://git-wip-us.apache.org/repos/asf/accumulo/blob/5c0ca2cb/server/master/src/main/java/org/apache/accumulo/master/MasterClientServiceHandler.java
----------------------------------------------------------------------
diff --git a/server/master/src/main/java/org/apache/accumulo/master/MasterClientServiceHandler.java b/server/master/src/main/java/org/apache/accumulo/master/MasterClientServiceHandler.java
index 847cd80..8023169 100644
--- a/server/master/src/main/java/org/apache/accumulo/master/MasterClientServiceHandler.java
+++ b/server/master/src/main/java/org/apache/accumulo/master/MasterClientServiceHandler.java
@@ -434,7 +434,7 @@ class MasterClientServiceHandler extends FateServiceHandler implements MasterCli
private void alterTableProperty(TCredentials c, String tableName, String property, String value, TableOperation op) throws ThriftSecurityException,
ThriftTableOperationException {
- final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, op, false);
+ final String tableId = ClientServiceHandler.checkTableId(master.getInstance(), tableName, op);
String namespaceId = Tables.getNamespaceId(master.getInstance(), tableId);
if (!master.security.canAlterTable(c, tableId, namespaceId))
throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
@@ -447,7 +447,7 @@ class MasterClientServiceHandler extends FateServiceHandler implements MasterCli
}
} catch (KeeperException.NoNodeException e) {
// race condition... table no longer exists? This call will throw an exception if the table was deleted:
- ClientServiceHandler.checkTableId(master.getInstance(), tableName, op, true);
+ ClientServiceHandler.checkTableId(master.getInstance(), tableName, op);
log.info("Error altering table property", e);
throw new ThriftTableOperationException(tableId, tableName, op, TableOperationExceptionType.OTHER, "Problem altering table property");
} catch (Exception e) {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/5c0ca2cb/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java b/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
index 643e81a..cd9ec2a 100644
--- a/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
@@ -885,7 +885,8 @@ public class NamespacesIT extends SimpleMacIT {
}
} catch (Exception e) {
numRun++;
- if (!(e instanceof TableNotFoundException || (e instanceof AccumuloException && e.getCause() instanceof TableNotFoundException)))
+ if (!(e instanceof AccumuloException) || !(e.getCause() instanceof TableNotFoundException)
+ || !(e.getCause().getCause() instanceof NamespaceNotFoundException))
throw new Exception("Case " + i + " resulted in " + e.getClass().getName(), e);
}
@@ -989,7 +990,7 @@ public class NamespacesIT extends SimpleMacIT {
}
} catch (Exception e) {
numRun++;
- if (!(e instanceof TableNotFoundException) && !(e.getCause() instanceof NamespaceNotFoundException))
+ if (!(e instanceof TableNotFoundException) || !(e.getCause() instanceof NamespaceNotFoundException))
throw new Exception("Case " + i + " resulted in " + e.getClass().getName(), e);
}
}
[2/3] git commit: ACCUMULO-2316 a simpler approach for property
security exceptions
Posted by vi...@apache.org.
ACCUMULO-2316 a simpler approach for property security exceptions
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/68afb1ef
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/68afb1ef
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/68afb1ef
Branch: refs/heads/master
Commit: 68afb1efb85b80068bbe67b30a4b9aba41c502c1
Parents: 5c0ca2c
Author: John Vines <vi...@apache.org>
Authored: Thu Mar 6 14:02:59 2014 -0500
Committer: John Vines <vi...@apache.org>
Committed: Thu Mar 6 14:02:59 2014 -0500
----------------------------------------------------------------------
.../client/admin/SecurityOperationsImpl.java | 61 +++++++++----
.../org/apache/accumulo/test/NamespacesIT.java | 95 ++++++++++++++++++++
2 files changed, 138 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/68afb1ef/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java b/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
index ebd79ad..9d662f4 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
@@ -53,6 +53,8 @@ public class SecurityOperationsImpl implements SecurityOperations {
// recast missing table
if (ttoe.getType() == TableOperationExceptionType.NOTFOUND)
throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST);
+ else if (ttoe.getType() == TableOperationExceptionType.NAMESPACE_NOTFOUND)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
else
throw new AccumuloException(ttoe);
} catch (ThriftSecurityException e) {
@@ -71,6 +73,8 @@ public class SecurityOperationsImpl implements SecurityOperations {
// recast missing table
if (ttoe.getType() == TableOperationExceptionType.NOTFOUND)
throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST);
+ else if (ttoe.getType() == TableOperationExceptionType.NAMESPACE_NOTFOUND)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
else
throw new AccumuloException(ttoe);
} catch (ThriftSecurityException e) {
@@ -199,12 +203,19 @@ public class SecurityOperationsImpl implements SecurityOperations {
@Override
public boolean hasTablePermission(final String principal, final String table, final TablePermission perm) throws AccumuloException, AccumuloSecurityException {
ArgumentChecker.notNull(principal, table, perm);
- return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
- @Override
- public Boolean execute(ClientService.Client client) throws Exception {
- return client.hasTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, perm.getId());
- }
- });
+ try {
+ return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
+ @Override
+ public Boolean execute(ClientService.Client client) throws Exception {
+ return client.hasTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, perm.getId());
+ }
+ });
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
+ else
+ throw e;
+ }
}
@Override
@@ -234,12 +245,19 @@ public class SecurityOperationsImpl implements SecurityOperations {
public void grantTablePermission(final String principal, final String table, final TablePermission permission) throws AccumuloException,
AccumuloSecurityException {
ArgumentChecker.notNull(principal, table, permission);
- execute(new ClientExec<ClientService.Client>() {
- @Override
- public void execute(ClientService.Client client) throws Exception {
- client.grantTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
- }
- });
+ try {
+ execute(new ClientExec<ClientService.Client>() {
+ @Override
+ public void execute(ClientService.Client client) throws Exception {
+ client.grantTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
+ }
+ });
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
+ else
+ throw e;
+ }
}
@Override
@@ -269,12 +287,19 @@ public class SecurityOperationsImpl implements SecurityOperations {
public void revokeTablePermission(final String principal, final String table, final TablePermission permission) throws AccumuloException,
AccumuloSecurityException {
ArgumentChecker.notNull(principal, table, permission);
- execute(new ClientExec<ClientService.Client>() {
- @Override
- public void execute(ClientService.Client client) throws Exception {
- client.revokeTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
- }
- });
+ try {
+ execute(new ClientExec<ClientService.Client>() {
+ @Override
+ public void execute(ClientService.Client client) throws Exception {
+ client.revokeTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
+ }
+ });
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
+ else
+ throw e;
+ }
}
@Override
http://git-wip-us.apache.org/repos/asf/accumulo/blob/68afb1ef/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java b/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
index cd9ec2a..a8d5f7f 100644
--- a/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/NamespacesIT.java
@@ -70,6 +70,7 @@ import org.apache.accumulo.core.metadata.RootTable;
import org.apache.accumulo.core.security.Authorizations;
import org.apache.accumulo.core.security.NamespacePermission;
import org.apache.accumulo.core.security.SystemPermission;
+import org.apache.accumulo.core.security.TablePermission;
import org.apache.accumulo.core.util.UtilWaitThread;
import org.apache.accumulo.examples.simple.constraints.NumericValueConstraint;
import org.apache.accumulo.test.functional.SimpleMacIT;
@@ -825,6 +826,100 @@ public class NamespacesIT extends SimpleMacIT {
}
@Test
+ public void testModifyingPermissions() throws Exception {
+ String tableName = namespace + ".modify";
+ c.namespaceOperations().create(namespace);
+ c.tableOperations().create(tableName);
+ assertTrue(c.securityOperations().hasTablePermission(c.whoami(), tableName, TablePermission.READ));
+ c.securityOperations().revokeTablePermission(c.whoami(), tableName, TablePermission.READ);
+ assertFalse(c.securityOperations().hasTablePermission(c.whoami(), tableName, TablePermission.READ));
+ c.securityOperations().grantTablePermission(c.whoami(), tableName, TablePermission.READ);
+ assertTrue(c.securityOperations().hasTablePermission(c.whoami(), tableName, TablePermission.READ));
+ c.tableOperations().delete(tableName);
+
+ try {
+ c.securityOperations().hasTablePermission(c.whoami(), tableName, TablePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().grantTablePermission(c.whoami(), tableName, TablePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().revokeTablePermission(c.whoami(), tableName, TablePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ assertTrue(c.securityOperations().hasNamespacePermission(c.whoami(), namespace, NamespacePermission.READ));
+ c.securityOperations().revokeNamespacePermission(c.whoami(), namespace, NamespacePermission.READ);
+ assertFalse(c.securityOperations().hasNamespacePermission(c.whoami(), namespace, NamespacePermission.READ));
+ c.securityOperations().grantNamespacePermission(c.whoami(), namespace, NamespacePermission.READ);
+ assertTrue(c.securityOperations().hasNamespacePermission(c.whoami(), namespace, NamespacePermission.READ));
+
+ c.namespaceOperations().delete(namespace);
+
+ try {
+ c.securityOperations().hasTablePermission(c.whoami(), tableName, TablePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().grantTablePermission(c.whoami(), tableName, TablePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().revokeTablePermission(c.whoami(), tableName, TablePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().hasNamespacePermission(c.whoami(), namespace, NamespacePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.NAMESPACE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().grantNamespacePermission(c.whoami(), namespace, NamespacePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.NAMESPACE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ try {
+ c.securityOperations().revokeNamespacePermission(c.whoami(), namespace, NamespacePermission.READ);
+ fail();
+ } catch (Exception e) {
+ if (!(e instanceof AccumuloSecurityException) || !((AccumuloSecurityException) e).getSecurityErrorCode().equals(SecurityErrorCode.NAMESPACE_DOESNT_EXIST))
+ throw new Exception("Has permission resulted in " + e.getClass().getName(), e);
+ }
+
+ }
+
+ @Test
public void verifyTableOperationsExceptions() throws Exception {
String tableName = namespace + ".1";
IteratorSetting setting = new IteratorSetting(200, VersioningIterator.class);
[3/3] git commit: Merge branch '1.6.0-SNAPSHOT'
Posted by vi...@apache.org.
Merge branch '1.6.0-SNAPSHOT'
Conflicts:
core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/6ba354d2
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/6ba354d2
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/6ba354d2
Branch: refs/heads/master
Commit: 6ba354d25a008be58cd415afbd071a4ad865780f
Parents: 384bc84 68afb1e
Author: John Vines <vi...@apache.org>
Authored: Thu Mar 6 15:05:41 2014 -0500
Committer: John Vines <vi...@apache.org>
Committed: Thu Mar 6 15:05:41 2014 -0500
----------------------------------------------------------------------
.../client/admin/SecurityOperationsImpl.java | 57 +++++++----
.../server/client/ClientServiceHandler.java | 19 ++--
.../accumulo/master/FateServiceHandler.java | 12 +--
.../master/MasterClientServiceHandler.java | 4 +-
.../org/apache/accumulo/test/NamespacesIT.java | 100 ++++++++++++++++++-
5 files changed, 153 insertions(+), 39 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6ba354d2/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
----------------------------------------------------------------------
diff --cc core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
index f97e2b6,9d662f4..20c3768
--- a/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
@@@ -208,15 -202,20 +208,22 @@@ public class SecurityOperationsImpl imp
@Override
public boolean hasTablePermission(final String principal, final String table, final TablePermission perm) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(principal, table, perm);
+ checkArgument(principal != null, "principal is null");
+ checkArgument(table != null, "table is null");
+ checkArgument(perm != null, "perm is null");
- return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
- @Override
- public Boolean execute(ClientService.Client client) throws Exception {
- return client.hasTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, perm.getId());
- }
- });
+ try {
+ return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
+ @Override
+ public Boolean execute(ClientService.Client client) throws Exception {
+ return client.hasTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, perm.getId());
+ }
+ });
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
+ else
+ throw e;
+ }
}
@Override
@@@ -248,15 -244,20 +255,22 @@@
@Override
public void grantTablePermission(final String principal, final String table, final TablePermission permission) throws AccumuloException,
AccumuloSecurityException {
- ArgumentChecker.notNull(principal, table, permission);
+ checkArgument(principal != null, "principal is null");
+ checkArgument(table != null, "table is null");
+ checkArgument(permission != null, "permission is null");
- execute(new ClientExec<ClientService.Client>() {
- @Override
- public void execute(ClientService.Client client) throws Exception {
- client.grantTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
- }
- });
+ try {
+ execute(new ClientExec<ClientService.Client>() {
+ @Override
+ public void execute(ClientService.Client client) throws Exception {
+ client.grantTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
+ }
+ });
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
+ else
+ throw e;
+ }
}
@Override
@@@ -288,15 -286,20 +302,22 @@@
@Override
public void revokeTablePermission(final String principal, final String table, final TablePermission permission) throws AccumuloException,
AccumuloSecurityException {
- ArgumentChecker.notNull(principal, table, permission);
+ checkArgument(principal != null, "principal is null");
+ checkArgument(table != null, "table is null");
+ checkArgument(permission != null, "permission is null");
- execute(new ClientExec<ClientService.Client>() {
- @Override
- public void execute(ClientService.Client client) throws Exception {
- client.revokeTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
- }
- });
+ try {
+ execute(new ClientExec<ClientService.Client>() {
+ @Override
+ public void execute(ClientService.Client client) throws Exception {
+ client.revokeTablePermission(Tracer.traceInfo(), credentials.toThrift(instance), principal, table, permission.getId());
+ }
+ });
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() == org.apache.accumulo.core.client.security.SecurityErrorCode.NAMESPACE_DOESNT_EXIST)
+ throw new AccumuloSecurityException(null, SecurityErrorCode.TABLE_DOESNT_EXIST, e);
+ else
+ throw e;
+ }
}
@Override
http://git-wip-us.apache.org/repos/asf/accumulo/blob/6ba354d2/server/master/src/main/java/org/apache/accumulo/master/FateServiceHandler.java
----------------------------------------------------------------------