You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2013/12/05 00:58:12 UTC
[20/50] [abbrv] git commit: ACCUMULO-1479 added tests for the
namespace system permissions in PermissionsIT to keep it from failing,
already have tests in TableNamespacesIT
ACCUMULO-1479 added tests for the namespace system permissions in PermissionsIT to keep it from failing, already have tests in TableNamespacesIT
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/51f07eb9
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/51f07eb9
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/51f07eb9
Branch: refs/heads/1.6.0-SNAPSHOT
Commit: 51f07eb9d37926bb37f9715413290e0103e5365d
Parents: 9db79fc
Author: Sean Hickey <ta...@gmail.com>
Authored: Fri Aug 9 10:19:47 2013 -0400
Committer: Christopher Tubbs <ct...@apache.org>
Committed: Wed Dec 4 18:46:10 2013 -0500
----------------------------------------------------------------------
.../accumulo/test/functional/PermissionsIT.java | 93 +++++++++++++++++++-
1 file changed, 89 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/51f07eb9/test/src/test/java/org/apache/accumulo/test/functional/PermissionsIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/PermissionsIT.java b/test/src/test/java/org/apache/accumulo/test/functional/PermissionsIT.java
index b8e1a4f..b05ad18 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/PermissionsIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/PermissionsIT.java
@@ -34,6 +34,9 @@ import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.MutationsRejectedException;
import org.apache.accumulo.core.client.Scanner;
import org.apache.accumulo.core.client.TableExistsException;
+import org.apache.accumulo.core.client.TableNamespaceExistsException;
+import org.apache.accumulo.core.client.TableNamespaceNotEmptyException;
+import org.apache.accumulo.core.client.TableNamespaceNotFoundException;
import org.apache.accumulo.core.client.TableNotFoundException;
import org.apache.accumulo.core.client.security.SecurityErrorCode;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
@@ -105,8 +108,9 @@ public class PermissionsIT extends SimpleMacIT {
}
private static void testMissingSystemPermission(String tableNamePrefix, Connector root_conn, Connector test_user_conn, SystemPermission perm)
- throws AccumuloException, TableExistsException, AccumuloSecurityException, TableNotFoundException {
- String tableName, user, password = "password";
+ throws AccumuloException, TableExistsException, AccumuloSecurityException, TableNotFoundException, TableNamespaceExistsException,
+ TableNamespaceNotFoundException, TableNamespaceNotEmptyException {
+ String tableName, user, password = "password", tableNamespace;
log.debug("Confirming that the lack of the " + perm + " permission properly restricts the user");
// test permission prior to granting it
@@ -199,14 +203,66 @@ public class PermissionsIT extends SimpleMacIT {
case SYSTEM:
// test for system permission would go here
break;
+ case CREATE_NAMESPACE:
+ tableNamespace = "__CREATE_TABLE_NAMESPACE WITHOUT_PERM_TEST__";
+ try {
+ test_user_conn.tableNamespaceOperations().create(tableNamespace);
+ throw new IllegalStateException("Should NOT be able to create a table namespace");
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() != SecurityErrorCode.PERMISSION_DENIED || root_conn.tableNamespaceOperations().list().contains(tableNamespace))
+ throw e;
+ }
+ break;
+ case DROP_NAMESPACE:
+ tableNamespace = "__DROP_TABLE_NAMESPACE_WITHOUT_PERM_TEST__";
+ root_conn.tableNamespaceOperations().create(tableNamespace);
+ try {
+ test_user_conn.tableNamespaceOperations().delete(tableNamespace);
+ throw new IllegalStateException("Should NOT be able to delete a table namespace");
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() != SecurityErrorCode.PERMISSION_DENIED || !root_conn.tableNamespaceOperations().list().contains(tableNamespace))
+ throw e;
+ }
+ break;
+ case ALTER_NAMESPACE:
+ tableNamespace = "__ALTER_TABLE_NAMESPACE_WITHOUT_PERM_TEST__";
+ root_conn.tableNamespaceOperations().create(tableNamespace);
+ try {
+ test_user_conn.tableNamespaceOperations().setProperty(tableNamespace, Property.TABLE_BLOOM_ERRORRATE.getKey(), "003.14159%");
+ throw new IllegalStateException("Should NOT be able to set a table namespace property");
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() != SecurityErrorCode.PERMISSION_DENIED
+ || map(root_conn.tableNamespaceOperations().getProperties(tableNamespace)).get(Property.TABLE_BLOOM_ERRORRATE.getKey()).equals("003.14159%"))
+ throw e;
+ }
+ root_conn.tableNamespaceOperations().setProperty(tableNamespace, Property.TABLE_BLOOM_ERRORRATE.getKey(), "003.14159%");
+ try {
+ test_user_conn.tableNamespaceOperations().removeProperty(tableNamespace, Property.TABLE_BLOOM_ERRORRATE.getKey());
+ throw new IllegalStateException("Should NOT be able to remove a table namespace property");
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() != SecurityErrorCode.PERMISSION_DENIED
+ || !map(root_conn.tableNamespaceOperations().getProperties(tableNamespace)).get(Property.TABLE_BLOOM_ERRORRATE.getKey()).equals("003.14159%"))
+ throw e;
+ }
+ String tableNamespace2 = tableNamespace + "2";
+ try {
+ test_user_conn.tableNamespaceOperations().rename(tableNamespace, tableNamespace2);
+ throw new IllegalStateException("Should NOT be able to rename a table namespace");
+ } catch (AccumuloSecurityException e) {
+ if (e.getSecurityErrorCode() != SecurityErrorCode.PERMISSION_DENIED || !root_conn.tableNamespaceOperations().list().contains(tableNamespace)
+ || root_conn.tableNamespaceOperations().list().contains(tableNamespace2))
+ throw e;
+ }
+ break;
default:
throw new IllegalArgumentException("Unrecognized System Permission: " + perm);
}
}
private static void testGrantedSystemPermission(String tableNamePrefix, Connector root_conn, Connector test_user_conn, SystemPermission perm)
- throws AccumuloException, AccumuloSecurityException, TableNotFoundException, TableExistsException {
- String tableName, user, password = "password";
+ throws AccumuloException, AccumuloSecurityException, TableNotFoundException, TableExistsException, TableNamespaceExistsException,
+ TableNamespaceNotFoundException, TableNamespaceNotEmptyException {
+ String tableName, user, password = "password", tableNamespace;
log.debug("Confirming that the presence of the " + perm + " permission properly permits the user");
// test permission after granting it
@@ -263,6 +319,35 @@ public class PermissionsIT extends SimpleMacIT {
case SYSTEM:
// test for system permission would go here
break;
+ case CREATE_NAMESPACE:
+ tableNamespace = "__CREATE_TABLE_NAMESPACE_WITH_PERM_TEST__";
+ test_user_conn.tableNamespaceOperations().create(tableNamespace);
+ if (!root_conn.tableNamespaceOperations().list().contains(tableNamespace))
+ throw new IllegalStateException("Should be able to create a table namespace");
+ break;
+ case DROP_NAMESPACE:
+ tableNamespace = "__DROP_TABLE_NAMESPACE_WITH_PERM_TEST__";
+ root_conn.tableNamespaceOperations().create(tableNamespace);
+ test_user_conn.tableNamespaceOperations().delete(tableNamespace);
+ if (root_conn.tableNamespaceOperations().list().contains(tableNamespace))
+ throw new IllegalStateException("Should be able to delete a table namespace");
+ break;
+ case ALTER_NAMESPACE:
+ tableNamespace = "__ALTER_TABLE_NAMESPACE_WITH_PERM_TEST__";
+ String tableNamespace2 = tableNamespace + "2";
+ root_conn.tableNamespaceOperations().create(tableNamespace);
+ test_user_conn.tableNamespaceOperations().setProperty(tableNamespace, Property.TABLE_BLOOM_ERRORRATE.getKey(), "003.14159%");
+ Map<String,String> propies = map(root_conn.tableNamespaceOperations().getProperties(tableNamespace));
+ if (!propies.get(Property.TABLE_BLOOM_ERRORRATE.getKey()).equals("003.14159%"))
+ throw new IllegalStateException("Should be able to set a table property");
+ test_user_conn.tableNamespaceOperations().removeProperty(tableNamespace, Property.TABLE_BLOOM_ERRORRATE.getKey());
+ propies = map(root_conn.tableNamespaceOperations().getProperties(tableNamespace));
+ if (propies.get(Property.TABLE_BLOOM_ERRORRATE.getKey()).equals("003.14159%"))
+ throw new IllegalStateException("Should be able to remove a table property");
+ test_user_conn.tableNamespaceOperations().rename(tableNamespace, tableNamespace2);
+ if (root_conn.tableNamespaceOperations().list().contains(tableNamespace) || !root_conn.tableNamespaceOperations().list().contains(tableNamespace2))
+ throw new IllegalStateException("Should be able to rename a table");
+ break;
default:
throw new IllegalArgumentException("Unrecognized System Permission: " + perm);
}