public ZooLock(ZooReaderWriter zoo, String path) { this(new ZooCache(zoo), zoo, path); }
public static byte[] getLockData(ZooCache zc, String path) { List<String> children = zc.getChildren(path); if (children == null || children.size() == 0) { return null; } children = new ArrayList<>(children); Collections.sort(children); String lockNode = children.get(0); return zc.get(path + "/" + lockNode); }
@Override public void invalidateCache() { if (propCache != null) propCache.clear(); }
@Override public void cleanTablePermissions(String table) throws AccumuloSecurityException { try { synchronized (zooCache) { zooCache.clear(); for (String user : zooCache.getChildren(ZKUserPath)) zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, NodeMissingPolicy.SKIP); } } catch (KeeperException e) { log.error("{}", e.getMessage(), e); throw new AccumuloSecurityException("unknownUser", SecurityErrorCode.CONNECTION_ERROR, e); } catch (InterruptedException e) { log.error("{}", e.getMessage(), e); throw new RuntimeException(e); } }
@Override public boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloSecurityException { if (!(token instanceof PasswordToken)) throw new AccumuloSecurityException(principal, SecurityErrorCode.INVALID_TOKEN); PasswordToken pt = (PasswordToken) token; byte[] pass; String zpath = ZKUserPath + "/" + principal; pass = zooCache.get(zpath); boolean result = ZKSecurityTool.checkPass(pt.getPassword(), pass); if (!result) { zooCache.clear(zpath); pass = zooCache.get(zpath); result = ZKSecurityTool.checkPass(pt.getPassword(), pass); } return result; }
/** * Gets data at the given path. Status information is not returned. A watch is established by this * call. * * @param zPath * path to get * @return path data, or null if non-existent */ public byte[] get(final String zPath) { return get(zPath, null); }
@Override public Set<String> listUsers() { return new TreeSet<>(zooCache.getChildren(ZKUserPath)); }
@Override public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException { Set<TablePermission> tablePerms; byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table); if (serializedPerms != null) tablePerms = ZKSecurityTool.convertTablePermissions(serializedPerms); else tablePerms = new TreeSet<>(); try { if (tablePerms.add(permission)) { synchronized (zooCache) { zooCache.clear(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table); zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, ZKSecurityTool.convertTablePermissions(tablePerms), NodeExistsPolicy.OVERWRITE); } } } catch (KeeperException e) { log.error("{}", e.getMessage(), e); throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e); } catch (InterruptedException e) { log.error("{}", e.getMessage(), e); throw new RuntimeException(e); } }
@Override public boolean userExists(String user) { return zooCache.get(ZKUserPath + "/" + user) != null; }
@Override public void getProperties(Map<String,String> props, Predicate<String> filter) { parent.getProperties(props, filter); List<String> children = propCache.getChildren(propPathPrefix); if (children != null) { for (String child : children) { if (child != null && filter.test(child)) { String value = getRaw(child); if (value != null) props.put(child, value); } } } }
@Override public void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException { try { synchronized (zooCache) { zooCache.clear(); for (String user : zooCache.getChildren(ZKUserPath)) zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserNamespacePerms + "/" + namespace, NodeMissingPolicy.SKIP); } } catch (KeeperException e) { log.error("{}", e.getMessage(), e); throw new AccumuloSecurityException("unknownUser", SecurityErrorCode.CONNECTION_ERROR, e); } catch (InterruptedException e) { log.error("{}", e.getMessage(), e); throw new RuntimeException(e); } }
public static byte[] getLockData(org.apache.accumulo.fate.zookeeper.ZooCache zc, String path, ZcStat stat) { List<String> children = zc.getChildren(path); if (children == null || children.size() == 0) { return null; } children = new ArrayList<>(children); Collections.sort(children); String lockNode = children.get(0); if (!lockNode.startsWith(LOCK_PREFIX)) { throw new RuntimeException("Node " + lockNode + " at " + path + " is not a lock node"); } return zc.get(path + "/" + lockNode, stat); }
public synchronized ZooCache getZooCache() { if (zooCache == null) zooCache = new ZooCache(context.getZooReaderWriter(), this); return zooCache; }
@Override public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException { byte[] sysPermBytes = zooCache.get(ZKUserPath + "/" + user + ZKUserSysPerms); // User had no system permission, nothing to revoke. if (sysPermBytes == null) return; Set<SystemPermission> sysPerms = ZKSecurityTool.convertSystemPermissions(sysPermBytes); try { if (sysPerms.remove(permission)) { synchronized (zooCache) { zooCache.clear(); zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserSysPerms, ZKSecurityTool.convertSystemPermissions(sysPerms), NodeExistsPolicy.OVERWRITE); } } } catch (KeeperException e) { log.error("{}", e.getMessage(), e); throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e); } catch (InterruptedException e) { log.error("{}", e.getMessage(), e); throw new RuntimeException(e); } }
public synchronized String getRootUsername() { if (rootUserName == null) rootUserName = new String(zooCache.get(ZKUserPath), UTF_8); return rootUserName; }
/** * Clears the internal {@link ZooCache}. */ void invalidateCache() { propCache.clear(); }
public synchronized void scanServers() { try { final Set<TServerInstance> updates = new HashSet<>(); final Set<TServerInstance> doomed = new HashSet<>(); final String path = context.getZooKeeperRoot() + Constants.ZTSERVERS; HashSet<String> all = new HashSet<>(current.keySet()); all.addAll(getZooCache().getChildren(path)); locklessServers.keySet().retainAll(all); for (String zPath : all) { checkServer(updates, doomed, path, zPath); } // log.debug("Current: " + current.keySet()); this.cback.update(this, doomed, updates); } catch (Exception ex) { log.error("{}", ex.getMessage(), ex); } }