private User getActiveUser() throws IOException { // for non-rpc handling, fallback to system user User user = RpcServer.getRequestUser().orElse(userProvider.getCurrent()); // this is for testing if (userProvider.isHadoopSecurityEnabled() && "simple".equalsIgnoreCase(conf.get(User.HBASE_SECURITY_CONF_KEY))) { return User.createUserForTesting(conf, user.getShortName(), new String[] {}); } return user; }
public ZombieLastLogWriterRegionServer(AtomicLong counter, AtomicBoolean stop, final String region, final int writers) throws IOException, InterruptedException { super("ZombieLastLogWriterRegionServer"); setDaemon(true); this.stop = stop; this.editsCount = counter; this.region = region; this.user = User.createUserForTesting(conf, ZOMBIE, GROUP); numOfWriters = writers; }
@BeforeClass public static void setupBeforeClass() throws Exception { TEST_UTIL = new HBaseTestingUtility(); Configuration conf = TEST_UTIL.getConfiguration(); // Up the handlers; this test needs more than usual. conf.setInt(HConstants.REGION_SERVER_HIGH_PRIORITY_HANDLER_COUNT, 10); enableSecurity(conf); verifyConfiguration(conf); // We expect 0.98 scanning semantics conf.setBoolean(AccessControlConstants.CF_ATTRIBUTE_EARLY_OUT, false); TEST_UTIL.startMiniCluster(); TEST_UTIL.waitTableEnabled(AccessControlLists.ACL_TABLE_NAME.getName(), 50000); READER = User.createUserForTesting(conf, "reader", new String[0]); LIMITED = User.createUserForTesting(conf, "limited", new String[0]); DENIED = User.createUserForTesting(conf, "denied", new String[0]); }
@Override public void setUpCluster() throws Exception { util = getTestingUtil(null); Configuration conf = util.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); conf.set("hbase.superuser", User.getCurrent().getName()); conf.setBoolean("dfs.permissions", false); super.setUpCluster(); String[] users = userNames.split(","); if (users.length != 2) { System.err.println(ERROR_STR); throw new IOException(ERROR_STR); } System.out.println(userNames + " "+users[0]+ " "+users[1]); USER1 = User.createUserForTesting(conf, users[0], new String[] {}); USER2 = User.createUserForTesting(conf, users[1], new String[] {}); addLabelsAndAuths(); }
@BeforeClass public static void setupBeforeClass() throws Exception { conf = TEST_UTIL.getConfiguration(); // Enable security enableSecurity(conf); conf.set(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY, AccessController.class.getName()); // Verify enableSecurity sets up what we require verifyConfiguration(conf); // Enable EXEC permission checking conf.setBoolean(AccessControlConstants.EXEC_PERMISSION_CHECKS_KEY, true); TEST_UTIL.startMiniCluster(); TEST_UTIL.waitUntilAllRegionsAssigned(AccessControlLists.ACL_TABLE_NAME); MasterCoprocessorHost cpHost = TEST_UTIL.getMiniHBaseCluster().getMaster().getMasterCoprocessorHost(); cpHost.load(AccessController.class, Coprocessor.PRIORITY_HIGHEST, conf); USER_OWNER = User.createUserForTesting(conf, "owner", new String[0]); USER_RW = User.createUserForTesting(conf, "rwuser", new String[0]); USER_RO = User.createUserForTesting(conf, "rouser", new String[0]); USER_NONE = User.createUserForTesting(conf, "usernone", new String[0]); }
@BeforeClass public static void setupBeforeClass() throws Exception { // setup configuration conf = TEST_UTIL.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); String currentUser = User.getCurrent().getName(); conf.set("hbase.superuser", "admin,"+currentUser); TEST_UTIL.startMiniCluster(2); // Wait for the labels table to become available TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); NORMAL_USER = User.createUserForTesting(conf, "user1", new String[] {}); NORMAL_USER1 = User.createUserForTesting(conf, "user2", new String[] {}); addLabels(); }
@BeforeClass public static void setupBeforeClass() throws Exception { // setup configuration conf = TEST_UTIL.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); conf.setBoolean(VisibilityConstants.CHECK_AUTHS_FOR_MUTATION, true); conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class, ScanLabelGenerator.class); conf.set("hbase.superuser", "admin"); TEST_UTIL.startMiniCluster(2); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); USER = User.createUserForTesting(conf, "user", new String[]{}); // Wait for the labels table to become available TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000); addLabels(); }
@BeforeClass public static void setupBeforeClass() throws Exception { // setup configuration conf = TEST_UTIL.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); String classes = SimpleScanLabelGenerator.class.getCanonicalName() + " , " + LabelFilteringScanLabelGenerator.class.getCanonicalName(); conf.setStrings(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, classes); conf.set("hbase.superuser", "admin"); TEST_UTIL.startMiniCluster(1); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); // Wait for the labels table to become available TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000); addLabels(); }
@Test public void testBasicAttributes() throws Exception { Configuration conf = HBaseConfiguration.create(); User user = User.createUserForTesting(conf, "simple", new String[]{"foo"}); assertEquals("Username should match", "simple", user.getName()); assertEquals("Short username should match", "simple", user.getShortName()); // don't test shortening of kerberos names because regular Hadoop doesn't support them }
@BeforeClass public static void setupBeforeClass() throws Exception { // setup configuration conf = TEST_UTIL.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class, ScanLabelGenerator.class); conf.set("hbase.superuser", "admin"); TEST_UTIL.startMiniCluster(2); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); USER1 = User.createUserForTesting(conf, "user1", new String[] {}); // Wait for the labels table to become available TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000); addLabels(); }
@Override public void setUpCluster() throws Exception { util = getTestingUtil(null); Configuration conf = util.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); conf.set("hbase.superuser", User.getCurrent().getName()); conf.setBoolean("dfs.permissions", false); USER = User.createUserForTesting(conf, userName, new String[] {}); super.setUpCluster(); addLabels(); }
@Test public void testUserGroupNames() throws Exception { final String username = "testuser"; final ImmutableSet<String> singleGroups = ImmutableSet.of("group"); final Configuration conf = HBaseConfiguration.create(); User user = User.createUserForTesting(conf, username, singleGroups.toArray(new String[singleGroups.size()])); assertUserGroup(user, singleGroups); final ImmutableSet<String> multiGroups = ImmutableSet.of("group", "group1", "group2"); user = User.createUserForTesting(conf, username, multiGroups.toArray(new String[multiGroups.size()])); assertUserGroup(user, multiGroups); }
@BeforeClass public static void setupBeforeClass() throws Exception { conf = TEST_UTIL.getConfiguration(); // Up the handlers; this test needs more than usual. conf.setInt(HConstants.REGION_SERVER_HIGH_PRIORITY_HANDLER_COUNT, 10); // Enable security enableSecurity(conf); // Verify enableSecurity sets up what we require verifyConfiguration(conf); TEST_UTIL.startMiniCluster(); // Wait for the ACL table to become available TEST_UTIL.waitUntilAllRegionsAssigned(AccessControlLists.ACL_TABLE_NAME); TESTGROUP_1_NAME = toGroupEntry(TESTGROUP_1); TESTGROUP1_USER1 = User.createUserForTesting(conf, "testgroup1_user1", new String[] { TESTGROUP_1 }); TESTGROUP2_USER1 = User.createUserForTesting(conf, "testgroup2_user2", new String[] { TESTGROUP_2 }); systemUserConnection = ConnectionFactory.createConnection(conf); }
protected void checkMethod(Configuration conf, final String methodName, final int expected, final AnnotationReadingPriorityFunction qosf, final Message param) { RPCProtos.RequestHeader.Builder builder = RPCProtos.RequestHeader.newBuilder(); builder.setMethodName(methodName); assertEquals(methodName, expected, qosf.getPriority(builder.build(), param, User.createUserForTesting(conf, "someuser", new String[]{"somegroup"}))); } }
@Test public void testCreateUserForTestingGroupCache() throws Exception { Configuration conf = HBaseConfiguration.create(); User uCreated = User.createUserForTesting(conf, "group_user", new String[] { "MYGROUP" }); UserProvider up = UserProvider.instantiate(conf); User uProvided = up.create(UserGroupInformation.createRemoteUser("group_user")); assertArrayEquals(uCreated.getGroupNames(), uProvided.getGroupNames()); }
@BeforeClass public static void setupBeforeClass() throws Exception { // setup configuration conf = TEST_UTIL.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class, ScanLabelGenerator.class); conf.set("hbase.superuser", "admin"); TEST_UTIL.startMiniCluster(2); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); // Wait for the labels table to become available TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000); addLabels(); }
@Test public void testQosFunctionWithoutKnownArgument() throws IOException { //The request is not using any of the //known argument classes (it uses one random request class) //(known argument classes are listed in //HRegionServer.QosFunctionImpl.knownArgumentClasses) RequestHeader.Builder headerBuilder = RequestHeader.newBuilder(); headerBuilder.setMethodName("foo"); RequestHeader header = headerBuilder.build(); PriorityFunction qosFunc = regionServer.rpcServices.getPriority(); assertEquals(HConstants.NORMAL_QOS, qosFunc.getPriority(header, null, User.createUserForTesting(regionServer.conf, "someuser", new String[]{"somegroup"}))); }
@BeforeClass public static void setupBeforeClass() throws Exception { // setup configuration conf = TEST_UTIL.getConfiguration(); VisibilityTestUtil.enableVisiblityLabels(conf); conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class, ScanLabelGenerator.class); conf.setClass(VisibilityLabelServiceManager.VISIBILITY_LABEL_SERVICE_CLASS, ExpAsStringVisibilityLabelServiceImpl.class, VisibilityLabelService.class); conf.set("hbase.superuser", "admin"); TEST_UTIL.startMiniCluster(2); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); // Wait for the labels table to become available TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000); addLabels(); }
@BeforeClass public static void provisionCluster() throws Exception { conf = util.getConfiguration(); SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" }); conf.set("hbase.superuser", "admin,"+User.getCurrent().getName()); VisibilityTestUtil.enableVisiblityLabels(conf); conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class, ScanLabelGenerator.class); util.startMiniCluster(); // Wait for the labels table to become available util.waitTableEnabled(VisibilityConstants.LABELS_TABLE_NAME.getName(), 50000); createLabels(); }
@Test public void testAccessControlClientUserPerms() throws Exception { final TableName tableName = TableName.valueOf(name.getMethodName()); createTestTable(tableName); try { final String regex = tableName.getNameWithNamespaceInclAsString(); User testUserPerms = User.createUserForTesting(conf, "testUserPerms", new String[0]); assertEquals(0, testUserPerms.runAs(getPrivilegedAction(regex)).size()); // Grant TABLE ADMIN privs to testUserPerms grantOnTable(TEST_UTIL, testUserPerms.getShortName(), tableName, null, null, Action.ADMIN); List<UserPermission> perms = testUserPerms.runAs(getPrivilegedAction(regex)); assertNotNull(perms); // Superuser, testUserPerms assertEquals(2, perms.size()); } finally { deleteTable(TEST_UTIL, tableName); } }