org.apache.hadoop.security.authorize.AccessControlList.addGroup java code examples

Common ways to obtain AccessControlList

private void myMethod () {
 AccessControlList a =ServletContext servletContext;String name;(AccessControlList) servletContext.getAttribute(name)
String aclString;new AccessControlList(aclString)
Configuration conf;String name;String defaultValue;new AccessControlList(conf.get(name, defaultValue))
Smart code suggestions by Codota
}

ACLsManager(Configuration conf, JobACLsManager jobACLsManager,
  QueueManager queueManager) throws IOException {
 mrOwner = UserGroupInformation.getCurrentUser();
 adminAcl = new AccessControlList(conf.get(MRConfig.MR_ADMINS, " "));
 adminAcl.addUser(mrOwner.getShortUserName());
 
 String deprecatedSuperGroup = conf.get(MRConfig.MR_SUPERGROUP);
 if (deprecatedSuperGroup != null) {
  LOG.warn(MRConfig.MR_SUPERGROUP + " is deprecated. Use " 
    + MRConfig.MR_ADMINS + " instead");
  adminAcl.addGroup(deprecatedSuperGroup);
 }
 aclsEnabled = conf.getBoolean(MRConfig.MR_ACLS_ENABLED, false);
 this.jobACLsManager = jobACLsManager;
 this.queueManager = queueManager;
}

assertEquals("drwho ", acl.getAclString());
acl.addGroup("tardis");
groups = acl.getGroups();
assertEquals(groups.size(), 1);
acl.addGroup("users");
users = acl.getUsers();
assertEquals(users.size(), 2);

conf.setBoolean(YarnConfiguration.YARN_ACL_ENABLE, true);
AccessControlList adminACL = new AccessControlList("");
adminACL.addGroup(SUPER_GROUP);
conf.set(YarnConfiguration.YARN_ADMIN_ACL, adminACL.getAclString());
resourceManager = new MockRM(conf) {

/**
 * Tests adding user/group to an wild card acl.
 */
public void testAddRemoveToWildCardACL() {
 AccessControlList acl = new AccessControlList(" * ");
 assertTrue(acl.isAllAllowed());
 UserGroupInformation drwho =
  UserGroupInformation.createUserForTesting("drwho@APACHE.ORG",
    new String[] { "aliens" });
 UserGroupInformation drwho2 =
  UserGroupInformation.createUserForTesting("drwho2@APACHE.ORG",
    new String[] { "tardis" });
 acl.addUser("drwho");
 assertTrue(acl.isAllAllowed());
 assertFalse(acl.getAclString().contains("drwho"));
 acl.addGroup("tardis");
 assertTrue(acl.isAllAllowed());
 assertFalse(acl.getAclString().contains("tardis"));
  acl.removeUser("drwho");
 assertTrue(acl.isAllAllowed());
 assertUserAllowed(drwho, acl);
 acl.removeGroup("tardis");
 assertTrue(acl.isAllAllowed());
 assertUserAllowed(drwho2, acl);
}

assertEquals("drwho ", acl.getAclString());
acl.addGroup("tardis");
groups = acl.getGroups();
assertEquals(groups.size(), 1);
acl.addGroup("users");
users = acl.getUsers();
assertEquals(users.size(), 2);

 acl.addGroup(" * ");
} catch (Throwable t) {
 th = t;

private void verifyOwnerAccess() throws Exception {
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);
 ApplicationId applicationId = submitAppAndGetAppId(viewACL, modifyACL);
 final GetApplicationReportRequest appReportRequest = recordFactory
   .newRecordInstance(GetApplicationReportRequest.class);
 appReportRequest.setApplicationId(applicationId);
 final KillApplicationRequest finishAppRequest = recordFactory
   .newRecordInstance(KillApplicationRequest.class);
 finishAppRequest.setApplicationId(applicationId);
 // View as owner
 rmClient.getApplicationReport(appReportRequest);
 // List apps as owner
 Assert.assertEquals("App view by owner should list the apps!!", 1,
   rmClient.getApplications(
     recordFactory.newRecordInstance(GetApplicationsRequest.class))
     .getApplicationList().size());
 // Kill app as owner
 rmClient.forceKillApplication(finishAppRequest);
 resourceManager.waitForState(applicationId, RMAppState.KILLED);
}

private void verifyOwnerAccess() throws Exception {
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);
 ApplicationId applicationId = submitAppAndGetAppId(viewACL, modifyACL);
 final GetApplicationReportRequest appReportRequest = recordFactory
   .newRecordInstance(GetApplicationReportRequest.class);
 appReportRequest.setApplicationId(applicationId);
 final KillApplicationRequest finishAppRequest = recordFactory
   .newRecordInstance(KillApplicationRequest.class);
 finishAppRequest.setApplicationId(applicationId);
 // View as owner
 rmClient.getApplicationReport(appReportRequest);
 // List apps as owner
 Assert.assertEquals("App view by owner should list the apps!!", 1,
   rmClient.getApplications(
     recordFactory.newRecordInstance(GetApplicationsRequest.class))
     .getApplicationList().size());
 // Kill app as owner
 rmClient.forceKillApplication(finishAppRequest);
 resourceManager.waitForState(applicationId, RMAppState.KILLED);
}

private void verifyFriendAccess() throws Exception {
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);
 ApplicationId applicationId = submitAppAndGetAppId(viewACL, modifyACL);
 final GetApplicationReportRequest appReportRequest = recordFactory
   .newRecordInstance(GetApplicationReportRequest.class);
 appReportRequest.setApplicationId(applicationId);
 final KillApplicationRequest finishAppRequest = recordFactory
   .newRecordInstance(KillApplicationRequest.class);
 finishAppRequest.setApplicationId(applicationId);
 ApplicationClientProtocol friendClient = getRMClientForUser(FRIEND);
 // View as the friend
 friendClient.getApplicationReport(appReportRequest);
 // List apps as friend
 Assert.assertEquals("App view by a friend should list the apps!!", 3,
   friendClient.getApplications(
     recordFactory.newRecordInstance(GetApplicationsRequest.class))
     .getApplicationList().size());
 // Kill app as the friend
 friendClient.forceKillApplication(finishAppRequest);
 resourceManager.waitForState(applicationId, RMAppState.KILLED);
}

private void verifySuperUserAccess() throws Exception {
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);
 ApplicationId applicationId = submitAppAndGetAppId(viewACL, modifyACL);
 final GetApplicationReportRequest appReportRequest = recordFactory
   .newRecordInstance(GetApplicationReportRequest.class);
 appReportRequest.setApplicationId(applicationId);
 final KillApplicationRequest finishAppRequest = recordFactory
   .newRecordInstance(KillApplicationRequest.class);
 finishAppRequest.setApplicationId(applicationId);
 ApplicationClientProtocol superUserClient = getRMClientForUser(SUPER_USER);
 // View as the superUser
 superUserClient.getApplicationReport(appReportRequest);
 // List apps as superUser
 Assert.assertEquals("App view by super-user should list the apps!!", 2,
   superUserClient.getApplications(
     recordFactory.newRecordInstance(GetApplicationsRequest.class))
     .getApplicationList().size());
 // Kill app as the superUser
 superUserClient.forceKillApplication(finishAppRequest);
 resourceManager.waitForState(applicationId, RMAppState.KILLED);
}

private void verifyFriendAccess() throws Exception {
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);
 ApplicationId applicationId = submitAppAndGetAppId(viewACL, modifyACL);
 final GetApplicationReportRequest appReportRequest = recordFactory
   .newRecordInstance(GetApplicationReportRequest.class);
 appReportRequest.setApplicationId(applicationId);
 final KillApplicationRequest finishAppRequest = recordFactory
   .newRecordInstance(KillApplicationRequest.class);
 finishAppRequest.setApplicationId(applicationId);
 ApplicationClientProtocol friendClient = getRMClientForUser(FRIEND);
 // View as the friend
 friendClient.getApplicationReport(appReportRequest);
 // List apps as friend
 Assert.assertEquals("App view by a friend should list the apps!!", 3,
   friendClient.getApplications(
     recordFactory.newRecordInstance(GetApplicationsRequest.class))
     .getApplicationList().size());
 // Kill app as the friend
 friendClient.forceKillApplication(finishAppRequest);
 resourceManager.waitForState(applicationId, RMAppState.KILLED);
}

private void verifySuperUserAccess() throws Exception {
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);
 ApplicationId applicationId = submitAppAndGetAppId(viewACL, modifyACL);
 final GetApplicationReportRequest appReportRequest = recordFactory
   .newRecordInstance(GetApplicationReportRequest.class);
 appReportRequest.setApplicationId(applicationId);
 final KillApplicationRequest finishAppRequest = recordFactory
   .newRecordInstance(KillApplicationRequest.class);
 finishAppRequest.setApplicationId(applicationId);
 ApplicationClientProtocol superUserClient = getRMClientForUser(SUPER_USER);
 // View as the superUser
 superUserClient.getApplicationReport(appReportRequest);
 // List apps as superUser
 Assert.assertEquals("App view by super-user should list the apps!!", 2,
   superUserClient.getApplications(
     recordFactory.newRecordInstance(GetApplicationsRequest.class))
     .getApplicationList().size());
 // Kill app as the superUser
 superUserClient.forceKillApplication(finishAppRequest);
 resourceManager.waitForState(applicationId, RMAppState.KILLED);
}

private void verifyEnemyAccess() throws Exception {
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);

private void verifyAdministerQueueUserAccess() throws Exception {
 isQueueUser = true;
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);

private void verifyEnemyAccess() throws Exception {
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);

private void verifyAdministerQueueUserAccess() throws Exception {
 isQueueUser = true;
 AccessControlList viewACL = new AccessControlList("");
 viewACL.addGroup(FRIENDLY_GROUP);
 AccessControlList modifyACL = new AccessControlList("");
 modifyACL.addUser(FRIEND);

/**
 * Tests adding user/group to an wild card acl.
 */
@Test
public void testAddRemoveToWildCardACL() {
 AccessControlList acl = new AccessControlList(" * ");
 assertTrue(acl.isAllAllowed());
 UserGroupInformation drwho =
  UserGroupInformation.createUserForTesting("drwho@APACHE.ORG",
    new String[] { "aliens" });
 UserGroupInformation drwho2 =
  UserGroupInformation.createUserForTesting("drwho2@APACHE.ORG",
    new String[] { "tardis" });
 acl.addUser("drwho");
 assertTrue(acl.isAllAllowed());
 assertFalse(acl.getAclString().contains("drwho"));
 acl.addGroup("tardis");
 assertTrue(acl.isAllAllowed());
 assertFalse(acl.getAclString().contains("tardis"));
  acl.removeUser("drwho");
 assertTrue(acl.isAllAllowed());
 assertUserAllowed(drwho, acl);
 acl.removeGroup("tardis");
 assertTrue(acl.isAllAllowed());
 assertUserAllowed(drwho2, acl);
}

/**
 * Tests adding user/group to an wild card acl.
 */
@Test
public void testAddRemoveToWildCardACL() {
 AccessControlList acl = new AccessControlList(" * ");
 assertTrue(acl.isAllAllowed());
 UserGroupInformation drwho =
  UserGroupInformation.createUserForTesting("drwho@APACHE.ORG",
    new String[] { "aliens" });
 UserGroupInformation drwho2 =
  UserGroupInformation.createUserForTesting("drwho2@APACHE.ORG",
    new String[] { "tardis" });
 acl.addUser("drwho");
 assertTrue(acl.isAllAllowed());
 assertFalse(acl.getAclString().contains("drwho"));
 acl.addGroup("tardis");
 assertTrue(acl.isAllAllowed());
 assertFalse(acl.getAclString().contains("tardis"));
  acl.removeUser("drwho");
 assertTrue(acl.isAllAllowed());
 assertUserAllowed(drwho, acl);
 acl.removeGroup("tardis");
 assertTrue(acl.isAllAllowed());
 assertUserAllowed(drwho2, acl);
}

 acl.addGroup(" * ");
} catch (Throwable t) {
 th = t;

 acl.addGroup(" * ");
} catch (Throwable t) {
 th = t;

Javadoc

Add group to the names of groups allowed for this service.

Popular methods of AccessControlList

<init>
Construct a new ACL from String representation of users and groups The arguments are comma separated
isUserAllowed
getAclString
Returns the access control list as a String that can be used for building a new instance by sending
addUser
Add user to the names of users allowed for this service.
isAllAllowed
toString
Returns descriptive way of users and groups that are part of this ACL. Use #getAclString() to get th
getGroups
isUserInList
Checks if a user represented by the provided UserGroupInformationis a member of the Access Control L
buildACL
Build ACL from the given two Strings. The Strings contain comma separated values.
getGroupsString
Returns comma-separated concatenated single String of the set 'groups'
getString
Returns comma-separated concatenated single String of all strings of the given set
getUsersString
Returns comma-separated concatenated single String of the set 'users'

Popular in Java

Making http post requests using okhttp
orElseThrow (Optional)
Return the contained value, if present, otherwise throw an exception to be created by the provided s
getResourceAsStream (ClassLoader)
Returns a stream for the resource with the specified name. See #getResource(String) for a descriptio
getOriginalFilename (MultipartFile)
Return the original filename in the client's filesystem.This may contain path information depending
Rectangle (java.awt)
A Rectangle specifies an area in a coordinate space that is enclosed by the Rectangle object's top-
ServerSocket (java.net)
This class represents a server-side socket that waits for incoming client connections. A ServerSocke
SecureRandom (java.security)
This class generates cryptographically secure pseudo-random numbers. It is best to invoke SecureRand
Format (java.text)
The base class for all formats. This is an abstract base class which specifies the protocol for clas
BoxLayout (javax.swing)
BasicDataSource (org.apache.commons.dbcp)
Basic implementation of javax.sql.DataSource that is configured via JavaBeans properties. This is no

How to use addGroupmethodin org.apache.hadoop.security.authorize.AccessControlList

Best Java code snippets using org.apache.hadoop.security.authorize.AccessControlList.addGroup (Showing top 20 results out of 315)

How to use
addGroup
method
in
org.apache.hadoop.security.authorize.AccessControlList