Updated Branches:
refs/heads/master cac5e121b -> 2dc88d3dc
Revert "ACCUMULO-2096 Clean up the security RW tests."
This reverts commit 9f59c0022777fc86d0b269d064bcc898b27c9b23.
Conflicts:
test/src/main/java/org/apache/accumulo/test/randomwalk/security/Validate.java
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/cba77ea2
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/cba77ea2
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/cba77ea2
Branch: refs/heads/master
Commit: cba77ea28c5b34a9389ffb2aa2a0e402b367b3f1
Parents: 4945783
Author: John Vines <vi...@apache.org>
Authored: Thu Jan 30 11:28:38 2014 -0500
Committer: John Vines <vi...@apache.org>
Committed: Thu Jan 30 11:28:38 2014 -0500
----------------------------------------------------------------------
.../test/randomwalk/security/AlterTable.java | 26 +----------
.../randomwalk/security/AlterTablePerm.java | 45 ++++++--------------
.../test/randomwalk/security/ChangePass.java | 2 +-
.../test/randomwalk/security/DropTable.java | 21 +--------
.../test/randomwalk/security/TableOp.java | 3 +-
5 files changed, 18 insertions(+), 79 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java
----------------------------------------------------------------------
diff --git
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java
index 91f5ba8..b2c4c87 100644
---
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java
+++
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java
@@ -17,7 +17,6 @@
package org.apache.accumulo.test.randomwalk.security;
import java.net.InetAddress;
-import java.util.Map;
import java.util.Properties;
import org.apache.accumulo.core.client.AccumuloException;
@@ -28,10 +27,8 @@ import
org.apache.accumulo.core.client.TableNotFoundException;
import org.apache.accumulo.core.client.security.SecurityErrorCode;
import org.apache.accumulo.test.randomwalk.State;
import org.apache.accumulo.test.randomwalk.Test;
-import org.apache.log4j.Logger;
public class AlterTable extends Test {
- private static final Logger log = Logger.getLogger(AlterTable.class);
@Override
public void visit(State state, Properties props) throws Exception {
@@ -39,33 +36,12 @@ public class AlterTable extends Test {
String tableName = WalkingSecurity.get(state).getTableName();
- Map<String,String> nameToId = conn.tableOperations().tableIdMap();
- String tableId = nameToId.get(tableName);
-
boolean exists = WalkingSecurity.get(state).getTableExists();
-
- if ((null == tableId && exists) || (null != tableId && !exists)) {
- log.error("For table " + tableName + ": found table ID " + tableId + "
and " + (exists ? "expect" : "did not expect") + " it to exist");
- throw new TableNotFoundException(null, tableName, "Could not find table
ID when it should exist");
- }
-
- boolean hasPermission;
- try {
- hasPermission =
WalkingSecurity.get(state).canAlterTable(WalkingSecurity.get(state).getSysCredentials(),
tableId);
- } catch (Exception e) {
- if (!exists) {
- log.debug("Ignoring exception when trying to alter non-existent
table", e);
- return;
- }
-
- throw e;
- }
-
+ boolean hasPermission =
WalkingSecurity.get(state).canAlterTable(WalkingSecurity.get(state).getSysCredentials(),
tableName);
String newTableName = String.format("security_%s_%s_%d",
InetAddress.getLocalHost().getHostName().replaceAll("[-.]", "_"),
state.getPid(),
System.currentTimeMillis());
renameTable(conn, state, tableName, newTableName, hasPermission, exists);
-
}
public static void renameTable(Connector conn, State state, String oldName,
String newName, boolean hasPermission, boolean tableExists)
http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java
----------------------------------------------------------------------
diff --git
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java
index 4bd0d64..bad7b28 100644
---
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java
+++
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java
@@ -27,32 +27,30 @@ import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.security.TablePermission;
import org.apache.accumulo.test.randomwalk.State;
import org.apache.accumulo.test.randomwalk.Test;
-import org.apache.log4j.Logger;
public class AlterTablePerm extends Test {
- private static final Logger log = Logger.getLogger(AlterTablePerm.class);
-
+
@Override
public void visit(State state, Properties props) throws Exception {
alter(state, props);
}
-
+
public static void alter(State state, Properties props) throws Exception {
String action = props.getProperty("task", "toggle");
String perm = props.getProperty("perm", "random");
String sourceUserProp = props.getProperty("source", "system");
String targetUser = props.getProperty("target", "table");
boolean tabExists = WalkingSecurity.get(state).getTableExists();
-
+
String target;
if ("table".equals(targetUser))
target = WalkingSecurity.get(state).getTabUserName();
else
target = WalkingSecurity.get(state).getSysUserName();
-
+
boolean exists = WalkingSecurity.get(state).userExists(target);
boolean tableExists = WalkingSecurity.get(state).getTableExists();
-
+
TablePermission tabPerm;
if (perm.equals("random")) {
Random r = new Random();
@@ -76,25 +74,10 @@ public class AlterTablePerm extends Test {
sourceToken = state.getToken();
}
Connector conn = state.getInstance().getConnector(sourceUser, sourceToken);
- String tableId = conn.tableOperations().tableIdMap().get(tableName);
-
- // Make sure we get an ID when we can
- if ((null == tableId && tableExists) || (null != tableId && !tableExists))
{
- log.error("For table " + tableName + ": found table ID " + tableId + "
and we " + (exists ? "expect" : "did not expect") + " it to exist");
- throw new AccumuloException("Could not find table ID for " + tableName +
" but it should have existed");
- }
-
- try {
- canGive = WalkingSecurity.get(state).canGrantTable(new
Credentials(sourceUser, sourceToken).toThrift(state.getInstance()), target,
tableId);
- } catch (Exception e) {
- if (!tableExists) {
- log.debug("Ignoring exception checking permission on non-existent
table", e);
- return;
- }
-
- throw e;
- }
-
+
+ canGive = WalkingSecurity.get(state).canGrantTable(new
Credentials(sourceUser, sourceToken).toThrift(state.getInstance()), target,
+ WalkingSecurity.get(state).getTableName());
+
// toggle
if (!"take".equals(action) && !"give".equals(action)) {
try {
@@ -102,7 +85,7 @@ public class AlterTablePerm extends Test {
if (hasPerm != (res =
state.getConnector().securityOperations().hasTablePermission(target, tableName,
tabPerm)))
throw new AccumuloException("Test framework and accumulo are out of
sync for user " + conn.whoami() + " for perm " + tabPerm.name()
+ " with local vs. accumulo being " + hasPerm + " " + res);
-
+
if (hasPerm)
action = "take";
else
@@ -124,7 +107,7 @@ public class AlterTablePerm extends Test {
}
}
}
-
+
boolean trans =
WalkingSecurity.get(state).userPassTransient(conn.whoami());
if ("take".equals(action)) {
try {
@@ -183,14 +166,14 @@ public class AlterTablePerm extends Test {
}
WalkingSecurity.get(state).grantTablePermission(target, tableName,
tabPerm);
}
-
+
if (!exists)
throw new AccumuloException("User shouldn't have existed, but apparantly
does");
if (!tableExists)
throw new AccumuloException("Table shouldn't have existed, but
apparantly does");
if (!canGive)
throw new AccumuloException(conn.whoami() + " shouldn't have been able
to grant privilege");
-
+
}
-
+
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java
----------------------------------------------------------------------
diff --git
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java
index 6287d6a..439e724 100644
---
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java
+++
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java
@@ -85,7 +85,7 @@ public class ChangePass extends Test {
}
}
WalkingSecurity.get(state).changePassword(target, newPass);
- // Waiting 1 second for password to propagate through Zk
+ // Waiting 1 second for password to propogate through Zk
Thread.sleep(1000);
if (!hasPerm)
throw new AccumuloException("Password change succeeded when it should
have failed for " + source + " changing the password for " + target + ".");
http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java
----------------------------------------------------------------------
diff --git
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java
index 4dc25ea..52b6e25 100644
---
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java
+++
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java
@@ -28,10 +28,8 @@ import
org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.test.randomwalk.State;
import org.apache.accumulo.test.randomwalk.Test;
-import org.apache.log4j.Logger;
public class DropTable extends Test {
- private static final Logger log = Logger.getLogger(DropTable.class);
@Override
public void visit(State state, Properties props) throws Exception {
@@ -52,26 +50,9 @@ public class DropTable extends Test {
Connector conn = state.getInstance().getConnector(principal, token);
String tableName = WalkingSecurity.get(state).getTableName();
- String tableId = conn.tableOperations().tableIdMap().get(tableName);
boolean exists = WalkingSecurity.get(state).getTableExists();
-
- if ((null == tableId && exists) || (null != tableId && !exists)) {
- log.error("For table " + tableName + ": found table ID " + tableId + "
and " + (exists ? "expect" : "did not expect") + " it to exist");
- throw new AccumuloException("Test and Accumulo state differ on " +
tableName + " existence.");
- }
-
- boolean hasPermission;
- try {
- hasPermission = WalkingSecurity.get(state).canDeleteTable(new
Credentials(principal, token).toThrift(state.getInstance()), tableId);
- } catch (Exception e) {
- if (!exists) {
- log.error("Ignoring exception checking permissions on non-existent
table", e);
- return;
- }
-
- throw e;
- }
+ boolean hasPermission = WalkingSecurity.get(state).canDeleteTable(new
Credentials(principal, token).toThrift(state.getInstance()), tableName);
try {
conn.tableOperations().delete(tableName);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java
----------------------------------------------------------------------
diff --git
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java
index 7199322..347be89 100644
---
a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java
+++
b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java
@@ -75,14 +75,13 @@ public class TableOp extends Test {
switch (tp) {
case READ: {
+ boolean canRead =
WalkingSecurity.get(state).canScan(WalkingSecurity.get(state).getTabCredentials(),
tableId);
Authorizations auths =
WalkingSecurity.get(state).getUserAuthorizations(WalkingSecurity.get(state).getTabCredentials());
boolean ambiguousZone =
WalkingSecurity.get(state).inAmbiguousZone(conn.whoami(), tp);
boolean ambiguousAuths =
WalkingSecurity.get(state).ambiguousAuthorizations(conn.whoami());
Scanner scan = null;
- boolean canRead = false;
try {
- canRead =
WalkingSecurity.get(state).canScan(WalkingSecurity.get(state).getTabCredentials(),
tableId);
scan = conn.createScanner(tableName,
conn.securityOperations().getUserAuthorizations(conn.whoami()));
int seen = 0;
Iterator<Entry<Key,Value>> iter = scan.iterator();
