(accumulo) branch main updated: Fix PermissionsIT, broken by #6253 (#6257)

Thu, 26 Mar 2026 10:33:06 -0700 

This is an automated email from the ASF dual-hosted git repository.

dlmarion pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/accumulo.git


The following commit(s) were added to refs/heads/main by this push:
     new 53951d524c Fix PermissionsIT, broken by #6253 (#6257)
53951d524c is described below

commit 53951d524ca1c24c7bd21166110da33032ef0b1e
Author: Dave Marion <[email protected]>
AuthorDate: Thu Mar 26 13:32:19 2026 -0400

    Fix PermissionsIT, broken by #6253 (#6257)
    
    PR #6253 fixed an issue where the fate and scanref
    tables could not be scanned by the ITs. The fix in
    in PermissionsIT which tests that non-system users
    don't have the ability to scan the fate and scanref
    tables. This commit overrides the behavior added in
---
 .../org/apache/accumulo/harness/AccumuloClusterHarness.java   | 11 +++++++++--
 .../org/apache/accumulo/test/functional/PermissionsIT.java    |  8 ++++++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git 
a/test/src/main/java/org/apache/accumulo/harness/AccumuloClusterHarness.java 
b/test/src/main/java/org/apache/accumulo/harness/AccumuloClusterHarness.java
index aadb9df1fa..4255d47a21 100644
--- a/test/src/main/java/org/apache/accumulo/harness/AccumuloClusterHarness.java
+++ b/test/src/main/java/org/apache/accumulo/harness/AccumuloClusterHarness.java
@@ -33,6 +33,8 @@ import org.apache.accumulo.cluster.ClusterUsers;
 import org.apache.accumulo.cluster.standalone.StandaloneAccumuloCluster;
 import org.apache.accumulo.core.client.Accumulo;
 import org.apache.accumulo.core.client.AccumuloClient;
+import org.apache.accumulo.core.client.AccumuloException;
+import org.apache.accumulo.core.client.AccumuloSecurityException;
 import org.apache.accumulo.core.client.admin.SecurityOperations;
 import org.apache.accumulo.core.client.admin.TableOperations;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
@@ -166,8 +168,7 @@ public abstract class AccumuloClusterHarness extends 
AccumuloITBase
     if (type.isDynamic()) {
       cluster.start();
       try (AccumuloClient ac = 
Accumulo.newClient().from(getClientProps()).build()) {
-        AccumuloITBase.setSystemTablePermsForITs(ac,
-            cluster.getServerContext().securityOperations());
+        setSystemTablePerms(ac, 
cluster.getServerContext().securityOperations());
       }
     } else {
       log.info("Removing tables which appear to be from a previous test run");
@@ -178,6 +179,12 @@ public abstract class AccumuloClusterHarness extends 
AccumuloITBase
 
   }
 
+  protected void setSystemTablePerms(AccumuloClient client, SecurityOperations 
sops)
+      throws AccumuloException, AccumuloSecurityException {
+    AccumuloITBase.setSystemTablePermsForITs(client,
+        cluster.getServerContext().securityOperations());
+  }
+
   public void cleanupTables() throws Exception {
     final String tablePrefix = this.getClass().getSimpleName() + "_";
     try (AccumuloClient client = 
Accumulo.newClient().from(getClientProps()).build()) {
diff --git 
a/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java 
b/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java
index f18f8196c0..6e770c847f 100644
--- a/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java
+++ b/test/src/main/java/org/apache/accumulo/test/functional/PermissionsIT.java
@@ -44,6 +44,7 @@ import org.apache.accumulo.core.client.BatchWriter;
 import org.apache.accumulo.core.client.MutationsRejectedException;
 import org.apache.accumulo.core.client.Scanner;
 import org.apache.accumulo.core.client.TableNotFoundException;
+import org.apache.accumulo.core.client.admin.SecurityOperations;
 import org.apache.accumulo.core.client.security.SecurityErrorCode;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
 import org.apache.accumulo.core.client.security.tokens.PasswordToken;
@@ -77,6 +78,13 @@ public class PermissionsIT extends AccumuloClusterHarness {
     return Duration.ofSeconds(90);
   }
 
+  @Override
+  protected void setSystemTablePerms(AccumuloClient client, SecurityOperations 
sops)
+      throws AccumuloException, AccumuloSecurityException {
+    // overridden to do nothing. The parent class gives read permissions to the
+    // system tables for the ITs. We want to test the default behavior
+  }
+
   @BeforeEach
   public void limitToMini() throws Exception {
     assumeTrue(getClusterType() == ClusterType.MINI);

Reply via email to