Package org.apache.hadoop.hbase.security.access

Class SecureTestUtil

java.lang.Object
org.apache.hadoop.hbase.security.access.SecureTestUtil
Direct Known Subclasses:
SnapshotWithAclTestBase, TestAccessControlFilter, TestAccessController, TestAccessController2, TestAccessController3, TestCellACLs, TestCellACLWithMultipleVersions, TestCoprocessorWhitelistMasterObserver, TestNamespaceCommands, TestRSGroupsWithACL, TestScanEarlyTermination, TestUnloadAccessController, TestWithDisabledAuthorization
public class SecureTestUtil extends Object
Utility methods for testing security

  • Field Details

  • Constructor Details

  • Method Details

    • configureSuperuser

      public static void configureSuperuser(org.apache.hadoop.conf.Configuration conf) throws IOException
      Throws:
      IOException

    • enableSecurity

      public static void enableSecurity(org.apache.hadoop.conf.Configuration conf) throws IOException
      Throws:
      IOException

    • verifyConfiguration

      public static void verifyConfiguration(org.apache.hadoop.conf.Configuration conf)

    • verifyAllowed

      public static void verifyAllowed(org.apache.hadoop.hbase.security.User user, SecureTestUtil.AccessTestAction... actions) throws Exception
      This fails only in case of ADE or empty list for any of the actions.
      Throws:
      Exception

    • verifyAllowed

      public static void verifyAllowed(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This fails only in case of ADE or empty list for any of the users.
      Throws:
      Exception

    • verifyAllowed

      public static void verifyAllowed(org.apache.hadoop.hbase.security.User user, SecureTestUtil.AccessTestAction action, int count) throws Exception
      Throws:
      Exception

    • verifyDenied

      public static void verifyDenied(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This passes only in case of ADE for all users.
      Throws:
      Exception

    • verifyIfEmptyList

      public static void verifyIfEmptyList(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This passes only in case of empty list for all users.
      Throws:
      Exception

    • verifyIfNull

      public static void verifyIfNull(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This passes only in case of null for all users.
      Throws:
      Exception

    • verifyDenied

      public static void verifyDenied(org.apache.hadoop.hbase.security.User user, SecureTestUtil.AccessTestAction... actions) throws Exception
      This passes only in case of ADE for all actions.
      Throws:
      Exception

    • getAccessControllers

      private static List<org.apache.hadoop.hbase.security.access.AccessController> getAccessControllers(MiniHBaseCluster cluster)

    • getAuthManagerMTimes

      private static Map<org.apache.hadoop.hbase.security.access.AccessController,Long> getAuthManagerMTimes(MiniHBaseCluster cluster)

    • updateACLs

      private static void updateACLs(HBaseTestingUtility util, Callable c) throws Exception
      Throws:
      Exception

    • grantGlobal

      public static void grantGlobal(HBaseTestingUtility util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions globally to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantGlobal

      public static void grantGlobal(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtility util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions globally to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeGlobal

      public static void revokeGlobal(HBaseTestingUtility util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions globally from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeGlobal

      public static void revokeGlobal(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtility util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions globally from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnNamespace

      public static void grantOnNamespace(HBaseTestingUtility util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a namespace to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnNamespace

      public static void grantOnNamespace(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtility util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a namespace to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnNamespaceUsingAccessControlClient

      public static void grantOnNamespaceUsingAccessControlClient(HBaseTestingUtility util, org.apache.hadoop.hbase.client.Connection connection, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a namespace to the given user using AccessControl Client. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromNamespaceUsingAccessControlClient

      public static void revokeFromNamespaceUsingAccessControlClient(HBaseTestingUtility util, org.apache.hadoop.hbase.client.Connection connection, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a namespace from the given user using AccessControl Client. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromNamespace

      public static void revokeFromNamespace(HBaseTestingUtility util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a namespace from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromNamespace

      public static void revokeFromNamespace(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtility util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a namespace from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnTable

      public static void grantOnTable(HBaseTestingUtility util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a table to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnTable

      public static void grantOnTable(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtility util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a table to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnTableUsingAccessControlClient

      public static void grantOnTableUsingAccessControlClient(HBaseTestingUtility util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a table to the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantGlobalUsingAccessControlClient

      public static void grantGlobalUsingAccessControlClient(HBaseTestingUtility util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant global permissions to the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromTable

      public static void revokeFromTable(HBaseTestingUtility util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a table from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromTable

      public static void revokeFromTable(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtility util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a table from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromTableUsingAccessControlClient

      public static void revokeFromTableUsingAccessControlClient(HBaseTestingUtility util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a table from the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeGlobalUsingAccessControlClient

      public static void revokeGlobalUsingAccessControlClient(HBaseTestingUtility util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke global permissions from the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • createTable

      public static org.apache.hadoop.hbase.client.Table createTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.TableName tableName, byte[][] families) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.client.TableDescriptor htd) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.client.TableDescriptor htd, byte[][] splitKeys) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.client.Admin admin, org.apache.hadoop.hbase.client.TableDescriptor htd) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.client.Admin admin, org.apache.hadoop.hbase.client.TableDescriptor htd, byte[][] splitKeys) throws Exception
      Throws:
      Exception

    • deleteTable

      public static void deleteTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.TableName tableName) throws Exception
      Throws:
      Exception

    • createNamespace

      public static void createNamespace(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.NamespaceDescriptor nsDesc) throws Exception
      Throws:
      Exception

    • deleteNamespace

      public static void deleteNamespace(HBaseTestingUtility testUtil, String namespace) throws Exception
      Throws:
      Exception

    • deleteTable

      public static void deleteTable(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.client.Admin admin, org.apache.hadoop.hbase.TableName tableName) throws Exception
      Throws:
      Exception

    • convertToNamespace

      public static String convertToNamespace(String namespace)

    • checkGlobalPerms

      public static void checkGlobalPerms(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws IOException
      Throws:
      IOException

    • checkTablePerms

      public static void checkTablePerms(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] column, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws IOException
      Throws:
      IOException

    • checkTablePerms

      public static void checkTablePerms(HBaseTestingUtility testUtil, org.apache.hadoop.hbase.security.access.Permission... perms) throws IOException
      Throws:
      IOException

    • checkPermissions

      private static void checkPermissions(org.apache.hadoop.conf.Configuration conf, org.apache.hadoop.hbase.security.access.Permission... perms) throws IOException
      Throws:
      IOException