001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.access;
019
020import static org.junit.Assert.fail;
021
022import java.util.ArrayList;
023import java.util.List;
024import org.apache.hadoop.hbase.DoNotRetryIOException;
025import org.apache.hadoop.hbase.HBaseClassTestRule;
026import org.apache.hadoop.hbase.HBaseTestingUtility;
027import org.apache.hadoop.hbase.TableName;
028import org.apache.hadoop.hbase.client.Admin;
029import org.apache.hadoop.hbase.testclassification.SecurityTests;
030import org.apache.hadoop.hbase.testclassification.SmallTests;
031import org.junit.AfterClass;
032import org.junit.BeforeClass;
033import org.junit.ClassRule;
034import org.junit.Test;
035import org.junit.experimental.categories.Category;
036
037@Category({ SecurityTests.class, SmallTests.class })
038public class TestUnloadAccessController extends SecureTestUtil {
039
040  @ClassRule
041  public static final HBaseClassTestRule CLASS_RULE =
042    HBaseClassTestRule.forClass(TestUnloadAccessController.class);
043
044  private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
045  private static TableName TEST_TABLE = TableName.valueOf("TestUnloadAccessController");
046  private static Permission permission =
047    Permission.newBuilder(TEST_TABLE).withActions(Permission.Action.READ).build();
048  private static Admin admin;
049
050  @BeforeClass
051  public static void setupBeforeClass() throws Exception {
052    TEST_UTIL.startMiniCluster();
053    TEST_UTIL.waitUntilAllSystemRegionsAssigned();
054    admin = TEST_UTIL.getAdmin();
055  }
056
057  @AfterClass
058  public static void tearDownAfterClass() throws Exception {
059    TEST_UTIL.shutdownMiniCluster();
060  }
061
062  @Test
063  public void testGrant() {
064    try {
065      admin.grant(new UserPermission("user", permission), false);
066      fail("Expected UnsupportedOperationException but not found");
067    } catch (Throwable e) {
068      checkException(e);
069    }
070  }
071
072  @Test
073  public void testRevoke() {
074    try {
075      admin.revoke(new UserPermission("user", permission));
076      fail("Expected UnsupportedOperationException but not found");
077    } catch (Throwable e) {
078      e.printStackTrace();
079      checkException(e);
080    }
081  }
082
083  @Test
084  public void testGetUserPermissions() {
085    try {
086      admin.getUserPermissions(GetUserPermissionsRequest.newBuilder().build());
087      fail("Expected UnsupportedOperationException but not found");
088    } catch (Throwable e) {
089      checkException(e);
090    }
091  }
092
093  @Test
094  public void testHasUserPermission() {
095    try {
096      List<Permission> permissionList = new ArrayList<>();
097      permissionList.add(permission);
098      admin.hasUserPermissions(permissionList);
099      fail("Expected UnsupportedOperationException but not found");
100    } catch (Throwable e) {
101      checkException(e);
102    }
103  }
104
105  private void checkException(Throwable e) {
106    if (
107      e instanceof DoNotRetryIOException
108        && e.getMessage().contains(UnsupportedOperationException.class.getName())
109    ) {
110      return;
111    }
112    fail("Expected UnsupportedOperationException but found " + e.getMessage());
113  }
114}