Package org.apache.hadoop.hbase.security.access

Class SecureTestUtil

java.lang.Object
org.apache.hadoop.hbase.security.access.SecureTestUtil
Direct Known Subclasses:
SnapshotWithAclTestBase, TestAccessControlFilter, TestAccessController, TestAccessController2, TestAccessController3, TestCellACLs, TestCellACLWithMultipleVersions, TestCoprocessorWhitelistMasterObserver, TestNamespaceCommands, TestRSGroupsWithACL, TestScanEarlyTermination, TestUnloadAccessController, TestWithDisabledAuthorization
public class SecureTestUtil extends Object
Utility methods for testing security

  • Field Details

  • Constructor Details

  • Method Details

    • configureSuperuser

      public static void configureSuperuser(org.apache.hadoop.conf.Configuration conf) throws IOException
      Throws:
      IOException

    • enableSecurity

      public static void enableSecurity(org.apache.hadoop.conf.Configuration conf) throws IOException
      Throws:
      IOException

    • verifyConfiguration

      public static void verifyConfiguration(org.apache.hadoop.conf.Configuration conf)

    • verifyAllowed

      public static void verifyAllowed(org.apache.hadoop.hbase.security.User user, SecureTestUtil.AccessTestAction... actions) throws Exception
      This fails only in case of ADE or empty list for any of the actions.
      Throws:
      Exception

    • verifyAllowed

      public static void verifyAllowed(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This fails only in case of ADE or empty list for any of the users.
      Throws:
      Exception

    • verifyAllowed

      public static void verifyAllowed(org.apache.hadoop.hbase.security.User user, SecureTestUtil.AccessTestAction action, int count) throws Exception
      Throws:
      Exception

    • verifyDenied

      public static void verifyDenied(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This passes only in case of ADE for all users.
      Throws:
      Exception

    • verifyIfEmptyList

      public static void verifyIfEmptyList(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This passes only in case of empty list for all users.
      Throws:
      Exception

    • verifyIfNull

      public static void verifyIfNull(SecureTestUtil.AccessTestAction action, org.apache.hadoop.hbase.security.User... users) throws Exception
      This passes only in case of null for all users.
      Throws:
      Exception

    • verifyDenied

      public static void verifyDenied(org.apache.hadoop.hbase.security.User user, SecureTestUtil.AccessTestAction... actions) throws Exception
      This passes only in case of ADE for all actions.
      Throws:
      Exception

    • getAccessControllers

      private static List<org.apache.hadoop.hbase.security.access.AccessController> getAccessControllers(SingleProcessHBaseCluster cluster)

    • getAuthManagerMTimes

      private static Map<org.apache.hadoop.hbase.security.access.AccessController,Long> getAuthManagerMTimes(SingleProcessHBaseCluster cluster)

    • updateACLs

      private static void updateACLs(HBaseTestingUtil util, Callable c) throws Exception
      Throws:
      Exception

    • grantGlobal

      public static void grantGlobal(HBaseTestingUtil util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions globally to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantGlobal

      public static void grantGlobal(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtil util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions globally to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeGlobal

      public static void revokeGlobal(HBaseTestingUtil util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions globally from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeGlobal

      public static void revokeGlobal(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtil util, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions globally from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnNamespace

      public static void grantOnNamespace(HBaseTestingUtil util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a namespace to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnNamespace

      public static void grantOnNamespace(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtil util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a namespace to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnNamespaceUsingAccessControlClient

      public static void grantOnNamespaceUsingAccessControlClient(HBaseTestingUtil util, org.apache.hadoop.hbase.client.Connection connection, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a namespace to the given user using AccessControl Client. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromNamespaceUsingAccessControlClient

      public static void revokeFromNamespaceUsingAccessControlClient(HBaseTestingUtil util, org.apache.hadoop.hbase.client.Connection connection, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a namespace from the given user using AccessControl Client. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromNamespace

      public static void revokeFromNamespace(HBaseTestingUtil util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a namespace from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromNamespace

      public static void revokeFromNamespace(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtil util, String user, String namespace, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a namespace from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnTable

      public static void grantOnTable(HBaseTestingUtil util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a table to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnTable

      public static void grantOnTable(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtil util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a table to the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantOnTableUsingAccessControlClient

      public static void grantOnTableUsingAccessControlClient(HBaseTestingUtil util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant permissions on a table to the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • grantGlobalUsingAccessControlClient

      public static void grantGlobalUsingAccessControlClient(HBaseTestingUtil util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Grant global permissions to the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromTable

      public static void revokeFromTable(HBaseTestingUtil util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a table from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromTable

      public static void revokeFromTable(org.apache.hadoop.hbase.security.User caller, HBaseTestingUtil util, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a table from the given user. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeFromTableUsingAccessControlClient

      public static void revokeFromTableUsingAccessControlClient(HBaseTestingUtil util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] qualifier, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke permissions on a table from the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • revokeGlobalUsingAccessControlClient

      public static void revokeGlobalUsingAccessControlClient(HBaseTestingUtil util, org.apache.hadoop.hbase.client.Connection connection, String user, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws Exception
      Revoke global permissions from the given user using AccessControlClient. Will wait until all active AccessController instances have updated their permissions caches or will throw an exception upon timeout (10 seconds).
      Throws:
      Exception

    • createTable

      public static org.apache.hadoop.hbase.client.Table createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.TableName tableName, byte[][] families) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.client.TableDescriptor htd) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.client.TableDescriptor htd, byte[][] splitKeys) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.client.Admin admin, org.apache.hadoop.hbase.client.TableDescriptor htd) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.client.Admin admin, org.apache.hadoop.hbase.client.TableDescriptor htd, byte[][] splitKeys) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.security.User user, org.apache.hadoop.hbase.client.TableDescriptor htd) throws Exception
      Throws:
      Exception

    • createTable

      public static void createTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.security.User user, org.apache.hadoop.hbase.client.TableDescriptor htd, byte[][] splitKeys) throws Exception
      Throws:
      Exception

    • deleteTable

      public static void deleteTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.TableName tableName) throws Exception
      Throws:
      Exception

    • createNamespace

      public static void createNamespace(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.NamespaceDescriptor nsDesc) throws Exception
      Throws:
      Exception

    • deleteNamespace

      public static void deleteNamespace(HBaseTestingUtil testUtil, String namespace) throws Exception
      Throws:
      Exception

    • deleteTable

      public static void deleteTable(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.client.Admin admin, org.apache.hadoop.hbase.TableName tableName) throws Exception
      Throws:
      Exception

    • convertToNamespace

      public static String convertToNamespace(String namespace)

    • checkGlobalPerms

      public static void checkGlobalPerms(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws IOException
      Throws:
      IOException

    • checkTablePerms

      public static void checkTablePerms(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.TableName table, byte[] family, byte[] column, org.apache.hadoop.hbase.security.access.Permission.Action... actions) throws IOException
      Throws:
      IOException

    • checkTablePerms

      public static void checkTablePerms(HBaseTestingUtil testUtil, org.apache.hadoop.hbase.security.access.Permission... perms) throws IOException
      Throws:
      IOException

    • checkPermissions

      private static void checkPermissions(org.apache.hadoop.conf.Configuration conf, org.apache.hadoop.hbase.security.access.Permission... perms) throws IOException
      Throws:
      IOException