ap...

ecn Wed, 08 May 2013 06:49:49 -0700

Author: ecn
Date: Wed May  8 13:49:07 2013
New Revision: 1480275

URL: http://svn.apache.org/r1480275
Log:
ACCUMULO-1373 applied Corey's patch


Modified:
    accumulo/trunk/   (props changed)
    accumulo/trunk/assemble/   (props changed)
    accumulo/trunk/core/   (props changed)
    accumulo/trunk/examples/   (props changed)
    accumulo/trunk/fate/src/main/java/org/apache/accumulo/fate/ZooStore.java   
(props changed)
    
accumulo/trunk/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooSession.java
   (props changed)
    accumulo/trunk/pom.xml   (props changed)
    accumulo/trunk/proxy/README   (props changed)
    
accumulo/trunk/proxy/src/main/java/org/apache/accumulo/proxy/ProxyServer.java
    accumulo/trunk/proxy/src/test/java/org/apache/accumulo/proxy/SimpleTest.java
    accumulo/trunk/server/   (props changed)
    accumulo/trunk/src/   (props changed)

Propchange: accumulo/trunk/
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5:r1480274

Propchange: accumulo/trunk/assemble/
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/assemble:r1480274

Propchange: accumulo/trunk/core/
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/core:r1480274

Propchange: accumulo/trunk/examples/
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/examples:r1480274

Propchange: 
accumulo/trunk/fate/src/main/java/org/apache/accumulo/fate/ZooStore.java
------------------------------------------------------------------------------
  Merged 
/accumulo/branches/1.5/fate/src/main/java/org/apache/accumulo/fate/ZooStore.java:r1480274

Propchange: 
accumulo/trunk/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooSession.java
------------------------------------------------------------------------------
  Merged 
/accumulo/branches/1.5/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooSession.java:r1480274

Propchange: accumulo/trunk/pom.xml
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/pom.xml:r1480274

Propchange: accumulo/trunk/proxy/README
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/proxy/README:r1480274

Modified: 
accumulo/trunk/proxy/src/main/java/org/apache/accumulo/proxy/ProxyServer.java
URL: 
http://svn.apache.org/viewvc/accumulo/trunk/proxy/src/main/java/org/apache/accumulo/proxy/ProxyServer.java?rev=1480275&r1=1480274&r2=1480275&view=diff
==============================================================================
--- 
accumulo/trunk/proxy/src/main/java/org/apache/accumulo/proxy/ProxyServer.java 
(original)
+++ 
accumulo/trunk/proxy/src/main/java/org/apache/accumulo/proxy/ProxyServer.java 
Wed May  8 13:49:07 2013
@@ -1454,7 +1454,9 @@ public class ProxyServer implements Accu
     try {
       AuthenticationToken token = getToken(principal, loginProperties);
       TCredentials credential = CredentialHelper.create(principal, token, 
instance.getInstanceID());
-      return ByteBuffer.wrap(CredentialHelper.asByteArray(credential));
+      ByteBuffer login = 
ByteBuffer.wrap(CredentialHelper.asByteArray(credential));
+      getConnector(login); // check to make sure user exists
+      return login;
     } catch (AccumuloSecurityException e) {
       throw new 
org.apache.accumulo.proxy.thrift.AccumuloSecurityException(e.toString());
     } catch (Exception e) {

Modified: 
accumulo/trunk/proxy/src/test/java/org/apache/accumulo/proxy/SimpleTest.java
URL: 
http://svn.apache.org/viewvc/accumulo/trunk/proxy/src/test/java/org/apache/accumulo/proxy/SimpleTest.java?rev=1480275&r1=1480274&r2=1480275&view=diff
==============================================================================
--- 
accumulo/trunk/proxy/src/test/java/org/apache/accumulo/proxy/SimpleTest.java 
(original)
+++ 
accumulo/trunk/proxy/src/test/java/org/apache/accumulo/proxy/SimpleTest.java 
Wed May  8 13:49:07 2013
@@ -90,6 +90,7 @@ import org.apache.hadoop.fs.FSDataInputS
 import org.apache.hadoop.fs.FileSystem;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.io.Text;
+import org.apache.thrift.TException;
 import org.apache.thrift.protocol.TProtocolFactory;
 import org.apache.thrift.server.TServer;
 import org.junit.AfterClass;
@@ -165,6 +166,275 @@ public class SimpleTest {
   }
   
   @Test(timeout = 10000)
+  public void security() throws Exception {
+    client.createLocalUser(creds, "user", s2bb(secret));
+    ByteBuffer badLogin = client.login("user", properties);
+    client.dropLocalUser(creds, "user");
+    String table = "test1";
+    client.createTable(creds, table, false, TimeType.MILLIS);
+    
+    final IteratorSetting setting = new IteratorSetting(100, "slow", 
SlowIterator.class.getName(), Collections.singletonMap("sleepTime", "200"));
+    
+    try {
+      client.addConstraint(badLogin, table, 
NumericValueConstraint.class.getName());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.addSplits(badLogin, table, Collections.singleton(s2bb("1")));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.clearLocatorCache(badLogin, table);
+      fail("exception not thrown");
+    } catch (TException ex) {}
+    try {
+      client.compactTable(badLogin, table, null, null, null, true, false);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.cancelCompaction(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.createTable(badLogin, table, false, TimeType.MILLIS);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.deleteTable(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.deleteRows(badLogin, table, null, null);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.tableExists(badLogin, table);
+      fail("exception not thrown");
+    } catch (TException ex) {}
+    try {
+      client.flushTable(badLogin, table, null, null, false);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getLocalityGroups(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getMaxRow(badLogin, table, Collections.<ByteBuffer> emptySet(), 
null, false, null, false);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getTableProperties(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.listSplits(badLogin, table, 10000);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.listTables(badLogin);
+      fail("exception not thrown");
+    } catch (TException ex) {}
+    try {
+      client.listConstraints(badLogin, table);
+      fail("exception not thrown");
+    } catch (TException ex) {}
+    try {
+      client.mergeTablets(badLogin, table, null, null);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.offlineTable(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.onlineTable(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.removeConstraint(badLogin, table, 0);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.removeTableProperty(badLogin, table, 
Property.TABLE_FILE_MAX.getKey());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.renameTable(badLogin, table, "someTableName");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      Map<String,Set<String>> groups = new HashMap<String,Set<String>>();
+      groups.put("group1", Collections.singleton("cf1"));
+      groups.put("group2", Collections.singleton("cf2"));
+      client.setLocalityGroups(badLogin, table, groups);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.setTableProperty(badLogin, table, 
Property.TABLE_FILE_MAX.getKey(), "0");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.tableIdMap(badLogin);
+      fail("exception not thrown");
+    } catch (TException ex) {}
+    try {
+      client.getSiteConfiguration(badLogin);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getSystemConfiguration(badLogin);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getTabletServers(badLogin);
+      fail("exception not thrown");
+    } catch (TException ex) {}
+    try {
+      client.getActiveScans(badLogin, "fake");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getActiveCompactions(badLogin, "fakse");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.removeProperty(badLogin, "table.split.threshold");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.setProperty(badLogin, "table.split.threshold", "500M");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.testClassLoad(badLogin, DevNull.class.getName(), 
SortedKeyValueIterator.class.getName());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.authenticateUser(badLogin, "root", s2pp(secret));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      HashSet<ByteBuffer> auths = new 
HashSet<ByteBuffer>(Arrays.asList(s2bb("A"), s2bb("B")));
+      client.changeUserAuthorizations(badLogin, "stooge", auths);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.changeLocalUserPassword(badLogin, "stooge", s2bb(""));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.createLocalUser(badLogin, "stooge", s2bb("password"));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.dropLocalUser(badLogin, "stooge");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getUserAuthorizations(badLogin, "stooge");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.grantSystemPermission(badLogin, "stooge", 
SystemPermission.CREATE_TABLE);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.grantTablePermission(badLogin, "root", table, 
TablePermission.WRITE);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.hasSystemPermission(badLogin, "stooge", 
SystemPermission.CREATE_TABLE);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.hasTablePermission(badLogin, "root", table, 
TablePermission.WRITE);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.listLocalUsers(badLogin);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.revokeSystemPermission(badLogin, "stooge", 
SystemPermission.CREATE_TABLE);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.revokeTablePermission(badLogin, "root", table, 
TablePermission.ALTER_TABLE);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.createScanner(badLogin, table, new ScanOptions());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.createBatchScanner(badLogin, table, new BatchScanOptions());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.updateAndFlush(badLogin, table, new 
HashMap<ByteBuffer,List<ColumnUpdate>>());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.createWriter(badLogin, table, new WriterOptions());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.attachIterator(badLogin, "slow", setting, 
EnumSet.allOf(IteratorScope.class));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.checkIteratorConflicts(badLogin, table, setting, 
EnumSet.allOf(IteratorScope.class));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.cloneTable(badLogin, table, TABLE_TEST, false, null, null);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.exportTable(badLogin, table, "/tmp");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.importTable(badLogin, "testify", "/tmp");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.getIteratorSetting(badLogin, table, "foo", IteratorScope.SCAN);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.listIterators(badLogin, table);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.removeIterator(badLogin, table, "name", 
EnumSet.allOf(IteratorScope.class));
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.splitRangeByTablets(badLogin, table, 
client.getRowRange(ByteBuffer.wrap("row".getBytes())), 10);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      File newFolder = folder.newFolder();
+      client.importDirectory(badLogin, table, "/tmp", 
newFolder.getAbsolutePath(), true);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.pingTabletServer(badLogin, "fake");
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.login("badUser", properties);
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+    try {
+      client.testTableClassLoad(badLogin, table, 
VersioningIterator.class.getName(), SortedKeyValueIterator.class.getName());
+      fail("exception not thrown");
+    } catch (AccumuloSecurityException ex) {}
+  }
+  
+  @Test(timeout = 10000)
   public void tableNotFound() throws Exception {
     final String doesNotExist = "doesNotExists";
     try {

Propchange: accumulo/trunk/server/
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/server:r1480274

Propchange: accumulo/trunk/src/
------------------------------------------------------------------------------
  Merged /accumulo/branches/1.5/src:r1480274

svn commit: r1480275 - in /accumulo/trunk: ./ assemble/ core/ examples/ fate/src/main/java/org/apache/accumulo/fate/ fate/src/main/java/org/apache/accumulo/fate/zookeeper/ proxy/ proxy/src/main/java/org/apache/accumulo/proxy/ proxy/src/test/java/org/ap...

Reply via email to