Updated Branches: refs/heads/1.4.5-SNAPSHOT 8e0e0e1f5 -> 5c50e42be refs/heads/1.5.1-SNAPSHOT 0603edbbe -> ea41264a6 refs/heads/1.6.0-SNAPSHOT 9747cc767 -> 1496c5f32 refs/heads/master 398610d48 -> e1ed7a44a
ACCUMULO-2182 Backport of ACCUMULO-1123 to 1.4.x Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/ed4c2273 Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/ed4c2273 Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/ed4c2273 Branch: refs/heads/1.4.5-SNAPSHOT Commit: ed4c2273f7fd34e27fbda1616321117b0561badf Parents: 8e0e0e1 Author: Bill Havanki <[email protected]> Authored: Mon Jan 13 14:23:48 2014 -0500 Committer: Bill Havanki <[email protected]> Committed: Mon Jan 13 17:04:15 2014 -0500 ---------------------------------------------------------------------- .../accumulo/server/test/randomwalk/State.java | 6 +++++- .../test/randomwalk/security/ChangePass.java | 2 ++ .../test/randomwalk/security/CreateUser.java | 1 + .../test/randomwalk/security/SecurityHelper.java | 10 ++++++++++ .../server/test/randomwalk/security/TableOp.java | 18 ++++++++++++++++-- 5 files changed, 34 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/accumulo/blob/ed4c2273/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/State.java ---------------------------------------------------------------------- diff --git a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/State.java b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/State.java index 1c73414..344f3b3 100644 --- a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/State.java +++ b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/State.java @@ -78,6 +78,10 @@ public class State { public Integer getInteger(String key) { return (Integer) stateMap.get(key); } + + public Long getLong(String key) { + return (Long) stateMap.get(key); + } public String getProperty(String key) { return props.getProperty(key); @@ -150,4 +154,4 @@ public class State { return retval; } -} \ No newline at end of file +} http://git-wip-us.apache.org/repos/asf/accumulo/blob/ed4c2273/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/ChangePass.java ---------------------------------------------------------------------- diff --git a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/ChangePass.java b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/ChangePass.java index 429c8cd..f9f0a7e 100644 --- a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/ChangePass.java +++ b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/ChangePass.java @@ -97,6 +97,8 @@ public class ChangePass extends Test { SecurityHelper.setSysUserPass(state, newPass); } else SecurityHelper.setTabUserPass(state, newPass); + // Waiting 1 second for password to propogate through Zk + Thread.sleep(1000); if (!hasPerm) throw new AccumuloException("Password change succeeded when it should have failed."); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/ed4c2273/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/CreateUser.java ---------------------------------------------------------------------- diff --git a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/CreateUser.java b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/CreateUser.java index afefee8..fe6458f 100644 --- a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/CreateUser.java +++ b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/CreateUser.java @@ -67,6 +67,7 @@ public class CreateUser extends Test { } SecurityHelper.setTabUserPass(state, tabUserPass); SecurityHelper.setTabUserExists(state, true); + Thread.sleep(1000); if (!hasPermission) throw new AccumuloException("Didn't get Security Exception when we should have"); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/ed4c2273/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/SecurityHelper.java ---------------------------------------------------------------------- diff --git a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/SecurityHelper.java b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/SecurityHelper.java index 52a4672..c8d1ea0 100644 --- a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/SecurityHelper.java +++ b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/SecurityHelper.java @@ -140,8 +140,18 @@ public class SecurityHelper { public static void setUserAuths(State state, String target, Authorizations auths) { state.set(target + "_auths", auths); + state.set("Auths-" + target + '-' + "time", System.currentTimeMillis()); } + public static boolean ambiguousAuthorizations(State state, String target) { + Long setTime = state.getLong("Auths-" + target + '-' + "time"); + if (setTime == null) + throw new RuntimeException("WTF? Auths-" + target + '-' + "time is null"); + if (System.currentTimeMillis() < (setTime + 1000)) + return true; + return false; + } + @SuppressWarnings("unchecked") public static Map<String,Integer> getAuthsMap(State state) { return (Map<String,Integer>) state.get(authsMap); http://git-wip-us.apache.org/repos/asf/accumulo/blob/ed4c2273/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/TableOp.java ---------------------------------------------------------------------- diff --git a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/TableOp.java b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/TableOp.java index e0b8deb..8d309b8 100644 --- a/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/TableOp.java +++ b/src/server/src/main/java/org/apache/accumulo/server/test/randomwalk/security/TableOp.java @@ -83,6 +83,7 @@ public class TableOp extends Test { case READ: Authorizations auths = SecurityHelper.getUserAuths(state, SecurityHelper.getTabUserName(state)); boolean canRead = SecurityHelper.getTabPerm(state, SecurityHelper.getTabUserName(state), TablePermission.READ); + boolean ambiguousAuths = SecurityHelper.ambiguousAuthorizations(state, SecurityHelper.getTabUserName(state)); try { Scanner scan = conn.createScanner(tableName, conn.securityOperations().getUserAuthorizations(SecurityHelper.getTabUserName(state))); int seen = 0; @@ -91,7 +92,7 @@ public class TableOp extends Test { Entry<Key,Value> entry = iter.next(); Key k = entry.getKey(); seen++; - if (!auths.contains(k.getColumnVisibilityData())) + if (!auths.contains(k.getColumnVisibilityData()) && !ambiguousAuths) throw new AccumuloException("Got data I should not be capable of seeing: " + k + " table " + tableName); } if (!canRead) @@ -100,7 +101,7 @@ public class TableOp extends Test { if (auths.contains(entry.getKey().getBytes())) seen = seen - entry.getValue(); } - if (seen != 0) + if (seen != 0 && !ambiguousAuths) throw new AccumuloException("Got mismatched amounts of data"); } catch (TableNotFoundException tnfe) { if (tableExists) @@ -113,6 +114,12 @@ public class TableOp extends Test { else return; } + if (ae.getErrorCode().equals(SecurityErrorCode.BAD_AUTHORIZATIONS)) { + if (ambiguousAuths) + return; + else + throw new AccumuloException("Mismatched authorizations! ", ae); + } throw new AccumuloException("Unexpected exception!", ae); } catch (RuntimeException re) { if (re.getCause() instanceof AccumuloSecurityException @@ -122,6 +129,13 @@ public class TableOp extends Test { else return; } + if (re.getCause() instanceof AccumuloSecurityException + && ((AccumuloSecurityException) re.getCause()).getErrorCode().equals(SecurityErrorCode.BAD_AUTHORIZATIONS)) { + if (ambiguousAuths) + return; + else + throw new AccumuloException("Mismatched authorizations! ", re.getCause()); + } throw new AccumuloException("Unexpected exception!", re); }
