http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReportingIterator.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReportingIterator.java b/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReportingIterator.java index 7e1676a..7b529cd 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReportingIterator.java +++ b/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReportingIterator.java @@ -21,6 +21,7 @@ import java.util.Collection; import java.util.Map; import java.util.concurrent.atomic.AtomicBoolean; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.data.ByteSequence; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Range; @@ -35,10 +36,10 @@ public class ProblemReportingIterator implements InterruptibleIterator { private boolean sawError = false; private final boolean continueOnError; private String resource; - private String tableId; + private Table.ID tableId; private final AccumuloServerContext context; - public ProblemReportingIterator(AccumuloServerContext context, String tableId, String resource, boolean continueOnError, + public ProblemReportingIterator(AccumuloServerContext context, Table.ID tableId, String resource, boolean continueOnError, SortedKeyValueIterator<Key,Value> source) { this.context = context; this.tableId = tableId;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReports.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReports.java b/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReports.java index 2d570c8..70f873d 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReports.java +++ b/server/base/src/main/java/org/apache/accumulo/server/problems/ProblemReports.java @@ -35,6 +35,7 @@ import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.IteratorSetting; import org.apache.accumulo.core.client.Scanner; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Mutation; import org.apache.accumulo.core.data.Range; @@ -93,10 +94,10 @@ public class ProblemReports implements Iterable<ProblemReport> { @Override public void run() { - log.debug("Filing problem report " + pr.getTableName() + " " + pr.getProblemType() + " " + pr.getResource()); + log.debug("Filing problem report " + pr.getTableId() + " " + pr.getProblemType() + " " + pr.getResource()); try { - if (isMeta(pr.getTableName())) { + if (isMeta(pr.getTableId())) { // file report in zookeeper pr.saveToZooKeeper(); } else { @@ -104,7 +105,7 @@ public class ProblemReports implements Iterable<ProblemReport> { pr.saveToMetadataTable(context); } } catch (Exception e) { - log.error("Failed to file problem report " + pr.getTableName() + " " + pr.getProblemType() + " " + pr.getResource(), e); + log.error("Failed to file problem report " + pr.getTableId() + " " + pr.getProblemType() + " " + pr.getResource(), e); } } @@ -113,18 +114,18 @@ public class ProblemReports implements Iterable<ProblemReport> { try { reportExecutor.execute(new LoggingRunnable(log, r)); } catch (RejectedExecutionException ree) { - log.error("Failed to report problem {} {} {} {}", pr.getTableName(), pr.getProblemType(), pr.getResource(), ree.getMessage()); + log.error("Failed to report problem {} {} {} {}", pr.getTableId(), pr.getProblemType(), pr.getResource(), ree.getMessage()); } } public void printProblems() throws Exception { for (ProblemReport pr : this) { - System.out.println(pr.getTableName() + " " + pr.getProblemType() + " " + pr.getResource() + " " + pr.getException()); + System.out.println(pr.getTableId() + " " + pr.getProblemType() + " " + pr.getResource() + " " + pr.getException()); } } - public void deleteProblemReport(String table, ProblemType pType, String resource) { + public void deleteProblemReport(Table.ID table, ProblemType pType, String resource) { final ProblemReport pr = new ProblemReport(table, pType, resource, null); Runnable r = new Runnable() { @@ -132,7 +133,7 @@ public class ProblemReports implements Iterable<ProblemReport> { @Override public void run() { try { - if (isMeta(pr.getTableName())) { + if (isMeta(pr.getTableId())) { // file report in zookeeper pr.removeFromZooKeeper(); } else { @@ -140,7 +141,7 @@ public class ProblemReports implements Iterable<ProblemReport> { pr.removeFromMetadataTable(context); } } catch (Exception e) { - log.error("Failed to delete problem report {} {} {}", pr.getTableName(), pr.getProblemType(), pr.getResource(), e); + log.error("Failed to delete problem report {} {} {}", pr.getTableId(), pr.getProblemType(), pr.getResource(), e); } } }; @@ -148,13 +149,13 @@ public class ProblemReports implements Iterable<ProblemReport> { try { reportExecutor.execute(new LoggingRunnable(log, r)); } catch (RejectedExecutionException ree) { - log.error("Failed to delete problem report {} {} {} {}", pr.getTableName(), pr.getProblemType(), pr.getResource(), ree.getMessage()); + log.error("Failed to delete problem report {} {} {} {}", pr.getTableId(), pr.getProblemType(), pr.getResource(), ree.getMessage()); } } private static ProblemReports instance; - public void deleteProblemReports(String table) throws Exception { + public void deleteProblemReports(Table.ID table) throws Exception { if (isMeta(table)) { Iterator<ProblemReport> pri = iterator(table); @@ -182,11 +183,11 @@ public class ProblemReports implements Iterable<ProblemReport> { MetadataTableUtil.getMetadataTable(context).update(delMut); } - private static boolean isMeta(String tableId) { + private static boolean isMeta(Table.ID tableId) { return tableId.equals(MetadataTable.ID) || tableId.equals(RootTable.ID); } - public Iterator<ProblemReport> iterator(final String table) { + public Iterator<ProblemReport> iterator(final Table.ID table) { try { return new Iterator<ProblemReport>() { @@ -305,15 +306,15 @@ public class ProblemReports implements Iterable<ProblemReport> { getInstance(new AccumuloServerContext(instance, new ServerConfigurationFactory(instance))).printProblems(); } - public Map<String,Map<ProblemType,Integer>> summarize() { + public Map<Table.ID,Map<ProblemType,Integer>> summarize() { - TreeMap<String,Map<ProblemType,Integer>> summary = new TreeMap<>(); + TreeMap<Table.ID,Map<ProblemType,Integer>> summary = new TreeMap<>(); for (ProblemReport pr : this) { - Map<ProblemType,Integer> tableProblems = summary.get(pr.getTableName()); + Map<ProblemType,Integer> tableProblems = summary.get(pr.getTableId()); if (tableProblems == null) { tableProblems = new EnumMap<>(ProblemType.class); - summary.put(pr.getTableName(), tableProblems); + summary.put(pr.getTableId(), tableProblems); } Integer count = tableProblems.get(pr.getProblemType()); http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/replication/DistributedWorkQueueWorkAssignerHelper.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/replication/DistributedWorkQueueWorkAssignerHelper.java b/server/base/src/main/java/org/apache/accumulo/server/replication/DistributedWorkQueueWorkAssignerHelper.java index 339a03e..6b033d9 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/replication/DistributedWorkQueueWorkAssignerHelper.java +++ b/server/base/src/main/java/org/apache/accumulo/server/replication/DistributedWorkQueueWorkAssignerHelper.java @@ -20,6 +20,7 @@ import static java.util.Objects.requireNonNull; import java.util.Map.Entry; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.replication.ReplicationTarget; import org.apache.accumulo.server.zookeeper.DistributedWorkQueue; @@ -72,6 +73,6 @@ public class DistributedWorkQueueWorkAssignerHelper { } return Maps.immutableEntry(filename, new ReplicationTarget(queueKey.substring(index + 1, secondIndex), queueKey.substring(secondIndex + 1, thirdIndex), - queueKey.substring(thirdIndex + 1))); + new Table.ID(queueKey.substring(thirdIndex + 1)))); } } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/replication/ReplicationUtil.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/replication/ReplicationUtil.java b/server/base/src/main/java/org/apache/accumulo/server/replication/ReplicationUtil.java index a793b6a..777711a 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/replication/ReplicationUtil.java +++ b/server/base/src/main/java/org/apache/accumulo/server/replication/ReplicationUtil.java @@ -32,6 +32,7 @@ import org.apache.accumulo.core.client.BatchScanner; import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.Scanner; import org.apache.accumulo.core.client.TableNotFoundException; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.core.conf.Property; import org.apache.accumulo.core.data.Key; @@ -117,14 +118,14 @@ public class ReplicationUtil { public Set<ReplicationTarget> getReplicationTargets() { // The total set of configured targets final Set<ReplicationTarget> allConfiguredTargets = new HashSet<>(); - final Map<String,String> tableNameToId = Tables.getNameToIdMap(context.getInstance()); + final Map<String,Table.ID> tableNameToId = Tables.getNameToIdMap(context.getInstance()); for (String table : tableNameToId.keySet()) { if (MetadataTable.NAME.equals(table) || RootTable.NAME.equals(table)) { continue; } - String localId = tableNameToId.get(table); + Table.ID localId = tableNameToId.get(table); if (null == localId) { log.trace("Could not determine ID for {}", table); continue; http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java index 8f4934b..b85c4ed 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java @@ -26,6 +26,8 @@ import java.util.Map.Entry; import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.client.impl.Credentials; +import org.apache.accumulo.core.client.impl.Namespace; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.core.client.impl.Translator; import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException; @@ -77,7 +79,7 @@ public class AuditedSecurityOperation extends SecurityOperation { return instance; } - private String getTableName(String tableId) { + private String getTableName(Table.ID tableId) { try { return Tables.getTableName(context.getInstance(), tableId); } catch (TableNotFoundException e) { @@ -93,7 +95,7 @@ public class AuditedSecurityOperation extends SecurityOperation { return auths; } - private boolean shouldAudit(TCredentials credentials, String tableId) { + private boolean shouldAudit(TCredentials credentials, Table.ID tableId) { return (audit.isInfoEnabled() || audit.isEnabledFor(Level.WARN)) && !tableId.equals(MetadataTable.ID) && shouldAudit(credentials); } @@ -143,7 +145,7 @@ public class AuditedSecurityOperation extends SecurityOperation { } @Override - public boolean canScan(TCredentials credentials, String tableId, String namespaceId, TRange range, List<TColumn> columns, List<IterInfo> ssiList, + public boolean canScan(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId, TRange range, List<TColumn> columns, List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException { if (shouldAudit(credentials, tableId)) { Range convertedRange = new Range(range); @@ -167,7 +169,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_SCAN_BATCH_AUDIT_TEMPLATE = "action: scan; targetTable: %s; authorizations: %s; range: %s; columns: %s; iterators: %s; iteratorOptions: %s;"; @Override - public boolean canScan(TCredentials credentials, String tableId, String namespaceId, Map<TKeyExtent,List<TRange>> tbatch, List<TColumn> tcolumns, + public boolean canScan(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId, Map<TKeyExtent,List<TRange>> tbatch, List<TColumn> tcolumns, List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException { if (shouldAudit(credentials, tableId)) { @SuppressWarnings({"unchecked", "rawtypes"}) @@ -236,7 +238,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_CREATE_TABLE_AUDIT_TEMPLATE = "action: createTable; targetTable: %s;"; @Override - public boolean canCreateTable(TCredentials c, String tableName, String namespaceId) throws ThriftSecurityException { + public boolean canCreateTable(TCredentials c, String tableName, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canCreateTable(c, tableName, namespaceId); audit(c, result, CAN_CREATE_TABLE_AUDIT_TEMPLATE, tableName); @@ -250,7 +252,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_DELETE_TABLE_AUDIT_TEMPLATE = "action: deleteTable; targetTable: %s;"; @Override - public boolean canDeleteTable(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canDeleteTable(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { String tableName = getTableName(tableId); try { boolean result = super.canDeleteTable(c, tableId, namespaceId); @@ -265,7 +267,8 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_RENAME_TABLE_AUDIT_TEMPLATE = "action: renameTable; targetTable: %s; newTableName: %s;"; @Override - public boolean canRenameTable(TCredentials c, String tableId, String oldTableName, String newTableName, String namespaceId) throws ThriftSecurityException { + public boolean canRenameTable(TCredentials c, Table.ID tableId, String oldTableName, String newTableName, Namespace.ID namespaceId) + throws ThriftSecurityException { try { boolean result = super.canRenameTable(c, tableId, oldTableName, newTableName, namespaceId); audit(c, result, CAN_RENAME_TABLE_AUDIT_TEMPLATE, oldTableName, newTableName); @@ -279,7 +282,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_SPLIT_TABLE_AUDIT_TEMPLATE = "action: splitTable; targetTable: %s; targetNamespace: %s;"; @Override - public boolean canSplitTablet(TCredentials credentials, String table, String namespaceId) throws ThriftSecurityException { + public boolean canSplitTablet(TCredentials credentials, Table.ID table, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canSplitTablet(credentials, table, namespaceId); audit(credentials, result, CAN_SPLIT_TABLE_AUDIT_TEMPLATE, table, namespaceId); @@ -307,7 +310,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_FLUSH_TABLE_AUDIT_TEMPLATE = "action: flushTable; targetTable: %s; targetNamespace: %s;"; @Override - public boolean canFlush(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canFlush(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canFlush(c, tableId, namespaceId); audit(c, result, CAN_FLUSH_TABLE_AUDIT_TEMPLATE, tableId, namespaceId); @@ -321,7 +324,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_ALTER_TABLE_AUDIT_TEMPLATE = "action: alterTable; targetTable: %s; targetNamespace: %s;"; @Override - public boolean canAlterTable(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canAlterTable(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canAlterTable(c, tableId, namespaceId); audit(c, result, CAN_ALTER_TABLE_AUDIT_TEMPLATE, tableId, namespaceId); @@ -335,7 +338,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_CLONE_TABLE_AUDIT_TEMPLATE = "action: cloneTable; targetTable: %s; newTableName: %s"; @Override - public boolean canCloneTable(TCredentials c, String tableId, String tableName, String destinationNamespaceId, String sourceNamespaceId) + public boolean canCloneTable(TCredentials c, Table.ID tableId, String tableName, Namespace.ID destinationNamespaceId, Namespace.ID sourceNamespaceId) throws ThriftSecurityException { String oldTableName = getTableName(tableId); try { @@ -351,7 +354,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_DELETE_RANGE_AUDIT_TEMPLATE = "action: deleteData; targetTable: %s; startRange: %s; endRange: %s;"; @Override - public boolean canDeleteRange(TCredentials c, String tableId, String tableName, Text startRow, Text endRow, String namespaceId) + public boolean canDeleteRange(TCredentials c, Table.ID tableId, String tableName, Text startRow, Text endRow, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canDeleteRange(c, tableId, tableName, startRow, endRow, namespaceId); @@ -366,7 +369,8 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_BULK_IMPORT_AUDIT_TEMPLATE = "action: bulkImport; targetTable: %s; dataDir: %s; failDir: %s;"; @Override - public boolean canBulkImport(TCredentials c, String tableId, String tableName, String dir, String failDir, String namespaceId) throws ThriftSecurityException { + public boolean canBulkImport(TCredentials c, Table.ID tableId, String tableName, String dir, String failDir, Namespace.ID namespaceId) + throws ThriftSecurityException { try { boolean result = super.canBulkImport(c, tableId, namespaceId); audit(c, result, CAN_BULK_IMPORT_AUDIT_TEMPLATE, tableName, dir, failDir); @@ -380,7 +384,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_COMPACT_TABLE_AUDIT_TEMPLATE = "action: compactTable; targetTable: %s; targetNamespace: %s;"; @Override - public boolean canCompact(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canCompact(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canCompact(c, tableId, namespaceId); audit(c, result, CAN_COMPACT_TABLE_AUDIT_TEMPLATE, tableId, namespaceId); @@ -467,7 +471,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_GRANT_TABLE_AUDIT_TEMPLATE = "action: grantTable; targetUser: %s; targetTable: %s; targetNamespace: %s;"; @Override - public boolean canGrantTable(TCredentials c, String user, String table, String namespaceId) throws ThriftSecurityException { + public boolean canGrantTable(TCredentials c, String user, Table.ID table, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canGrantTable(c, user, table, namespaceId); audit(c, result, CAN_GRANT_TABLE_AUDIT_TEMPLATE, user, table, namespaceId); @@ -495,7 +499,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_REVOKE_TABLE_AUDIT_TEMPLATE = "action: revokeTable; targetUser: %s; targetTable %s; targetNamespace: %s;"; @Override - public boolean canRevokeTable(TCredentials c, String user, String table, String namespaceId) throws ThriftSecurityException { + public boolean canRevokeTable(TCredentials c, String user, Table.ID table, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canRevokeTable(c, user, table, namespaceId); audit(c, result, CAN_REVOKE_TABLE_AUDIT_TEMPLATE, user, table, namespaceId); @@ -509,7 +513,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_IMPORT_AUDIT_TEMPLATE = "action: import; targetTable: %s; dataDir: %s;"; @Override - public boolean canImport(TCredentials credentials, String tableName, String importDir, String namespaceId) throws ThriftSecurityException { + public boolean canImport(TCredentials credentials, String tableName, String importDir, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canImport(credentials, tableName, importDir, namespaceId); @@ -524,7 +528,8 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_EXPORT_AUDIT_TEMPLATE = "action: export; targetTable: %s; dataDir: %s;"; @Override - public boolean canExport(TCredentials credentials, String tableId, String tableName, String exportDir, String namespaceId) throws ThriftSecurityException { + public boolean canExport(TCredentials credentials, Table.ID tableId, String tableName, String exportDir, Namespace.ID namespaceId) + throws ThriftSecurityException { try { boolean result = super.canExport(credentials, tableId, tableName, exportDir, namespaceId); @@ -565,7 +570,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String GRANT_TABLE_PERMISSION_AUDIT_TEMPLATE = "action: grantTablePermission; permission: %s; targetTable: %s; targetUser: %s;"; @Override - public void grantTablePermission(TCredentials credentials, String user, String tableId, TablePermission permission, String namespaceId) + public void grantTablePermission(TCredentials credentials, String user, Table.ID tableId, TablePermission permission, Namespace.ID namespaceId) throws ThriftSecurityException { String tableName = getTableName(tableId); try { @@ -594,7 +599,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String REVOKE_TABLE_PERMISSION_AUDIT_TEMPLATE = "action: revokeTablePermission; permission: %s; targetTable: %s; targetUser: %s;"; @Override - public void revokeTablePermission(TCredentials credentials, String user, String tableId, TablePermission permission, String namespaceId) + public void revokeTablePermission(TCredentials credentials, String user, Table.ID tableId, TablePermission permission, Namespace.ID namespaceId) throws ThriftSecurityException { String tableName = getTableName(tableId); try { @@ -623,7 +628,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_ONLINE_OFFLINE_TABLE_AUDIT_TEMPLATE = "action: %s; targetTable: %s;"; @Override - public boolean canOnlineOfflineTable(TCredentials credentials, String tableId, FateOperation op, String namespaceId) throws ThriftSecurityException { + public boolean canOnlineOfflineTable(TCredentials credentials, Table.ID tableId, FateOperation op, Namespace.ID namespaceId) throws ThriftSecurityException { String tableName = getTableName(tableId); String operation = null; if (op == FateOperation.TABLE_ONLINE) @@ -643,7 +648,7 @@ public class AuditedSecurityOperation extends SecurityOperation { public static final String CAN_MERGE_TABLE_AUDIT_TEMPLATE = "action: mergeTable; targetTable: %s; targetNamespace: %s;"; @Override - public boolean canMerge(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canMerge(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { try { boolean result = super.canMerge(c, tableId, namespaceId); audit(c, result, CAN_MERGE_TABLE_AUDIT_TEMPLATE, tableId, namespaceId); http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java b/server/base/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java index fd7746a..c7ad65c 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java @@ -28,7 +28,9 @@ import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.NamespaceNotFoundException; import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.client.impl.Credentials; +import org.apache.accumulo.core.client.impl.Namespace; import org.apache.accumulo.core.client.impl.Namespaces; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode; import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException; import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; @@ -136,7 +138,7 @@ public class SecurityOperation { authorizor.initializeSecurity(credentials, rootPrincipal); permHandle.initializeSecurity(credentials, rootPrincipal); try { - permHandle.grantTablePermission(rootPrincipal, MetadataTable.ID, TablePermission.ALTER_TABLE); + permHandle.grantTablePermission(rootPrincipal, MetadataTable.ID.canonicalID(), TablePermission.ALTER_TABLE); } catch (TableNotFoundException e) { // Shouldn't happen throw new RuntimeException(e); @@ -293,7 +295,7 @@ public class SecurityOperation { * * @return true if a user exists and has permission; false otherwise */ - private boolean hasSystemPermissionWithNamespaceId(TCredentials credentials, SystemPermission permission, String namespaceId, boolean useCached) + private boolean hasSystemPermissionWithNamespaceId(TCredentials credentials, SystemPermission permission, Namespace.ID namespaceId, boolean useCached) throws ThriftSecurityException { if (isSystemUser(credentials)) return true; @@ -333,7 +335,7 @@ public class SecurityOperation { * * @return true if a user exists and has permission; false otherwise */ - protected boolean hasTablePermission(TCredentials credentials, String tableId, String namespaceId, TablePermission permission, boolean useCached) + protected boolean hasTablePermission(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId, TablePermission permission, boolean useCached) throws ThriftSecurityException { if (isSystemUser(credentials)) return true; @@ -347,7 +349,7 @@ public class SecurityOperation { * * @return true if a user exists and has permission; false otherwise */ - protected boolean _hasTablePermission(String user, String table, TablePermission permission, boolean useCached) throws ThriftSecurityException { + protected boolean _hasTablePermission(String user, Table.ID table, TablePermission permission, boolean useCached) throws ThriftSecurityException { targetUserExists(user); if ((table.equals(MetadataTable.ID) || table.equals(RootTable.ID) || table.equals(ReplicationTable.ID)) && permission.equals(TablePermission.READ)) @@ -355,8 +357,8 @@ public class SecurityOperation { try { if (useCached) - return permHandle.hasCachedTablePermission(user, table, permission); - return permHandle.hasTablePermission(user, table, permission); + return permHandle.hasCachedTablePermission(user, table.canonicalID(), permission); + return permHandle.hasTablePermission(user, table.canonicalID(), permission); } catch (AccumuloSecurityException e) { throw e.asThriftException(); } catch (TableNotFoundException e) { @@ -370,7 +372,8 @@ public class SecurityOperation { * * @return true if a user exists and has permission; false otherwise */ - protected boolean _hasNamespacePermission(String user, String namespace, NamespacePermission permission, boolean useCached) throws ThriftSecurityException { + protected boolean _hasNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission, boolean useCached) + throws ThriftSecurityException { if (permission == null) return false; @@ -409,27 +412,27 @@ public class SecurityOperation { } } - public boolean canScan(TCredentials credentials, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canScan(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasTablePermission(credentials, tableId, namespaceId, TablePermission.READ, true); } - public boolean canScan(TCredentials credentials, String tableId, String namespaceId, TRange range, List<TColumn> columns, List<IterInfo> ssiList, + public boolean canScan(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId, TRange range, List<TColumn> columns, List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException { return canScan(credentials, tableId, namespaceId); } - public boolean canScan(TCredentials credentials, String table, String namespaceId, Map<TKeyExtent,List<TRange>> tbatch, List<TColumn> tcolumns, + public boolean canScan(TCredentials credentials, Table.ID table, Namespace.ID namespaceId, Map<TKeyExtent,List<TRange>> tbatch, List<TColumn> tcolumns, List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException { return canScan(credentials, table, namespaceId); } - public boolean canWrite(TCredentials credentials, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canWrite(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasTablePermission(credentials, tableId, namespaceId, TablePermission.WRITE, true); } - public boolean canConditionallyUpdate(TCredentials credentials, String tableID, String namespaceId, List<ByteBuffer> authorizations) + public boolean canConditionallyUpdate(TCredentials credentials, Table.ID tableID, Namespace.ID namespaceId, List<ByteBuffer> authorizations) throws ThriftSecurityException { authenticate(credentials); @@ -438,7 +441,7 @@ public class SecurityOperation { && hasTablePermission(credentials, tableID, namespaceId, TablePermission.READ, true); } - public boolean canSplitTablet(TCredentials credentials, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canSplitTablet(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasSystemPermissionWithNamespaceId(credentials, SystemPermission.ALTER_TABLE, namespaceId, false) || hasSystemPermissionWithNamespaceId(credentials, SystemPermission.SYSTEM, namespaceId, false) @@ -453,73 +456,75 @@ public class SecurityOperation { return hasSystemPermission(credentials, SystemPermission.SYSTEM, false); } - public boolean canFlush(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canFlush(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasTablePermission(c, tableId, namespaceId, TablePermission.WRITE, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.ALTER_TABLE, false); } - public boolean canAlterTable(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canAlterTable(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasTablePermission(c, tableId, namespaceId, TablePermission.ALTER_TABLE, false) || hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false); } - public boolean canCreateTable(TCredentials c, String table, String namespaceId) throws ThriftSecurityException { + public boolean canCreateTable(TCredentials c, String tableName, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.CREATE_TABLE, namespaceId, false); } - public boolean canRenameTable(TCredentials c, String tableId, String oldTableName, String newTableName, String namespaceId) throws ThriftSecurityException { + public boolean canRenameTable(TCredentials c, Table.ID tableId, String oldTableName, String newTableName, Namespace.ID namespaceId) + throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.ALTER_TABLE, false); } - public boolean canCloneTable(TCredentials c, String tableId, String tableName, String destinationNamespaceId, String srcNamespaceId) + public boolean canCloneTable(TCredentials c, Table.ID tableId, String tableName, Namespace.ID destinationNamespaceId, Namespace.ID srcNamespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.CREATE_TABLE, destinationNamespaceId, false) && hasTablePermission(c, tableId, srcNamespaceId, TablePermission.READ, false); } - public boolean canDeleteTable(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canDeleteTable(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.DROP_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.DROP_TABLE, false); } - public boolean canOnlineOfflineTable(TCredentials c, String tableId, FateOperation op, String namespaceId) throws ThriftSecurityException { + public boolean canOnlineOfflineTable(TCredentials c, Table.ID tableId, FateOperation op, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.SYSTEM, namespaceId, false) || hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.ALTER_TABLE, false); } - public boolean canMerge(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canMerge(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.SYSTEM, namespaceId, false) || hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.ALTER_TABLE, false); } - public boolean canDeleteRange(TCredentials c, String tableId, String tableName, Text startRow, Text endRow, String namespaceId) + public boolean canDeleteRange(TCredentials c, Table.ID tableId, String tableName, Text startRow, Text endRow, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.SYSTEM, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.WRITE, false); } - public boolean canBulkImport(TCredentials c, String tableId, String tableName, String dir, String failDir, String namespaceId) throws ThriftSecurityException { + public boolean canBulkImport(TCredentials c, Table.ID tableId, String tableName, String dir, String failDir, Namespace.ID namespaceId) + throws ThriftSecurityException { return canBulkImport(c, tableId, namespaceId); } - public boolean canBulkImport(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canBulkImport(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasTablePermission(c, tableId, namespaceId, TablePermission.BULK_IMPORT, false); } - public boolean canCompact(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canCompact(TCredentials c, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.ALTER_TABLE, false) @@ -553,17 +558,17 @@ public class SecurityOperation { return hasSystemPermission(c, SystemPermission.GRANT, false); } - public boolean canGrantTable(TCredentials c, String user, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canGrantTable(TCredentials c, String user, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.GRANT, false); } - public boolean canGrantNamespace(TCredentials c, String user, String namespace) throws ThriftSecurityException { + public boolean canGrantNamespace(TCredentials c, String user, Namespace.ID namespace) throws ThriftSecurityException { return canModifyNamespacePermission(c, user, namespace); } - private boolean canModifyNamespacePermission(TCredentials c, String user, String namespace) throws ThriftSecurityException { + private boolean canModifyNamespacePermission(TCredentials c, String user, Namespace.ID namespace) throws ThriftSecurityException { authenticate(c); // The one case where Table/SystemPermission -> NamespacePermission breaks down. The alternative is to make SystemPermission.ALTER_NAMESPACE provide // NamespacePermission.GRANT & ALTER_NAMESPACE, but then it would cause some permission checks to succeed with GRANT when they shouldn't @@ -582,13 +587,13 @@ public class SecurityOperation { return hasSystemPermission(c, SystemPermission.GRANT, false); } - public boolean canRevokeTable(TCredentials c, String user, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canRevokeTable(TCredentials c, String user, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(c); return hasSystemPermissionWithNamespaceId(c, SystemPermission.ALTER_TABLE, namespaceId, false) || hasTablePermission(c, tableId, namespaceId, TablePermission.GRANT, false); } - public boolean canRevokeNamespace(TCredentials c, String user, String namespace) throws ThriftSecurityException { + public boolean canRevokeNamespace(TCredentials c, String user, Namespace.ID namespace) throws ThriftSecurityException { return canModifyNamespacePermission(c, user, namespace); } @@ -670,14 +675,15 @@ public class SecurityOperation { } } - public void grantTablePermission(TCredentials c, String user, String tableId, TablePermission permission, String namespaceId) throws ThriftSecurityException { + public void grantTablePermission(TCredentials c, String user, Table.ID tableId, TablePermission permission, Namespace.ID namespaceId) + throws ThriftSecurityException { if (!canGrantTable(c, user, tableId, namespaceId)) throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { - permHandle.grantTablePermission(user, tableId, permission); + permHandle.grantTablePermission(user, tableId.canonicalID(), permission); log.info("Granted table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); @@ -686,7 +692,7 @@ public class SecurityOperation { } } - public void grantNamespacePermission(TCredentials c, String user, String namespace, NamespacePermission permission) throws ThriftSecurityException { + public void grantNamespacePermission(TCredentials c, String user, Namespace.ID namespace, NamespacePermission permission) throws ThriftSecurityException { if (!canGrantNamespace(c, user, namespace)) throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); @@ -718,14 +724,15 @@ public class SecurityOperation { } } - public void revokeTablePermission(TCredentials c, String user, String tableId, TablePermission permission, String namespaceId) throws ThriftSecurityException { + public void revokeTablePermission(TCredentials c, String user, Table.ID tableId, TablePermission permission, Namespace.ID namespaceId) + throws ThriftSecurityException { if (!canRevokeTable(c, user, tableId, namespaceId)) throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { - permHandle.revokeTablePermission(user, tableId, permission); + permHandle.revokeTablePermission(user, tableId.canonicalID(), permission); log.info("Revoked table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.getPrincipal()); } catch (AccumuloSecurityException e) { @@ -735,7 +742,7 @@ public class SecurityOperation { } } - public void revokeNamespacePermission(TCredentials c, String user, String namespace, NamespacePermission permission) throws ThriftSecurityException { + public void revokeNamespacePermission(TCredentials c, String user, Namespace.ID namespace, NamespacePermission permission) throws ThriftSecurityException { if (!canRevokeNamespace(c, user, namespace)) throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); @@ -759,13 +766,13 @@ public class SecurityOperation { return _hasSystemPermission(user, permissionById, false); } - public boolean hasTablePermission(TCredentials credentials, String user, String tableId, TablePermission permissionById) throws ThriftSecurityException { + public boolean hasTablePermission(TCredentials credentials, String user, Table.ID tableId, TablePermission permissionById) throws ThriftSecurityException { if (!canAskAboutOtherUsers(credentials, user)) throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); return _hasTablePermission(user, tableId, permissionById, false); } - public boolean hasNamespacePermission(TCredentials credentials, String user, String namespace, NamespacePermission permissionById) + public boolean hasNamespacePermission(TCredentials credentials, String user, Namespace.ID namespace, NamespacePermission permissionById) throws ThriftSecurityException { if (!canAskAboutOtherUsers(credentials, user)) throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); @@ -781,11 +788,11 @@ public class SecurityOperation { } } - public void deleteTable(TCredentials credentials, String tableId, String namespaceId) throws ThriftSecurityException { + public void deleteTable(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { if (!canDeleteTable(credentials, tableId, namespaceId)) throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); try { - permHandle.cleanTablePermissions(tableId); + permHandle.cleanTablePermissions(tableId.canonicalID()); } catch (AccumuloSecurityException e) { e.setUser(credentials.getPrincipal()); throw e.asThriftException(); @@ -794,7 +801,7 @@ public class SecurityOperation { } } - public void deleteNamespace(TCredentials credentials, String namespace) throws ThriftSecurityException { + public void deleteNamespace(TCredentials credentials, Namespace.ID namespace) throws ThriftSecurityException { if (!canDeleteNamespace(credentials, namespace)) throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); try { @@ -807,36 +814,33 @@ public class SecurityOperation { } } - public boolean canExport(TCredentials credentials, String tableId, String tableName, String exportDir, String namespaceId) throws ThriftSecurityException { + public boolean canExport(TCredentials credentials, Table.ID tableId, String tableName, String exportDir, Namespace.ID namespaceId) + throws ThriftSecurityException { authenticate(credentials); return hasTablePermission(credentials, tableId, namespaceId, TablePermission.READ, false); } - public boolean canImport(TCredentials credentials, String tableName, String importDir, String namespaceId) throws ThriftSecurityException { + public boolean canImport(TCredentials credentials, String tableName, String importDir, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasSystemPermissionWithNamespaceId(credentials, SystemPermission.CREATE_TABLE, namespaceId, false); } - public boolean canAlterNamespace(TCredentials credentials, String namespaceId) throws ThriftSecurityException { + public boolean canAlterNamespace(TCredentials credentials, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasSystemPermissionWithNamespaceId(credentials, SystemPermission.ALTER_NAMESPACE, namespaceId, false); } - public boolean canCreateNamespace(TCredentials credentials, String namespace) throws ThriftSecurityException { - return canCreateNamespace(credentials); - } - - private boolean canCreateNamespace(TCredentials credentials) throws ThriftSecurityException { + public boolean canCreateNamespace(TCredentials credentials) throws ThriftSecurityException { authenticate(credentials); return hasSystemPermission(credentials, SystemPermission.CREATE_NAMESPACE, false); } - public boolean canDeleteNamespace(TCredentials credentials, String namespaceId) throws ThriftSecurityException { + public boolean canDeleteNamespace(TCredentials credentials, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasSystemPermissionWithNamespaceId(credentials, SystemPermission.DROP_NAMESPACE, namespaceId, false); } - public boolean canRenameNamespace(TCredentials credentials, String namespaceId, String oldName, String newName) throws ThriftSecurityException { + public boolean canRenameNamespace(TCredentials credentials, Namespace.ID namespaceId, String oldName, String newName) throws ThriftSecurityException { authenticate(credentials); return hasSystemPermissionWithNamespaceId(credentials, SystemPermission.ALTER_NAMESPACE, namespaceId, false); } @@ -846,7 +850,7 @@ public class SecurityOperation { return hasSystemPermission(credentials, SystemPermission.OBTAIN_DELEGATION_TOKEN, false); } - public boolean canGetSummaries(TCredentials credentials, String tableId, String namespaceId) throws ThriftSecurityException { + public boolean canGetSummaries(TCredentials credentials, Table.ID tableId, Namespace.ID namespaceId) throws ThriftSecurityException { authenticate(credentials); return hasTablePermission(credentials, tableId, namespaceId, TablePermission.GET_SUMMARIES, false); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java b/server/base/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java index b4e5e25..a66757f 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java @@ -19,6 +19,7 @@ package org.apache.accumulo.server.security.handler; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.NamespaceNotFoundException; import org.apache.accumulo.core.client.TableNotFoundException; +import org.apache.accumulo.core.client.impl.Namespace; import org.apache.accumulo.core.security.NamespacePermission; import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; @@ -85,26 +86,26 @@ public class InsecurePermHandler implements PermissionHandler { public void initTable(String table) throws AccumuloSecurityException {} @Override - public boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public boolean hasNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { return true; } @Override - public boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public boolean hasCachedNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { return true; } @Override - public void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public void grantNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException {} @Override - public void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public void revokeNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException {} @Override - public void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException, NamespaceNotFoundException {} + public void cleanNamespacePermissions(Namespace.ID namespace) throws AccumuloSecurityException, NamespaceNotFoundException {} } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosPermissionHandler.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosPermissionHandler.java b/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosPermissionHandler.java index 777b05d..e91e84f 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosPermissionHandler.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosPermissionHandler.java @@ -23,6 +23,7 @@ import java.util.Base64; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.NamespaceNotFoundException; import org.apache.accumulo.core.client.TableNotFoundException; +import org.apache.accumulo.core.client.impl.Namespace; import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException; import org.apache.accumulo.core.security.NamespacePermission; import org.apache.accumulo.core.security.SystemPermission; @@ -76,13 +77,13 @@ public class KerberosPermissionHandler implements PermissionHandler { } @Override - public boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public boolean hasNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { return zkPermissionHandler.hasNamespacePermission(Base64.getEncoder().encodeToString(user.getBytes(UTF_8)), namespace, permission); } @Override - public boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public boolean hasCachedNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { return zkPermissionHandler.hasCachedNamespacePermission(Base64.getEncoder().encodeToString(user.getBytes(UTF_8)), namespace, permission); } @@ -108,13 +109,13 @@ public class KerberosPermissionHandler implements PermissionHandler { } @Override - public void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public void grantNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { zkPermissionHandler.grantNamespacePermission(Base64.getEncoder().encodeToString(user.getBytes(UTF_8)), namespace, permission); } @Override - public void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public void revokeNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { zkPermissionHandler.revokeNamespacePermission(Base64.getEncoder().encodeToString(user.getBytes(UTF_8)), namespace, permission); } @@ -125,7 +126,7 @@ public class KerberosPermissionHandler implements PermissionHandler { } @Override - public void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException, NamespaceNotFoundException { + public void cleanNamespacePermissions(Namespace.ID namespace) throws AccumuloSecurityException, NamespaceNotFoundException { zkPermissionHandler.cleanNamespacePermissions(namespace); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java b/server/base/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java index 117aa77..3f084de 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java @@ -19,6 +19,7 @@ package org.apache.accumulo.server.security.handler; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.NamespaceNotFoundException; import org.apache.accumulo.core.client.TableNotFoundException; +import org.apache.accumulo.core.client.impl.Namespace; import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException; import org.apache.accumulo.core.security.NamespacePermission; import org.apache.accumulo.core.security.SystemPermission; @@ -70,12 +71,13 @@ public interface PermissionHandler { /** * Used to get the namespace permission of a user for a namespace */ - boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException; + boolean hasNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, + NamespaceNotFoundException; /** * Used to get the namespace permission of a user for a namespace, with caching. This method is for high frequency operations */ - boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + boolean hasCachedNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException; /** @@ -101,12 +103,14 @@ public interface PermissionHandler { /** * Gives the user the given namespace permission */ - void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException; + void grantNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, + NamespaceNotFoundException; /** * Denies the user the given namespace permission. */ - void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException; + void revokeNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, + NamespaceNotFoundException; /** * Cleans up the permissions for a table. Used when a table gets deleted. @@ -116,7 +120,7 @@ public interface PermissionHandler { /** * Cleans up the permissions for a namespace. Used when a namespace gets deleted. */ - void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException, NamespaceNotFoundException; + void cleanNamespacePermissions(Namespace.ID namespace) throws AccumuloSecurityException, NamespaceNotFoundException; /** * Initializes a new user http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java b/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java index 2803627..0f25949 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java @@ -28,6 +28,7 @@ import java.util.Set; import java.util.TreeSet; import org.apache.accumulo.core.client.AccumuloSecurityException; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode; import org.apache.accumulo.core.metadata.MetadataTable; import org.apache.accumulo.core.metadata.RootTable; @@ -89,7 +90,7 @@ public class ZKAuthorizor implements Authorizor { Set<SystemPermission> rootPerms = new TreeSet<>(); for (SystemPermission p : SystemPermission.values()) rootPerms.add(p); - Map<String,Set<TablePermission>> tablePerms = new HashMap<>(); + Map<Table.ID,Set<TablePermission>> tablePerms = new HashMap<>(); // Allow the root user to flush the metadata tables tablePerms.put(MetadataTable.ID, Collections.singleton(TablePermission.ALTER_TABLE)); tablePerms.put(RootTable.ID, Collections.singleton(TablePermission.ALTER_TABLE)); http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java b/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java index cf43aee..7ffd2f2 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java +++ b/server/base/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java @@ -28,7 +28,9 @@ import java.util.TreeSet; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.NamespaceNotFoundException; import org.apache.accumulo.core.client.TableNotFoundException; +import org.apache.accumulo.core.client.impl.Namespace; import org.apache.accumulo.core.client.impl.Namespaces; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode; import org.apache.accumulo.core.metadata.MetadataTable; import org.apache.accumulo.core.metadata.RootTable; @@ -125,7 +127,7 @@ public class ZKPermHandler implements PermissionHandler { } @Override - public boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws NamespaceNotFoundException { + public boolean hasNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws NamespaceNotFoundException { byte[] serializedPerms; final ZooReaderWriter zrw = ZooReaderWriter.getInstance(); try { @@ -146,7 +148,7 @@ public class ZKPermHandler implements PermissionHandler { } catch (KeeperException ex) { // not there, throw an informative exception if (e.code() == Code.NONODE) { - throw new NamespaceNotFoundException(null, namespace, "while checking permissions"); + throw new NamespaceNotFoundException(namespace.canonicalID(), null, "while checking permissions"); } log.warn("Unhandled InterruptedException, failing closed for table permission check", e); } @@ -165,7 +167,7 @@ public class ZKPermHandler implements PermissionHandler { } @Override - public boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, + public boolean hasCachedNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException { byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserNamespacePerms + "/" + namespace); if (serializedPerms != null) { @@ -228,7 +230,7 @@ public class ZKPermHandler implements PermissionHandler { } @Override - public void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException { + public void grantNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException { Set<NamespacePermission> namespacePerms; byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserNamespacePerms + "/" + namespace); if (serializedPerms != null) @@ -309,7 +311,7 @@ public class ZKPermHandler implements PermissionHandler { } @Override - public void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException { + public void revokeNamespacePermission(String user, Namespace.ID namespace, NamespacePermission permission) throws AccumuloSecurityException { byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserNamespacePerms + "/" + namespace); // User had no namespace permission, nothing to revoke. @@ -355,7 +357,7 @@ public class ZKPermHandler implements PermissionHandler { } @Override - public void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException { + public void cleanNamespacePermissions(Namespace.ID namespace) throws AccumuloSecurityException { try { synchronized (zooCache) { zooCache.clear(); @@ -380,12 +382,12 @@ public class ZKPermHandler implements PermissionHandler { Set<SystemPermission> rootPerms = new TreeSet<>(); for (SystemPermission p : SystemPermission.values()) rootPerms.add(p); - Map<String,Set<TablePermission>> tablePerms = new HashMap<>(); + Map<Table.ID,Set<TablePermission>> tablePerms = new HashMap<>(); // Allow the root user to flush the system tables tablePerms.put(RootTable.ID, Collections.singleton(TablePermission.ALTER_TABLE)); tablePerms.put(MetadataTable.ID, Collections.singleton(TablePermission.ALTER_TABLE)); // essentially the same but on the system namespace, the ALTER_TABLE permission is now redundant - Map<String,Set<NamespacePermission>> namespacePerms = new HashMap<>(); + Map<Namespace.ID,Set<NamespacePermission>> namespacePerms = new HashMap<>(); namespacePerms.put(Namespaces.ACCUMULO_NAMESPACE_ID, Collections.singleton(NamespacePermission.ALTER_NAMESPACE)); namespacePerms.put(Namespaces.ACCUMULO_NAMESPACE_ID, Collections.singleton(NamespacePermission.ALTER_TABLE)); @@ -396,9 +398,9 @@ public class ZKPermHandler implements PermissionHandler { initUser(rootuser); zoo.putPersistentData(ZKUserPath + "/" + rootuser + ZKUserSysPerms, ZKSecurityTool.convertSystemPermissions(rootPerms), NodeExistsPolicy.FAIL); - for (Entry<String,Set<TablePermission>> entry : tablePerms.entrySet()) + for (Entry<Table.ID,Set<TablePermission>> entry : tablePerms.entrySet()) createTablePerm(rootuser, entry.getKey(), entry.getValue()); - for (Entry<String,Set<NamespacePermission>> entry : namespacePerms.entrySet()) + for (Entry<Namespace.ID,Set<NamespacePermission>> entry : namespacePerms.entrySet()) createNamespacePerm(rootuser, entry.getKey(), entry.getValue()); } catch (KeeperException e) { log.error("{}", e.getMessage(), e); @@ -428,7 +430,7 @@ public class ZKPermHandler implements PermissionHandler { /** * Sets up a new table configuration for the provided user/table. No checking for existence is done here, it should be done before calling. */ - private void createTablePerm(String user, String table, Set<TablePermission> perms) throws KeeperException, InterruptedException { + private void createTablePerm(String user, Table.ID table, Set<TablePermission> perms) throws KeeperException, InterruptedException { synchronized (zooCache) { zooCache.clear(); ZooReaderWriter.getInstance().putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, ZKSecurityTool.convertTablePermissions(perms), @@ -439,7 +441,7 @@ public class ZKPermHandler implements PermissionHandler { /** * Sets up a new namespace configuration for the provided user/table. No checking for existence is done here, it should be done before calling. */ - private void createNamespacePerm(String user, String namespace, Set<NamespacePermission> perms) throws KeeperException, InterruptedException { + private void createNamespacePerm(String user, Namespace.ID namespace, Set<NamespacePermission> perms) throws KeeperException, InterruptedException { synchronized (zooCache) { zooCache.clear(); ZooReaderWriter.getInstance().putPersistentData(ZKUserPath + "/" + user + ZKUserNamespacePerms + "/" + namespace, http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java b/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java index 61ea682..7c9509c 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java +++ b/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java @@ -28,6 +28,8 @@ import java.util.Set; import org.apache.accumulo.core.Constants; import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.NamespaceNotFoundException; +import org.apache.accumulo.core.client.impl.Namespace; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.core.master.state.tables.TableState; import org.apache.accumulo.core.util.Pair; @@ -51,7 +53,7 @@ public class TableManager { private static final Logger log = LoggerFactory.getLogger(TableManager.class); private static final Set<TableObserver> observers = Collections.synchronizedSet(new HashSet<TableObserver>()); - private static final Map<String,TableState> tableStateCache = Collections.synchronizedMap(new HashMap<String,TableState>()); + private static final Map<Table.ID,TableState> tableStateCache = Collections.synchronizedMap(new HashMap<>()); private static final byte[] ZERO_BYTE = new byte[] {'0'}; private static TableManager tableManager = null; @@ -59,8 +61,8 @@ public class TableManager { private final Instance instance; private ZooCache zooStateCache; - public static void prepareNewNamespaceState(String instanceId, String namespaceId, String namespace, NodeExistsPolicy existsPolicy) throws KeeperException, - InterruptedException { + public static void prepareNewNamespaceState(String instanceId, Namespace.ID namespaceId, String namespace, NodeExistsPolicy existsPolicy) + throws KeeperException, InterruptedException { log.debug("Creating ZooKeeper entries for new namespace " + namespace + " (ID: " + namespaceId + ")"); String zPath = Constants.ZROOT + "/" + instanceId + Constants.ZNAMESPACES + "/" + namespaceId; @@ -70,7 +72,7 @@ public class TableManager { zoo.putPersistentData(zPath + Constants.ZNAMESPACE_CONF, new byte[0], existsPolicy); } - public static void prepareNewTableState(String instanceId, String tableId, String namespaceId, String tableName, TableState state, + public static void prepareNewTableState(String instanceId, Table.ID tableId, Namespace.ID namespaceId, String tableName, TableState state, NodeExistsPolicy existsPolicy) throws KeeperException, InterruptedException { // state gets created last log.debug("Creating ZooKeeper entries for new table " + tableName + " (ID: " + tableId + ") in namespace (ID: " + namespaceId + ")"); @@ -80,7 +82,7 @@ public class TableManager { IZooReaderWriter zoo = ZooReaderWriter.getInstance(); zoo.putPersistentData(zTablePath, new byte[0], existsPolicy); zoo.putPersistentData(zTablePath + Constants.ZTABLE_CONF, new byte[0], existsPolicy); - zoo.putPersistentData(zTablePath + Constants.ZTABLE_NAMESPACE, namespaceId.getBytes(UTF_8), existsPolicy); + zoo.putPersistentData(zTablePath + Constants.ZTABLE_NAMESPACE, namespaceId.getUtf8(), existsPolicy); zoo.putPersistentData(zTablePath + Constants.ZTABLE_NAME, tableName.getBytes(UTF_8), existsPolicy); zoo.putPersistentData(zTablePath + Constants.ZTABLE_FLUSH_ID, ZERO_BYTE, existsPolicy); zoo.putPersistentData(zTablePath + Constants.ZTABLE_COMPACT_ID, ZERO_BYTE, existsPolicy); @@ -100,7 +102,7 @@ public class TableManager { updateTableStateCache(); } - public TableState getTableState(String tableId) { + public TableState getTableState(Table.ID tableId) { return tableStateCache.get(tableId); } @@ -125,7 +127,7 @@ public class TableManager { } - public synchronized void transitionTableState(final String tableId, final TableState newState) { + public synchronized void transitionTableState(final Table.ID tableId, final TableState newState) { String statePath = ZooUtil.getRoot(HdfsZooInstance.getInstance()) + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_STATE; try { @@ -170,11 +172,11 @@ public class TableManager { synchronized (tableStateCache) { for (String tableId : zooStateCache.getChildren(ZooUtil.getRoot(instance) + Constants.ZTABLES)) if (zooStateCache.get(ZooUtil.getRoot(instance) + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_STATE) != null) - updateTableStateCache(tableId); + updateTableStateCache(new Table.ID(tableId)); } } - public TableState updateTableStateCache(String tableId) { + public TableState updateTableStateCache(Table.ID tableId) { synchronized (tableStateCache) { TableState tState = TableState.UNKNOWN; byte[] data = zooStateCache.get(ZooUtil.getRoot(instance) + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_STATE); @@ -191,17 +193,17 @@ public class TableManager { } } - public void addTable(String tableId, String namespaceId, String tableName, NodeExistsPolicy existsPolicy) throws KeeperException, InterruptedException, - NamespaceNotFoundException { + public void addTable(Table.ID tableId, Namespace.ID namespaceId, String tableName, NodeExistsPolicy existsPolicy) throws KeeperException, + InterruptedException, NamespaceNotFoundException { prepareNewTableState(instance.getInstanceID(), tableId, namespaceId, tableName, TableState.NEW, existsPolicy); updateTableStateCache(tableId); } - public void cloneTable(String srcTable, String tableId, String tableName, String namespaceId, Map<String,String> propertiesToSet, + public void cloneTable(Table.ID srcTableId, Table.ID tableId, String tableName, Namespace.ID namespaceId, Map<String,String> propertiesToSet, Set<String> propertiesToExclude, NodeExistsPolicy existsPolicy) throws KeeperException, InterruptedException { prepareNewTableState(instance.getInstanceID(), tableId, namespaceId, tableName, TableState.NEW, existsPolicy); - String srcTablePath = Constants.ZROOT + "/" + instance.getInstanceID() + Constants.ZTABLES + "/" + srcTable + Constants.ZTABLE_CONF; + String srcTablePath = Constants.ZROOT + "/" + instance.getInstanceID() + Constants.ZTABLES + "/" + srcTableId + Constants.ZTABLE_CONF; String newTablePath = Constants.ZROOT + "/" + instance.getInstanceID() + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_CONF; ZooReaderWriter.getInstance().recursiveCopyPersistent(srcTablePath, newTablePath, NodeExistsPolicy.OVERWRITE); @@ -215,7 +217,7 @@ public class TableManager { updateTableStateCache(tableId); } - public void removeTable(String tableId) throws KeeperException, InterruptedException { + public void removeTable(Table.ID tableId) throws KeeperException, InterruptedException { synchronized (tableStateCache) { tableStateCache.remove(tableId); ZooReaderWriter.getInstance().recursiveDelete(ZooUtil.getRoot(instance) + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_STATE, @@ -243,14 +245,14 @@ public class TableManager { final EventType zType = event.getType(); String tablesPrefix = ZooUtil.getRoot(instance) + Constants.ZTABLES; - String tableId = null; + Table.ID tableId = null; if (zPath != null && zPath.startsWith(tablesPrefix + "/")) { String suffix = zPath.substring(tablesPrefix.length() + 1); if (suffix.contains("/")) { String[] sa = suffix.split("/", 2); if (Constants.ZTABLE_STATE.equals("/" + sa[1])) - tableId = sa[0]; + tableId = new Table.ID(sa[0]); } if (tableId == null) { log.warn("Unknown path in " + event); @@ -305,7 +307,7 @@ public class TableManager { } } - public void removeNamespace(String namespaceId) throws KeeperException, InterruptedException { + public void removeNamespace(Namespace.ID namespaceId) throws KeeperException, InterruptedException { ZooReaderWriter.getInstance().recursiveDelete(ZooUtil.getRoot(instance) + Constants.ZNAMESPACES + "/" + namespaceId, NodeMissingPolicy.SKIP); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/tables/TableObserver.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/tables/TableObserver.java b/server/base/src/main/java/org/apache/accumulo/server/tables/TableObserver.java index de88b96..34a5177 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/tables/TableObserver.java +++ b/server/base/src/main/java/org/apache/accumulo/server/tables/TableObserver.java @@ -18,12 +18,13 @@ package org.apache.accumulo.server.tables; import java.util.Map; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.master.state.tables.TableState; public interface TableObserver { - void initialize(Map<String,TableState> tableIdToStateMap); + void initialize(Map<Table.ID,TableState> tableIdToStateMap); - void stateChanged(String tableId, TableState tState); + void stateChanged(Table.ID tableId, TableState tState); void sessionExpired(); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/tabletserver/LargestFirstMemoryManager.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/tabletserver/LargestFirstMemoryManager.java b/server/base/src/main/java/org/apache/accumulo/server/tabletserver/LargestFirstMemoryManager.java index 0fcbab1..6fab112 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/tabletserver/LargestFirstMemoryManager.java +++ b/server/base/src/main/java/org/apache/accumulo/server/tabletserver/LargestFirstMemoryManager.java @@ -24,6 +24,7 @@ import java.util.TreeMap; import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.TableNotFoundException; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.conf.Property; import org.apache.accumulo.core.data.impl.KeyExtent; import org.apache.accumulo.server.client.HdfsZooInstance; @@ -51,7 +52,7 @@ public class LargestFirstMemoryManager implements MemoryManager { // The fraction of memory that needs to be used before we begin flushing. private double compactionThreshold; private long maxObserved; - private final HashMap<String,Long> mincIdleThresholds = new HashMap<>(); + private final HashMap<Table.ID,Long> mincIdleThresholds = new HashMap<>(); private ServerConfiguration config = null; private static class TabletInfo { @@ -139,13 +140,13 @@ public class LargestFirstMemoryManager implements MemoryManager { } protected long getMinCIdleThreshold(KeyExtent extent) { - String tableId = extent.getTableId(); + Table.ID tableId = extent.getTableId(); if (!mincIdleThresholds.containsKey(tableId)) mincIdleThresholds.put(tableId, config.getTableConfiguration(tableId).getTimeInMillis(Property.TABLE_MINC_COMPACT_IDLETIME)); return mincIdleThresholds.get(tableId); } - protected boolean tableExists(Instance instance, String tableId) { + protected boolean tableExists(Instance instance, Table.ID tableId) { // make sure that the table still exists by checking if it has a configuration return config.getTableConfiguration(tableId) != null; } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/util/CheckForMetadataProblems.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/util/CheckForMetadataProblems.java b/server/base/src/main/java/org/apache/accumulo/server/util/CheckForMetadataProblems.java index 4f69c72..743b61e 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/util/CheckForMetadataProblems.java +++ b/server/base/src/main/java/org/apache/accumulo/server/util/CheckForMetadataProblems.java @@ -112,7 +112,7 @@ public class CheckForMetadataProblems { count++; - String tableName = (new KeyExtent(entry.getKey().getRow(), (Text) null)).getTableId(); + String tableName = (new KeyExtent(entry.getKey().getRow(), (Text) null)).getTableId().canonicalID(); TreeSet<KeyExtent> tablets = tables.get(tableName); if (tablets == null) { http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/util/FindOfflineTablets.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/util/FindOfflineTablets.java b/server/base/src/main/java/org/apache/accumulo/server/util/FindOfflineTablets.java index 270f132..3e6d812 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/util/FindOfflineTablets.java +++ b/server/base/src/main/java/org/apache/accumulo/server/util/FindOfflineTablets.java @@ -24,6 +24,7 @@ import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.client.impl.ClientContext; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.core.data.Range; import org.apache.accumulo.core.data.impl.KeyExtent; @@ -101,7 +102,7 @@ public class FindOfflineTablets { Range range = MetadataSchema.TabletsSection.getRange(); if (tableName != null) { - String tableId = Tables.getTableId(context.getInstance(), tableName); + Table.ID tableId = Tables.getTableId(context.getInstance(), tableName); range = new KeyExtent(tableId, null, null).toMetadataRange(); } http://git-wip-us.apache.org/repos/asf/accumulo/blob/d6ea49e0/server/base/src/main/java/org/apache/accumulo/server/util/MasterMetadataUtil.java ---------------------------------------------------------------------- diff --git a/server/base/src/main/java/org/apache/accumulo/server/util/MasterMetadataUtil.java b/server/base/src/main/java/org/apache/accumulo/server/util/MasterMetadataUtil.java index 1bdd255..b3de628 100644 --- a/server/base/src/main/java/org/apache/accumulo/server/util/MasterMetadataUtil.java +++ b/server/base/src/main/java/org/apache/accumulo/server/util/MasterMetadataUtil.java @@ -35,6 +35,7 @@ import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.Scanner; import org.apache.accumulo.core.client.impl.ClientContext; import org.apache.accumulo.core.client.impl.ScannerImpl; +import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Mutation; import org.apache.accumulo.core.data.PartialKey; @@ -135,12 +136,12 @@ public class MasterMetadataUtil { Text metadataPrevEndRow = KeyExtent.decodePrevEndRow(prevEndRowIBW); - String table = (new KeyExtent(metadataEntry, (Text) null)).getTableId(); + Table.ID tableId = (new KeyExtent(metadataEntry, (Text) null)).getTableId(); - return fixSplit(context, table, metadataEntry, metadataPrevEndRow, oper, splitRatio, tserver, time.toString(), initFlushID, initCompactID, lock); + return fixSplit(context, tableId, metadataEntry, metadataPrevEndRow, oper, splitRatio, tserver, time.toString(), initFlushID, initCompactID, lock); } - private static KeyExtent fixSplit(ClientContext context, String table, Text metadataEntry, Text metadataPrevEndRow, Value oper, double splitRatio, + private static KeyExtent fixSplit(ClientContext context, Table.ID tableId, Text metadataEntry, Text metadataPrevEndRow, Value oper, double splitRatio, TServerInstance tserver, String time, long initFlushID, long initCompactID, ZooLock lock) throws AccumuloException, IOException { if (metadataPrevEndRow == null) // something is wrong, this should not happen... if a tablet is split, it will always have a @@ -148,7 +149,7 @@ public class MasterMetadataUtil { throw new AccumuloException("Split tablet does not have prev end row, something is amiss, extent = " + metadataEntry); // check to see if prev tablet exist in metadata tablet - Key prevRowKey = new Key(new Text(KeyExtent.getMetadataEntry(table, metadataPrevEndRow))); + Key prevRowKey = new Key(new Text(KeyExtent.getMetadataEntry(tableId, metadataPrevEndRow))); try (ScannerImpl scanner2 = new ScannerImpl(context, MetadataTable.ID, Authorizations.EMPTY)) { scanner2.setRange(new Range(prevRowKey, prevRowKey.followingKey(PartialKey.ROW))); @@ -180,7 +181,7 @@ public class MasterMetadataUtil { } } - MetadataTableUtil.splitDatafiles(table, metadataPrevEndRow, splitRatio, new HashMap<FileRef,FileUtil.FileInfo>(), origDatafileSizes, lowDatafileSizes, + MetadataTableUtil.splitDatafiles(metadataPrevEndRow, splitRatio, new HashMap<FileRef,FileUtil.FileInfo>(), origDatafileSizes, lowDatafileSizes, highDatafileSizes, highDatafilesToRemove); MetadataTableUtil.finishSplit(metadataEntry, highDatafileSizes, highDatafilesToRemove, context, lock);