This is an automated email from the ASF dual-hosted git repository. mmiller pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/accumulo-testing.git
The following commit(s) were added to refs/heads/master by this push: new ab969c1 ACCUMULO-4717 Use public API (#7) ab969c1 is described below commit ab969c18a2156ee6ad5facd6fe73ddfa18b71471 Author: Mike Miller <mmil...@apache.org> AuthorDate: Thu Oct 19 12:21:59 2017 -0400 ACCUMULO-4717 Use public API (#7) * Replace security operations with API * Utilize newer RFile API * Replace core.client.impl code * Replace CachedConfiguration with Hadoop Configuration --- .../testing/core/continuous/ContinuousMoru.java | 1 - .../testing/core/continuous/ContinuousOpts.java | 3 +- .../testing/core/continuous/UndefinedAnalyzer.java | 1 - .../testing/core/ingest/BulkImportDirectory.java | 4 +-- .../testing/core/randomwalk/bulk/BulkPlusOne.java | 22 +++++------- .../core/randomwalk/concurrent/BulkImport.java | 14 +++----- .../randomwalk/concurrent/ChangePermissions.java | 13 +------- .../core/randomwalk/image/ImageFixture.java | 5 ++- .../core/randomwalk/multitable/CopyTable.java | 1 - .../core/randomwalk/multitable/CreateTable.java | 1 - .../core/randomwalk/security/AlterTable.java | 9 ++--- .../core/randomwalk/security/AlterTablePerm.java | 14 ++++---- .../core/randomwalk/security/Authenticate.java | 4 +-- .../core/randomwalk/security/ChangePass.java | 4 +-- .../core/randomwalk/security/DropTable.java | 12 ++----- .../core/randomwalk/security/SecurityHelper.java | 20 ----------- .../testing/core/randomwalk/security/SetAuths.java | 5 ++- .../testing/core/randomwalk/security/TableOp.java | 39 ++++++++++------------ .../testing/core/randomwalk/security/Validate.java | 18 ++-------- .../randomwalk/sequential/SequentialFixture.java | 4 +-- .../testing/core/randomwalk/shard/BulkInsert.java | 2 +- 21 files changed, 60 insertions(+), 136 deletions(-) diff --git a/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousMoru.java b/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousMoru.java index 0c3ae2d..81f9bd3 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousMoru.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousMoru.java @@ -32,7 +32,6 @@ import org.apache.accumulo.core.data.Mutation; import org.apache.accumulo.core.data.Range; import org.apache.accumulo.core.data.Value; import org.apache.accumulo.core.security.ColumnVisibility; -import org.apache.accumulo.core.util.CachedConfiguration; import org.apache.accumulo.testing.core.TestProps; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.conf.Configured; diff --git a/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousOpts.java b/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousOpts.java index 3bb11fb..14babaf 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousOpts.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/continuous/ContinuousOpts.java @@ -18,7 +18,6 @@ package org.apache.accumulo.testing.core.continuous; import java.io.IOException; -import org.apache.accumulo.core.Constants; import org.apache.log4j.FileAppender; import org.apache.log4j.Level; import org.apache.log4j.Logger; @@ -35,7 +34,7 @@ public class ContinuousOpts { public static class DebugConverter implements IStringConverter<String> { @Override public String convert(String debugLog) { - Logger logger = Logger.getLogger(Constants.CORE_PACKAGE_NAME); + Logger logger = Logger.getLogger("org.apache.accumulo.core"); logger.setLevel(Level.TRACE); logger.setAdditivity(false); try { diff --git a/core/src/main/java/org/apache/accumulo/testing/core/continuous/UndefinedAnalyzer.java b/core/src/main/java/org/apache/accumulo/testing/core/continuous/UndefinedAnalyzer.java index 4c33588..7158491 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/continuous/UndefinedAnalyzer.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/continuous/UndefinedAnalyzer.java @@ -39,7 +39,6 @@ import java.util.concurrent.TimeUnit; import org.apache.accumulo.core.cli.BatchScannerOpts; import org.apache.accumulo.core.client.BatchScanner; import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Range; import org.apache.accumulo.core.data.Value; diff --git a/core/src/main/java/org/apache/accumulo/testing/core/ingest/BulkImportDirectory.java b/core/src/main/java/org/apache/accumulo/testing/core/ingest/BulkImportDirectory.java index 074bd8b..c8988b8 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/ingest/BulkImportDirectory.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/ingest/BulkImportDirectory.java @@ -26,9 +26,9 @@ import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.client.security.tokens.PasswordToken; -import org.apache.accumulo.core.util.CachedConfiguration; import org.apache.accumulo.server.cli.ClientOnRequiredTable; import org.apache.accumulo.server.client.HdfsZooInstance; +import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.Path; @@ -45,7 +45,7 @@ public class BulkImportDirectory { } public static void main(String[] args) throws IOException, AccumuloException, AccumuloSecurityException, TableNotFoundException { - final FileSystem fs = FileSystem.get(CachedConfiguration.getInstance()); + final FileSystem fs = FileSystem.get(new Configuration()); Opts opts = new Opts(); if (args.length == 5) { System.err.println("Deprecated syntax for BulkImportDirectory, please use the new style (see --help)"); diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/bulk/BulkPlusOne.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/bulk/BulkPlusOne.java index 1fe0f11..dba0463 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/bulk/BulkPlusOne.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/bulk/BulkPlusOne.java @@ -24,13 +24,10 @@ import java.util.UUID; import java.util.concurrent.atomic.AtomicLong; import org.apache.accumulo.core.client.IteratorSetting.Column; -import org.apache.accumulo.core.conf.AccumuloConfiguration; -import org.apache.accumulo.core.conf.DefaultConfiguration; +import org.apache.accumulo.core.client.rfile.RFileWriter; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Value; -import org.apache.accumulo.core.file.FileOperations; -import org.apache.accumulo.core.file.FileSKVWriter; -import org.apache.accumulo.core.file.rfile.RFile; +import org.apache.accumulo.core.client.rfile.RFile; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.hadoop.fs.FileStatus; @@ -60,7 +57,6 @@ public class BulkPlusOne extends BulkImportTest { static void bulkLoadLots(Logger log, State state, RandWalkEnv env, Value value) throws Exception { final Path dir = new Path("/tmp", "bulk_" + UUID.randomUUID().toString()); final Path fail = new Path(dir.toString() + "_fail"); - final DefaultConfiguration defaultConfiguration = DefaultConfiguration.getInstance(); final Random rand = (Random) state.get("rand"); final FileSystem fs = (FileSystem) state.get("fs"); fs.mkdirs(fail); @@ -82,20 +78,20 @@ public class BulkPlusOne extends BulkImportTest { rows.add(LOTS); for (int i = 0; i < parts; i++) { - String fileName = dir + "/" + String.format("part_%d.", i) + RFile.EXTENSION; - FileSKVWriter f = FileOperations.getInstance().newWriterBuilder().forFile(fileName, fs, fs.getConf()).withTableConfiguration(defaultConfiguration) - .build(); - f.startDefaultLocalityGroup(); + String fileName = dir + "/" + String.format("part_%d.rf", i); + + RFileWriter writer = RFile.newWriter().to(fileName).withFileSystem(fs).build(); + writer.startDefaultLocalityGroup(); int start = rows.get(i); int end = rows.get(i + 1); for (int j = start; j < end; j++) { Text row = new Text(String.format(FMT, j)); for (Column col : COLNAMES) { - f.append(new Key(row, col.getColumnFamily(), col.getColumnQualifier()), value); + writer.append(new Key(row, col.getColumnFamily(), col.getColumnQualifier()), value); } - f.append(new Key(row, MARKER_CF, new Text(markerColumnQualifier)), ONE); + writer.append(new Key(row, MARKER_CF, new Text(markerColumnQualifier)), ONE); } - f.close(); + writer.close(); } env.getAccumuloConnector().tableOperations().importDirectory(Setup.getTableName(), dir.toString(), fail.toString(), true); fs.delete(dir, true); diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/BulkImport.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/BulkImport.java index 49751cd..a927155 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/BulkImport.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/BulkImport.java @@ -29,15 +29,12 @@ import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.MutationsRejectedException; import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.client.TableOfflineException; -import org.apache.accumulo.core.conf.AccumuloConfiguration; -import org.apache.accumulo.core.conf.DefaultConfiguration; import org.apache.accumulo.core.data.ColumnUpdate; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Mutation; import org.apache.accumulo.core.data.Value; -import org.apache.accumulo.core.file.blockfile.impl.CachableBlockFile; -import org.apache.accumulo.core.file.rfile.RFile; -import org.apache.accumulo.core.file.streams.PositionedOutputs; +import org.apache.accumulo.core.client.rfile.RFile; +import org.apache.accumulo.core.client.rfile.RFileWriter; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; @@ -49,13 +46,10 @@ public class BulkImport extends Test { public static class RFileBatchWriter implements BatchWriter { - RFile.Writer writer; + RFileWriter writer; public RFileBatchWriter(Configuration conf, FileSystem fs, String file) throws IOException { - AccumuloConfiguration aconf = DefaultConfiguration.getInstance(); - CachableBlockFile.Writer cbw = new CachableBlockFile.Writer(PositionedOutputs.wrap(fs.create(new Path(file), false, - conf.getInt("io.file.buffer.size", 4096), (short) conf.getInt("dfs.replication", 3), conf.getLong("dfs.block.size", 1 << 26))), "gz", conf, aconf); - writer = new RFile.Writer(cbw, 100000); + writer = RFile.newWriter().to(file).withFileSystem(fs).build(); writer.startDefaultLocalityGroup(); } diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/ChangePermissions.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/ChangePermissions.java index c830096..7445e1e 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/ChangePermissions.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/concurrent/ChangePermissions.java @@ -25,8 +25,6 @@ import java.util.Random; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.thrift.TableOperationExceptionType; -import org.apache.accumulo.core.client.impl.thrift.ThriftTableOperationException; import org.apache.accumulo.core.security.NamespacePermission; import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; @@ -62,17 +60,8 @@ public class ChangePermissions extends Test { changeTablePermission(conn, rand, userName, tableName); else if (dice == 2) changeNamespacePermission(conn, rand, userName, namespace); - } catch (AccumuloSecurityException ex) { + } catch (AccumuloSecurityException | AccumuloException ex) { log.debug("Unable to change user permissions: " + ex.getCause()); - } catch (AccumuloException ex) { - Throwable cause = ex.getCause(); - if (cause != null && cause instanceof ThriftTableOperationException) { - ThriftTableOperationException toe = (ThriftTableOperationException) cause.getCause(); - if (toe.type == TableOperationExceptionType.NAMESPACE_NOTFOUND) { - log.debug("Unable to change user permissions: " + toe); - return; - } - } } } diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/image/ImageFixture.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/image/ImageFixture.java index a638126..cd9fd1e 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/image/ImageFixture.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/image/ImageFixture.java @@ -30,7 +30,6 @@ import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.MultiTableBatchWriter; import org.apache.accumulo.core.client.MutationsRejectedException; import org.apache.accumulo.core.client.TableExistsException; -import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.Fixture; import org.apache.accumulo.testing.core.randomwalk.State; @@ -64,7 +63,7 @@ public class ImageFixture extends Fixture { try { conn.tableOperations().create(imageTableName); conn.tableOperations().addSplits(imageTableName, splits); - log.debug("Created table " + imageTableName + " (id:" + Tables.getNameToIdMap(instance).get(imageTableName) + ")"); + log.debug("Created table " + imageTableName + " (id:" + conn.tableOperations().tableIdMap().get(imageTableName) + ")"); } catch (TableExistsException e) { log.error("Table " + imageTableName + " already exists."); throw e; @@ -72,7 +71,7 @@ public class ImageFixture extends Fixture { try { conn.tableOperations().create(indexTableName); - log.debug("Created table " + indexTableName + " (id:" + Tables.getNameToIdMap(instance).get(indexTableName) + ")"); + log.debug("Created table " + indexTableName + " (id:" + conn.tableOperations().tableIdMap().get(indexTableName) + ")"); } catch (TableExistsException e) { log.error("Table " + imageTableName + " already exists."); throw e; diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CopyTable.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CopyTable.java index 182c45a..6417913 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CopyTable.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CopyTable.java @@ -21,7 +21,6 @@ import java.util.Properties; import java.util.Random; import java.util.TreeSet; -import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.testing.core.TestProps; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CreateTable.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CreateTable.java index 2ec9633..5a8cd73 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CreateTable.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/multitable/CreateTable.java @@ -22,7 +22,6 @@ import java.util.TreeSet; import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.TableExistsException; -import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTable.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTable.java index fea49f0..ee26003 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTable.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTable.java @@ -24,9 +24,8 @@ import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.TableExistsException; import org.apache.accumulo.core.client.TableNotFoundException; -import org.apache.accumulo.core.client.impl.Namespace; -import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.security.SecurityErrorCode; +import org.apache.accumulo.core.security.TablePermission; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; @@ -38,12 +37,10 @@ public class AlterTable extends Test { Connector conn = env.getAccumuloInstance().getConnector(WalkingSecurity.get(state, env).getSysUserName(), WalkingSecurity.get(state, env).getSysToken()); String tableName = WalkingSecurity.get(state, env).getTableName(); - String namespaceName = WalkingSecurity.get(state, env).getNamespaceName(); - Table.ID tableId = Table.ID.of(conn.tableOperations().tableIdMap().get(tableName)); - Namespace.ID namespaceId = Namespace.ID.of(conn.namespaceOperations().namespaceIdMap().get(namespaceName)); boolean exists = WalkingSecurity.get(state, env).getTableExists(); - boolean hasPermission = WalkingSecurity.get(state, env).canAlterTable(WalkingSecurity.get(state, env).getSysCredentials(), tableId, namespaceId); + boolean hasPermission = conn.securityOperations().hasTablePermission(WalkingSecurity.get(state, env).getSysUserName(), tableName, + TablePermission.ALTER_TABLE); String newTableName = String.format("security_%s_%s_%d", InetAddress.getLocalHost().getHostName().replaceAll("[-.]", "_"), env.getPid(), System.currentTimeMillis()); diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTablePerm.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTablePerm.java index c669fab..30f727f 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTablePerm.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/AlterTablePerm.java @@ -21,11 +21,10 @@ import java.util.Random; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; -import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.Credentials; -import org.apache.accumulo.core.client.impl.Namespace; -import org.apache.accumulo.core.client.impl.Table; +import org.apache.accumulo.core.client.Connector;; +import org.apache.accumulo.core.client.admin.SecurityOperations; import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; +import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; @@ -77,11 +76,10 @@ public class AlterTablePerm extends Test { sourceToken = env.getToken(); } Connector conn = env.getAccumuloInstance().getConnector(sourceUser, sourceToken); - Table.ID tableId = Table.ID.of(conn.tableOperations().tableIdMap().get(tableName)); - Namespace.ID namespaceId = Namespace.ID.of(conn.namespaceOperations().namespaceIdMap().get(WalkingSecurity.get(state, env).getNamespaceName())); + SecurityOperations secOps = conn.securityOperations(); - canGive = WalkingSecurity.get(state, env).canGrantTable(new Credentials(sourceUser, sourceToken).toThrift(env.getAccumuloInstance()), target, tableId, - namespaceId); + canGive = secOps.hasSystemPermission(sourceUser, SystemPermission.ALTER_TABLE) + || secOps.hasTablePermission(sourceUser, tableName, TablePermission.GRANT); // toggle if (!"take".equals(action) && !"give".equals(action)) { diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Authenticate.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Authenticate.java index ba3c545..e524d07 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Authenticate.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Authenticate.java @@ -22,9 +22,9 @@ import java.util.Properties; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.Credentials; import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; import org.apache.accumulo.core.client.security.tokens.PasswordToken; +import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; @@ -52,7 +52,7 @@ public class Authenticate extends Test { boolean exists = WalkingSecurity.get(state, env).userExists(target); // Copy so if failed it doesn't mess with the password stored in state byte[] password = Arrays.copyOf(WalkingSecurity.get(state, env).getUserPassword(target), WalkingSecurity.get(state, env).getUserPassword(target).length); - boolean hasPermission = WalkingSecurity.get(state, env).canAskAboutUser(new Credentials(principal, token).toThrift(env.getAccumuloInstance()), target); + boolean hasPermission = conn.securityOperations().hasSystemPermission(principal, SystemPermission.SYSTEM); if (!success) for (int i = 0; i < password.length; i++) diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/ChangePass.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/ChangePass.java index 42ea317..589edff 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/ChangePass.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/ChangePass.java @@ -22,9 +22,9 @@ import java.util.Random; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.Credentials; import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; import org.apache.accumulo.core.client.security.tokens.PasswordToken; +import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; @@ -56,7 +56,7 @@ public class ChangePass extends Test { targetExists = WalkingSecurity.get(state, env).userExists(target); - hasPerm = WalkingSecurity.get(state, env).canChangePassword(new Credentials(principal, token).toThrift(env.getAccumuloInstance()), target); + hasPerm = conn.securityOperations().hasSystemPermission(target, SystemPermission.ALTER_USER); Random r = new Random(); diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/DropTable.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/DropTable.java index 8a99eb6..db6b7a3 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/DropTable.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/DropTable.java @@ -23,11 +23,9 @@ import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.TableExistsException; import org.apache.accumulo.core.client.TableNotFoundException; -import org.apache.accumulo.core.client.impl.Credentials; -import org.apache.accumulo.core.client.impl.Namespace; -import org.apache.accumulo.core.client.impl.Table; import org.apache.accumulo.core.client.security.SecurityErrorCode; import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; +import org.apache.accumulo.core.security.TablePermission; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; @@ -53,13 +51,9 @@ public class DropTable extends Test { Connector conn = env.getAccumuloInstance().getConnector(principal, token); String tableName = WalkingSecurity.get(state, env).getTableName(); - String namespaceName = WalkingSecurity.get(state, env).getNamespaceName(); - Table.ID tableId = Table.ID.of(conn.tableOperations().tableIdMap().get(tableName)); - Namespace.ID namespaceId = Namespace.ID.of(conn.namespaceOperations().namespaceIdMap().get(namespaceName)); boolean exists = WalkingSecurity.get(state, env).getTableExists(); - boolean hasPermission = WalkingSecurity.get(state, env).canDeleteTable(new Credentials(principal, token).toThrift(env.getAccumuloInstance()), tableId, - namespaceId); + boolean hasPermission = conn.securityOperations().hasTablePermission(principal, tableName, TablePermission.DROP_TABLE); try { conn.tableOperations().delete(tableName); @@ -80,7 +74,7 @@ public class DropTable extends Test { throw new AccumuloException("Got unexpected ae error code", ae); } catch (TableNotFoundException tnfe) { if (exists) - throw new TableExistsException(null, tableName, "Got a TableNotFOundException but it should have existed", tnfe); + throw new TableExistsException(null, tableName, "Got a TableNotFoundException but it should have existed", tnfe); else return; } diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SecurityHelper.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SecurityHelper.java index 93c7f02..70b59e5 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SecurityHelper.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SecurityHelper.java @@ -18,16 +18,13 @@ package org.apache.accumulo.testing.core.randomwalk.security; import static java.nio.charset.StandardCharsets.UTF_8; -import java.io.IOException; import java.util.Map; import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.security.Authorizations; import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; -import org.apache.accumulo.core.util.CachedConfiguration; import org.apache.accumulo.testing.core.randomwalk.State; -import org.apache.hadoop.fs.FileSystem; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -186,23 +183,6 @@ public class SecurityHelper { curVal += increment; } - public static FileSystem getFs(State state) { - FileSystem fs = null; - try { - fs = (FileSystem) state.get(filesystem); - } catch (RuntimeException re) {} - - if (fs == null) { - try { - fs = FileSystem.get(CachedConfiguration.getInstance()); - } catch (IOException e) { - throw new RuntimeException(e); - } - state.set(filesystem, fs); - } - return fs; - } - public static boolean inAmbiguousZone(State state, String userName, TablePermission tp) { if (tp.equals(TablePermission.READ) || tp.equals(TablePermission.WRITE)) { Long setTime = (Long) state.get("Tab" + userName + tp.name() + "time"); diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SetAuths.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SetAuths.java index 906ffcc..feee2d8 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SetAuths.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/SetAuths.java @@ -22,9 +22,9 @@ import java.util.Random; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.Credentials; import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; import org.apache.accumulo.core.security.Authorizations; +import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.State; import org.apache.accumulo.testing.core.randomwalk.Test; @@ -51,8 +51,7 @@ public class SetAuths extends Test { Connector conn = env.getAccumuloInstance().getConnector(authPrincipal, authToken); boolean exists = WalkingSecurity.get(state, env).userExists(target); - boolean hasPermission = WalkingSecurity.get(state, env).canChangeAuthorizations( - new Credentials(authPrincipal, authToken).toThrift(env.getAccumuloInstance()), target); + boolean hasPermission = conn.securityOperations().hasSystemPermission(authPrincipal, SystemPermission.ALTER_USER); Authorizations auths; if (authsString.equals("_random")) { diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/TableOp.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/TableOp.java index d745596..f44511c 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/TableOp.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/TableOp.java @@ -34,16 +34,14 @@ import org.apache.accumulo.core.client.Connector; import org.apache.accumulo.core.client.MutationsRejectedException; import org.apache.accumulo.core.client.Scanner; import org.apache.accumulo.core.client.TableNotFoundException; -import org.apache.accumulo.core.client.impl.Namespace; -import org.apache.accumulo.core.client.impl.Table; +import org.apache.accumulo.core.client.admin.SecurityOperations; +import org.apache.accumulo.core.client.admin.TableOperations; +import org.apache.accumulo.core.client.rfile.RFile; +import org.apache.accumulo.core.client.rfile.RFileWriter; import org.apache.accumulo.core.client.security.SecurityErrorCode; -import org.apache.accumulo.core.conf.DefaultConfiguration; import org.apache.accumulo.core.data.Key; import org.apache.accumulo.core.data.Mutation; import org.apache.accumulo.core.data.Value; -import org.apache.accumulo.core.file.FileOperations; -import org.apache.accumulo.core.file.FileSKVWriter; -import org.apache.accumulo.core.file.rfile.RFile; import org.apache.accumulo.core.security.Authorizations; import org.apache.accumulo.core.security.ColumnVisibility; import org.apache.accumulo.core.security.TablePermission; @@ -59,6 +57,9 @@ public class TableOp extends Test { @Override public void visit(State state, RandWalkEnv env, Properties props) throws Exception { Connector conn = env.getAccumuloInstance().getConnector(WalkingSecurity.get(state, env).getTabUserName(), WalkingSecurity.get(state, env).getTabToken()); + TableOperations tableOps = conn.tableOperations(); + SecurityOperations secOps = conn.securityOperations(); + String tablePrincipal = WalkingSecurity.get(state, env).getTabUserName(); String action = props.getProperty("action", "_random"); TablePermission tp; @@ -71,20 +72,17 @@ public class TableOp extends Test { boolean tableExists = WalkingSecurity.get(state, env).getTableExists(); String tableName = WalkingSecurity.get(state, env).getTableName(); - String namespaceName = WalkingSecurity.get(state, env).getNamespaceName(); - Table.ID tableId = Table.ID.of(conn.tableOperations().tableIdMap().get(tableName)); - Namespace.ID namespaceId = Namespace.ID.of(conn.namespaceOperations().namespaceIdMap().get(namespaceName)); switch (tp) { case READ: { - boolean canRead = WalkingSecurity.get(state, env).canScan(WalkingSecurity.get(state, env).getTabCredentials(), tableId, namespaceId); + boolean canRead = secOps.hasTablePermission(tablePrincipal, tableName, TablePermission.READ); Authorizations auths = WalkingSecurity.get(state, env).getUserAuthorizations(WalkingSecurity.get(state, env).getTabCredentials()); boolean ambiguousZone = WalkingSecurity.get(state, env).inAmbiguousZone(conn.whoami(), tp); boolean ambiguousAuths = WalkingSecurity.get(state, env).ambiguousAuthorizations(conn.whoami()); Scanner scan = null; try { - scan = conn.createScanner(tableName, conn.securityOperations().getUserAuthorizations(conn.whoami())); + scan = conn.createScanner(tableName, secOps.getUserAuthorizations(conn.whoami())); int seen = 0; Iterator<Entry<Key,Value>> iter = scan.iterator(); while (iter.hasNext()) { @@ -148,7 +146,7 @@ public class TableOp extends Test { break; } case WRITE: - boolean canWrite = WalkingSecurity.get(state, env).canWrite(WalkingSecurity.get(state, env).getTabCredentials(), tableId, namespaceId); + boolean canWrite = secOps.hasTablePermission(tablePrincipal, tableName, TablePermission.WRITE); boolean ambiguousZone = WalkingSecurity.get(state, env).inAmbiguousZone(conn.whoami(), tp); String key = WalkingSecurity.get(state, env).getLastKey() + "1"; @@ -209,22 +207,21 @@ public class TableOp extends Test { Path dir = new Path("/tmp", "bulk_" + UUID.randomUUID().toString()); Path fail = new Path(dir.toString() + "_fail"); FileSystem fs = WalkingSecurity.get(state, env).getFs(); - FileSKVWriter f = FileOperations.getInstance().newWriterBuilder().forFile(dir + "/securityBulk." + RFile.EXTENSION, fs, fs.getConf()) - .withTableConfiguration(DefaultConfiguration.getInstance()).build(); - f.startDefaultLocalityGroup(); + RFileWriter rFileWriter = RFile.newWriter().to(dir + "/securityBulk.rf").withFileSystem(fs).build(); + rFileWriter.startDefaultLocalityGroup(); fs.mkdirs(fail); for (Key k : keys) - f.append(k, new Value("Value".getBytes(UTF_8))); - f.close(); + rFileWriter.append(k, new Value("Value".getBytes(UTF_8))); + rFileWriter.close(); try { - conn.tableOperations().importDirectory(tableName, dir.toString(), fail.toString(), true); + tableOps.importDirectory(tableName, dir.toString(), fail.toString(), true); } catch (TableNotFoundException tnfe) { if (tableExists) throw new AccumuloException("Table didn't exist when it should have: " + tableName); return; } catch (AccumuloSecurityException ae) { if (ae.getSecurityErrorCode().equals(SecurityErrorCode.PERMISSION_DENIED)) { - if (WalkingSecurity.get(state, env).canBulkImport(WalkingSecurity.get(state, env).getTabCredentials(), tableId, namespaceId)) + if (secOps.hasTablePermission(tablePrincipal, tableName, TablePermission.BULK_IMPORT)) throw new AccumuloException("Bulk Import failed when it should have worked: " + tableName); return; } else if (ae.getSecurityErrorCode().equals(SecurityErrorCode.BAD_CREDENTIALS)) { @@ -238,12 +235,12 @@ public class TableOp extends Test { fs.delete(dir, true); fs.delete(fail, true); - if (!WalkingSecurity.get(state, env).canBulkImport(WalkingSecurity.get(state, env).getTabCredentials(), tableId, namespaceId)) + if (!secOps.hasTablePermission(tablePrincipal, tableName, TablePermission.BULK_IMPORT)) throw new AccumuloException("Bulk Import succeeded when it should have failed: " + dir + " table " + tableName); break; case ALTER_TABLE: AlterTable.renameTable(conn, state, env, tableName, tableName + "plus", - WalkingSecurity.get(state, env).canAlterTable(WalkingSecurity.get(state, env).getTabCredentials(), tableId, namespaceId), tableExists); + secOps.hasTablePermission(tablePrincipal, tableName, TablePermission.ALTER_TABLE), tableExists); break; case GRANT: diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Validate.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Validate.java index 32c815e..edf9e4d 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Validate.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/security/Validate.java @@ -21,7 +21,6 @@ import java.util.Properties; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.client.Connector; -import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException; import org.apache.accumulo.core.client.security.SecurityErrorCode; import org.apache.accumulo.core.security.Authorizations; import org.apache.accumulo.core.security.SystemPermission; @@ -103,20 +102,9 @@ public class Validate extends Test { } - Authorizations accuAuths; - Authorizations auths; - try { - auths = WalkingSecurity.get(state, env).getUserAuthorizations(WalkingSecurity.get(state, env).getTabCredentials()); - accuAuths = conn.securityOperations().getUserAuthorizations(WalkingSecurity.get(state, env).getTabUserName()); - } catch (ThriftSecurityException ae) { - if (ae.getCode() == org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode.USER_DOESNT_EXIST) { - if (tableUserExists) - throw new AccumuloException("Table user didn't exist when they should.", ae); - else - return; - } - throw new AccumuloException("Unexpected exception!", ae); - } + Authorizations accuAuths = conn.securityOperations().getUserAuthorizations(WalkingSecurity.get(state, env).getTabUserName()); + Authorizations auths = WalkingSecurity.get(state, env).getUserAuthorizations(WalkingSecurity.get(state, env).getTabCredentials()); + if (!auths.equals(accuAuths)) throw new AccumuloException("Table User authorizations out of sync"); } diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/sequential/SequentialFixture.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/sequential/SequentialFixture.java index e6372d7..0514f05 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/sequential/SequentialFixture.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/sequential/SequentialFixture.java @@ -23,7 +23,6 @@ import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.MultiTableBatchWriter; import org.apache.accumulo.core.client.MutationsRejectedException; import org.apache.accumulo.core.client.TableExistsException; -import org.apache.accumulo.core.client.impl.Tables; import org.apache.accumulo.testing.core.randomwalk.RandWalkEnv; import org.apache.accumulo.testing.core.randomwalk.Fixture; import org.apache.accumulo.testing.core.randomwalk.State; @@ -36,7 +35,6 @@ public class SequentialFixture extends Fixture { public void setUp(State state, RandWalkEnv env) throws Exception { Connector conn = env.getAccumuloConnector(); - Instance instance = env.getAccumuloInstance(); String hostname = InetAddress.getLocalHost().getHostName().replaceAll("[-.]", "_"); @@ -45,7 +43,7 @@ public class SequentialFixture extends Fixture { try { conn.tableOperations().create(seqTableName); - log.debug("Created table " + seqTableName + " (id:" + Tables.getNameToIdMap(instance).get(seqTableName) + ")"); + log.debug("Created table " + seqTableName + " (id:" + conn.tableOperations().tableIdMap().get(seqTableName) + ")"); } catch (TableExistsException e) { log.warn("Table " + seqTableName + " already exists!"); throw e; diff --git a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/shard/BulkInsert.java b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/shard/BulkInsert.java index f28bf8f..b520437 100644 --- a/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/shard/BulkInsert.java +++ b/core/src/main/java/org/apache/accumulo/testing/core/randomwalk/shard/BulkInsert.java @@ -172,7 +172,7 @@ public class BulkInsert extends Test { Collection<Text> splits = conn.tableOperations().listSplits(tableName, maxSplits); for (Text split : splits) - out.println(Base64.getEncoder().encodeToString(TextUtil.getBytes(split))); + out.println(Base64.getEncoder().encodeToString(split.copyBytes())); out.close(); -- To stop receiving notification emails like this one, please contact ['"commits@accumulo.apache.org" <commits@accumulo.apache.org>'].