Repository: hbase
Updated Branches:
  refs/heads/branch-1 fe5848038 -> e6ce789b6


HBASE-19970 Remove unused functions from TableAuthManager.

Functions deleted: setTableUserPermissions, setTableGroupPermissions, 
setNamespaceUserPermissions,
setNamespaceGroupPermissions, writeTableToZooKeeper, writeNamespaceToZooKeeper


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/e6ce789b
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/e6ce789b
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/e6ce789b

Branch: refs/heads/branch-1
Commit: e6ce789b6fa44592c3a566703c78de0687154a84
Parents: fe58480
Author: Apekshit Sharma <a...@apache.org>
Authored: Mon Feb 12 16:16:38 2018 -0800
Committer: Apekshit Sharma <a...@apache.org>
Committed: Mon Feb 12 16:20:36 2018 -0800

----------------------------------------------------------------------
 .../security/access/AccessControlLists.java     |   9 +-
 .../hbase/security/access/AccessController.java |   4 +-
 .../hbase/security/access/TableAuthManager.java |  75 --------
 .../security/access/TestTablePermissions.java   |   2 +-
 .../access/TestZKPermissionWatcher.java         | 179 +++++++++++++++++++
 .../access/TestZKPermissionsWatcher.java        | 178 ------------------
 6 files changed, 188 insertions(+), 259 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/e6ce789b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
index 57c0f7b..f508110 100644
--- 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
+++ 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
@@ -73,6 +73,10 @@ import org.apache.hadoop.io.Text;
 import com.google.common.collect.ArrayListMultimap;
 import com.google.common.collect.ListMultimap;
 import com.google.common.collect.Lists;
+import org.apache.hadoop.io.Writable;
+import org.apache.hadoop.io.WritableFactories;
+import org.apache.hadoop.io.WritableUtils;
+import org.apache.jasper.tagplugins.jstl.core.Remove;
 
 /**
  * Maintains lists of permission grants to users and groups to allow for
@@ -667,8 +671,7 @@ public class AccessControlLists {
    *
    * Writes a set of permission [user: table permission]
    */
-  public static byte[] writePermissionsAsBytes(ListMultimap<String, 
TablePermission> perms,
-      Configuration conf) {
+  public static byte[] writePermissionsAsBytes(ListMultimap<String, 
TablePermission> perms) {
     return 
ProtobufUtil.prependPBMagic(ProtobufUtil.toUserTablePermissions(perms).toByteArray());
   }
 
@@ -755,7 +758,7 @@ public class AccessControlLists {
          // Deserialize the table permissions from the KV
          // TODO: This can be improved. Don't build UsersAndPermissions just 
to unpack it again,
          // use the builder
-         AccessControlProtos.UsersAndPermissions.Builder builder = 
+         AccessControlProtos.UsersAndPermissions.Builder builder =
            AccessControlProtos.UsersAndPermissions.newBuilder();
          ProtobufUtil.mergeFrom(builder, tag.getBuffer(), tag.getTagOffset(), 
tag.getTagLength());
          ListMultimap<String,Permission> kvPerms =

http://git-wip-us.apache.org/repos/asf/hbase/blob/e6ce789b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
index fd0a704..c889a3e 100644
--- 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -243,7 +243,7 @@ public class AccessController extends 
BaseMasterAndRegionObserver
       tables.entrySet()) {
       byte[] entry = t.getKey();
       ListMultimap<String,TablePermission> perms = t.getValue();
-      byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms, 
conf);
+      byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms);
       getAuthManager().getZKPermissionWatcher().writeToZookeeper(entry, 
serialized);
     }
     initialized = true;
@@ -275,7 +275,7 @@ public class AccessController extends 
BaseMasterAndRegionObserver
         try (Table t = regionEnv.getTable(AccessControlLists.ACL_TABLE_NAME)) {
           ListMultimap<String,TablePermission> perms =
               AccessControlLists.getPermissions(conf, entry, t);
-          byte[] serialized = 
AccessControlLists.writePermissionsAsBytes(perms, conf);
+          byte[] serialized = 
AccessControlLists.writePermissionsAsBytes(perms);
           zkw.writeToZookeeper(entry, serialized);
         }
       } catch (IOException ex) {

http://git-wip-us.apache.org/repos/asf/hbase/blob/e6ce789b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
index a12757d..0aabcb3 100644
--- 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
+++ 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
@@ -659,81 +659,6 @@ public class TableAuthManager implements Closeable {
     tableCache.remove(table);
   }
 
-  /**
-   * Overwrites the existing permission set for a given user for a table, and
-   * triggers an update for zookeeper synchronization.
-   * @param username
-   * @param table
-   * @param perms
-   */
-  public void setTableUserPermissions(String username, TableName table,
-      List<TablePermission> perms) {
-    PermissionCache<TablePermission> tablePerms = getTablePermissions(table);
-    tablePerms.replaceUser(username, perms);
-    writeTableToZooKeeper(table, tablePerms);
-  }
-
-  /**
-   * Overwrites the existing permission set for a group and triggers an update
-   * for zookeeper synchronization.
-   * @param group
-   * @param table
-   * @param perms
-   */
-  public void setTableGroupPermissions(String group, TableName table,
-      List<TablePermission> perms) {
-    PermissionCache<TablePermission> tablePerms = getTablePermissions(table);
-    tablePerms.replaceGroup(group, perms);
-    writeTableToZooKeeper(table, tablePerms);
-  }
-
-  /**
-   * Overwrites the existing permission set for a given user for a table, and
-   * triggers an update for zookeeper synchronization.
-   * @param username
-   * @param namespace
-   * @param perms
-   */
-  public void setNamespaceUserPermissions(String username, String namespace,
-      List<TablePermission> perms) {
-    PermissionCache<TablePermission> tablePerms = 
getNamespacePermissions(namespace);
-    tablePerms.replaceUser(username, perms);
-    writeNamespaceToZooKeeper(namespace, tablePerms);
-  }
-
-  /**
-   * Overwrites the existing permission set for a group and triggers an update
-   * for zookeeper synchronization.
-   * @param group
-   * @param namespace
-   * @param perms
-   */
-  public void setNamespaceGroupPermissions(String group, String namespace,
-      List<TablePermission> perms) {
-    PermissionCache<TablePermission> tablePerms = 
getNamespacePermissions(namespace);
-    tablePerms.replaceGroup(group, perms);
-    writeNamespaceToZooKeeper(namespace, tablePerms);
-  }
-
-  public void writeTableToZooKeeper(TableName table,
-      PermissionCache<TablePermission> tablePerms) {
-    byte[] serialized = new byte[0];
-    if (tablePerms != null) {
-      serialized = 
AccessControlLists.writePermissionsAsBytes(tablePerms.getAllPermissions(), 
conf);
-    }
-    zkperms.writeToZookeeper(table.getName(), serialized);
-  }
-
-  public void writeNamespaceToZooKeeper(String namespace,
-      PermissionCache<TablePermission> tablePerms) {
-    byte[] serialized = new byte[0];
-    if (tablePerms != null) {
-      serialized = 
AccessControlLists.writePermissionsAsBytes(tablePerms.getAllPermissions(), 
conf);
-    }
-    
zkperms.writeToZookeeper(Bytes.toBytes(AccessControlLists.toNamespaceEntry(namespace)),
-        serialized);
-  }
-
   public long getMTime() {
     return mtime.get();
   }

http://git-wip-us.apache.org/repos/asf/hbase/blob/e6ce789b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
index f8fad9f..26ca9eb 100644
--- 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
+++ 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
@@ -323,7 +323,7 @@ public class TestTablePermissions {
   public void testSerialization() throws Exception {
     Configuration conf = UTIL.getConfiguration();
     ListMultimap<String,TablePermission> permissions = createPermissions();
-    byte[] permsData = AccessControlLists.writePermissionsAsBytes(permissions, 
conf);
+    byte[] permsData = AccessControlLists.writePermissionsAsBytes(permissions);
 
     ListMultimap<String, TablePermission> copy =
         AccessControlLists.readPermissions(permsData, conf);

http://git-wip-us.apache.org/repos/asf/hbase/blob/e6ce789b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java
 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java
new file mode 100644
index 0000000..a80f184
--- /dev/null
+++ 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java
@@ -0,0 +1,179 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hbase.security.access;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import com.google.common.collect.ArrayListMultimap;
+import com.google.common.collect.ListMultimap;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.concurrent.atomic.AtomicBoolean;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hbase.Abortable;
+import org.apache.hadoop.hbase.TableName;
+import org.apache.hadoop.hbase.HBaseTestingUtility;
+import org.apache.hadoop.hbase.testclassification.LargeTests;
+import org.apache.hadoop.hbase.Waiter.Predicate;
+import org.apache.hadoop.hbase.security.User;
+import org.apache.hadoop.hbase.zookeeper.ZooKeeperWatcher;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+/**
+ * Test the reading and writing of access permissions to and from zookeeper.
+ */
+@Category(LargeTests.class)
+public class TestZKPermissionsWatcher {
+  private static final Log LOG = 
LogFactory.getLog(TestZKPermissionsWatcher.class);
+  private static final HBaseTestingUtility UTIL = new HBaseTestingUtility();
+  private static TableAuthManager AUTH_A;
+  private static TableAuthManager AUTH_B;
+  private final static Abortable ABORTABLE = new Abortable() {
+    private final AtomicBoolean abort = new AtomicBoolean(false);
+
+    @Override
+    public void abort(String why, Throwable e) {
+      LOG.info(why, e);
+      abort.set(true);
+    }
+
+    @Override
+    public boolean isAborted() {
+      return abort.get();
+    }
+  };
+
+  private static TableName TEST_TABLE =
+      TableName.valueOf("perms_test");
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    // setup configuration
+    Configuration conf = UTIL.getConfiguration();
+    SecureTestUtil.enableSecurity(conf);
+
+    // start minicluster
+    UTIL.startMiniCluster();
+    AUTH_A = TableAuthManager.getOrCreate(new ZooKeeperWatcher(conf,
+      "TestZKPermissionsWatcher_1", ABORTABLE), conf);
+    AUTH_B = TableAuthManager.getOrCreate(new ZooKeeperWatcher(conf,
+      "TestZKPermissionsWatcher_2", ABORTABLE), conf);
+  }
+
+  @AfterClass
+  public static void afterClass() throws Exception {
+    UTIL.shutdownMiniCluster();
+  }
+
+  private void setTableACL(
+      User user, TableAuthManager srcAuthManager, TableAuthManager 
destAuthManager,
+      TablePermission.Action... actions) throws Exception{
+    // update ACL: george RW
+    ListMultimap<String, TablePermission> perms = ArrayListMultimap.create();
+    perms.replaceValues(user.getShortName(),
+        Collections.singletonList(new TablePermission(TEST_TABLE, null, 
actions)));
+    byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms);
+    final long mtime = destAuthManager.getMTime();
+    
srcAuthManager.getZKPermissionWatcher().writeToZookeeper(TEST_TABLE.getName(), 
serialized);
+    // Wait for the update to propagate
+    UTIL.waitFor(10000, 100, new Predicate<Exception>() {
+      @Override
+      public boolean evaluate() throws Exception {
+        return destAuthManager.getMTime() > mtime;
+      }
+    });
+    Thread.sleep(1000);
+  }
+
+  @Test
+  public void testPermissionsWatcher() throws Exception {
+    Configuration conf = UTIL.getConfiguration();
+    User george = User.createUserForTesting(conf, "george", new String[] { });
+    User hubert = User.createUserForTesting(conf, "hubert", new String[] { });
+
+    assertFalse(AUTH_A.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_A.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+
+    assertFalse(AUTH_B.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_B.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+
+    // update ACL: george, RW
+    setTableACL(george, AUTH_A, AUTH_B,
+        TablePermission.Action.READ, TablePermission.Action.WRITE);
+
+    // check it
+    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+
+    // update ACL: hubert, Read
+    setTableACL(hubert, AUTH_B, AUTH_A, TablePermission.Action.READ);
+
+    // check it
+    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertTrue(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+    assertTrue(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.READ));
+    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
+      TablePermission.Action.WRITE));
+  }
+}

http://git-wip-us.apache.org/repos/asf/hbase/blob/e6ce789b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionsWatcher.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionsWatcher.java
 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionsWatcher.java
deleted file mode 100644
index c99cbaa..0000000
--- 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionsWatcher.java
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.hadoop.hbase.security.access;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.concurrent.atomic.AtomicBoolean;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.hbase.Abortable;
-import org.apache.hadoop.hbase.TableName;
-import org.apache.hadoop.hbase.HBaseTestingUtility;
-import org.apache.hadoop.hbase.testclassification.LargeTests;
-import org.apache.hadoop.hbase.Waiter.Predicate;
-import org.apache.hadoop.hbase.security.User;
-import org.apache.hadoop.hbase.zookeeper.ZooKeeperWatcher;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-/**
- * Test the reading and writing of access permissions to and from zookeeper.
- */
-@Category(LargeTests.class)
-public class TestZKPermissionsWatcher {
-  private static final Log LOG = 
LogFactory.getLog(TestZKPermissionsWatcher.class);
-  private static final HBaseTestingUtility UTIL = new HBaseTestingUtility();
-  private static TableAuthManager AUTH_A;
-  private static TableAuthManager AUTH_B;
-  private final static Abortable ABORTABLE = new Abortable() {
-    private final AtomicBoolean abort = new AtomicBoolean(false);
-
-    @Override
-    public void abort(String why, Throwable e) {
-      LOG.info(why, e);
-      abort.set(true);
-    }
-
-    @Override
-    public boolean isAborted() {
-      return abort.get();
-    }
-  };
-
-  private static TableName TEST_TABLE =
-      TableName.valueOf("perms_test");
-
-  @BeforeClass
-  public static void beforeClass() throws Exception {
-    // setup configuration
-    Configuration conf = UTIL.getConfiguration();
-    SecureTestUtil.enableSecurity(conf);
-
-    // start minicluster
-    UTIL.startMiniCluster();
-    AUTH_A = TableAuthManager.getOrCreate(new ZooKeeperWatcher(conf,
-      "TestZKPermissionsWatcher_1", ABORTABLE), conf);
-    AUTH_B = TableAuthManager.getOrCreate(new ZooKeeperWatcher(conf,
-      "TestZKPermissionsWatcher_2", ABORTABLE), conf);
-  }
-
-  @AfterClass
-  public static void afterClass() throws Exception {
-    UTIL.shutdownMiniCluster();
-  }
-
-  @Test
-  public void testPermissionsWatcher() throws Exception {
-    Configuration conf = UTIL.getConfiguration();
-    User george = User.createUserForTesting(conf, "george", new String[] { });
-    User hubert = User.createUserForTesting(conf, "hubert", new String[] { });
-    
-    assertFalse(AUTH_A.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_A.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-
-    assertFalse(AUTH_B.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_B.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-
-    // update ACL: george RW
-    List<TablePermission> acl = new ArrayList<TablePermission>();
-    acl.add(new TablePermission(TEST_TABLE, null, TablePermission.Action.READ,
-      TablePermission.Action.WRITE));
-    final long mtimeB = AUTH_B.getMTime();
-    AUTH_A.setTableUserPermissions(george.getShortName(), TEST_TABLE, acl);
-    // Wait for the update to propagate
-    UTIL.waitFor(10000, 100, new Predicate<Exception>() {
-      @Override
-      public boolean evaluate() throws Exception {
-        return AUTH_B.getMTime() > mtimeB;
-      }
-    });
-    Thread.sleep(1000);
-
-    // check it
-    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-
-    // update ACL: hubert R
-    acl = new ArrayList<TablePermission>();
-    acl.add(new TablePermission(TEST_TABLE, null, 
TablePermission.Action.READ));
-    final long mtimeA = AUTH_A.getMTime();
-    AUTH_B.setTableUserPermissions("hubert", TEST_TABLE, acl);
-    // Wait for the update to propagate
-    UTIL.waitFor(10000, 100, new Predicate<Exception>() {
-      @Override
-      public boolean evaluate() throws Exception {
-        return AUTH_A.getMTime() > mtimeA;
-      }
-    });
-    Thread.sleep(1000);
-
-    // check it
-    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertTrue(AUTH_B.authorizeUser(george, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertTrue(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_A.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-    assertTrue(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.READ));
-    assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null,
-      TablePermission.Action.WRITE));
-  }
-}

Reply via email to