distributedlog-core/src/test/java/org/apache/distributedlog/acl/TestZKAccessControl.java

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.distributedlog.acl;

import java.net.URI;
import org.apache.distributedlog.TestZooKeeperClientBuilder;
import org.apache.distributedlog.ZooKeeperClient;
import org.apache.distributedlog.ZooKeeperClusterTestCase;
import org.apache.distributedlog.impl.acl.ZKAccessControl;
import org.apache.distributedlog.thrift.AccessControlEntry;
import org.apache.distributedlog.common.concurrent.FutureUtils;
import org.apache.distributedlog.util.Utils;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.KeeperException;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;

import static com.google.common.base.Charsets.UTF_8;
import static org.junit.Assert.*;

public class TestZKAccessControl extends ZooKeeperClusterTestCase {

    private ZooKeeperClient zkc;

    @Before
    public void setup() throws Exception {
        zkc = TestZooKeeperClientBuilder.newBuilder()
                .uri(createURI("/"))
                .build();
    }

    @After
    public void teardown() throws Exception {
        zkc.close();
    }

    private URI createURI(String path) {
        return URI.create("distributedlog://127.0.0.1:" + zkPort + path);
    }

    @Test(timeout = 60000)
    public void testCreateZKAccessControl() throws Exception {
        AccessControlEntry ace = new AccessControlEntry();
        ace.setDenyWrite(true);
        String zkPath = "/create-zk-access-control";
        ZKAccessControl zkac = new ZKAccessControl(ace, zkPath);
        Utils.ioResult(zkac.create(zkc));

        ZKAccessControl readZKAC = Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));
        assertEquals(zkac, readZKAC);

        ZKAccessControl another = new ZKAccessControl(ace, zkPath);
        try {
            FutureUtils.result(another.create(zkc));
        } catch (KeeperException.NodeExistsException ke) {
            // expected
        }
    }

    @Test(timeout = 60000)
    public void testDeleteZKAccessControl() throws Exception {
        String zkPath = "/delete-zk-access-control";

        AccessControlEntry ace = new AccessControlEntry();
        ace.setDenyDelete(true);

        ZKAccessControl zkac = new ZKAccessControl(ace, zkPath);
        Utils.ioResult(zkac.create(zkc));

        ZKAccessControl readZKAC = Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));
        assertEquals(zkac, readZKAC);

        Utils.ioResult(ZKAccessControl.delete(zkc, zkPath));

        try {
            FutureUtils.result(ZKAccessControl.read(zkc, zkPath, null));
        } catch (KeeperException.NoNodeException nne) {
            // expected.
        }
        Utils.ioResult(ZKAccessControl.delete(zkc, zkPath));
    }

    @Test(timeout = 60000)
    public void testEmptyZKAccessControl() throws Exception {
        String zkPath = "/empty-access-control";

        zkc.get().create(zkPath, new byte[0], zkc.getDefaultACL(), CreateMode.PERSISTENT);

        ZKAccessControl readZKAC = Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));

        assertEquals(zkPath, readZKAC.getZKPath());
        assertEquals(ZKAccessControl.DEFAULT_ACCESS_CONTROL_ENTRY, readZKAC.getAccessControlEntry());
        assertTrue(ZKAccessControl.DEFAULT_ACCESS_CONTROL_ENTRY == readZKAC.getAccessControlEntry());
    }

    @Test(timeout = 60000)
    public void testCorruptedZKAccessControl() throws Exception {
        String zkPath = "/corrupted-zk-access-control";

        zkc.get().create(zkPath, "corrupted-data".getBytes(UTF_8), zkc.getDefaultACL(), CreateMode.PERSISTENT);

        try {
            Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));
        } catch (ZKAccessControl.CorruptedAccessControlException cace) {
            // expected
        }
    }

    @Test(timeout = 60000)
    public void testUpdateZKAccessControl() throws Exception {
        String zkPath = "/update-zk-access-control";

        AccessControlEntry ace = new AccessControlEntry();
        ace.setDenyDelete(true);

        ZKAccessControl zkac = new ZKAccessControl(ace, zkPath);
        Utils.ioResult(zkac.create(zkc));

        ZKAccessControl readZKAC = Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));
        assertEquals(zkac, readZKAC);

        ace.setDenyRelease(true);
        ZKAccessControl newZKAC = new ZKAccessControl(ace, zkPath);
        Utils.ioResult(newZKAC.update(zkc));
        ZKAccessControl readZKAC2 = Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));
        assertEquals(newZKAC, readZKAC2);

        try {
            FutureUtils.result(readZKAC.update(zkc));
        } catch (KeeperException.BadVersionException bve) {
            // expected
        }
        readZKAC2.getAccessControlEntry().setDenyTruncate(true);
        Utils.ioResult(readZKAC2.update(zkc));
        ZKAccessControl readZKAC3 = Utils.ioResult(ZKAccessControl.read(zkc, zkPath, null));
        assertEquals(readZKAC2, readZKAC3);
    }
}