| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| */ |
| |
| package org.apache.hadoop.fs.adl; |
| |
| import java.io.FileNotFoundException; |
| import java.io.IOException; |
| import java.net.URISyntaxException; |
| import java.util.ArrayList; |
| import java.util.List; |
| |
| import org.apache.hadoop.fs.Path; |
| import org.apache.hadoop.fs.permission.AclEntry; |
| import org.apache.hadoop.fs.permission.AclEntryScope; |
| import org.apache.hadoop.fs.permission.AclEntryType; |
| import org.apache.hadoop.fs.permission.AclStatus; |
| import org.apache.hadoop.fs.permission.FsAction; |
| import org.apache.hadoop.fs.permission.FsPermission; |
| import org.apache.hadoop.security.AccessControlException; |
| |
| import com.squareup.okhttp.mockwebserver.MockResponse; |
| |
| import org.junit.Assert; |
| import org.junit.Test; |
| |
| /** |
| * Stub adl server and test acl data conversion within SDK and Hadoop adl |
| * client. |
| */ |
| public class TestACLFeatures extends AdlMockWebServer { |
| |
| @Test(expected=AccessControlException.class) |
| public void testModifyAclEntries() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| List<AclEntry> entries = new ArrayList<AclEntry>(); |
| AclEntry.Builder aclEntryBuilder = new AclEntry.Builder(); |
| aclEntryBuilder.setName("hadoop"); |
| aclEntryBuilder.setType(AclEntryType.USER); |
| aclEntryBuilder.setPermission(FsAction.ALL); |
| aclEntryBuilder.setScope(AclEntryScope.ACCESS); |
| entries.add(aclEntryBuilder.build()); |
| |
| aclEntryBuilder.setName("hdfs"); |
| aclEntryBuilder.setType(AclEntryType.GROUP); |
| aclEntryBuilder.setPermission(FsAction.READ_WRITE); |
| aclEntryBuilder.setScope(AclEntryScope.DEFAULT); |
| entries.add(aclEntryBuilder.build()); |
| |
| getMockAdlFileSystem().modifyAclEntries(new Path("/test1/test2"), entries); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem() |
| .modifyAclEntries(new Path("/test1/test2"), entries); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testRemoveAclEntriesWithOnlyUsers() |
| throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| List<AclEntry> entries = new ArrayList<AclEntry>(); |
| AclEntry.Builder aclEntryBuilder = new AclEntry.Builder(); |
| aclEntryBuilder.setName("hadoop"); |
| aclEntryBuilder.setType(AclEntryType.USER); |
| entries.add(aclEntryBuilder.build()); |
| |
| getMockAdlFileSystem().removeAclEntries(new Path("/test1/test2"), entries); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem() |
| .removeAclEntries(new Path("/test1/test2"), entries); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testRemoveAclEntries() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| List<AclEntry> entries = new ArrayList<AclEntry>(); |
| AclEntry.Builder aclEntryBuilder = new AclEntry.Builder(); |
| aclEntryBuilder.setName("hadoop"); |
| aclEntryBuilder.setType(AclEntryType.USER); |
| aclEntryBuilder.setPermission(FsAction.ALL); |
| aclEntryBuilder.setScope(AclEntryScope.ACCESS); |
| entries.add(aclEntryBuilder.build()); |
| |
| aclEntryBuilder.setName("hdfs"); |
| aclEntryBuilder.setType(AclEntryType.GROUP); |
| aclEntryBuilder.setPermission(FsAction.READ_WRITE); |
| aclEntryBuilder.setScope(AclEntryScope.DEFAULT); |
| entries.add(aclEntryBuilder.build()); |
| |
| getMockAdlFileSystem().removeAclEntries(new Path("/test1/test2"), entries); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem() |
| .removeAclEntries(new Path("/test1/test2"), entries); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testRemoveDefaultAclEntries() |
| throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().removeDefaultAcl(new Path("/test1/test2")); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem().removeDefaultAcl(new Path("/test1/test2")); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testRemoveAcl() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().removeAcl(new Path("/test1/test2")); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem().removeAcl(new Path("/test1/test2")); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testSetAcl() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| List<AclEntry> entries = new ArrayList<AclEntry>(); |
| AclEntry.Builder aclEntryBuilder = new AclEntry.Builder(); |
| aclEntryBuilder.setName("hadoop"); |
| aclEntryBuilder.setType(AclEntryType.USER); |
| aclEntryBuilder.setPermission(FsAction.ALL); |
| aclEntryBuilder.setScope(AclEntryScope.ACCESS); |
| entries.add(aclEntryBuilder.build()); |
| |
| aclEntryBuilder.setName("hdfs"); |
| aclEntryBuilder.setType(AclEntryType.GROUP); |
| aclEntryBuilder.setPermission(FsAction.READ_WRITE); |
| aclEntryBuilder.setScope(AclEntryScope.DEFAULT); |
| entries.add(aclEntryBuilder.build()); |
| |
| getMockAdlFileSystem().setAcl(new Path("/test1/test2"), entries); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem().setAcl(new Path("/test1/test2"), entries); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testCheckAccess() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().access(new Path("/test1/test2"), FsAction.ALL); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().access(new Path("/test1/test2"), FsAction.EXECUTE); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().access(new Path("/test1/test2"), FsAction.READ); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem() |
| .access(new Path("/test1/test2"), FsAction.READ_EXECUTE); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem() |
| .access(new Path("/test1/test2"), FsAction.READ_WRITE); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().access(new Path("/test1/test2"), FsAction.NONE); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().access(new Path("/test1/test2"), FsAction.WRITE); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem() |
| .access(new Path("/test1/test2"), FsAction.WRITE_EXECUTE); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem() |
| .access(new Path("/test1/test2"), FsAction.WRITE_EXECUTE); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testSetPermission() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem() |
| .setPermission(new Path("/test1/test2"), FsPermission.getDefault()); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem() |
| .setPermission(new Path("/test1/test2"), FsPermission.getDefault()); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testSetOwner() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200)); |
| getMockAdlFileSystem().setOwner(new Path("/test1/test2"), "hadoop", "hdfs"); |
| |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem() |
| .setOwner(new Path("/test1/test2"), "hadoop", "hdfs"); |
| } |
| |
| @Test |
| public void getAclStatusAsExpected() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(200) |
| .setBody(TestADLResponseData.getGetAclStatusJSONResponse())); |
| AclStatus aclStatus = getMockAdlFileSystem() |
| .getAclStatus(new Path("/test1/test2")); |
| Assert.assertEquals(aclStatus.getGroup(), "supergroup"); |
| Assert.assertEquals(aclStatus.getOwner(), "hadoop"); |
| Assert.assertEquals((Short) aclStatus.getPermission().toShort(), |
| Short.valueOf("775", 8)); |
| |
| for (AclEntry entry : aclStatus.getEntries()) { |
| if (!(entry.toString().equalsIgnoreCase("user:carla:rw-") || entry |
| .toString().equalsIgnoreCase("group::r-x"))) { |
| Assert.fail("Unexpected entry : " + entry.toString()); |
| } |
| } |
| } |
| |
| @Test(expected=FileNotFoundException.class) |
| public void getAclStatusNotExists() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(404) |
| .setBody(TestADLResponseData.getFileNotFoundException())); |
| |
| getMockAdlFileSystem().getAclStatus(new Path("/test1/test2")); |
| } |
| |
| @Test(expected=AccessControlException.class) |
| public void testAclStatusDenied() throws URISyntaxException, IOException { |
| getMockServer().enqueue(new MockResponse().setResponseCode(403) |
| .setBody(TestADLResponseData.getAccessControlException())); |
| |
| getMockAdlFileSystem().getAclStatus(new Path("/test1/test2")); |
| } |
| } |