| <!DOCTYPE HTML> |
| <html lang="en"> |
| <head> |
| <!-- Generated by javadoc (17) --> |
| <title>Source code</title> |
| <meta name="viewport" content="width=device-width, initial-scale=1"> |
| <meta name="description" content="source: package: org.apache.hadoop.hbase.rsgroup, class: TestRSGroupsWithACL"> |
| <meta name="generator" content="javadoc/SourceToHTMLConverter"> |
| <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style"> |
| </head> |
| <body class="source-page"> |
| <main role="main"> |
| <div class="source-container"> |
| <pre><span class="source-line-no">001</span><span id="line-1">/*</span> |
| <span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span> |
| <span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span> |
| <span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span> |
| <span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span> |
| <span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span> |
| <span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span> |
| <span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span> |
| <span class="source-line-no">009</span><span id="line-9"> *</span> |
| <span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span> |
| <span class="source-line-no">011</span><span id="line-11"> *</span> |
| <span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span> |
| <span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span> |
| <span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span> |
| <span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span> |
| <span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span> |
| <span class="source-line-no">017</span><span id="line-17"> */</span> |
| <span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.rsgroup;</span> |
| <span class="source-line-no">019</span><span id="line-19"></span> |
| <span class="source-line-no">020</span><span id="line-20">import static org.apache.hadoop.hbase.AuthUtil.toGroupEntry;</span> |
| <span class="source-line-no">021</span><span id="line-21">import static org.junit.Assert.assertEquals;</span> |
| <span class="source-line-no">022</span><span id="line-22">import static org.junit.Assert.fail;</span> |
| <span class="source-line-no">023</span><span id="line-23"></span> |
| <span class="source-line-no">024</span><span id="line-24">import java.io.IOException;</span> |
| <span class="source-line-no">025</span><span id="line-25">import java.util.Optional;</span> |
| <span class="source-line-no">026</span><span id="line-26">import org.apache.hadoop.conf.Configuration;</span> |
| <span class="source-line-no">027</span><span id="line-27">import org.apache.hadoop.hbase.HBaseClassTestRule;</span> |
| <span class="source-line-no">028</span><span id="line-28">import org.apache.hadoop.hbase.HBaseTestingUtil;</span> |
| <span class="source-line-no">029</span><span id="line-29">import org.apache.hadoop.hbase.TableName;</span> |
| <span class="source-line-no">030</span><span id="line-30">import org.apache.hadoop.hbase.TableNotFoundException;</span> |
| <span class="source-line-no">031</span><span id="line-31">import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;</span> |
| <span class="source-line-no">032</span><span id="line-32">import org.apache.hadoop.hbase.client.Connection;</span> |
| <span class="source-line-no">033</span><span id="line-33">import org.apache.hadoop.hbase.client.TableDescriptorBuilder;</span> |
| <span class="source-line-no">034</span><span id="line-34">import org.apache.hadoop.hbase.ipc.RpcServer;</span> |
| <span class="source-line-no">035</span><span id="line-35">import org.apache.hadoop.hbase.master.HMaster;</span> |
| <span class="source-line-no">036</span><span id="line-36">import org.apache.hadoop.hbase.security.User;</span> |
| <span class="source-line-no">037</span><span id="line-37">import org.apache.hadoop.hbase.security.UserProvider;</span> |
| <span class="source-line-no">038</span><span id="line-38">import org.apache.hadoop.hbase.security.access.AccessChecker;</span> |
| <span class="source-line-no">039</span><span id="line-39">import org.apache.hadoop.hbase.security.access.AccessControlClient;</span> |
| <span class="source-line-no">040</span><span id="line-40">import org.apache.hadoop.hbase.security.access.Permission;</span> |
| <span class="source-line-no">041</span><span id="line-41">import org.apache.hadoop.hbase.security.access.PermissionStorage;</span> |
| <span class="source-line-no">042</span><span id="line-42">import org.apache.hadoop.hbase.security.access.SecureTestUtil;</span> |
| <span class="source-line-no">043</span><span id="line-43">import org.apache.hadoop.hbase.testclassification.MediumTests;</span> |
| <span class="source-line-no">044</span><span id="line-44">import org.apache.hadoop.hbase.testclassification.SecurityTests;</span> |
| <span class="source-line-no">045</span><span id="line-45">import org.apache.hadoop.hbase.util.Bytes;</span> |
| <span class="source-line-no">046</span><span id="line-46">import org.junit.AfterClass;</span> |
| <span class="source-line-no">047</span><span id="line-47">import org.junit.BeforeClass;</span> |
| <span class="source-line-no">048</span><span id="line-48">import org.junit.ClassRule;</span> |
| <span class="source-line-no">049</span><span id="line-49">import org.junit.Test;</span> |
| <span class="source-line-no">050</span><span id="line-50">import org.junit.experimental.categories.Category;</span> |
| <span class="source-line-no">051</span><span id="line-51">import org.slf4j.Logger;</span> |
| <span class="source-line-no">052</span><span id="line-52">import org.slf4j.LoggerFactory;</span> |
| <span class="source-line-no">053</span><span id="line-53"></span> |
| <span class="source-line-no">054</span><span id="line-54">/**</span> |
| <span class="source-line-no">055</span><span id="line-55"> * Performs authorization checks for rsgroup operations, according to different levels of authorized</span> |
| <span class="source-line-no">056</span><span id="line-56"> * users.</span> |
| <span class="source-line-no">057</span><span id="line-57"> */</span> |
| <span class="source-line-no">058</span><span id="line-58">@Category({ SecurityTests.class, MediumTests.class })</span> |
| <span class="source-line-no">059</span><span id="line-59">public class TestRSGroupsWithACL extends SecureTestUtil {</span> |
| <span class="source-line-no">060</span><span id="line-60"></span> |
| <span class="source-line-no">061</span><span id="line-61"> @ClassRule</span> |
| <span class="source-line-no">062</span><span id="line-62"> public static final HBaseClassTestRule CLASS_RULE =</span> |
| <span class="source-line-no">063</span><span id="line-63"> HBaseClassTestRule.forClass(TestRSGroupsWithACL.class);</span> |
| <span class="source-line-no">064</span><span id="line-64"></span> |
| <span class="source-line-no">065</span><span id="line-65"> private static final Logger LOG = LoggerFactory.getLogger(TestRSGroupsWithACL.class);</span> |
| <span class="source-line-no">066</span><span id="line-66"> private static TableName TEST_TABLE = TableName.valueOf("testtable1");</span> |
| <span class="source-line-no">067</span><span id="line-67"> private static final HBaseTestingUtil TEST_UTIL = new HBaseTestingUtil();</span> |
| <span class="source-line-no">068</span><span id="line-68"> private static Configuration conf;</span> |
| <span class="source-line-no">069</span><span id="line-69"></span> |
| <span class="source-line-no">070</span><span id="line-70"> private static Connection systemUserConnection;</span> |
| <span class="source-line-no">071</span><span id="line-71"> // user with all permissions</span> |
| <span class="source-line-no">072</span><span id="line-72"> private static User SUPERUSER;</span> |
| <span class="source-line-no">073</span><span id="line-73"> // user granted with all global permission</span> |
| <span class="source-line-no">074</span><span id="line-74"> private static User USER_ADMIN;</span> |
| <span class="source-line-no">075</span><span id="line-75"> // user with rw permissions on column family.</span> |
| <span class="source-line-no">076</span><span id="line-76"> private static User USER_RW;</span> |
| <span class="source-line-no">077</span><span id="line-77"> // user with read-only permissions</span> |
| <span class="source-line-no">078</span><span id="line-78"> private static User USER_RO;</span> |
| <span class="source-line-no">079</span><span id="line-79"> // user is table owner. will have all permissions on table</span> |
| <span class="source-line-no">080</span><span id="line-80"> private static User USER_OWNER;</span> |
| <span class="source-line-no">081</span><span id="line-81"> // user with create table permissions alone</span> |
| <span class="source-line-no">082</span><span id="line-82"> private static User USER_CREATE;</span> |
| <span class="source-line-no">083</span><span id="line-83"> // user with no permissions</span> |
| <span class="source-line-no">084</span><span id="line-84"> private static User USER_NONE;</span> |
| <span class="source-line-no">085</span><span id="line-85"></span> |
| <span class="source-line-no">086</span><span id="line-86"> private static final String GROUP_ADMIN = "group_admin";</span> |
| <span class="source-line-no">087</span><span id="line-87"> private static final String GROUP_CREATE = "group_create";</span> |
| <span class="source-line-no">088</span><span id="line-88"> private static final String GROUP_READ = "group_read";</span> |
| <span class="source-line-no">089</span><span id="line-89"> private static final String GROUP_WRITE = "group_write";</span> |
| <span class="source-line-no">090</span><span id="line-90"></span> |
| <span class="source-line-no">091</span><span id="line-91"> private static User USER_GROUP_ADMIN;</span> |
| <span class="source-line-no">092</span><span id="line-92"> private static User USER_GROUP_CREATE;</span> |
| <span class="source-line-no">093</span><span id="line-93"> private static User USER_GROUP_READ;</span> |
| <span class="source-line-no">094</span><span id="line-94"> private static User USER_GROUP_WRITE;</span> |
| <span class="source-line-no">095</span><span id="line-95"></span> |
| <span class="source-line-no">096</span><span id="line-96"> private static byte[] TEST_FAMILY = Bytes.toBytes("f1");</span> |
| <span class="source-line-no">097</span><span id="line-97"> private static HMaster master;</span> |
| <span class="source-line-no">098</span><span id="line-98"> private static AccessChecker accessChecker;</span> |
| <span class="source-line-no">099</span><span id="line-99"> private static UserProvider userProvider;</span> |
| <span class="source-line-no">100</span><span id="line-100"></span> |
| <span class="source-line-no">101</span><span id="line-101"> @BeforeClass</span> |
| <span class="source-line-no">102</span><span id="line-102"> public static void setupBeforeClass() throws Exception {</span> |
| <span class="source-line-no">103</span><span id="line-103"> // setup configuration</span> |
| <span class="source-line-no">104</span><span id="line-104"> conf = TEST_UTIL.getConfiguration();</span> |
| <span class="source-line-no">105</span><span id="line-105"> // Enable security</span> |
| <span class="source-line-no">106</span><span id="line-106"> enableSecurity(conf);</span> |
| <span class="source-line-no">107</span><span id="line-107"> // Verify enableSecurity sets up what we require</span> |
| <span class="source-line-no">108</span><span id="line-108"> verifyConfiguration(conf);</span> |
| <span class="source-line-no">109</span><span id="line-109"> // Enable rsgroup</span> |
| <span class="source-line-no">110</span><span id="line-110"> RSGroupUtil.enableRSGroup(conf);</span> |
| <span class="source-line-no">111</span><span id="line-111"></span> |
| <span class="source-line-no">112</span><span id="line-112"> TEST_UTIL.startMiniCluster();</span> |
| <span class="source-line-no">113</span><span id="line-113"> // Wait for the ACL table to become available</span> |
| <span class="source-line-no">114</span><span id="line-114"> TEST_UTIL.waitUntilAllRegionsAssigned(PermissionStorage.ACL_TABLE_NAME);</span> |
| <span class="source-line-no">115</span><span id="line-115"> TEST_UTIL.waitUntilAllRegionsAssigned(RSGroupInfoManagerImpl.RSGROUP_TABLE_NAME);</span> |
| <span class="source-line-no">116</span><span id="line-116"> TEST_UTIL.waitUntilNoRegionsInTransition();</span> |
| <span class="source-line-no">117</span><span id="line-117"></span> |
| <span class="source-line-no">118</span><span id="line-118"> // create a set of test users</span> |
| <span class="source-line-no">119</span><span id="line-119"> SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" });</span> |
| <span class="source-line-no">120</span><span id="line-120"> USER_ADMIN = User.createUserForTesting(conf, "admin2", new String[0]);</span> |
| <span class="source-line-no">121</span><span id="line-121"> USER_RW = User.createUserForTesting(conf, "rwuser", new String[0]);</span> |
| <span class="source-line-no">122</span><span id="line-122"> USER_RO = User.createUserForTesting(conf, "rouser", new String[0]);</span> |
| <span class="source-line-no">123</span><span id="line-123"> USER_OWNER = User.createUserForTesting(conf, "owner", new String[0]);</span> |
| <span class="source-line-no">124</span><span id="line-124"> USER_CREATE = User.createUserForTesting(conf, "tbl_create", new String[0]);</span> |
| <span class="source-line-no">125</span><span id="line-125"> USER_NONE = User.createUserForTesting(conf, "nouser", new String[0]);</span> |
| <span class="source-line-no">126</span><span id="line-126"></span> |
| <span class="source-line-no">127</span><span id="line-127"> USER_GROUP_ADMIN =</span> |
| <span class="source-line-no">128</span><span id="line-128"> User.createUserForTesting(conf, "user_group_admin", new String[] { GROUP_ADMIN });</span> |
| <span class="source-line-no">129</span><span id="line-129"> USER_GROUP_CREATE =</span> |
| <span class="source-line-no">130</span><span id="line-130"> User.createUserForTesting(conf, "user_group_create", new String[] { GROUP_CREATE });</span> |
| <span class="source-line-no">131</span><span id="line-131"> USER_GROUP_READ =</span> |
| <span class="source-line-no">132</span><span id="line-132"> User.createUserForTesting(conf, "user_group_read", new String[] { GROUP_READ });</span> |
| <span class="source-line-no">133</span><span id="line-133"> USER_GROUP_WRITE =</span> |
| <span class="source-line-no">134</span><span id="line-134"> User.createUserForTesting(conf, "user_group_write", new String[] { GROUP_WRITE });</span> |
| <span class="source-line-no">135</span><span id="line-135"></span> |
| <span class="source-line-no">136</span><span id="line-136"> // Grant table creation permission to USER_OWNER</span> |
| <span class="source-line-no">137</span><span id="line-137"> grantGlobal(TEST_UTIL, USER_OWNER.getShortName(), Permission.Action.CREATE);</span> |
| <span class="source-line-no">138</span><span id="line-138"></span> |
| <span class="source-line-no">139</span><span id="line-139"> systemUserConnection = TEST_UTIL.getConnection();</span> |
| <span class="source-line-no">140</span><span id="line-140"> setUpTableAndUserPermissions();</span> |
| <span class="source-line-no">141</span><span id="line-141"> master = TEST_UTIL.getHBaseCluster().getMaster();</span> |
| <span class="source-line-no">142</span><span id="line-142"> accessChecker = master.getAccessChecker();</span> |
| <span class="source-line-no">143</span><span id="line-143"> userProvider = UserProvider.instantiate(TEST_UTIL.getConfiguration());</span> |
| <span class="source-line-no">144</span><span id="line-144"> }</span> |
| <span class="source-line-no">145</span><span id="line-145"></span> |
| <span class="source-line-no">146</span><span id="line-146"> private void checkPermission(String request) throws IOException {</span> |
| <span class="source-line-no">147</span><span id="line-147"> accessChecker.requirePermission(getActiveUser(), request, null, Permission.Action.ADMIN);</span> |
| <span class="source-line-no">148</span><span id="line-148"> }</span> |
| <span class="source-line-no">149</span><span id="line-149"></span> |
| <span class="source-line-no">150</span><span id="line-150"> private User getActiveUser() throws IOException {</span> |
| <span class="source-line-no">151</span><span id="line-151"> // for non-rpc handling, fallback to system user</span> |
| <span class="source-line-no">152</span><span id="line-152"> Optional<User> optionalUser = RpcServer.getRequestUser();</span> |
| <span class="source-line-no">153</span><span id="line-153"> if (optionalUser.isPresent()) {</span> |
| <span class="source-line-no">154</span><span id="line-154"> return optionalUser.get();</span> |
| <span class="source-line-no">155</span><span id="line-155"> }</span> |
| <span class="source-line-no">156</span><span id="line-156"> return userProvider.getCurrent();</span> |
| <span class="source-line-no">157</span><span id="line-157"> }</span> |
| <span class="source-line-no">158</span><span id="line-158"></span> |
| <span class="source-line-no">159</span><span id="line-159"> private static void setUpTableAndUserPermissions() throws Exception {</span> |
| <span class="source-line-no">160</span><span id="line-160"> TableDescriptorBuilder tableBuilder = TableDescriptorBuilder.newBuilder(TEST_TABLE);</span> |
| <span class="source-line-no">161</span><span id="line-161"> ColumnFamilyDescriptorBuilder cfd = ColumnFamilyDescriptorBuilder.newBuilder(TEST_FAMILY);</span> |
| <span class="source-line-no">162</span><span id="line-162"> cfd.setMaxVersions(100);</span> |
| <span class="source-line-no">163</span><span id="line-163"> tableBuilder.setColumnFamily(cfd.build());</span> |
| <span class="source-line-no">164</span><span id="line-164"> createTable(TEST_UTIL, USER_OWNER, tableBuilder.build(), new byte[][] { Bytes.toBytes("s") });</span> |
| <span class="source-line-no">165</span><span id="line-165"></span> |
| <span class="source-line-no">166</span><span id="line-166"> // Set up initial grants</span> |
| <span class="source-line-no">167</span><span id="line-167"> grantGlobal(TEST_UTIL, USER_ADMIN.getShortName(), Permission.Action.ADMIN,</span> |
| <span class="source-line-no">168</span><span id="line-168"> Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE);</span> |
| <span class="source-line-no">169</span><span id="line-169"></span> |
| <span class="source-line-no">170</span><span id="line-170"> grantOnTable(TEST_UTIL, USER_RW.getShortName(), TEST_TABLE, TEST_FAMILY, null,</span> |
| <span class="source-line-no">171</span><span id="line-171"> Permission.Action.READ, Permission.Action.WRITE);</span> |
| <span class="source-line-no">172</span><span id="line-172"></span> |
| <span class="source-line-no">173</span><span id="line-173"> // USER_CREATE is USER_RW plus CREATE permissions</span> |
| <span class="source-line-no">174</span><span id="line-174"> grantOnTable(TEST_UTIL, USER_CREATE.getShortName(), TEST_TABLE, null, null,</span> |
| <span class="source-line-no">175</span><span id="line-175"> Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE);</span> |
| <span class="source-line-no">176</span><span id="line-176"></span> |
| <span class="source-line-no">177</span><span id="line-177"> grantOnTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null,</span> |
| <span class="source-line-no">178</span><span id="line-178"> Permission.Action.READ);</span> |
| <span class="source-line-no">179</span><span id="line-179"></span> |
| <span class="source-line-no">180</span><span id="line-180"> grantGlobal(TEST_UTIL, toGroupEntry(GROUP_ADMIN), Permission.Action.ADMIN);</span> |
| <span class="source-line-no">181</span><span id="line-181"> grantGlobal(TEST_UTIL, toGroupEntry(GROUP_CREATE), Permission.Action.CREATE);</span> |
| <span class="source-line-no">182</span><span id="line-182"> grantGlobal(TEST_UTIL, toGroupEntry(GROUP_READ), Permission.Action.READ);</span> |
| <span class="source-line-no">183</span><span id="line-183"> grantGlobal(TEST_UTIL, toGroupEntry(GROUP_WRITE), Permission.Action.WRITE);</span> |
| <span class="source-line-no">184</span><span id="line-184"></span> |
| <span class="source-line-no">185</span><span id="line-185"> assertEquals(4, PermissionStorage.getTablePermissions(conf, TEST_TABLE).size());</span> |
| <span class="source-line-no">186</span><span id="line-186"> try {</span> |
| <span class="source-line-no">187</span><span id="line-187"> assertEquals(4,</span> |
| <span class="source-line-no">188</span><span id="line-188"> AccessControlClient.getUserPermissions(systemUserConnection, TEST_TABLE.toString()).size());</span> |
| <span class="source-line-no">189</span><span id="line-189"> } catch (AssertionError e) {</span> |
| <span class="source-line-no">190</span><span id="line-190"> fail(e.getMessage());</span> |
| <span class="source-line-no">191</span><span id="line-191"> } catch (Throwable e) {</span> |
| <span class="source-line-no">192</span><span id="line-192"> LOG.error("error during call of AccessControlClient.getUserPermissions. ", e);</span> |
| <span class="source-line-no">193</span><span id="line-193"> }</span> |
| <span class="source-line-no">194</span><span id="line-194"> }</span> |
| <span class="source-line-no">195</span><span id="line-195"></span> |
| <span class="source-line-no">196</span><span id="line-196"> private static void cleanUp() throws Exception {</span> |
| <span class="source-line-no">197</span><span id="line-197"> // Clean the _acl_ table</span> |
| <span class="source-line-no">198</span><span id="line-198"> try {</span> |
| <span class="source-line-no">199</span><span id="line-199"> deleteTable(TEST_UTIL, TEST_TABLE);</span> |
| <span class="source-line-no">200</span><span id="line-200"> } catch (TableNotFoundException ex) {</span> |
| <span class="source-line-no">201</span><span id="line-201"> // Test deleted the table, no problem</span> |
| <span class="source-line-no">202</span><span id="line-202"> LOG.info("Test deleted table " + TEST_TABLE);</span> |
| <span class="source-line-no">203</span><span id="line-203"> }</span> |
| <span class="source-line-no">204</span><span id="line-204"> // Verify all table/namespace permissions are erased</span> |
| <span class="source-line-no">205</span><span id="line-205"> assertEquals(0, PermissionStorage.getTablePermissions(conf, TEST_TABLE).size());</span> |
| <span class="source-line-no">206</span><span id="line-206"> assertEquals(0,</span> |
| <span class="source-line-no">207</span><span id="line-207"> PermissionStorage.getNamespacePermissions(conf, TEST_TABLE.getNamespaceAsString()).size());</span> |
| <span class="source-line-no">208</span><span id="line-208"> }</span> |
| <span class="source-line-no">209</span><span id="line-209"></span> |
| <span class="source-line-no">210</span><span id="line-210"> @AfterClass</span> |
| <span class="source-line-no">211</span><span id="line-211"> public static void tearDownAfterClass() throws Exception {</span> |
| <span class="source-line-no">212</span><span id="line-212"> cleanUp();</span> |
| <span class="source-line-no">213</span><span id="line-213"> TEST_UTIL.shutdownMiniCluster();</span> |
| <span class="source-line-no">214</span><span id="line-214"> }</span> |
| <span class="source-line-no">215</span><span id="line-215"></span> |
| <span class="source-line-no">216</span><span id="line-216"> @Test</span> |
| <span class="source-line-no">217</span><span id="line-217"> public void testGetRSGroupInfo() throws Exception {</span> |
| <span class="source-line-no">218</span><span id="line-218"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">219</span><span id="line-219"> checkPermission("getRSGroupInfo");</span> |
| <span class="source-line-no">220</span><span id="line-220"> return null;</span> |
| <span class="source-line-no">221</span><span id="line-221"> };</span> |
| <span class="source-line-no">222</span><span id="line-222"></span> |
| <span class="source-line-no">223</span><span id="line-223"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">224</span><span id="line-224"> }</span> |
| <span class="source-line-no">225</span><span id="line-225"></span> |
| <span class="source-line-no">226</span><span id="line-226"> @Test</span> |
| <span class="source-line-no">227</span><span id="line-227"> public void testGetRSGroupInfoOfTable() throws Exception {</span> |
| <span class="source-line-no">228</span><span id="line-228"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">229</span><span id="line-229"> checkPermission("getRSGroupInfoOfTable");</span> |
| <span class="source-line-no">230</span><span id="line-230"> return null;</span> |
| <span class="source-line-no">231</span><span id="line-231"> };</span> |
| <span class="source-line-no">232</span><span id="line-232"></span> |
| <span class="source-line-no">233</span><span id="line-233"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">234</span><span id="line-234"> }</span> |
| <span class="source-line-no">235</span><span id="line-235"></span> |
| <span class="source-line-no">236</span><span id="line-236"> @Test</span> |
| <span class="source-line-no">237</span><span id="line-237"> public void testMoveServers() throws Exception {</span> |
| <span class="source-line-no">238</span><span id="line-238"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">239</span><span id="line-239"> checkPermission("moveServers");</span> |
| <span class="source-line-no">240</span><span id="line-240"> return null;</span> |
| <span class="source-line-no">241</span><span id="line-241"> };</span> |
| <span class="source-line-no">242</span><span id="line-242"></span> |
| <span class="source-line-no">243</span><span id="line-243"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">244</span><span id="line-244"> }</span> |
| <span class="source-line-no">245</span><span id="line-245"></span> |
| <span class="source-line-no">246</span><span id="line-246"> @Test</span> |
| <span class="source-line-no">247</span><span id="line-247"> public void testMoveTables() throws Exception {</span> |
| <span class="source-line-no">248</span><span id="line-248"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">249</span><span id="line-249"> checkPermission("moveTables");</span> |
| <span class="source-line-no">250</span><span id="line-250"> return null;</span> |
| <span class="source-line-no">251</span><span id="line-251"> };</span> |
| <span class="source-line-no">252</span><span id="line-252"></span> |
| <span class="source-line-no">253</span><span id="line-253"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">254</span><span id="line-254"> }</span> |
| <span class="source-line-no">255</span><span id="line-255"></span> |
| <span class="source-line-no">256</span><span id="line-256"> @Test</span> |
| <span class="source-line-no">257</span><span id="line-257"> public void testAddRSGroup() throws Exception {</span> |
| <span class="source-line-no">258</span><span id="line-258"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">259</span><span id="line-259"> checkPermission("addRSGroup");</span> |
| <span class="source-line-no">260</span><span id="line-260"> return null;</span> |
| <span class="source-line-no">261</span><span id="line-261"> };</span> |
| <span class="source-line-no">262</span><span id="line-262"></span> |
| <span class="source-line-no">263</span><span id="line-263"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">264</span><span id="line-264"> }</span> |
| <span class="source-line-no">265</span><span id="line-265"></span> |
| <span class="source-line-no">266</span><span id="line-266"> @Test</span> |
| <span class="source-line-no">267</span><span id="line-267"> public void testRemoveRSGroup() throws Exception {</span> |
| <span class="source-line-no">268</span><span id="line-268"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">269</span><span id="line-269"> checkPermission("removeRSGroup");</span> |
| <span class="source-line-no">270</span><span id="line-270"> return null;</span> |
| <span class="source-line-no">271</span><span id="line-271"> };</span> |
| <span class="source-line-no">272</span><span id="line-272"></span> |
| <span class="source-line-no">273</span><span id="line-273"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">274</span><span id="line-274"> }</span> |
| <span class="source-line-no">275</span><span id="line-275"></span> |
| <span class="source-line-no">276</span><span id="line-276"> @Test</span> |
| <span class="source-line-no">277</span><span id="line-277"> public void testBalanceRSGroup() throws Exception {</span> |
| <span class="source-line-no">278</span><span id="line-278"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">279</span><span id="line-279"> checkPermission("balanceRSGroup");</span> |
| <span class="source-line-no">280</span><span id="line-280"> return null;</span> |
| <span class="source-line-no">281</span><span id="line-281"> };</span> |
| <span class="source-line-no">282</span><span id="line-282"></span> |
| <span class="source-line-no">283</span><span id="line-283"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">284</span><span id="line-284"> }</span> |
| <span class="source-line-no">285</span><span id="line-285"></span> |
| <span class="source-line-no">286</span><span id="line-286"> @Test</span> |
| <span class="source-line-no">287</span><span id="line-287"> public void testListRSGroup() throws Exception {</span> |
| <span class="source-line-no">288</span><span id="line-288"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">289</span><span id="line-289"> checkPermission("listRSGroup");</span> |
| <span class="source-line-no">290</span><span id="line-290"> return null;</span> |
| <span class="source-line-no">291</span><span id="line-291"> };</span> |
| <span class="source-line-no">292</span><span id="line-292"></span> |
| <span class="source-line-no">293</span><span id="line-293"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">294</span><span id="line-294"> }</span> |
| <span class="source-line-no">295</span><span id="line-295"></span> |
| <span class="source-line-no">296</span><span id="line-296"> @Test</span> |
| <span class="source-line-no">297</span><span id="line-297"> public void testGetRSGroupInfoOfServer() throws Exception {</span> |
| <span class="source-line-no">298</span><span id="line-298"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">299</span><span id="line-299"> checkPermission("getRSGroupInfoOfServer");</span> |
| <span class="source-line-no">300</span><span id="line-300"> return null;</span> |
| <span class="source-line-no">301</span><span id="line-301"> };</span> |
| <span class="source-line-no">302</span><span id="line-302"></span> |
| <span class="source-line-no">303</span><span id="line-303"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">304</span><span id="line-304"> }</span> |
| <span class="source-line-no">305</span><span id="line-305"></span> |
| <span class="source-line-no">306</span><span id="line-306"> @Test</span> |
| <span class="source-line-no">307</span><span id="line-307"> public void testMoveServersAndTables() throws Exception {</span> |
| <span class="source-line-no">308</span><span id="line-308"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">309</span><span id="line-309"> checkPermission("moveServersAndTables");</span> |
| <span class="source-line-no">310</span><span id="line-310"> return null;</span> |
| <span class="source-line-no">311</span><span id="line-311"> };</span> |
| <span class="source-line-no">312</span><span id="line-312"></span> |
| <span class="source-line-no">313</span><span id="line-313"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">314</span><span id="line-314"> }</span> |
| <span class="source-line-no">315</span><span id="line-315"></span> |
| <span class="source-line-no">316</span><span id="line-316"> @Test</span> |
| <span class="source-line-no">317</span><span id="line-317"> public void testRemoveServers() throws Exception {</span> |
| <span class="source-line-no">318</span><span id="line-318"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">319</span><span id="line-319"> checkPermission("removeServers");</span> |
| <span class="source-line-no">320</span><span id="line-320"> return null;</span> |
| <span class="source-line-no">321</span><span id="line-321"> };</span> |
| <span class="source-line-no">322</span><span id="line-322"></span> |
| <span class="source-line-no">323</span><span id="line-323"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">324</span><span id="line-324"> }</span> |
| <span class="source-line-no">325</span><span id="line-325"></span> |
| <span class="source-line-no">326</span><span id="line-326"> @Test</span> |
| <span class="source-line-no">327</span><span id="line-327"> public void testRenameRSGroup() throws Exception {</span> |
| <span class="source-line-no">328</span><span id="line-328"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">329</span><span id="line-329"> checkPermission("renameRSGroup");</span> |
| <span class="source-line-no">330</span><span id="line-330"> return null;</span> |
| <span class="source-line-no">331</span><span id="line-331"> };</span> |
| <span class="source-line-no">332</span><span id="line-332"></span> |
| <span class="source-line-no">333</span><span id="line-333"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">334</span><span id="line-334"> }</span> |
| <span class="source-line-no">335</span><span id="line-335"></span> |
| <span class="source-line-no">336</span><span id="line-336"> @Test</span> |
| <span class="source-line-no">337</span><span id="line-337"> public void testUpdateRSGroupConfig() throws Exception {</span> |
| <span class="source-line-no">338</span><span id="line-338"> AccessTestAction action = () -> {</span> |
| <span class="source-line-no">339</span><span id="line-339"> checkPermission("updateRSGroupConfig");</span> |
| <span class="source-line-no">340</span><span id="line-340"> return null;</span> |
| <span class="source-line-no">341</span><span id="line-341"> };</span> |
| <span class="source-line-no">342</span><span id="line-342"></span> |
| <span class="source-line-no">343</span><span id="line-343"> validateAdminPermissions(action);</span> |
| <span class="source-line-no">344</span><span id="line-344"> }</span> |
| <span class="source-line-no">345</span><span id="line-345"></span> |
| <span class="source-line-no">346</span><span id="line-346"> private void validateAdminPermissions(AccessTestAction action) throws Exception {</span> |
| <span class="source-line-no">347</span><span id="line-347"> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);</span> |
| <span class="source-line-no">348</span><span id="line-348"> verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,</span> |
| <span class="source-line-no">349</span><span id="line-349"> USER_GROUP_WRITE, USER_GROUP_CREATE);</span> |
| <span class="source-line-no">350</span><span id="line-350"> }</span> |
| <span class="source-line-no">351</span><span id="line-351">}</span> |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| </pre> |
| </div> |
| </main> |
| </body> |
| </html> |
