solr/solrj/src/test/org/apache/solr/common/cloud/SolrZkClientTest.java - lucene-solr - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.solr.common.cloud;

 import java.io.File;
 import java.lang.invoke.MethodHandles;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Path;
 import java.security.NoSuchAlgorithmException;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicInteger;

 import org.apache.solr.client.solrj.impl.CloudSolrClient;
 import org.apache.solr.client.solrj.request.CollectionAdminRequest;
 import org.apache.solr.cloud.AbstractZkTestCase;
 import org.apache.solr.cloud.SolrCloudTestCase;
 import org.apache.solr.cloud.ZkTestServer;
 import org.apache.solr.util.ExternalPaths;
 import org.apache.zookeeper.KeeperException;
 import org.apache.zookeeper.WatchedEvent;
 import org.apache.zookeeper.Watcher;
 import org.apache.zookeeper.ZooDefs;
 import org.apache.zookeeper.data.ACL;
 import org.apache.zookeeper.data.Id;
 import org.apache.zookeeper.server.auth.DigestAuthenticationProvider;
 import org.junit.Test;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 public class SolrZkClientTest extends SolrCloudTestCase {
   private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());

   private static final String ROOT = "/";
   private static final String PATH = "/collections/collection1";

   protected ZkTestServer zkServer;

   SolrZkClient aclClient;
   SolrZkClient credentialsClient;
   SolrZkClient defaultClient;
   private CloudSolrClient solrClient;


   @Override
   public void setUp() throws Exception {
     super.setUp();
     configureCluster(1)
         .addConfig("_default", new File(ExternalPaths.DEFAULT_CONFIGSET).toPath())
         .configure();
     solrClient = getCloudSolrClient(cluster.getZkServer().getZkAddress());

     final String SCHEME = "digest";
     final String AUTH = "user:pass";

     Path zkDir = createTempDir();
     log.info("ZooKeeper dataDir:{}", zkDir);
     zkServer = new ZkTestServer(zkDir);
     zkServer.run();

     try (SolrZkClient client = new SolrZkClient(zkServer.getZkHost(), AbstractZkTestCase.TIMEOUT)) {
       // Set up chroot
       client.makePath("/solr", false, true);
     }

     defaultClient = new SolrZkClient(zkServer.getZkAddress(), AbstractZkTestCase.TIMEOUT);
     defaultClient.makePath(PATH, true);

     aclClient = new SolrZkClient(zkServer.getZkAddress(), AbstractZkTestCase.TIMEOUT) {
       @Override
       protected ZkACLProvider createZkACLProvider() {
         return new DefaultZkACLProvider() {
           @Override
           protected List<ACL> createGlobalACLsToAdd() {
             try {
               Id id = new Id(SCHEME, DigestAuthenticationProvider.generateDigest(AUTH));
               return Collections.singletonList(new ACL(ZooDefs.Perms.ALL, id));
             } catch (NoSuchAlgorithmException e) {
               throw new RuntimeException(e);
             }
           }
         };
       }
     };

     credentialsClient = new SolrZkClient(zkServer.getZkAddress(), AbstractZkTestCase.TIMEOUT) {
       @Override
       protected ZkCredentialsProvider createZkCredentialsToAddAutomatically() {
         return new DefaultZkCredentialsProvider() {
           @Override
           protected Collection<ZkCredentials> createCredentials() {
             return Collections.singleton(new ZkCredentials(SCHEME, AUTH.getBytes(StandardCharsets.UTF_8)));
           }
         };
       }
     };
   }

   @Override
   public void tearDown() throws Exception {
     aclClient.close();
     credentialsClient.close();
     defaultClient.close();
     zkServer.shutdown();
     solrClient.close();
     cluster.shutdown();
     super.tearDown();
   }


   @Test
   public void testSimpleUpdateACLs() throws KeeperException, InterruptedException {
     assertTrue("Initial create was in secure mode; please check the test", canRead(defaultClient, PATH));
     assertTrue("Credentialed client should always be able to read", canRead(credentialsClient, PATH));

     // convert to secure
     aclClient.updateACLs(ROOT);
     assertFalse("Default client should not be able to read root in secure mode", canRead(defaultClient, ROOT));
     assertFalse("Default client should not be able to read children in secure mode", canRead(defaultClient, PATH));
     assertTrue("Credentialed client should always be able to read root in secure mode", canRead(credentialsClient, ROOT));
     assertTrue("Credentialed client should always be able to read in secure mode", canRead(credentialsClient, PATH));

     // convert to non-secure
     credentialsClient.updateACLs(ROOT);
     assertTrue("Default client should work again after clearing ACLs", canRead(defaultClient, PATH));
     assertTrue("Credentialed client should always be able to read", canRead(credentialsClient, PATH));

     // convert a subtree to secure
     aclClient.updateACLs("/collections");
     assertTrue("Default client should read unaffected paths", canRead(defaultClient, ROOT));
     assertFalse("Default client should not read secure children", canRead(defaultClient, PATH));
   }

   @Test
   // SOLR-13491
   public void testWrappingWatches() throws Exception {
     AtomicInteger calls = new AtomicInteger(0);
     Semaphore semA = new Semaphore(0);
     Semaphore semB = new Semaphore(0);
     Watcher watcherA = new Watcher() {
       @Override
       public void process(WatchedEvent event) {
         calls.getAndIncrement();
         semA.release();
       }
     };
     Watcher watcherB = new Watcher() {
       @Override
       public void process(WatchedEvent event) {
         calls.getAndDecrement();
         semB.release();
       }
     };
     Watcher wrapped1A = defaultClient.wrapWatcher(watcherA);
     Watcher wrapped2A = defaultClient.wrapWatcher(watcherA);
     Watcher wrappedB = defaultClient.wrapWatcher(watcherB);
     assertTrue(wrapped1A.equals(wrapped2A));
     assertTrue(wrapped2A.equals(wrapped1A));
     assertFalse(wrapped1A.equals(wrappedB));
     assertEquals(wrapped1A.hashCode(), wrapped2A.hashCode());

     CollectionAdminRequest.createCollection(getSaferTestName(), "_default", 1, 1)
         .setMaxShardsPerNode(2)
         .process(solrClient);

     CollectionAdminRequest.setCollectionProperty(getSaferTestName(),"foo", "bar")
         .process(solrClient);

     //Thread.sleep(600000);

     solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrapped1A, null,true);
     solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrapped2A, null,true);

     CollectionAdminRequest.setCollectionProperty(getSaferTestName(),"baz", "bam")
         .process(solrClient);

     assertTrue("Watch A didn't trigger", semA.tryAcquire(5, TimeUnit.SECONDS));
     if (TEST_NIGHTLY) {
       // give more time in nightly tests to ensure no extra watch calls
       Thread.sleep(500);
     }
     assertEquals(1, calls.get()); // same wrapped watch set twice, only invoked once

     solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrapped1A, null,true);
     solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrappedB, null,true);

     CollectionAdminRequest.setCollectionProperty(getSaferTestName(),"baz", "bang")
         .process(solrClient);

     assertTrue("Watch A didn't trigger", semA.tryAcquire(5, TimeUnit.SECONDS));
     assertTrue("Watch B didn't trigger", semB.tryAcquire(5, TimeUnit.SECONDS));
     if (TEST_NIGHTLY) {
       // give more time in nightly tests to ensure no extra watch calls
       Thread.sleep(500);
     }
     assertEquals(1, calls.get()); // offsetting watches, no change
   }

   private static boolean canRead(SolrZkClient zkClient, String path) throws KeeperException, InterruptedException {
     try {
       zkClient.getData(path, null, null, true);
       return true;
     } catch (KeeperException.NoAuthException e) {
       return false;
     }
   }

   @Test
   public void getConfig() {
     // As the embedded ZK is hardcoded to standalone, there is no way to test actual config data here
     assertEquals("", defaultClient.getConfig());
   }

   @Test
   public void testCheckInterrupted() {
     assertFalse(Thread.currentThread().isInterrupted());
     SolrZkClient.checkInterrupted(new RuntimeException());
     assertFalse(Thread.currentThread().isInterrupted());
     SolrZkClient.checkInterrupted(new InterruptedException());
     assertTrue(Thread.currentThread().isInterrupted());
   }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.solr.common.cloud;

	import java.io.File;
	import java.lang.invoke.MethodHandles;
	import java.nio.charset.StandardCharsets;
	import java.nio.file.Path;
	import java.security.NoSuchAlgorithmException;
	import java.util.Collection;
	import java.util.Collections;
	import java.util.List;
	import java.util.concurrent.Semaphore;
	import java.util.concurrent.TimeUnit;
	import java.util.concurrent.atomic.AtomicInteger;

	import org.apache.solr.client.solrj.impl.CloudSolrClient;
	import org.apache.solr.client.solrj.request.CollectionAdminRequest;
	import org.apache.solr.cloud.AbstractZkTestCase;
	import org.apache.solr.cloud.SolrCloudTestCase;
	import org.apache.solr.cloud.ZkTestServer;
	import org.apache.solr.util.ExternalPaths;
	import org.apache.zookeeper.KeeperException;
	import org.apache.zookeeper.WatchedEvent;
	import org.apache.zookeeper.Watcher;
	import org.apache.zookeeper.ZooDefs;
	import org.apache.zookeeper.data.ACL;
	import org.apache.zookeeper.data.Id;
	import org.apache.zookeeper.server.auth.DigestAuthenticationProvider;
	import org.junit.Test;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	public class SolrZkClientTest extends SolrCloudTestCase {
	private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());

	private static final String ROOT = "/";
	private static final String PATH = "/collections/collection1";

	protected ZkTestServer zkServer;

	SolrZkClient aclClient;
	SolrZkClient credentialsClient;
	SolrZkClient defaultClient;
	private CloudSolrClient solrClient;


	@Override
	public void setUp() throws Exception {
	super.setUp();
	configureCluster(1)
	.addConfig("_default", new File(ExternalPaths.DEFAULT_CONFIGSET).toPath())
	.configure();
	solrClient = getCloudSolrClient(cluster.getZkServer().getZkAddress());

	final String SCHEME = "digest";
	final String AUTH = "user:pass";

	Path zkDir = createTempDir();
	log.info("ZooKeeper dataDir:{}", zkDir);
	zkServer = new ZkTestServer(zkDir);
	zkServer.run();

	try (SolrZkClient client = new SolrZkClient(zkServer.getZkHost(), AbstractZkTestCase.TIMEOUT)) {
	// Set up chroot
	client.makePath("/solr", false, true);
	}

	defaultClient = new SolrZkClient(zkServer.getZkAddress(), AbstractZkTestCase.TIMEOUT);
	defaultClient.makePath(PATH, true);

	aclClient = new SolrZkClient(zkServer.getZkAddress(), AbstractZkTestCase.TIMEOUT) {
	@Override
	protected ZkACLProvider createZkACLProvider() {
	return new DefaultZkACLProvider() {
	@Override
	protected List<ACL> createGlobalACLsToAdd() {
	try {
	Id id = new Id(SCHEME, DigestAuthenticationProvider.generateDigest(AUTH));
	return Collections.singletonList(new ACL(ZooDefs.Perms.ALL, id));
	} catch (NoSuchAlgorithmException e) {
	throw new RuntimeException(e);
	}
	}
	};
	}
	};

	credentialsClient = new SolrZkClient(zkServer.getZkAddress(), AbstractZkTestCase.TIMEOUT) {
	@Override
	protected ZkCredentialsProvider createZkCredentialsToAddAutomatically() {
	return new DefaultZkCredentialsProvider() {
	@Override
	protected Collection<ZkCredentials> createCredentials() {
	return Collections.singleton(new ZkCredentials(SCHEME, AUTH.getBytes(StandardCharsets.UTF_8)));
	}
	};
	}
	};
	}

	@Override
	public void tearDown() throws Exception {
	aclClient.close();
	credentialsClient.close();
	defaultClient.close();
	zkServer.shutdown();
	solrClient.close();
	cluster.shutdown();
	super.tearDown();
	}


	@Test
	public void testSimpleUpdateACLs() throws KeeperException, InterruptedException {
	assertTrue("Initial create was in secure mode; please check the test", canRead(defaultClient, PATH));
	assertTrue("Credentialed client should always be able to read", canRead(credentialsClient, PATH));

	// convert to secure
	aclClient.updateACLs(ROOT);
	assertFalse("Default client should not be able to read root in secure mode", canRead(defaultClient, ROOT));
	assertFalse("Default client should not be able to read children in secure mode", canRead(defaultClient, PATH));
	assertTrue("Credentialed client should always be able to read root in secure mode", canRead(credentialsClient, ROOT));
	assertTrue("Credentialed client should always be able to read in secure mode", canRead(credentialsClient, PATH));

	// convert to non-secure
	credentialsClient.updateACLs(ROOT);
	assertTrue("Default client should work again after clearing ACLs", canRead(defaultClient, PATH));
	assertTrue("Credentialed client should always be able to read", canRead(credentialsClient, PATH));

	// convert a subtree to secure
	aclClient.updateACLs("/collections");
	assertTrue("Default client should read unaffected paths", canRead(defaultClient, ROOT));
	assertFalse("Default client should not read secure children", canRead(defaultClient, PATH));
	}

	@Test
	// SOLR-13491
	public void testWrappingWatches() throws Exception {
	AtomicInteger calls = new AtomicInteger(0);
	Semaphore semA = new Semaphore(0);
	Semaphore semB = new Semaphore(0);
	Watcher watcherA = new Watcher() {
	@Override
	public void process(WatchedEvent event) {
	calls.getAndIncrement();
	semA.release();
	}
	};
	Watcher watcherB = new Watcher() {
	@Override
	public void process(WatchedEvent event) {
	calls.getAndDecrement();
	semB.release();
	}
	};
	Watcher wrapped1A = defaultClient.wrapWatcher(watcherA);
	Watcher wrapped2A = defaultClient.wrapWatcher(watcherA);
	Watcher wrappedB = defaultClient.wrapWatcher(watcherB);
	assertTrue(wrapped1A.equals(wrapped2A));
	assertTrue(wrapped2A.equals(wrapped1A));
	assertFalse(wrapped1A.equals(wrappedB));
	assertEquals(wrapped1A.hashCode(), wrapped2A.hashCode());

	CollectionAdminRequest.createCollection(getSaferTestName(), "_default", 1, 1)
	.setMaxShardsPerNode(2)
	.process(solrClient);

	CollectionAdminRequest.setCollectionProperty(getSaferTestName(),"foo", "bar")
	.process(solrClient);

	//Thread.sleep(600000);

	solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrapped1A, null,true);
	solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrapped2A, null,true);

	CollectionAdminRequest.setCollectionProperty(getSaferTestName(),"baz", "bam")
	.process(solrClient);

	assertTrue("Watch A didn't trigger", semA.tryAcquire(5, TimeUnit.SECONDS));
	if (TEST_NIGHTLY) {
	// give more time in nightly tests to ensure no extra watch calls
	Thread.sleep(500);
	}
	assertEquals(1, calls.get()); // same wrapped watch set twice, only invoked once

	solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrapped1A, null,true);
	solrClient.getZkStateReader().getZkClient().getData("/collections/" + getSaferTestName() + "/collectionprops.json",wrappedB, null,true);

	CollectionAdminRequest.setCollectionProperty(getSaferTestName(),"baz", "bang")
	.process(solrClient);

	assertTrue("Watch A didn't trigger", semA.tryAcquire(5, TimeUnit.SECONDS));
	assertTrue("Watch B didn't trigger", semB.tryAcquire(5, TimeUnit.SECONDS));
	if (TEST_NIGHTLY) {
	// give more time in nightly tests to ensure no extra watch calls
	Thread.sleep(500);
	}
	assertEquals(1, calls.get()); // offsetting watches, no change
	}

	private static boolean canRead(SolrZkClient zkClient, String path) throws KeeperException, InterruptedException {
	try {
	zkClient.getData(path, null, null, true);
	return true;
	} catch (KeeperException.NoAuthException e) {
	return false;
	}
	}

	@Test
	public void getConfig() {
	// As the embedded ZK is hardcoded to standalone, there is no way to test actual config data here
	assertEquals("", defaultClient.getConfig());
	}

	@Test
	public void testCheckInterrupted() {
	assertFalse(Thread.currentThread().isInterrupted());
	SolrZkClient.checkInterrupted(new RuntimeException());
	assertFalse(Thread.currentThread().isInterrupted());
	SolrZkClient.checkInterrupted(new InterruptedException());
	assertTrue(Thread.currentThread().isInterrupted());
	}

	}