extras/indexing/src/test/java/org/apache/rya/api/client/accumulo/AccumuloAddUserIT.java - rya - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.rya.api.client.accumulo;

 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;

 import org.apache.accumulo.core.client.AccumuloSecurityException;
 import org.apache.accumulo.core.client.admin.SecurityOperations;
 import org.apache.accumulo.core.client.security.tokens.PasswordToken;
 import org.apache.accumulo.core.security.SystemPermission;
 import org.apache.rya.accumulo.AccumuloRdfConfiguration;
 import org.apache.rya.api.client.Install.InstallConfiguration;
 import org.apache.rya.api.client.RyaClient;
 import org.apache.rya.api.instance.RyaDetails;
 import org.apache.rya.indexing.accumulo.ConfigUtils;
 import org.apache.rya.sail.config.RyaSailFactory;
 import org.apache.rya.test.accumulo.AccumuloITBase;
 import org.eclipse.rdf4j.model.ValueFactory;
 import org.eclipse.rdf4j.sail.Sail;
 import org.eclipse.rdf4j.sail.SailConnection;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;

 import com.google.common.collect.ImmutableList;

 /**
  * Integration tests the methods of {@link AccumuloAddUser}.
  */
 public class AccumuloAddUserIT extends AccumuloITBase {

     private final String ADMIN_USER = testInstance.createUniqueUser();

     @Before
     public void beforeClass() throws Exception {
         final SecurityOperations secOps = super.getConnector().securityOperations();

         // Create the user that will install the instance of Rya.
         secOps.createLocalUser(ADMIN_USER, new PasswordToken(ADMIN_USER));
         secOps.grantSystemPermission(ADMIN_USER, SystemPermission.CREATE_TABLE);
     }

     @After
     public void afterClass() throws Exception {
         final SecurityOperations secOps = super.getConnector().securityOperations();
         secOps.dropLocalUser(ADMIN_USER);
     }

     /**
      * Ensure that the user who installs the instance of Rya is reported as being a user who can access it.
      */
     @Test
     public void ryaDetailsIncludesOriginalUser() throws Exception {


         // Create a Rya Client for that user.
         final RyaClient userAClient = AccumuloRyaClientFactory.build(
                 new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
                 super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

         // Install the instance of Rya.
         userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

         // Ensure the Rya instance's details only contain the username of the user who installed the instance.
         final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
                 .add(ADMIN_USER)
                 .build();

         final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
         assertEquals(expectedUsers, details.getUsers());
     }

     /**
      * Ensure that when a user is added to a Rya instance that its details are updated to include the new user.
      */
     @Test
     public void userAddedAlsoAddedToRyaDetails() throws Exception {
         final String user = testInstance.createUniqueUser();
         final SecurityOperations secOps = super.getConnector().securityOperations();

         final RyaClient userAClient = AccumuloRyaClientFactory.build(
                 new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
                 super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

         // Create the user that will be added to the instance of Rya.
         secOps.createLocalUser(user, new PasswordToken(user));

         // Install the instance of Rya.
         userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

         // Add the user.
         userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);

         // Ensure the Rya instance's details have been updated to include the added user.
         final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
                 .add(ADMIN_USER)
                 .add(user)
                 .build();

         final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
         assertEquals(expectedUsers, details.getUsers());
     }

     /**
      * Ensure a user that has not been added to the Rya instance can not interact with it.
      */
     @Test
     public void userNotAddedCanNotInsert() throws Exception {
         final String user = testInstance.createUniqueUser();
         final SecurityOperations secOps = super.getConnector().securityOperations();

         final RyaClient userAClient = AccumuloRyaClientFactory.build(
                 new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
                 super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

         // Install the instance of Rya.
         userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

         // Create the user that will not be added to the instance of Rya, but will try to scan it.
         secOps.createLocalUser(user, new PasswordToken(user));

         //Try to add a statement the Rya instance with the unauthorized user. This should fail.
         boolean securityExceptionThrown = false;

         Sail sail = null;
         SailConnection sailConn = null;
         try {
             final AccumuloRdfConfiguration userCConf = makeRyaConfig(getRyaInstanceName(), user, user, getInstanceName(), getZookeepers());
             sail = RyaSailFactory.getInstance(userCConf);
             sailConn = sail.getConnection();

             final ValueFactory vf = sail.getValueFactory();
             sailConn.addStatement(vf.createIRI("urn:Alice"), vf.createIRI("urn:talksTo"), vf.createIRI("urn:Bob"));

         } catch(final RuntimeException e) {
             final Throwable cause = e.getCause();
             if(cause instanceof AccumuloSecurityException) {
                 securityExceptionThrown = true;
             }
         } finally {
             if(sailConn != null) {
                 sailConn.close();
             }
             if(sail != null) {
                 sail.shutDown();
             }
         }

         assertTrue(securityExceptionThrown);
     }

     /**
      * Ensure a user that has been added to the Rya instance can interact with it.
      */
     @Test
     public void userAddedCanInsert() throws Exception {
         final String user = testInstance.createUniqueUser();
         final SecurityOperations secOps = super.getConnector().securityOperations();

         final RyaClient userAClient = AccumuloRyaClientFactory.build(
                 new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
                 super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

         // Create the user that will not be added to the instance of Rya, but will try to scan it.
         secOps.createLocalUser(user, new PasswordToken(user));

         // Install the instance of Rya.
         userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

         // Add the user.
         userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);

         // Try to add a statement to the Rya instance. This should succeed.
         Sail sail = null;
         SailConnection sailConn = null;

         try {
             final AccumuloRdfConfiguration userDConf = makeRyaConfig(getRyaInstanceName(), user, user, getInstanceName(), getZookeepers());
             sail = RyaSailFactory.getInstance(userDConf);
             sailConn = sail.getConnection();

             final ValueFactory vf = sail.getValueFactory();
             sailConn.begin();
             sailConn.addStatement(vf.createIRI("urn:Alice"), vf.createIRI("urn:talksTo"), vf.createIRI("urn:Bob"));
             sailConn.close();

         } finally {
             if(sailConn != null) {
                 sailConn.close();
             }
             if(sail != null) {
                 sail.shutDown();
             }
         }
     }

     /**
      * Ensure nothing happens if you try to add a user that is already there.
      */
     @Test
     public void addUserTwice() throws Exception {
         final String user = testInstance.createUniqueUser();
         final SecurityOperations secOps = super.getConnector().securityOperations();

         final RyaClient userAClient = AccumuloRyaClientFactory.build(
                 new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
                 super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

         // Create the user that will not be added to the instance of Rya, but will try to scan it.
         secOps.createLocalUser(user, new PasswordToken(user));

         // Install the instance of Rya.
         userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

         // Add the user.
         userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
         userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);

         // Ensure the Rya instance's details only contain the username of the user who installed the instance.
         final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
                 .add(ADMIN_USER)
                 .add(user)
                 .build();

         final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
         assertEquals(expectedUsers, details.getUsers());
     }

     private static AccumuloRdfConfiguration makeRyaConfig(
             final String ryaInstanceName,
             final String username,
             final String password,
             final String instanceName,
             final String zookeepers) {
         final AccumuloRdfConfiguration conf = new AccumuloRdfConfiguration();
         conf.setTablePrefix(ryaInstanceName);
         // Accumulo connection information.
         conf.set(ConfigUtils.CLOUDBASE_USER, username);
         conf.set(ConfigUtils.CLOUDBASE_PASSWORD, password);
         conf.set(ConfigUtils.CLOUDBASE_INSTANCE, instanceName);
         conf.set(ConfigUtils.CLOUDBASE_ZOOKEEPERS, zookeepers);
         conf.set(ConfigUtils.CLOUDBASE_AUTHS, "");
         return conf;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.rya.api.client.accumulo;

	import static org.junit.Assert.assertEquals;
	import static org.junit.Assert.assertTrue;

	import org.apache.accumulo.core.client.AccumuloSecurityException;
	import org.apache.accumulo.core.client.admin.SecurityOperations;
	import org.apache.accumulo.core.client.security.tokens.PasswordToken;
	import org.apache.accumulo.core.security.SystemPermission;
	import org.apache.rya.accumulo.AccumuloRdfConfiguration;
	import org.apache.rya.api.client.Install.InstallConfiguration;
	import org.apache.rya.api.client.RyaClient;
	import org.apache.rya.api.instance.RyaDetails;
	import org.apache.rya.indexing.accumulo.ConfigUtils;
	import org.apache.rya.sail.config.RyaSailFactory;
	import org.apache.rya.test.accumulo.AccumuloITBase;
	import org.eclipse.rdf4j.model.ValueFactory;
	import org.eclipse.rdf4j.sail.Sail;
	import org.eclipse.rdf4j.sail.SailConnection;
	import org.junit.After;
	import org.junit.Before;
	import org.junit.Test;

	import com.google.common.collect.ImmutableList;

	/**
	* Integration tests the methods of {@link AccumuloAddUser}.
	*/
	public class AccumuloAddUserIT extends AccumuloITBase {

	private final String ADMIN_USER = testInstance.createUniqueUser();

	@Before
	public void beforeClass() throws Exception {
	final SecurityOperations secOps = super.getConnector().securityOperations();

	// Create the user that will install the instance of Rya.
	secOps.createLocalUser(ADMIN_USER, new PasswordToken(ADMIN_USER));
	secOps.grantSystemPermission(ADMIN_USER, SystemPermission.CREATE_TABLE);
	}

	@After
	public void afterClass() throws Exception {
	final SecurityOperations secOps = super.getConnector().securityOperations();
	secOps.dropLocalUser(ADMIN_USER);
	}

	/**
	* Ensure that the user who installs the instance of Rya is reported as being a user who can access it.
	*/
	@Test
	public void ryaDetailsIncludesOriginalUser() throws Exception {


	// Create a Rya Client for that user.
	final RyaClient userAClient = AccumuloRyaClientFactory.build(
	new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
	super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

	// Install the instance of Rya.
	userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

	// Ensure the Rya instance's details only contain the username of the user who installed the instance.
	final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
	.add(ADMIN_USER)
	.build();

	final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
	assertEquals(expectedUsers, details.getUsers());
	}

	/**
	* Ensure that when a user is added to a Rya instance that its details are updated to include the new user.
	*/
	@Test
	public void userAddedAlsoAddedToRyaDetails() throws Exception {
	final String user = testInstance.createUniqueUser();
	final SecurityOperations secOps = super.getConnector().securityOperations();

	final RyaClient userAClient = AccumuloRyaClientFactory.build(
	new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
	super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

	// Create the user that will be added to the instance of Rya.
	secOps.createLocalUser(user, new PasswordToken(user));

	// Install the instance of Rya.
	userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

	// Add the user.
	userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);

	// Ensure the Rya instance's details have been updated to include the added user.
	final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
	.add(ADMIN_USER)
	.add(user)
	.build();

	final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
	assertEquals(expectedUsers, details.getUsers());
	}

	/**
	* Ensure a user that has not been added to the Rya instance can not interact with it.
	*/
	@Test
	public void userNotAddedCanNotInsert() throws Exception {
	final String user = testInstance.createUniqueUser();
	final SecurityOperations secOps = super.getConnector().securityOperations();

	final RyaClient userAClient = AccumuloRyaClientFactory.build(
	new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
	super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

	// Install the instance of Rya.
	userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

	// Create the user that will not be added to the instance of Rya, but will try to scan it.
	secOps.createLocalUser(user, new PasswordToken(user));

	//Try to add a statement the Rya instance with the unauthorized user. This should fail.
	boolean securityExceptionThrown = false;

	Sail sail = null;
	SailConnection sailConn = null;
	try {
	final AccumuloRdfConfiguration userCConf = makeRyaConfig(getRyaInstanceName(), user, user, getInstanceName(), getZookeepers());
	sail = RyaSailFactory.getInstance(userCConf);
	sailConn = sail.getConnection();

	final ValueFactory vf = sail.getValueFactory();
	sailConn.addStatement(vf.createIRI("urn:Alice"), vf.createIRI("urn:talksTo"), vf.createIRI("urn:Bob"));

	} catch(final RuntimeException e) {
	final Throwable cause = e.getCause();
	if(cause instanceof AccumuloSecurityException) {
	securityExceptionThrown = true;
	}
	} finally {
	if(sailConn != null) {
	sailConn.close();
	}
	if(sail != null) {
	sail.shutDown();
	}
	}

	assertTrue(securityExceptionThrown);
	}

	/**
	* Ensure a user that has been added to the Rya instance can interact with it.
	*/
	@Test
	public void userAddedCanInsert() throws Exception {
	final String user = testInstance.createUniqueUser();
	final SecurityOperations secOps = super.getConnector().securityOperations();

	final RyaClient userAClient = AccumuloRyaClientFactory.build(
	new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
	super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

	// Create the user that will not be added to the instance of Rya, but will try to scan it.
	secOps.createLocalUser(user, new PasswordToken(user));

	// Install the instance of Rya.
	userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

	// Add the user.
	userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);

	// Try to add a statement to the Rya instance. This should succeed.
	Sail sail = null;
	SailConnection sailConn = null;

	try {
	final AccumuloRdfConfiguration userDConf = makeRyaConfig(getRyaInstanceName(), user, user, getInstanceName(), getZookeepers());
	sail = RyaSailFactory.getInstance(userDConf);
	sailConn = sail.getConnection();

	final ValueFactory vf = sail.getValueFactory();
	sailConn.begin();
	sailConn.addStatement(vf.createIRI("urn:Alice"), vf.createIRI("urn:talksTo"), vf.createIRI("urn:Bob"));
	sailConn.close();

	} finally {
	if(sailConn != null) {
	sailConn.close();
	}
	if(sail != null) {
	sail.shutDown();
	}
	}
	}

	/**
	* Ensure nothing happens if you try to add a user that is already there.
	*/
	@Test
	public void addUserTwice() throws Exception {
	final String user = testInstance.createUniqueUser();
	final SecurityOperations secOps = super.getConnector().securityOperations();

	final RyaClient userAClient = AccumuloRyaClientFactory.build(
	new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()),
	super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));

	// Create the user that will not be added to the instance of Rya, but will try to scan it.
	secOps.createLocalUser(user, new PasswordToken(user));

	// Install the instance of Rya.
	userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());

	// Add the user.
	userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
	userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);

	// Ensure the Rya instance's details only contain the username of the user who installed the instance.
	final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
	.add(ADMIN_USER)
	.add(user)
	.build();

	final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
	assertEquals(expectedUsers, details.getUsers());
	}

	private static AccumuloRdfConfiguration makeRyaConfig(
	final String ryaInstanceName,
	final String username,
	final String password,
	final String instanceName,
	final String zookeepers) {
	final AccumuloRdfConfiguration conf = new AccumuloRdfConfiguration();
	conf.setTablePrefix(ryaInstanceName);
	// Accumulo connection information.
	conf.set(ConfigUtils.CLOUDBASE_USER, username);
	conf.set(ConfigUtils.CLOUDBASE_PASSWORD, password);
	conf.set(ConfigUtils.CLOUDBASE_INSTANCE, instanceName);
	conf.set(ConfigUtils.CLOUDBASE_ZOOKEEPERS, zookeepers);
	conf.set(ConfigUtils.CLOUDBASE_AUTHS, "");
	return conf;
	}
	}