From 7d561f791b3b5c4bfeff8a5da6afb8078d37434a Mon Sep 17 00:00:00 2001 From: Ashish Singhi Date: Mon, 11 May 2015 15:24:04 +0530 Subject: [PATCH] HBASE-13658 Improve the test run time for TestAccessController* classes --- .../security/access/TestAccessController.java | 238 +++++++++++---------- .../security/access/TestAccessController2.java | 18 +- 2 files changed, 132 insertions(+), 124 deletions(-) diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java index 11b9006..ce64de5 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java @@ -106,14 +106,10 @@ import org.apache.hadoop.hbase.testclassification.LargeTests; import org.apache.hadoop.hbase.testclassification.SecurityTests; import org.apache.hadoop.hbase.util.Bytes; import org.apache.hadoop.hbase.util.JVMClusterUtil; -import org.apache.hadoop.hbase.util.TestTableName; import org.apache.log4j.Level; import org.apache.log4j.Logger; -import org.junit.After; import org.junit.AfterClass; -import org.junit.Before; import org.junit.BeforeClass; -import org.junit.Rule; import org.junit.Test; import org.junit.experimental.categories.Category; @@ -137,7 +133,7 @@ public class TestAccessController extends SecureTestUtil { Logger.getLogger(TableAuthManager.class).setLevel(Level.TRACE); } - @Rule public TestTableName TEST_TABLE = new TestTableName(); + private static TableName TEST_TABLE = TableName.valueOf("testtable1"); private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility(); private static Configuration conf; @@ -176,7 +172,7 @@ public class TestAccessController extends SecureTestUtil { private static MasterCoprocessorEnvironment CP_ENV; private static AccessController ACCESS_CONTROLLER; private static RegionServerCoprocessorEnvironment RSCP_ENV; - private RegionCoprocessorEnvironment RCP_ENV; + private static RegionCoprocessorEnvironment RCP_ENV; @BeforeClass public static void setupBeforeClass() throws Exception { @@ -219,25 +215,24 @@ public class TestAccessController extends SecureTestUtil { USER_ADMIN_CF = User.createUserForTesting(conf, "col_family_admin", new String[0]); systemUserConnection = TEST_UTIL.getConnection(); + setUp(); } @AfterClass public static void tearDownAfterClass() throws Exception { + tearDown(); TEST_UTIL.shutdownMiniCluster(); } - @Before - public void setUp() throws Exception { - // Create the test table (owner added to the _acl_ table) - Admin admin = TEST_UTIL.getHBaseAdmin(); - HTableDescriptor htd = new HTableDescriptor(TEST_TABLE.getTableName()); + public static void setUp() throws Exception { + HTableDescriptor htd = new HTableDescriptor(TEST_TABLE); HColumnDescriptor hcd = new HColumnDescriptor(TEST_FAMILY); hcd.setMaxVersions(100); htd.addFamily(hcd); htd.setOwner(USER_OWNER); createTable(TEST_UTIL, htd, new byte[][] { Bytes.toBytes("s") }); - Region region = TEST_UTIL.getHBaseCluster().getRegions(TEST_TABLE.getTableName()).get(0); + Region region = TEST_UTIL.getHBaseCluster().getRegions(TEST_TABLE).get(0); RegionCoprocessorHost rcpHost = region.getCoprocessorHost(); RCP_ENV = rcpHost.createEnvironment(AccessController.class, ACCESS_CONTROLLER, Coprocessor.PRIORITY_HIGHEST, 1, conf); @@ -251,26 +246,26 @@ public class TestAccessController extends SecureTestUtil { Permission.Action.WRITE); grantOnTable(TEST_UTIL, USER_RW.getShortName(), - TEST_TABLE.getTableName(), TEST_FAMILY, null, + TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ, Permission.Action.WRITE); // USER_CREATE is USER_RW plus CREATE permissions grantOnTable(TEST_UTIL, USER_CREATE.getShortName(), - TEST_TABLE.getTableName(), null, null, + TEST_TABLE, null, null, Permission.Action.CREATE, Permission.Action.READ, Permission.Action.WRITE); grantOnTable(TEST_UTIL, USER_RO.getShortName(), - TEST_TABLE.getTableName(), TEST_FAMILY, null, + TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ); grantOnTable(TEST_UTIL, USER_ADMIN_CF.getShortName(), - TEST_TABLE.getTableName(), TEST_FAMILY, + TEST_TABLE, TEST_FAMILY, null, Permission.Action.ADMIN, Permission.Action.CREATE); - assertEquals(5, AccessControlLists.getTablePermissions(conf, TEST_TABLE.getTableName()).size()); + assertEquals(5, AccessControlLists.getTablePermissions(conf, TEST_TABLE).size()); try { assertEquals(5, AccessControlClient.getUserPermissions(systemUserConnection, TEST_TABLE.toString()).size()); @@ -279,21 +274,20 @@ public class TestAccessController extends SecureTestUtil { } } - @After - public void tearDown() throws Exception { + public static void tearDown() throws Exception { // Clean the _acl_ table try { - deleteTable(TEST_UTIL, TEST_TABLE.getTableName()); + deleteTable(TEST_UTIL, TEST_TABLE); } catch (TableNotFoundException ex) { // Test deleted the table, no problem - LOG.info("Test deleted table " + TEST_TABLE.getTableName()); + LOG.info("Test deleted table " + TEST_TABLE); } // Verify all table/namespace permissions are erased - assertEquals(0, AccessControlLists.getTablePermissions(conf, TEST_TABLE.getTableName()).size()); + assertEquals(0, AccessControlLists.getTablePermissions(conf, TEST_TABLE).size()); assertEquals( 0, AccessControlLists.getNamespacePermissions(conf, - TEST_TABLE.getTableName().getNamespaceAsString()).size()); + TEST_TABLE.getNamespaceAsString()).size()); } @Test @@ -320,11 +314,11 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction modifyTable = new AccessTestAction() { @Override public Object run() throws Exception { - HTableDescriptor htd = new HTableDescriptor(TEST_TABLE.getTableName()); + HTableDescriptor htd = new HTableDescriptor(TEST_TABLE); htd.addFamily(new HColumnDescriptor(TEST_FAMILY)); htd.addFamily(new HColumnDescriptor("fam_" + User.getCurrent().getShortName())); ACCESS_CONTROLLER.preModifyTable(ObserverContext.createAndPrepare(CP_ENV, null), - TEST_TABLE.getTableName(), htd); + TEST_TABLE, htd); return null; } }; @@ -339,7 +333,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { ACCESS_CONTROLLER - .preDeleteTable(ObserverContext.createAndPrepare(CP_ENV, null), TEST_TABLE.getTableName()); + .preDeleteTable(ObserverContext.createAndPrepare(CP_ENV, null), TEST_TABLE); return null; } }; @@ -355,7 +349,7 @@ public class TestAccessController extends SecureTestUtil { public Object run() throws Exception { ACCESS_CONTROLLER .preTruncateTable(ObserverContext.createAndPrepare(CP_ENV, null), - TEST_TABLE.getTableName()); + TEST_TABLE); return null; } }; @@ -370,7 +364,7 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction action = new AccessTestAction() { @Override public Object run() throws Exception { - ACCESS_CONTROLLER.preAddColumn(ObserverContext.createAndPrepare(CP_ENV, null), TEST_TABLE.getTableName(), + ACCESS_CONTROLLER.preAddColumn(ObserverContext.createAndPrepare(CP_ENV, null), TEST_TABLE, hcd); return null; } @@ -388,7 +382,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { ACCESS_CONTROLLER.preModifyColumn(ObserverContext.createAndPrepare(CP_ENV, null), - TEST_TABLE.getTableName(), hcd); + TEST_TABLE, hcd); return null; } }; @@ -403,7 +397,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { ACCESS_CONTROLLER.preDeleteColumn(ObserverContext.createAndPrepare(CP_ENV, null), - TEST_TABLE.getTableName(), TEST_FAMILY); + TEST_TABLE, TEST_FAMILY); return null; } }; @@ -418,7 +412,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { ACCESS_CONTROLLER.preDisableTable(ObserverContext.createAndPrepare(CP_ENV, null), - TEST_TABLE.getTableName()); + TEST_TABLE); return null; } }; @@ -445,7 +439,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { ACCESS_CONTROLLER - .preEnableTable(ObserverContext.createAndPrepare(CP_ENV, null), TEST_TABLE.getTableName()); + .preEnableTable(ObserverContext.createAndPrepare(CP_ENV, null), TEST_TABLE); return null; } }; @@ -457,7 +451,7 @@ public class TestAccessController extends SecureTestUtil { @Test public void testMove() throws Exception { List regions; - try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE.getTableName())) { + try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE)) { regions = locator.getAllRegionLocations(); } HRegionLocation location = regions.get(0); @@ -479,7 +473,7 @@ public class TestAccessController extends SecureTestUtil { @Test public void testAssign() throws Exception { List regions; - try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE.getTableName())) { + try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE)) { regions = locator.getAllRegionLocations(); } HRegionLocation location = regions.get(0); @@ -499,7 +493,7 @@ public class TestAccessController extends SecureTestUtil { @Test public void testUnassign() throws Exception { List regions; - try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE.getTableName())) { + try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE)) { regions = locator.getAllRegionLocations(); } HRegionLocation location = regions.get(0); @@ -519,7 +513,7 @@ public class TestAccessController extends SecureTestUtil { @Test public void testRegionOffline() throws Exception { List regions; - try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE.getTableName())) { + try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE)) { regions = locator.getAllRegionLocations(); } HRegionLocation location = regions.get(0); @@ -629,7 +623,9 @@ public class TestAccessController extends SecureTestUtil { @Test public void testMergeRegions() throws Exception { - final List regions = TEST_UTIL.getHBaseCluster().findRegionsForTable(TEST_TABLE.getTableName()); + final TableName tname = TableName.valueOf("testMergeRegions"); + createTestTable(tname); + final List regions = TEST_UTIL.getHBaseCluster().findRegionsForTable(tname); assertTrue("not enough regions: " + regions.size(), regions.size() >= 2); AccessTestAction action = new AccessTestAction() { @@ -644,6 +640,8 @@ public class TestAccessController extends SecureTestUtil { verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER); verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE); + + deleteTable(TEST_UTIL, tname); } @Test @@ -694,7 +692,7 @@ public class TestAccessController extends SecureTestUtil { Get g = new Get(TEST_ROW); g.addFamily(TEST_FAMILY); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName())) { + Table t = conn.getTable(TEST_TABLE)) { t.get(g); } return null; @@ -709,7 +707,7 @@ public class TestAccessController extends SecureTestUtil { Scan s = new Scan(); s.addFamily(TEST_FAMILY); try(Connection conn = ConnectionFactory.createConnection(conf); - Table table = conn.getTable(TEST_TABLE.getTableName())) { + Table table = conn.getTable(TEST_TABLE)) { ResultScanner scanner = table.getScanner(s); try { for (Result r = scanner.next(); r != null; r = scanner.next()) { @@ -736,7 +734,7 @@ public class TestAccessController extends SecureTestUtil { Put p = new Put(TEST_ROW); p.add(TEST_FAMILY, TEST_QUALIFIER, Bytes.toBytes(1)); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName())) { + Table t = conn.getTable(TEST_TABLE)) { t.put(p); } return null; @@ -751,7 +749,7 @@ public class TestAccessController extends SecureTestUtil { Delete d = new Delete(TEST_ROW); d.deleteFamily(TEST_FAMILY); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName())) { + Table t = conn.getTable(TEST_TABLE)) { t.delete(d); } return null; @@ -766,7 +764,7 @@ public class TestAccessController extends SecureTestUtil { Increment inc = new Increment(TEST_ROW); inc.addColumn(TEST_FAMILY, TEST_QUALIFIER, 1); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { t.increment(inc); } return null; @@ -784,7 +782,7 @@ public class TestAccessController extends SecureTestUtil { Delete d = new Delete(TEST_ROW); d.deleteFamily(TEST_FAMILY); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { t.checkAndDelete(TEST_ROW, TEST_FAMILY, TEST_QUALIFIER, Bytes.toBytes("test_value"), d); } @@ -800,7 +798,7 @@ public class TestAccessController extends SecureTestUtil { Put p = new Put(TEST_ROW); p.add(TEST_FAMILY, TEST_QUALIFIER, Bytes.toBytes(1)); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { t.checkAndPut(TEST_ROW, TEST_FAMILY, TEST_QUALIFIER, Bytes.toBytes("test_value"), p); } @@ -828,8 +826,8 @@ public class TestAccessController extends SecureTestUtil { byte[][][] hfileRanges = {{{(byte)0}, {(byte)9}}}; Path bulkLoadBasePath = new Path(dir, new Path(User.getCurrent().getName())); - new BulkLoadHelper(bulkLoadBasePath) - .bulkLoadHFile(TEST_TABLE.getTableName(), TEST_FAMILY, TEST_QUALIFIER, hfileRanges, numRows); + new BulkLoadHelper(bulkLoadBasePath).bulkLoadHFile(TEST_TABLE, TEST_FAMILY, TEST_QUALIFIER, + hfileRanges, numRows); return null; } @@ -841,8 +839,8 @@ public class TestAccessController extends SecureTestUtil { verifyDenied(bulkLoadAction, USER_RW, USER_NONE, USER_RO); // Reinit after the bulk upload - TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE.getTableName()); - TEST_UTIL.getHBaseAdmin().enableTable(TEST_TABLE.getTableName()); + TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE); + TEST_UTIL.getHBaseAdmin().enableTable(TEST_TABLE); } public class BulkLoadHelper { @@ -934,7 +932,7 @@ public class TestAccessController extends SecureTestUtil { Append append = new Append(row); append.add(TEST_FAMILY, qualifier, Bytes.toBytes(2)); try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName())) { + Table t = conn.getTable(TEST_TABLE)) { t.put(put); t.append(append); } @@ -953,11 +951,11 @@ public class TestAccessController extends SecureTestUtil { public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); Table acl = conn.getTable(AccessControlLists.ACL_TABLE_NAME)) { - BlockingRpcChannel service = acl.coprocessorService(TEST_TABLE.getTableName().getName()); + BlockingRpcChannel service = acl.coprocessorService(TEST_TABLE.getName()); AccessControlService.BlockingInterface protocol = AccessControlService.newBlockingStub(service); - ProtobufUtil.grant(protocol, USER_RO.getShortName(), TEST_TABLE.getTableName(), - TEST_FAMILY, null, Action.READ); + ProtobufUtil.grant(protocol, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null, + Action.READ); } return null; } @@ -968,11 +966,11 @@ public class TestAccessController extends SecureTestUtil { public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); Table acl = conn.getTable(AccessControlLists.ACL_TABLE_NAME)) { - BlockingRpcChannel service = acl.coprocessorService(TEST_TABLE.getTableName().getName()); + BlockingRpcChannel service = acl.coprocessorService(TEST_TABLE.getName()); AccessControlService.BlockingInterface protocol = AccessControlService.newBlockingStub(service); - ProtobufUtil.revoke(protocol, USER_RO.getShortName(), TEST_TABLE.getTableName(), - TEST_FAMILY, null, Action.READ); + ProtobufUtil.revoke(protocol, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null, + Action.READ); } return null; } @@ -983,10 +981,10 @@ public class TestAccessController extends SecureTestUtil { public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); Table acl = conn.getTable(AccessControlLists.ACL_TABLE_NAME)){ - BlockingRpcChannel service = acl.coprocessorService(TEST_TABLE.getTableName().getName()); + BlockingRpcChannel service = acl.coprocessorService(TEST_TABLE.getName()); AccessControlService.BlockingInterface protocol = - AccessControlService.newBlockingStub(service); - ProtobufUtil.getUserPermissions(protocol, TEST_TABLE.getTableName()); + AccessControlService.newBlockingStub(service); + ProtobufUtil.getUserPermissions(protocol, TEST_TABLE); } return null; } @@ -1018,6 +1016,10 @@ public class TestAccessController extends SecureTestUtil { verifyAllowed(getGlobalPermissionsAction, SUPERUSER, USER_ADMIN); verifyDenied(getGlobalPermissionsAction, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE); + + // Grant the revoked permission back to the user + grantOnTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null, + Permission.Action.READ); } @Test @@ -1573,19 +1575,19 @@ public class TestAccessController extends SecureTestUtil { User userQualifier = User.createUserForTesting(conf, "user_check_perms_q", new String[0]); grantOnTable(TEST_UTIL, userTable.getShortName(), - TEST_TABLE.getTableName(), null, null, + TEST_TABLE, null, null, Permission.Action.READ); grantOnTable(TEST_UTIL, userColumn.getShortName(), - TEST_TABLE.getTableName(), TEST_FAMILY, null, + TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ); grantOnTable(TEST_UTIL, userQualifier.getShortName(), - TEST_TABLE.getTableName(), TEST_FAMILY, TEST_Q1, + TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ); AccessTestAction tableRead = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), null, null, + checkTablePerms(TEST_UTIL, TEST_TABLE, null, null, Permission.Action.READ); return null; } @@ -1594,7 +1596,7 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction columnRead = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), TEST_FAMILY, null, + checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ); return null; } @@ -1603,7 +1605,7 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction qualifierRead = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), TEST_FAMILY, TEST_Q1, + checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ); return null; } @@ -1612,10 +1614,10 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction multiQualifierRead = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), new Permission[] { - new TablePermission(TEST_TABLE.getTableName(), TEST_FAMILY, TEST_Q1, + checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[] { + new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ), - new TablePermission(TEST_TABLE.getTableName(), TEST_FAMILY, TEST_Q2, + new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q2, Permission.Action.READ), }); return null; } @@ -1624,9 +1626,9 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction globalAndTableRead = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), + checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[] { new Permission(Permission.Action.READ), - new TablePermission(TEST_TABLE.getTableName(), null, (byte[]) null, + new TablePermission(TEST_TABLE, null, (byte[]) null, Permission.Action.READ), }); return null; } @@ -1635,7 +1637,7 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction noCheck = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), new Permission[0]); + checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[0]); return null; } }; @@ -1661,7 +1663,7 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction familyReadWrite = new AccessTestAction() { @Override public Void run() throws Exception { - checkTablePerms(TEST_UTIL, TEST_TABLE.getTableName(), TEST_FAMILY, null, + checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ, Permission.Action.WRITE); return null; } @@ -1677,7 +1679,7 @@ public class TestAccessController extends SecureTestUtil { .setType(AccessControlProtos.Permission.Type.Table) .setTablePermission( AccessControlProtos.TablePermission.newBuilder() - .setTableName(ProtobufUtil.toProtoTableName(TEST_TABLE.getTableName())) + .setTableName(ProtobufUtil.toProtoTableName(TEST_TABLE)) .addAction(AccessControlProtos.Permission.Action.CREATE)) ).build(); Table acl = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME); @@ -1756,10 +1758,10 @@ public class TestAccessController extends SecureTestUtil { @Test public void testSnapshot() throws Exception { Admin admin = TEST_UTIL.getHBaseAdmin(); - final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE.getTableName()); + final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE); SnapshotDescription.Builder builder = SnapshotDescription.newBuilder(); - builder.setName(TEST_TABLE.getTableName().getNameAsString() + "-snapshot"); - builder.setTable(TEST_TABLE.getTableName().getNameAsString()); + builder.setName(TEST_TABLE.getNameAsString() + "-snapshot"); + builder.setTable(TEST_TABLE.getNameAsString()); final SnapshotDescription snapshot = builder.build(); AccessTestAction snapshotAction = new AccessTestAction() { @Override @@ -1813,10 +1815,10 @@ public class TestAccessController extends SecureTestUtil { @Test public void testSnapshotWithOwner() throws Exception { Admin admin = TEST_UTIL.getHBaseAdmin(); - final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE.getTableName()); + final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE); SnapshotDescription.Builder builder = SnapshotDescription.newBuilder(); - builder.setName(TEST_TABLE.getTableName().getNameAsString() + "-snapshot"); - builder.setTable(TEST_TABLE.getTableName().getNameAsString()); + builder.setName(TEST_TABLE.getNameAsString() + "-snapshot"); + builder.setTable(TEST_TABLE.getNameAsString()); builder.setOwner(USER_OWNER.getName()); final SnapshotDescription snapshot = builder.build(); AccessTestAction snapshotAction = new AccessTestAction() { @@ -1943,8 +1945,7 @@ public class TestAccessController extends SecureTestUtil { User TABLE_ADMIN = User.createUserForTesting(conf, "UserA", new String[0]); // Grant TABLE ADMIN privs - grantOnTable(TEST_UTIL, TABLE_ADMIN.getShortName(), - TEST_TABLE.getTableName(), null, null, + grantOnTable(TEST_UTIL, TABLE_ADMIN.getShortName(), TEST_TABLE, null, null, Permission.Action.ADMIN); AccessTestAction listTablesAction = new AccessTestAction() { @@ -1962,7 +1963,7 @@ public class TestAccessController extends SecureTestUtil { public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration()); Admin admin = conn.getAdmin();) { - return admin.getTableDescriptor(TEST_TABLE.getTableName()); + return admin.getTableDescriptor(TEST_TABLE); } } }; @@ -1999,19 +2000,20 @@ public class TestAccessController extends SecureTestUtil { @Test public void testTableDeletion() throws Exception { User TABLE_ADMIN = User.createUserForTesting(conf, "TestUser", new String[0]); + final TableName tname = TableName.valueOf("testTableDeletion"); + createTestTable(tname); // Grant TABLE ADMIN privs - grantOnTable(TEST_UTIL, TABLE_ADMIN.getShortName(), - TEST_TABLE.getTableName(), null, null, - Permission.Action.ADMIN); + grantOnTable(TEST_UTIL, TABLE_ADMIN.getShortName(), tname, null, null, Permission.Action.ADMIN); AccessTestAction deleteTableAction = new AccessTestAction() { @Override public Object run() throws Exception { - Connection unmanagedConnection = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration()); + Connection unmanagedConnection = + ConnectionFactory.createConnection(TEST_UTIL.getConfiguration()); Admin admin = unmanagedConnection.getAdmin(); try { - deleteTable(TEST_UTIL, admin, TEST_TABLE.getTableName()); + deleteTable(TEST_UTIL, admin, tname); } finally { admin.close(); unmanagedConnection.close(); @@ -2024,19 +2026,28 @@ public class TestAccessController extends SecureTestUtil { verifyAllowed(deleteTableAction, TABLE_ADMIN); } + private void createTestTable(TableName tname) throws Exception { + HTableDescriptor htd = new HTableDescriptor(tname); + HColumnDescriptor hcd = new HColumnDescriptor(TEST_FAMILY); + hcd.setMaxVersions(100); + htd.addFamily(hcd); + htd.setOwner(USER_OWNER); + createTable(TEST_UTIL, htd, new byte[][] { Bytes.toBytes("s") }); + } + @Test public void testNamespaceUserGrant() throws Exception { AccessTestAction getAction = new AccessTestAction() { @Override public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { return t.get(new Get(TEST_ROW)); } } }; - String namespace = TEST_TABLE.getTableName().getNamespaceAsString(); + String namespace = TEST_TABLE.getNamespaceAsString(); // Grant namespace READ to USER_NONE, this should supersede any table permissions grantOnNamespace(TEST_UTIL, USER_NONE.getShortName(), namespace, Permission.Action.READ); @@ -2056,7 +2067,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { return t.get(new Get(TEST_ROW)); } } @@ -2066,8 +2077,8 @@ public class TestAccessController extends SecureTestUtil { // Grant table READ permissions to testGrantRevoke. try { - grantOnTableUsingAccessControlClient(TEST_UTIL, systemUserConnection, testGrantRevoke.getShortName(), - TEST_TABLE.getTableName(), null, null, Permission.Action.READ); + grantOnTableUsingAccessControlClient(TEST_UTIL, systemUserConnection, + testGrantRevoke.getShortName(), TEST_TABLE, null, null, Permission.Action.READ); } catch (Throwable e) { LOG.error("error during call of AccessControlClient.grant. ", e); } @@ -2077,8 +2088,8 @@ public class TestAccessController extends SecureTestUtil { // Revoke table READ permission to testGrantRevoke. try { - revokeFromTableUsingAccessControlClient(TEST_UTIL, systemUserConnection, testGrantRevoke.getShortName(), - TEST_TABLE.getTableName(), null, null, Permission.Action.READ); + revokeFromTableUsingAccessControlClient(TEST_UTIL, systemUserConnection, + testGrantRevoke.getShortName(), TEST_TABLE, null, null, Permission.Action.READ); } catch (Throwable e) { LOG.error("error during call of AccessControlClient.revoke ", e); } @@ -2096,7 +2107,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName())) { + Table t = conn.getTable(TEST_TABLE)) { return t.get(new Get(TEST_ROW)); } } @@ -2135,7 +2146,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { return t.get(new Get(TEST_ROW)); } } @@ -2146,7 +2157,7 @@ public class TestAccessController extends SecureTestUtil { // Grant namespace READ to testNS, this should supersede any table permissions try { grantOnNamespaceUsingAccessControlClient(TEST_UTIL, systemUserConnection, testNS.getShortName(), - TEST_TABLE.getTableName().getNamespaceAsString(), Permission.Action.READ); + TEST_TABLE.getNamespaceAsString(), Permission.Action.READ); } catch (Throwable e) { LOG.error("error during call of AccessControlClient.grant. ", e); } @@ -2157,7 +2168,7 @@ public class TestAccessController extends SecureTestUtil { // Revoke namespace READ to testNS, this should supersede any table permissions try { revokeFromNamespaceUsingAccessControlClient(TEST_UTIL, systemUserConnection, testNS.getShortName(), - TEST_TABLE.getTableName().getNamespaceAsString(), Permission.Action.READ); + TEST_TABLE.getNamespaceAsString(), Permission.Action.READ); } catch (Throwable e) { LOG.error("error during call of AccessControlClient.revoke ", e); } @@ -2218,7 +2229,7 @@ public class TestAccessController extends SecureTestUtil { for (JVMClusterUtil.RegionServerThread thread: TEST_UTIL.getMiniHBaseCluster().getRegionServerThreads()) { HRegionServer rs = thread.getRegionServer(); - for (Region region: rs.getOnlineRegions(TEST_TABLE.getTableName())) { + for (Region region: rs.getOnlineRegions(TEST_TABLE)) { region.getCoprocessorHost().load(PingCoprocessor.class, Coprocessor.PRIORITY_USER, conf); } @@ -2230,7 +2241,7 @@ public class TestAccessController extends SecureTestUtil { User userB = User.createUserForTesting(conf, "UserB", new String[0]); grantOnTable(TEST_UTIL, userA.getShortName(), - TEST_TABLE.getTableName(), null, null, + TEST_TABLE, null, null, Permission.Action.EXEC); // Create an action for invoking our test endpoint @@ -2238,7 +2249,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { BlockingRpcChannel service = t.coprocessorService(HConstants.EMPTY_BYTE_ARRAY); PingCoprocessor.newBlockingStub(service).noop(null, NoopRequest.newBuilder().build()); } @@ -2246,7 +2257,7 @@ public class TestAccessController extends SecureTestUtil { } }; - String namespace = TEST_TABLE.getTableName().getNamespaceAsString(); + String namespace = TEST_TABLE.getNamespaceAsString(); // Now grant EXEC to the entire namespace to user B grantOnNamespace(TEST_UTIL, userB.getShortName(), namespace, Permission.Action.EXEC); // User B should now be allowed also @@ -2264,7 +2275,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { try(Connection conn = ConnectionFactory.createConnection(conf); - Table t = conn.getTable(TEST_TABLE.getTableName());) { + Table t = conn.getTable(TEST_TABLE);) { KeyValue kv = new KeyValue(TEST_ROW, TEST_FAMILY, TEST_QUALIFIER, HConstants.LATEST_TIMESTAMP, HConstants.EMPTY_BYTE_ARRAY, new Tag[] { new Tag(AccessControlLists.ACL_TAG_TYPE, @@ -2296,8 +2307,8 @@ public class TestAccessController extends SecureTestUtil { AccessTestAction setUserTableQuotaAction = new AccessTestAction() { @Override public Object run() throws Exception { - ACCESS_CONTROLLER.preSetUserQuota(ObserverContext.createAndPrepare(CP_ENV, null), - null, TEST_TABLE.getTableName(), null); + ACCESS_CONTROLLER.preSetUserQuota(ObserverContext.createAndPrepare(CP_ENV, null), null, + TEST_TABLE, null); return null; } }; @@ -2315,7 +2326,7 @@ public class TestAccessController extends SecureTestUtil { @Override public Object run() throws Exception { ACCESS_CONTROLLER.preSetTableQuota(ObserverContext.createAndPrepare(CP_ENV, null), - TEST_TABLE.getTableName(), null); + TEST_TABLE, null); return null; } }; @@ -2366,14 +2377,14 @@ public class TestAccessController extends SecureTestUtil { public void testTruncatePerms() throws Exception { try { List existingPerms = AccessControlClient.getUserPermissions( - systemUserConnection, TEST_TABLE.getTableName().getNameAsString()); + systemUserConnection, TEST_TABLE.getNameAsString()); assertTrue(existingPerms != null); assertTrue(existingPerms.size() > 1); - TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE.getTableName()); - TEST_UTIL.truncateTable(TEST_TABLE.getTableName()); - TEST_UTIL.waitTableAvailable(TEST_TABLE.getTableName()); + TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE); + TEST_UTIL.truncateTable(TEST_TABLE); + TEST_UTIL.waitTableAvailable(TEST_TABLE); List perms = AccessControlClient.getUserPermissions( - systemUserConnection, TEST_TABLE.getTableName().getNameAsString()); + systemUserConnection, TEST_TABLE.getNameAsString()); assertTrue(perms != null); assertEquals(existingPerms.size(), perms.size()); } catch (Throwable e) { @@ -2399,14 +2410,13 @@ public class TestAccessController extends SecureTestUtil { public void testAccessControlClientUserPerms() throws Exception { // adding default prefix explicitly as it is not included in the table name. assertEquals(NamespaceDescriptor.DEFAULT_NAMESPACE_NAME_STR, - TEST_TABLE.getTableName().getNamespaceAsString()); + TEST_TABLE.getNamespaceAsString()); final String regex = NamespaceDescriptor.DEFAULT_NAMESPACE_NAME_STR + - TableName.NAMESPACE_DELIM + TEST_TABLE.getTableName().getNameAsString(); + TableName.NAMESPACE_DELIM + TEST_TABLE.getNameAsString(); User testUserPerms = User.createUserForTesting(conf, "testUserPerms", new String[0]); assertEquals(0, testUserPerms.runAs(getPrivilegedAction(regex)).size()); // Grant TABLE ADMIN privs to testUserPerms - grantOnTable(TEST_UTIL, testUserPerms.getShortName(), TEST_TABLE.getTableName(), null, - null, Action.ADMIN); + grantOnTable(TEST_UTIL, testUserPerms.getShortName(), TEST_TABLE, null, null, Action.ADMIN); List perms = testUserPerms.runAs(getPrivilegedAction(regex)); assertNotNull(perms); // USER_ADMIN, USER_CREATE, USER_RW, USER_RO, testUserPerms, USER_ADMIN_CF has row each. diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController2.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController2.java index 24cd1d8..a27bf75 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController2.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController2.java @@ -42,7 +42,6 @@ import org.apache.hadoop.hbase.client.Result; import org.apache.hadoop.hbase.client.ResultScanner; import org.apache.hadoop.hbase.client.Scan; import org.apache.hadoop.hbase.client.Table; -import org.apache.hadoop.hbase.master.HMaster; import org.apache.hadoop.hbase.security.User; import org.apache.hadoop.hbase.security.access.Permission.Action; import org.apache.hadoop.hbase.testclassification.LargeTests; @@ -51,9 +50,7 @@ import org.apache.hadoop.hbase.util.Bytes; import org.apache.hadoop.hbase.util.TestTableName; import org.apache.hadoop.hbase.zookeeper.ZKUtil; import org.apache.hadoop.hbase.zookeeper.ZooKeeperWatcher; -import org.junit.After; import org.junit.AfterClass; -import org.junit.Before; import org.junit.BeforeClass; import org.junit.Rule; import org.junit.Test; @@ -94,9 +91,9 @@ public class TestAccessController2 extends SecureTestUtil { @Rule public TestTableName TEST_TABLE = new TestTableName(); - private String namespace = "testNamespace"; - private String tname = namespace + ":testtable1"; - private TableName tableName = TableName.valueOf(tname); + private static String namespace = "testNamespace"; + private static String tname = namespace + ":testtable1"; + private static TableName tableName = TableName.valueOf(tname); @BeforeClass public static void setupBeforeClass() throws Exception { @@ -115,10 +112,11 @@ public class TestAccessController2 extends SecureTestUtil { User.createUserForTesting(conf, "testgroup2_user2", new String[] { TESTGROUP_2 }); systemUserConnection = ConnectionFactory.createConnection(conf); + + setUp(); } - @Before - public void setUp() throws Exception { + public static void setUp() throws Exception { createNamespace(TEST_UTIL, NamespaceDescriptor.create(namespace).build()); try (Table table = createTable(TEST_UTIL, tableName, new byte[][] { TEST_FAMILY, TEST_FAMILY_2 })) { @@ -142,12 +140,12 @@ public class TestAccessController2 extends SecureTestUtil { @AfterClass public static void tearDownAfterClass() throws Exception { + tearDown(); systemUserConnection.close(); TEST_UTIL.shutdownMiniCluster(); } - @After - public void tearDown() throws Exception { + public static void tearDown() throws Exception { // Clean the _acl_ table try { deleteTable(TEST_UTIL, tableName); -- 1.9.2.msysgit.0