Return-Path: X-Original-To: apmail-accumulo-commits-archive@www.apache.org Delivered-To: apmail-accumulo-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CFB0010E9D for ; Thu, 30 Jan 2014 21:58:06 +0000 (UTC) Received: (qmail 44580 invoked by uid 500); 30 Jan 2014 21:57:56 -0000 Delivered-To: apmail-accumulo-commits-archive@accumulo.apache.org Received: (qmail 44467 invoked by uid 500); 30 Jan 2014 21:57:53 -0000 Mailing-List: contact commits-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@accumulo.apache.org Delivered-To: mailing list commits@accumulo.apache.org Received: (qmail 44450 invoked by uid 99); 30 Jan 2014 21:57:53 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Jan 2014 21:57:53 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id E795A9167A6; Thu, 30 Jan 2014 21:57:52 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: vines@apache.org To: commits@accumulo.apache.org Date: Thu, 30 Jan 2014 21:57:52 -0000 Message-Id: <04ca4de1252542f7b54b78fd5a733bc3@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [01/10] git commit: Revert "ACCUMULO-2096 Clean up the security RW tests." Updated Branches: refs/heads/master cac5e121b -> 2dc88d3dc Revert "ACCUMULO-2096 Clean up the security RW tests." This reverts commit 9f59c0022777fc86d0b269d064bcc898b27c9b23. Conflicts: test/src/main/java/org/apache/accumulo/test/randomwalk/security/Validate.java Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/cba77ea2 Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/cba77ea2 Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/cba77ea2 Branch: refs/heads/master Commit: cba77ea28c5b34a9389ffb2aa2a0e402b367b3f1 Parents: 4945783 Author: John Vines Authored: Thu Jan 30 11:28:38 2014 -0500 Committer: John Vines Committed: Thu Jan 30 11:28:38 2014 -0500 ---------------------------------------------------------------------- .../test/randomwalk/security/AlterTable.java | 26 +---------- .../randomwalk/security/AlterTablePerm.java | 45 ++++++-------------- .../test/randomwalk/security/ChangePass.java | 2 +- .../test/randomwalk/security/DropTable.java | 21 +-------- .../test/randomwalk/security/TableOp.java | 3 +- 5 files changed, 18 insertions(+), 79 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java ---------------------------------------------------------------------- diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java index 91f5ba8..b2c4c87 100644 --- a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java +++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTable.java @@ -17,7 +17,6 @@ package org.apache.accumulo.test.randomwalk.security; import java.net.InetAddress; -import java.util.Map; import java.util.Properties; import org.apache.accumulo.core.client.AccumuloException; @@ -28,10 +27,8 @@ import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.client.security.SecurityErrorCode; import org.apache.accumulo.test.randomwalk.State; import org.apache.accumulo.test.randomwalk.Test; -import org.apache.log4j.Logger; public class AlterTable extends Test { - private static final Logger log = Logger.getLogger(AlterTable.class); @Override public void visit(State state, Properties props) throws Exception { @@ -39,33 +36,12 @@ public class AlterTable extends Test { String tableName = WalkingSecurity.get(state).getTableName(); - Map nameToId = conn.tableOperations().tableIdMap(); - String tableId = nameToId.get(tableName); - boolean exists = WalkingSecurity.get(state).getTableExists(); - - if ((null == tableId && exists) || (null != tableId && !exists)) { - log.error("For table " + tableName + ": found table ID " + tableId + " and " + (exists ? "expect" : "did not expect") + " it to exist"); - throw new TableNotFoundException(null, tableName, "Could not find table ID when it should exist"); - } - - boolean hasPermission; - try { - hasPermission = WalkingSecurity.get(state).canAlterTable(WalkingSecurity.get(state).getSysCredentials(), tableId); - } catch (Exception e) { - if (!exists) { - log.debug("Ignoring exception when trying to alter non-existent table", e); - return; - } - - throw e; - } - + boolean hasPermission = WalkingSecurity.get(state).canAlterTable(WalkingSecurity.get(state).getSysCredentials(), tableName); String newTableName = String.format("security_%s_%s_%d", InetAddress.getLocalHost().getHostName().replaceAll("[-.]", "_"), state.getPid(), System.currentTimeMillis()); renameTable(conn, state, tableName, newTableName, hasPermission, exists); - } public static void renameTable(Connector conn, State state, String oldName, String newName, boolean hasPermission, boolean tableExists) http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java ---------------------------------------------------------------------- diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java index 4bd0d64..bad7b28 100644 --- a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java +++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/AlterTablePerm.java @@ -27,32 +27,30 @@ import org.apache.accumulo.core.security.Credentials; import org.apache.accumulo.core.security.TablePermission; import org.apache.accumulo.test.randomwalk.State; import org.apache.accumulo.test.randomwalk.Test; -import org.apache.log4j.Logger; public class AlterTablePerm extends Test { - private static final Logger log = Logger.getLogger(AlterTablePerm.class); - + @Override public void visit(State state, Properties props) throws Exception { alter(state, props); } - + public static void alter(State state, Properties props) throws Exception { String action = props.getProperty("task", "toggle"); String perm = props.getProperty("perm", "random"); String sourceUserProp = props.getProperty("source", "system"); String targetUser = props.getProperty("target", "table"); boolean tabExists = WalkingSecurity.get(state).getTableExists(); - + String target; if ("table".equals(targetUser)) target = WalkingSecurity.get(state).getTabUserName(); else target = WalkingSecurity.get(state).getSysUserName(); - + boolean exists = WalkingSecurity.get(state).userExists(target); boolean tableExists = WalkingSecurity.get(state).getTableExists(); - + TablePermission tabPerm; if (perm.equals("random")) { Random r = new Random(); @@ -76,25 +74,10 @@ public class AlterTablePerm extends Test { sourceToken = state.getToken(); } Connector conn = state.getInstance().getConnector(sourceUser, sourceToken); - String tableId = conn.tableOperations().tableIdMap().get(tableName); - - // Make sure we get an ID when we can - if ((null == tableId && tableExists) || (null != tableId && !tableExists)) { - log.error("For table " + tableName + ": found table ID " + tableId + " and we " + (exists ? "expect" : "did not expect") + " it to exist"); - throw new AccumuloException("Could not find table ID for " + tableName + " but it should have existed"); - } - - try { - canGive = WalkingSecurity.get(state).canGrantTable(new Credentials(sourceUser, sourceToken).toThrift(state.getInstance()), target, tableId); - } catch (Exception e) { - if (!tableExists) { - log.debug("Ignoring exception checking permission on non-existent table", e); - return; - } - - throw e; - } - + + canGive = WalkingSecurity.get(state).canGrantTable(new Credentials(sourceUser, sourceToken).toThrift(state.getInstance()), target, + WalkingSecurity.get(state).getTableName()); + // toggle if (!"take".equals(action) && !"give".equals(action)) { try { @@ -102,7 +85,7 @@ public class AlterTablePerm extends Test { if (hasPerm != (res = state.getConnector().securityOperations().hasTablePermission(target, tableName, tabPerm))) throw new AccumuloException("Test framework and accumulo are out of sync for user " + conn.whoami() + " for perm " + tabPerm.name() + " with local vs. accumulo being " + hasPerm + " " + res); - + if (hasPerm) action = "take"; else @@ -124,7 +107,7 @@ public class AlterTablePerm extends Test { } } } - + boolean trans = WalkingSecurity.get(state).userPassTransient(conn.whoami()); if ("take".equals(action)) { try { @@ -183,14 +166,14 @@ public class AlterTablePerm extends Test { } WalkingSecurity.get(state).grantTablePermission(target, tableName, tabPerm); } - + if (!exists) throw new AccumuloException("User shouldn't have existed, but apparantly does"); if (!tableExists) throw new AccumuloException("Table shouldn't have existed, but apparantly does"); if (!canGive) throw new AccumuloException(conn.whoami() + " shouldn't have been able to grant privilege"); - + } - + } http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java ---------------------------------------------------------------------- diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java index 6287d6a..439e724 100644 --- a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java +++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java @@ -85,7 +85,7 @@ public class ChangePass extends Test { } } WalkingSecurity.get(state).changePassword(target, newPass); - // Waiting 1 second for password to propagate through Zk + // Waiting 1 second for password to propogate through Zk Thread.sleep(1000); if (!hasPerm) throw new AccumuloException("Password change succeeded when it should have failed for " + source + " changing the password for " + target + "."); http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java ---------------------------------------------------------------------- diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java index 4dc25ea..52b6e25 100644 --- a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java +++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropTable.java @@ -28,10 +28,8 @@ import org.apache.accumulo.core.client.security.tokens.AuthenticationToken; import org.apache.accumulo.core.security.Credentials; import org.apache.accumulo.test.randomwalk.State; import org.apache.accumulo.test.randomwalk.Test; -import org.apache.log4j.Logger; public class DropTable extends Test { - private static final Logger log = Logger.getLogger(DropTable.class); @Override public void visit(State state, Properties props) throws Exception { @@ -52,26 +50,9 @@ public class DropTable extends Test { Connector conn = state.getInstance().getConnector(principal, token); String tableName = WalkingSecurity.get(state).getTableName(); - String tableId = conn.tableOperations().tableIdMap().get(tableName); boolean exists = WalkingSecurity.get(state).getTableExists(); - - if ((null == tableId && exists) || (null != tableId && !exists)) { - log.error("For table " + tableName + ": found table ID " + tableId + " and " + (exists ? "expect" : "did not expect") + " it to exist"); - throw new AccumuloException("Test and Accumulo state differ on " + tableName + " existence."); - } - - boolean hasPermission; - try { - hasPermission = WalkingSecurity.get(state).canDeleteTable(new Credentials(principal, token).toThrift(state.getInstance()), tableId); - } catch (Exception e) { - if (!exists) { - log.error("Ignoring exception checking permissions on non-existent table", e); - return; - } - - throw e; - } + boolean hasPermission = WalkingSecurity.get(state).canDeleteTable(new Credentials(principal, token).toThrift(state.getInstance()), tableName); try { conn.tableOperations().delete(tableName); http://git-wip-us.apache.org/repos/asf/accumulo/blob/cba77ea2/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java ---------------------------------------------------------------------- diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java index 7199322..347be89 100644 --- a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java +++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java @@ -75,14 +75,13 @@ public class TableOp extends Test { switch (tp) { case READ: { + boolean canRead = WalkingSecurity.get(state).canScan(WalkingSecurity.get(state).getTabCredentials(), tableId); Authorizations auths = WalkingSecurity.get(state).getUserAuthorizations(WalkingSecurity.get(state).getTabCredentials()); boolean ambiguousZone = WalkingSecurity.get(state).inAmbiguousZone(conn.whoami(), tp); boolean ambiguousAuths = WalkingSecurity.get(state).ambiguousAuthorizations(conn.whoami()); Scanner scan = null; - boolean canRead = false; try { - canRead = WalkingSecurity.get(state).canScan(WalkingSecurity.get(state).getTabCredentials(), tableId); scan = conn.createScanner(tableName, conn.securityOperations().getUserAuthorizations(conn.whoami())); int seen = 0; Iterator> iter = scan.iterator();