hadoop-hdfs-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From w...@apache.org
Subject svn commit: r1610849 - in /hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs: ./ src/test/java/org/apache/hadoop/fs/ src/test/java/org/apache/hadoop/hdfs/ src/test/java/org/apache/hadoop/hdfs/server/namenode/
Date Tue, 15 Jul 2014 20:59:40 GMT
Author: wang
Date: Tue Jul 15 20:59:40 2014
New Revision: 1610849

URL: http://svn.apache.org/r1610849
Log:
HDFS-6619. Clean up encryption-related tests. (wang)

Added:
    hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
      - copied, changed from r1610848, hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZonesAPI.java
Removed:
    hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/fs/TestHDFSEncryption.java
    hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZonesAPI.java
    hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFileContextEncryptionZones.java
Modified:
    hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt

Modified: hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt?rev=1610849&r1=1610848&r2=1610849&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt
(original)
+++ hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt
Tue Jul 15 20:59:40 2014
@@ -42,6 +42,8 @@ fs-encryption (Unreleased)
     HDFS-6474. Namenode needs to get the actual keys and iv from the
     KeyProvider. (wang)
 
+    HDFS-6619. Clean up encryption-related tests. (wang)
+
   OPTIMIZATIONS
 
   BUG FIXES

Copied: hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
(from r1610848, hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZonesAPI.java)
URL: http://svn.apache.org/viewvc/hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java?p2=hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java&p1=hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZonesAPI.java&r1=1610848&r2=1610849&rev=1610849&view=diff
==============================================================================
--- hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZonesAPI.java
(original)
+++ hadoop/common/branches/fs-encryption/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
Tue Jul 15 20:59:40 2014
@@ -22,12 +22,8 @@ import java.io.IOException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivilegedExceptionAction;
 import java.util.Arrays;
-import java.util.HashSet;
 import java.util.List;
-import java.util.Set;
-import java.util.UUID;
 
-import com.google.common.base.Preconditions;
 import com.google.common.collect.Lists;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.crypto.CipherSuite;
@@ -35,8 +31,13 @@ import org.apache.hadoop.crypto.key.Java
 import org.apache.hadoop.crypto.key.KeyProvider;
 import org.apache.hadoop.crypto.key.KeyProviderFactory;
 import org.apache.hadoop.fs.FSDataInputStream;
+import org.apache.hadoop.fs.FSTestWrapper;
+import org.apache.hadoop.fs.FileContext;
+import org.apache.hadoop.fs.FileContextTestWrapper;
 import org.apache.hadoop.fs.FileEncryptionInfo;
 import org.apache.hadoop.fs.FileSystem;
+import org.apache.hadoop.fs.FileSystemTestHelper;
+import org.apache.hadoop.fs.FileSystemTestWrapper;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.fs.permission.FsPermission;
 import org.apache.hadoop.hdfs.client.HdfsAdmin;
@@ -45,7 +46,6 @@ import org.apache.hadoop.hdfs.protocol.L
 import org.apache.hadoop.hdfs.server.namenode.EncryptionZoneManager;
 import org.apache.hadoop.security.AccessControlException;
 import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.hadoop.test.GenericTestUtils;
 import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
 import org.junit.After;
@@ -53,297 +53,316 @@ import org.junit.Before;
 import org.junit.Test;
 
 
+import static org.apache.hadoop.test.GenericTestUtils.assertExceptionContains;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
-public class TestEncryptionZonesAPI {
+public class TestEncryptionZones {
+
+  private Configuration conf;
+  private FileSystemTestHelper fsHelper;
 
-  private static final Path TEST_PATH = new Path("/test");
-  private static final Path TEST_PATH_WITH_CHILD = new Path(TEST_PATH, "foo");
-  private static final Path TEST_PATH_WITH_MULTIPLE_CHILDREN =
-    new Path(TEST_PATH_WITH_CHILD, "baz");
-  private static final String TEST_KEYID = "mykeyid";
-  private final Configuration conf = new Configuration();
   private MiniDFSCluster cluster;
-  private static File tmpDir;
+  private HdfsAdmin dfsAdmin;
   private DistributedFileSystem fs;
 
+  protected FileSystemTestWrapper fsWrapper;
+  protected FileContextTestWrapper fcWrapper;
+
   @Before
-  public void setUpCluster() throws IOException {
-    tmpDir = new File(System.getProperty("test.build.data", "target"),
-        UUID.randomUUID().toString()).getAbsoluteFile();
+  public void setup() throws IOException {
+    conf = new HdfsConfiguration();
+    fsHelper = new FileSystemTestHelper();
+    // Set up java key store
+    String testRoot = fsHelper.getTestRootDir();
+    File testRootDir = new File(testRoot).getAbsoluteFile();
     conf.set(KeyProviderFactory.KEY_PROVIDER_PATH,
-        JavaKeyStoreProvider.SCHEME_NAME + "://file" + tmpDir + "/test.jks");
+        JavaKeyStoreProvider.SCHEME_NAME + "://file" + testRootDir + "/test.jks"
+    );
     cluster = new MiniDFSCluster.Builder(conf).numDataNodes(1).build();
-    fs = (DistributedFileSystem) createFileSystem(conf);
     Logger.getLogger(EncryptionZoneManager.class).setLevel(Level.TRACE);
-  }
-
-  protected FileSystem createFileSystem(Configuration conf) throws IOException {
-    return cluster.getFileSystem();
+    fs = cluster.getFileSystem();
+    fsWrapper = new FileSystemTestWrapper(cluster.getFileSystem());
+    fcWrapper = new FileContextTestWrapper(
+        FileContext.getFileContext(cluster.getURI(), conf));
+    dfsAdmin = new HdfsAdmin(cluster.getURI(), conf);
   }
 
   @After
-  public void shutDownCluster() {
+  public void teardown() {
     if (cluster != null) {
       cluster.shutdown();
     }
   }
 
-  /** Test failure of Create EZ on a directory that doesn't exist. */
+  public void assertNumZones(final int numZones) throws IOException {
+    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
+    assertEquals("Unexpected number of encryption zones!", numZones,
+        zones.size());
+  }
+
+  /**
+   * Checks that an encryption zone with the specified keyId and path (if not
+   * null) is present.
+   *
+   * @throws IOException if a matching zone could not be found
+   */
+  public void assertZonePresent(String keyId, String path) throws IOException {
+    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
+    boolean match = false;
+    for (EncryptionZone zone : zones) {
+      boolean matchKey = (keyId == null);
+      boolean matchPath = (path == null);
+      if (keyId != null && zone.getKeyId().equals(keyId)) {
+        matchKey = true;
+      }
+      if (path != null && zone.getPath().equals(path)) {
+        matchPath = true;
+      }
+      if (matchKey && matchPath) {
+        match = true;
+        break;
+      }
+    }
+    assertTrue("Did not find expected encryption zone with keyId " + keyId +
+            " path " + path, match
+    );
+  }
+
+  /**
+   * Helper function to create a key in the Key Provider.
+   */
+  private void createKey(String keyId)
+      throws NoSuchAlgorithmException, IOException {
+    KeyProvider provider = cluster.getNameNode().getNamesystem().getProvider();
+    final KeyProvider.Options options = KeyProvider.options(conf);
+    provider.createKey(keyId, options);
+    provider.flush();
+  }
+
   @Test(timeout = 60000)
-  public void testCreateEncryptionZoneDirectoryDoesntExist() throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
+  public void testBasicOperations() throws Exception {
+
+    int numZones = 0;
+
+    /* Test failure of create EZ on a directory that doesn't exist. */
+    final Path zone1 = new Path("/zone1");
     try {
-      dfsAdmin.createEncryptionZone(TEST_PATH, null);
+      dfsAdmin.createEncryptionZone(zone1, null);
       fail("expected /test doesn't exist");
     } catch (IOException e) {
-      GenericTestUtils.assertExceptionContains("cannot find", e);
+      assertExceptionContains("cannot find", e);
     }
-  }
 
-  /** Test failure of Create EZ on a directory which is already an EZ. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneWhichAlreadyExists()
-    throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0777));
-    dfsAdmin.createEncryptionZone(TEST_PATH, null);
+    /* Normal creation of an EZ */
+    fsWrapper.mkdir(zone1, FsPermission.getDirDefault(), true);
+    dfsAdmin.createEncryptionZone(zone1, null);
+    assertNumZones(++numZones);
+    assertZonePresent(null, zone1.toString());
+
+    /* Test failure of create EZ on a directory which is already an EZ. */
     try {
-      dfsAdmin.createEncryptionZone(TEST_PATH, null);
+      dfsAdmin.createEncryptionZone(zone1, null);
     } catch (IOException e) {
-      GenericTestUtils.assertExceptionContains("already in an encryption zone",
-          e);
+      assertExceptionContains("already in an encryption zone", e);
     }
-  }
 
-  /** Test success of Create EZ in which a key is created. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneAndGenerateKeyDirectoryEmpty()
-    throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0777));
-    dfsAdmin.createEncryptionZone(TEST_PATH, null);
-  }
-
-  /** Test failure of Create EZ operation in an existing EZ. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneInExistingEncryptionZone()
-    throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0777));
-    dfsAdmin.createEncryptionZone(TEST_PATH, null);
-    FileSystem.mkdirs(fs, TEST_PATH_WITH_CHILD,
-        new FsPermission((short) 0777));
+    /* Test failure of create EZ operation in an existing EZ. */
+    final Path zone1Child = new Path(zone1, "child");
+    fsWrapper.mkdir(zone1Child, FsPermission.getDirDefault(), false);
     try {
-      dfsAdmin.createEncryptionZone(TEST_PATH_WITH_CHILD, null);
+      dfsAdmin.createEncryptionZone(zone1Child, null);
       fail("EZ in an EZ");
     } catch (IOException e) {
-      GenericTestUtils.assertExceptionContains("already in an encryption zone", e);
+      assertExceptionContains("already in an encryption zone", e);
     }
-  }
 
-  /** Test failure of creating an EZ using a non-empty directory. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneAndGenerateKeyDirectoryNotEmpty()
-    throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0777));
-    FileSystem.create(fs, new Path("/test/foo"),
-            new FsPermission((short) 0777));
+    /* create EZ on a folder with a folder fails */
+    final Path notEmpty = new Path("/notEmpty");
+    final Path notEmptyChild = new Path(notEmpty, "child");
+    fsWrapper.mkdir(notEmptyChild, FsPermission.getDirDefault(), true);
     try {
-      dfsAdmin.createEncryptionZone(TEST_PATH, null);
-      fail("expected key doesn't exist");
+      dfsAdmin.createEncryptionZone(notEmpty, null);
+      fail("Created EZ on an non-empty directory with folder");
     } catch (IOException e) {
-      GenericTestUtils.assertExceptionContains("create an encryption zone", e);
+      assertExceptionContains("create an encryption zone", e);
     }
-  }
+    fsWrapper.delete(notEmptyChild, false);
 
-  /** Test failure of creating an EZ passing a key that doesn't exist. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneKeyDoesntExist() throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
+    /* create EZ on a folder with a file fails */
+    fsWrapper.createFile(notEmptyChild);
     try {
-      dfsAdmin.createEncryptionZone(TEST_PATH, TEST_KEYID);
-      fail("expected key doesn't exist");
+      dfsAdmin.createEncryptionZone(notEmpty, null);
+      fail("Created EZ on an non-empty directory with file");
     } catch (IOException e) {
-      GenericTestUtils.assertExceptionContains("doesn't exist.", e);
+      assertExceptionContains("create an encryption zone", e);
     }
-    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
-    Preconditions.checkState(zones.size() == 0, "More than one zone found?");
-  }
-
-  /** Test success of creating an EZ when they key exists. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneKeyExist() throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0777));
-    createAKey(TEST_KEYID);
-    dfsAdmin.createEncryptionZone(TEST_PATH, TEST_KEYID);
-    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
-    Preconditions.checkState(zones.size() == 1, "More than one zone found?");
-    final EncryptionZone ez = zones.get(0);
-      GenericTestUtils.assertMatches(ez.toString(),
-              "EncryptionZone \\[path=/test, keyId=");
-  }
 
-  /** Helper function to create a key in the Key Provider. */
-  private void createAKey(String keyId)
-    throws NoSuchAlgorithmException, IOException {
-    KeyProvider provider =
-        cluster.getNameNode().getNamesystem().getProvider();
-    final KeyProvider.Options options = KeyProvider.options(conf);
-    provider.createKey(keyId, options);
-    provider.flush();
-  }
+    /* Test failure of creating an EZ passing a key that doesn't exist. */
+    final Path zone2 = new Path("/zone2");
+    fsWrapper.mkdir(zone2, FsPermission.getDirDefault(), false);
+    final String myKeyId = "mykeyid";
+    try {
+      dfsAdmin.createEncryptionZone(zone2, myKeyId);
+      fail("expected key doesn't exist");
+    } catch (IOException e) {
+      assertExceptionContains("doesn't exist.", e);
+    }
+    assertNumZones(1);
 
-  /** Test failure of create encryption zones as a non super user. */
-  @Test(timeout = 60000)
-  public void testCreateEncryptionZoneAsNonSuperUser()
-    throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
+    /* Test success of creating an EZ when they key exists. */
+    createKey(myKeyId);
+    dfsAdmin.createEncryptionZone(zone2, myKeyId);
+    assertNumZones(++numZones);
+    assertZonePresent(myKeyId, zone2.toString());
 
+    /* Test failure of create encryption zones as a non super user. */
     final UserGroupInformation user = UserGroupInformation.
-      createUserForTesting("user", new String[] { "mygroup" });
-
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0700));
+        createUserForTesting("user", new String[] { "mygroup" });
+    final Path nonSuper = new Path("/nonSuper");
+    fsWrapper.mkdir(nonSuper, FsPermission.getDirDefault(), false);
 
     user.doAs(new PrivilegedExceptionAction<Object>() {
-        @Override
-        public Object run() throws Exception {
-          final HdfsAdmin userAdmin =
+      @Override
+      public Object run() throws Exception {
+        final HdfsAdmin userAdmin =
             new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-          try {
-            userAdmin.createEncryptionZone(TEST_PATH, null);
-            fail("createEncryptionZone is superuser-only operation");
-          } catch (AccessControlException e) {
-            GenericTestUtils.assertExceptionContains(
-                    "Superuser privilege is required", e);
-          }
-          return null;
+        try {
+          userAdmin.createEncryptionZone(nonSuper, null);
+          fail("createEncryptionZone is superuser-only operation");
+        } catch (AccessControlException e) {
+          assertExceptionContains("Superuser privilege is required", e);
         }
-      });
+        return null;
+      }
+    });
+
+    // Test success of creating an encryption zone a few levels down.
+    Path deepZone = new Path("/d/e/e/p/zone");
+    fsWrapper.mkdir(deepZone, FsPermission.getDirDefault(), true);
+    dfsAdmin.createEncryptionZone(deepZone, null);
+    assertNumZones(++numZones);
+    assertZonePresent(null, deepZone.toString());
   }
 
   /**
-   * Test success of creating an encryption zone a few levels down.
+   * Test listing encryption zones as a non super user.
    */
   @Test(timeout = 60000)
-  public void testCreateEncryptionZoneDownAFewLevels()
-    throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH_WITH_MULTIPLE_CHILDREN,
-      new FsPermission((short) 0777));
-    dfsAdmin.createEncryptionZone(TEST_PATH_WITH_MULTIPLE_CHILDREN, null);
-    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
-    Preconditions.checkState(zones.size() == 1, "More than one zone found?");
-    final EncryptionZone ez = zones.get(0);
-      GenericTestUtils.assertMatches(ez.toString(),
-         "EncryptionZone \\[path=/test/foo/baz, keyId=");
-  }
-
-  /** Test failure of creating an EZ using a non-empty directory. */
-  @Test(timeout = 60000)
-  public void testCreateFileInEncryptionZone() throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH, new FsPermission((short) 0777));
-    dfsAdmin.createEncryptionZone(TEST_PATH, null);
-    FileSystem.create(fs, TEST_PATH_WITH_CHILD, new FsPermission((short) 0777));
-
-    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
-    final EncryptionZone ez = zones.get(0);
-      GenericTestUtils.assertMatches(ez.toString(),
-         "EncryptionZone \\[path=/test, keyId=");
-  }
-
-  /** Test listing encryption zones. */
-  @Test(timeout = 60000)
-  public void testListEncryptionZones() throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    final int N_EZs = 5;
-    final Set<String> ezPathNames = new HashSet<String>(N_EZs);
-    for (int i = 0; i < N_EZs; i++) {
-      final Path p = new Path(TEST_PATH, "" + i);
-      ezPathNames.add(p.toString());
-      FileSystem.mkdirs(fs, p, new FsPermission((short) 0777));
-      dfsAdmin.createEncryptionZone(p, null);
-    }
-
-    final List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
-    Preconditions.checkState(zones.size() == N_EZs, "wrong number of EZs returned");
-    for (EncryptionZone z : zones) {
-      final String ezPathName = z.getPath();
-      Preconditions.checkState(ezPathNames.remove(
-          ezPathName), "Path " + ezPathName + " not returned from listEZ");
-    }
-    Preconditions.checkState(ezPathNames.size() == 0);
-  }
-
-  /** Test listing encryption zones as a non super user. */
-  @Test(timeout = 60000)
   public void testListEncryptionZonesAsNonSuperUser() throws Exception {
-    final HdfsAdmin dfsAdmin =
-      new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
 
     final UserGroupInformation user = UserGroupInformation.
-      createUserForTesting("user", new String[] {"mygroup"});
+        createUserForTesting("user", new String[] { "mygroup" });
+
+    final Path testRoot = new Path(fsHelper.getTestRootDir());
+    final Path superPath = new Path(testRoot, "superuseronly");
+    final Path allPath = new Path(testRoot, "accessall");
 
-    final Path TEST_PATH_SUPERUSER_ONLY = new Path(TEST_PATH, "superuseronly");
-    final Path TEST_PATH_ALL = new Path(TEST_PATH, "accessall");
+    fsWrapper.mkdir(superPath, new FsPermission((short) 0700), true);
+    dfsAdmin.createEncryptionZone(superPath, null);
 
-    FileSystem.mkdirs(fs, TEST_PATH_SUPERUSER_ONLY,
-      new FsPermission((short) 0700));
-    dfsAdmin.createEncryptionZone(TEST_PATH_SUPERUSER_ONLY, null);
-    FileSystem.mkdirs(fs, TEST_PATH_ALL,
-      new FsPermission((short) 0707));
-    dfsAdmin.createEncryptionZone(TEST_PATH_ALL, null);
+    fsWrapper.mkdir(allPath, new FsPermission((short) 0707), true);
+    dfsAdmin.createEncryptionZone(allPath, null);
 
     user.doAs(new PrivilegedExceptionAction<Object>() {
       @Override
       public Object run() throws Exception {
         final HdfsAdmin userAdmin =
-                new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
+            new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
         try {
-          final List<EncryptionZone> zones = userAdmin.listEncryptionZones();
+          userAdmin.listEncryptionZones();
         } catch (AccessControlException e) {
-          GenericTestUtils.assertExceptionContains(
-                  "Superuser privilege is required", e);
+          assertExceptionContains("Superuser privilege is required", e);
         }
         return null;
       }
     });
   }
 
-  /** Test success of Rename EZ on a directory which is already an EZ. */
-  @Test(timeout = 60000)
-  public void testRenameEncryptionZone()
-          throws Exception {
-    final HdfsAdmin dfsAdmin =
-            new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    FileSystem.mkdirs(fs, TEST_PATH_WITH_CHILD,
-      new FsPermission((short) 0777));
-    dfsAdmin.createEncryptionZone(TEST_PATH_WITH_CHILD, null);
-    FileSystem.mkdirs(fs, TEST_PATH_WITH_MULTIPLE_CHILDREN,
-       new FsPermission((short) 0777));
+  /**
+   * Test success of Rename EZ on a directory which is already an EZ.
+   */
+  private void doRenameEncryptionZone(FSTestWrapper wrapper) throws Exception {
+    final Path testRoot = new Path(fsHelper.getTestRootDir());
+    final Path pathFoo = new Path(testRoot, "foo");
+    final Path pathFooBaz = new Path(pathFoo, "baz");
+    wrapper.mkdir(pathFoo, FsPermission.getDirDefault(), true);
+    dfsAdmin.createEncryptionZone(pathFoo, null);
+    wrapper.mkdir(pathFooBaz, FsPermission.getDirDefault(), true);
     try {
-      fs.rename(TEST_PATH_WITH_MULTIPLE_CHILDREN, TEST_PATH);
+      wrapper.rename(pathFooBaz, testRoot);
     } catch (IOException e) {
-      GenericTestUtils.assertExceptionContains(
-              "/test/foo/baz can't be moved from an encryption zone.", e);
+      assertExceptionContains(pathFooBaz.toString() + " can't be moved from" +
+              " an encryption zone.", e
+      );
+    }
+  }
+
+  @Test(timeout = 60000)
+  public void testRenameFileSystem() throws Exception {
+    doRenameEncryptionZone(fsWrapper);
+  }
+
+  @Test(timeout = 60000)
+  public void testRenameFileContext() throws Exception {
+    doRenameEncryptionZone(fcWrapper);
+  }
+
+  private void validateFiles(Path p1, Path p2, int len) throws Exception {
+    FSDataInputStream in1 = fs.open(p1);
+    FSDataInputStream in2 = fs.open(p2);
+    for (int i = 0; i < len; i++) {
+      assertEquals("Mismatch at byte " + i, in1.read(), in2.read());
     }
+    in1.close();
+    in2.close();
+  }
+
+  private FileEncryptionInfo getFileEncryptionInfo(Path path) throws Exception {
+    LocatedBlocks blocks = fs.getClient().getLocatedBlocks(path.toString(), 0);
+    return blocks.getFileEncryptionInfo();
+  }
+
+  @Test(timeout = 120000)
+  public void testReadWrite() throws Exception {
+    final HdfsAdmin dfsAdmin =
+        new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
+    // Create a base file for comparison
+    final Path baseFile = new Path("/base");
+    final int len = 8192;
+    DFSTestUtil.createFile(fs, baseFile, len, (short) 1, 0xFEED);
+    // Create the first enc file
+    final Path zone = new Path("/zone");
+    fs.mkdirs(zone);
+    dfsAdmin.createEncryptionZone(zone, null);
+    final Path encFile1 = new Path(zone, "myfile");
+    DFSTestUtil.createFile(fs, encFile1, len, (short) 1, 0xFEED);
+    // Read them back in and compare byte-by-byte
+    validateFiles(baseFile, encFile1, len);
+    // Roll the key of the encryption zone
+    List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
+    assertEquals("Expected 1 EZ", 1, zones.size());
+    String keyId = zones.get(0).getKeyId();
+    cluster.getNamesystem().getProvider().rollNewVersion(keyId);
+    cluster.getNamesystem().getFSDirectory().ezManager.kickMonitor();
+    // Read them back in and compare byte-by-byte
+    validateFiles(baseFile, encFile1, len);
+    // Write a new enc file and validate
+    final Path encFile2 = new Path(zone, "myfile2");
+    DFSTestUtil.createFile(fs, encFile2, len, (short) 1, 0xFEED);
+    // FEInfos should be different
+    FileEncryptionInfo feInfo1 = getFileEncryptionInfo(encFile1);
+    FileEncryptionInfo feInfo2 = getFileEncryptionInfo(encFile2);
+    assertFalse("EDEKs should be different", Arrays
+        .equals(feInfo1.getEncryptedDataEncryptionKey(),
+            feInfo2.getEncryptedDataEncryptionKey()));
+    assertNotEquals("Key was rolled, versions should be different",
+        feInfo1.getEzKeyVersionName(), feInfo2.getEzKeyVersionName());
+    // Contents still equal
+    validateFiles(encFile1, encFile2, len);
   }
 
   @Test(timeout = 60000)
@@ -354,16 +373,15 @@ public class TestEncryptionZonesAPI {
     fs.mkdirs(zone);
     dfsAdmin.createEncryptionZone(zone, null);
     // Create a file in an EZ, which should succeed
-    DFSTestUtil.createFile(fs, new Path(zone, "success1"), 0, (short) 1,
-        0xFEED);
+    DFSTestUtil
+        .createFile(fs, new Path(zone, "success1"), 0, (short) 1, 0xFEED);
     // Pass no cipherSuites, fail
     fs.getClient().cipherSuites = Lists.newArrayListWithCapacity(0);
     try {
-      DFSTestUtil.createFile(fs, new Path(zone, "fail"), 0, (short) 1,
-          0xFEED);
+      DFSTestUtil.createFile(fs, new Path(zone, "fail"), 0, (short) 1, 0xFEED);
       fail("Created a file without specifying a CipherSuite!");
     } catch (UnknownCipherSuiteException e) {
-      GenericTestUtils.assertExceptionContains("No cipher suites", e);
+      assertExceptionContains("No cipher suites", e);
     }
     // Pass some unknown cipherSuites, fail
     fs.getClient().cipherSuites = Lists.newArrayListWithCapacity(3);
@@ -371,25 +389,24 @@ public class TestEncryptionZonesAPI {
     fs.getClient().cipherSuites.add(CipherSuite.UNKNOWN);
     fs.getClient().cipherSuites.add(CipherSuite.UNKNOWN);
     try {
-      DFSTestUtil.createFile(fs, new Path(zone, "fail"), 0, (short) 1,
-          0xFEED);
+      DFSTestUtil.createFile(fs, new Path(zone, "fail"), 0, (short) 1, 0xFEED);
       fail("Created a file without specifying a CipherSuite!");
     } catch (UnknownCipherSuiteException e) {
-      GenericTestUtils.assertExceptionContains("No cipher suites", e);
+      assertExceptionContains("No cipher suites", e);
     }
     // Pass some unknown and a good cipherSuites, success
     fs.getClient().cipherSuites = Lists.newArrayListWithCapacity(3);
     fs.getClient().cipherSuites.add(CipherSuite.AES_CTR_NOPADDING);
     fs.getClient().cipherSuites.add(CipherSuite.UNKNOWN);
     fs.getClient().cipherSuites.add(CipherSuite.UNKNOWN);
-    DFSTestUtil.createFile(fs, new Path(zone, "success2"), 0, (short) 1,
-        0xFEED);
+    DFSTestUtil
+        .createFile(fs, new Path(zone, "success2"), 0, (short) 1, 0xFEED);
     fs.getClient().cipherSuites = Lists.newArrayListWithCapacity(3);
     fs.getClient().cipherSuites.add(CipherSuite.UNKNOWN);
     fs.getClient().cipherSuites.add(CipherSuite.UNKNOWN);
     fs.getClient().cipherSuites.add(CipherSuite.AES_CTR_NOPADDING);
-    DFSTestUtil.createFile(fs, new Path(zone, "success3"), 4096, (short) 1,
-        0xFEED);
+    DFSTestUtil
+        .createFile(fs, new Path(zone, "success3"), 4096, (short) 1, 0xFEED);
     // Check KeyProvider state
     // Flushing the KP on the NN, since it caches, and init a test one
     cluster.getNamesystem().getProvider().flush();
@@ -405,7 +422,7 @@ public class TestEncryptionZonesAPI {
       allVersions.addAll(versions);
     }
     // Check that the specified CipherSuite was correctly saved on the NN
-    for (int i=2; i<=3; i++) {
+    for (int i = 2; i <= 3; i++) {
       FileEncryptionInfo feInfo =
           getFileEncryptionInfo(new Path(zone.toString() +
               "/success" + i));
@@ -413,57 +430,4 @@ public class TestEncryptionZonesAPI {
     }
   }
 
-  private void validateFiles(Path p1, Path p2, int len) throws Exception {
-    FSDataInputStream in1 = fs.open(p1);
-    FSDataInputStream in2 = fs.open(p2);
-    for (int i=0; i<len; i++) {
-      assertEquals("Mismatch at byte " + i, in1.read(), in2.read());
-    }
-    in1.close();
-    in2.close();
-  }
-
-  private FileEncryptionInfo getFileEncryptionInfo(Path path) throws Exception {
-    LocatedBlocks blocks = fs.getClient().getLocatedBlocks(path.toString(), 0);
-    return blocks.getFileEncryptionInfo();
-  }
-
-  @Test(timeout = 120000)
-  public void testReadWrite() throws Exception {
-    final HdfsAdmin dfsAdmin =
-        new HdfsAdmin(FileSystem.getDefaultUri(conf), conf);
-    // Create a base file for comparison
-    final Path baseFile = new Path("/base");
-    final int len = 8192;
-    DFSTestUtil.createFile(fs, baseFile, len, (short) 1, 0xFEED);
-    // Create the first enc file
-    final Path zone = new Path("/zone");
-    fs.mkdirs(zone);
-    dfsAdmin.createEncryptionZone(zone, null);
-    final Path encFile1 = new Path(zone, "myfile");
-    DFSTestUtil.createFile(fs, encFile1, len, (short) 1, 0xFEED);
-    // Read them back in and compare byte-by-byte
-    validateFiles(baseFile, encFile1, len);
-    // Roll the key of the encryption zone
-    List<EncryptionZone> zones = dfsAdmin.listEncryptionZones();
-    assertEquals("Expected 1 EZ", 1, zones.size());
-    String keyId = zones.get(0).getKeyId();
-    cluster.getNamesystem().getProvider().rollNewVersion(keyId);
-    cluster.getNamesystem().getFSDirectory().ezManager.kickMonitor();
-    // Read them back in and compare byte-by-byte
-    validateFiles(baseFile, encFile1, len);
-    // Write a new enc file and validate
-    final Path encFile2 = new Path(zone, "myfile2");
-    DFSTestUtil.createFile(fs, encFile2, len, (short) 1, 0xFEED);
-    // FEInfos should be different
-    FileEncryptionInfo feInfo1 = getFileEncryptionInfo(encFile1);
-    FileEncryptionInfo feInfo2 = getFileEncryptionInfo(encFile2);
-    assertFalse("EDEKs should be different", Arrays.equals(
-        feInfo1.getEncryptedDataEncryptionKey(),
-        feInfo2.getEncryptedDataEncryptionKey()));
-    assertNotEquals("Key was rolled, versions should be different",
-        feInfo1.getEzKeyVersionName(), feInfo2.getEzKeyVersionName());
-    // Contents still equal
-    validateFiles(encFile1, encFile2, len);
-  }
 }



Mime
View raw message