hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From apurt...@apache.org
Subject svn commit: r1500089 - /hbase/branches/0.95/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
Date Fri, 05 Jul 2013 18:17:06 GMT
Author: apurtell
Date: Fri Jul  5 18:17:06 2013
New Revision: 1500089

URL: http://svn.apache.org/r1500089
Log:
HBASE-8799. TestAccessController#testBulkLoad failing on trunk/0.95

Modified:
    hbase/branches/0.95/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java

Modified: hbase/branches/0.95/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
URL: http://svn.apache.org/viewvc/hbase/branches/0.95/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java?rev=1500089&r1=1500088&r2=1500089&view=diff
==============================================================================
--- hbase/branches/0.95/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
(original)
+++ hbase/branches/0.95/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
Fri Jul  5 18:17:06 2013
@@ -92,7 +92,6 @@ import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
-import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
@@ -210,12 +209,16 @@ public class TestAccessController {
         AccessControlProtos.Permission.Action.READ,
         AccessControlProtos.Permission.Action.WRITE));
 
+      // USER_CREATE is USER_RW plus CREATE permissions
+      protocol.grant(null, RequestConverter.buildGrantRequest(USER_CREATE.getShortName(),
+        TEST_TABLE.getTableName(), null, null,
+        AccessControlProtos.Permission.Action.CREATE,
+        AccessControlProtos.Permission.Action.READ,
+        AccessControlProtos.Permission.Action.WRITE));
+
       protocol.grant(null, RequestConverter.buildGrantRequest(USER_RO.getShortName(), TEST_TABLE.getTableName(),
         TEST_FAMILY, null, AccessControlProtos.Permission.Action.READ));
 
-      protocol.grant(null, RequestConverter.buildGrantRequest(USER_CREATE.getShortName(),
-        TEST_TABLE.getTableName(), null, null, AccessControlProtos.Permission.Action.CREATE));
-
       assertEquals(4, AccessControlLists.getTablePermissions(conf, TEST_TABLE.getTableName()).size());
     } finally {
       acl.close();
@@ -584,8 +587,8 @@ public class TestAccessController {
   }
 
   private void verifyWrite(PrivilegedExceptionAction action) throws Exception {
-    verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_RW);
-    verifyDenied(action, USER_NONE, USER_CREATE, USER_RO);
+    verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW);
+    verifyDenied(action, USER_NONE, USER_RO);
   }
 
   @Test
@@ -658,13 +661,13 @@ public class TestAccessController {
   }
 
   private void verifyRead(PrivilegedExceptionAction action) throws Exception {
-    verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_RW, USER_RO);
-    verifyDenied(action, USER_NONE, USER_CREATE);
+    verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW, USER_RO);
+    verifyDenied(action, USER_NONE);
   }
 
   private void verifyReadWrite(PrivilegedExceptionAction action) throws Exception {
-    verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_RW);
-    verifyDenied(action, USER_NONE, USER_CREATE, USER_RO);
+    verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW);
+    verifyDenied(action, USER_NONE, USER_RO);
   }
 
   @Test
@@ -800,7 +803,7 @@ public class TestAccessController {
     verifyReadWrite(checkAndPut);
   }
 
-  @Ignore("Broke by https://issues.apache.org/jira/browse/HBASE-8692") @Test
+  @Test
   public void testBulkLoad() throws Exception {
     FileSystem fs = TEST_UTIL.getTestFileSystem();
     final Path dir = TEST_UTIL.getDataTestDir("testBulkLoad");
@@ -823,7 +826,11 @@ public class TestAccessController {
         return null;
       }
     };
-    verifyWrite(bulkLoadAction);
+
+    // User performing bulk loads must have privilege to read table metadata
+    // (ADMIN or CREATE)
+    verifyAllowed(bulkLoadAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE);
+    verifyDenied(bulkLoadAction, USER_RW, USER_NONE, USER_RO);
 
     // Reinit after the bulk upload
     TEST_UTIL.getHBaseAdmin().disableTable(TEST_TABLE.getTableName());
@@ -928,8 +935,8 @@ public class TestAccessController {
       }
     };
 
-    verifyAllowed(appendAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_RW);
-    verifyDenied(appendAction, USER_CREATE, USER_RO, USER_NONE);
+    verifyAllowed(appendAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE, USER_RW);
+    verifyDenied(appendAction, USER_RO, USER_NONE);
   }
 
   @Test
@@ -1796,8 +1803,8 @@ public class TestAccessController {
       }
     };
 
-    verifyAllowed(familyReadWrite, SUPERUSER, USER_OWNER, USER_RW);
-    verifyDenied(familyReadWrite, USER_NONE, USER_CREATE, USER_RO);
+    verifyAllowed(familyReadWrite, SUPERUSER, USER_OWNER, USER_CREATE, USER_RW);
+    verifyDenied(familyReadWrite, USER_NONE, USER_RO);
 
     // --------------------------------------
     // check for wrong table region



Mime
View raw message