/**
* Grant permissions on a namespace to the given user. Will wait until all active
* AccessController instances have updated their permissions caches or will
* throw an exception upon timeout (10 seconds).
*/
public static void grantOnNamespace(final HBaseTestingUtility util, final String user,
final String namespace, final Permission.Action... actions) throws Exception {
SecureTestUtil.updateACLs(util, new Callable<Void>() {
@Override
public Void call() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(util.getConfiguration())) {
try (Table acl = connection.getTable(AccessControlLists.ACL_TABLE_NAME)) {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
AccessControlUtil.grant(null, protocol, user, namespace, false, actions);
}
}
return null;
}
});
}
java类com.google.protobuf.BlockingRpcChannel的实例源码
SecureTestUtil.java 文件源码
项目:hbase
阅读 27
收藏 0
点赞 0
评论 0
SecureTestUtil.java 文件源码
项目:hbase
阅读 29
收藏 0
点赞 0
评论 0
/**
* Revoke permissions on a namespace from the given user. Will wait until all active
* AccessController instances have updated their permissions caches or will
* throw an exception upon timeout (10 seconds).
*/
public static void revokeFromNamespace(final HBaseTestingUtility util, final String user,
final String namespace, final Permission.Action... actions) throws Exception {
SecureTestUtil.updateACLs(util, new Callable<Void>() {
@Override
public Void call() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(util.getConfiguration())) {
try (Table acl = connection.getTable(AccessControlLists.ACL_TABLE_NAME)) {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
AccessControlUtil.revoke(null, protocol, user, namespace, actions);
}
}
return null;
}
});
}
SecureTestUtil.java 文件源码
项目:hbase
阅读 45
收藏 0
点赞 0
评论 0
/**
* Grant permissions on a table to the given user. Will wait until all active
* AccessController instances have updated their permissions caches or will
* throw an exception upon timeout (10 seconds).
*/
public static void grantOnTable(final HBaseTestingUtility util, final String user,
final TableName table, final byte[] family, final byte[] qualifier,
final Permission.Action... actions) throws Exception {
SecureTestUtil.updateACLs(util, new Callable<Void>() {
@Override
public Void call() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(util.getConfiguration())) {
try (Table acl = connection.getTable(AccessControlLists.ACL_TABLE_NAME)) {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
AccessControlUtil.grant(null, protocol, user, table, family, qualifier, false, actions);
}
}
return null;
}
});
}
SecureTestUtil.java 文件源码
项目:hbase
阅读 24
收藏 0
点赞 0
评论 0
/**
* Revoke permissions on a table from the given user. Will wait until all active
* AccessController instances have updated their permissions caches or will
* throw an exception upon timeout (10 seconds).
*/
public static void revokeFromTable(final HBaseTestingUtility util, final String user,
final TableName table, final byte[] family, final byte[] qualifier,
final Permission.Action... actions) throws Exception {
SecureTestUtil.updateACLs(util, new Callable<Void>() {
@Override
public Void call() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(util.getConfiguration())) {
try (Table acl = connection.getTable(AccessControlLists.ACL_TABLE_NAME)) {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
AccessControlUtil.revoke(null, protocol, user, table, family, qualifier, actions);
}
}
return null;
}
});
}
SecureTestUtil.java 文件源码
项目:hbase
阅读 24
收藏 0
点赞 0
评论 0
public static void checkGlobalPerms(HBaseTestingUtility testUtil, Permission.Action... actions)
throws IOException {
Permission[] perms = new Permission[actions.length];
for (int i = 0; i < actions.length; i++) {
perms[i] = new Permission(actions[i]);
}
CheckPermissionsRequest.Builder request = CheckPermissionsRequest.newBuilder();
for (Action a : actions) {
request.addPermission(AccessControlProtos.Permission.newBuilder()
.setType(AccessControlProtos.Permission.Type.Global)
.setGlobalPermission(
AccessControlProtos.GlobalPermission.newBuilder()
.addAction(AccessControlUtil.toPermissionAction(a)).build()));
}
try(Connection conn = ConnectionFactory.createConnection(testUtil.getConfiguration());
Table acl = conn.getTable(AccessControlLists.ACL_TABLE_NAME)) {
BlockingRpcChannel channel = acl.coprocessorService(new byte[0]);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(channel);
try {
protocol.checkPermissions(null, request.build());
} catch (ServiceException se) {
ProtobufUtil.toIOException(se);
}
}
}
TestAccessController.java 文件源码
项目:hbase
阅读 26
收藏 0
点赞 0
评论 0
@Test (timeout=180000)
public void testGlobalPermissionList() throws Exception {
List<UserPermission> perms;
Table acl = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);
try {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
perms = AccessControlUtil.getUserPermissions(null, protocol);
} finally {
acl.close();
}
Collection<String> superUsers = Superusers.getSuperUsers();
List<UserPermission> adminPerms = new ArrayList<>(superUsers.size() + 1);
adminPerms.add(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()),
AccessControlLists.ACL_TABLE_NAME, null, null, Bytes.toBytes("ACRW")));
for(String user: superUsers) {
adminPerms.add(new UserPermission(Bytes.toBytes(user), AccessControlLists.ACL_TABLE_NAME,
null, null, Action.values()));
}
assertTrue("Only super users, global users and user admin has permission on table hbase:acl " +
"per setup", perms.size() == 5 + superUsers.size() &&
hasFoundUserPermission(adminPerms, perms));
}
BlockingRpcClient.java 文件源码
项目:incubator-tajo
阅读 21
收藏 0
点赞 0
评论 0
BlockingRpcClient(final Class<?> protocol,
final InetSocketAddress addr, ClientSocketChannelFactory factory)
throws Exception {
this.protocol = protocol;
String serviceClassName = protocol.getName() + "$"
+ protocol.getSimpleName() + "Service";
Class<?> serviceClass = Class.forName(serviceClassName);
stubMethod = serviceClass.getMethod("newBlockingStub",
BlockingRpcChannel.class);
this.handler = new ClientChannelUpstreamHandler();
pipeFactory = new ProtoPipelineFactory(handler,
RpcResponse.getDefaultInstance());
super.init(addr, pipeFactory, factory);
rpcChannel = new ProxyRpcChannel();
this.key = new RpcConnectionKey(addr, protocol, false);
}
BlockingRpcClient.java 文件源码
项目:tajo-cdh
阅读 21
收藏 0
点赞 0
评论 0
BlockingRpcClient(final Class<?> protocol,
final InetSocketAddress addr, ClientSocketChannelFactory factory)
throws Exception {
this.protocol = protocol;
String serviceClassName = protocol.getName() + "$"
+ protocol.getSimpleName() + "Service";
Class<?> serviceClass = Class.forName(serviceClassName);
stubMethod = serviceClass.getMethod("newBlockingStub",
BlockingRpcChannel.class);
this.handler = new ClientChannelUpstreamHandler();
pipeFactory = new ProtoPipelineFactory(handler,
RpcResponse.getDefaultInstance());
super.init(addr, pipeFactory, factory);
rpcChannel = new ProxyRpcChannel();
this.key = new RpcConnectionKey(addr, protocol, false);
}
SecureTestUtil.java 文件源码
项目:PyroDB
阅读 26
收藏 0
点赞 0
评论 0
/**
* Grant permissions globally to the given user. Will wait until all active
* AccessController instances have updated their permissions caches or will
* throw an exception upon timeout (10 seconds).
*/
public static void grantGlobal(final HBaseTestingUtility util, final String user,
final Permission.Action... actions) throws Exception {
SecureTestUtil.updateACLs(util, new Callable<Void>() {
@Override
public Void call() throws Exception {
HTable acl = new HTable(util.getConfiguration(), AccessControlLists.ACL_TABLE_NAME);
try {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
ProtobufUtil.grant(protocol, user, actions);
} finally {
acl.close();
}
return null;
}
});
}
SecureTestUtil.java 文件源码
项目:PyroDB
阅读 26
收藏 0
点赞 0
评论 0
/**
* Revoke permissions globally from the given user. Will wait until all active
* AccessController instances have updated their permissions caches or will
* throw an exception upon timeout (10 seconds).
*/
public static void revokeGlobal(final HBaseTestingUtility util, final String user,
final Permission.Action... actions) throws Exception {
SecureTestUtil.updateACLs(util, new Callable<Void>() {
@Override
public Void call() throws Exception {
HTable acl = new HTable(util.getConfiguration(), AccessControlLists.ACL_TABLE_NAME);
try {
BlockingRpcChannel service = acl.coprocessorService(HConstants.EMPTY_START_ROW);
AccessControlService.BlockingInterface protocol =
AccessControlService.newBlockingStub(service);
ProtobufUtil.revoke(protocol, user, actions);
} finally {
acl.close();
}
return null;
}
});
}
