Review Board 1.7.22


HBASE-5371. Introduce AccessControllerProtocol.checkPermissions(Permission[] permissons) API

Review Request #3829 - Created Feb. 9, 2012 and updated

enis
HBASE-5371
Reviewers
hbase
hbase-git
We need to introduce something like AccessControllerProtocol.checkPermissions(Permission[] permissions) API, so that clients can check access rights before carrying out the operations. We need this kind of operation for HCATALOG-245, which introduces authorization providers for hbase over hcat. We cannot use getUserPermissions() since it requires ADMIN permissions on the global/table level.

 

Changes between revision 1 and 2

1 2 3
1 2 3

  1. security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java: Loading...
security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
Diff Revision 1 Diff Revision 2
[20] 1029 lines
[+20] [+] public void checkGlobalPerms(Permission.Action... actions) throws IOException {
1030
    protocol.checkPermissions(perms);
1030
    protocol.checkPermissions(perms);
1031
  }
1031
  }
1032

    
   
1032

   
1033
  public void checkTablePerms(byte[] table, byte[] family, byte[] column,
1033
  public void checkTablePerms(byte[] table, byte[] family, byte[] column,
1034
      Permission.Action... actions) throws IOException {
1034
      Permission.Action... actions) throws IOException {
1035
    HTable acl = new HTable(conf, table);
Moved to 1044

   
1036
    AccessControllerProtocol protocol =
Moved to 1045

   
1037
        acl.coprocessorProxy(AccessControllerProtocol.class, new byte[0]);
Moved to 1046

   
1038

    
   

   
1039
    Permission[] perms = new Permission[actions.length];
1035
    Permission[] perms = new Permission[actions.length];
1040
    for (int i=0; i < actions.length; i++) {
1036
    for (int i=0; i < actions.length; i++) {
1041
      perms[i] = new TablePermission(table, family, column, actions[i]);
1037
      perms[i] = new TablePermission(table, family, column, actions[i]);
1042
    }
1038
    }
1043

    
   
1039

   

    
   
1040
    checkTablePerms(table, perms);

    
   
1041
  }

    
   
1042

   

    
   
1043
  public void checkTablePerms(byte[] table, Permission...perms) throws IOException {
Moved from 1035

    
   
1044
    HTable acl = new HTable(conf, table);
Moved from 1036

    
   
1045
    AccessControllerProtocol protocol =
Moved from 1037

    
   
1046
        acl.coprocessorProxy(AccessControllerProtocol.class, new byte[0]);

    
   
1047

   
1044
    protocol.checkPermissions(perms);
1048
    protocol.checkPermissions(perms);
1045
  }
1049
  }
1046

    
   
1050

   

    
   
1051
  public void grant(AccessControllerProtocol protocol, User user, byte[] t, byte[] f,

    
   
1052
      byte[] q, Permission.Action... actions) throws IOException {

    
   
1053
    protocol.grant(Bytes.toBytes(user.getShortName()), new TablePermission(t, f, q, actions));

    
   
1054
  }

    
   
1055

   
1047
  @Test
1056
  @Test
1048
  public void testCheckPermissions() throws Exception {
1057
  public void testCheckPermissions() throws Exception {

    
   
1058
    final HTable acl = new HTable(conf, AccessControlLists.ACL_TABLE_NAME);

    
   
1059
    final AccessControllerProtocol protocol =

    
   
1060
        acl.coprocessorProxy(AccessControllerProtocol.class, TEST_TABLE);

    
   
1061

   

    
   
1062
    //--------------------------------------

    
   
1063
    //test global permissions
1049
    PrivilegedExceptionAction<Void> globalAdmin = new PrivilegedExceptionAction<Void>() {
1064
    PrivilegedExceptionAction<Void> globalAdmin = new PrivilegedExceptionAction<Void>() {
1050
      @Override
1065
      @Override
1051
      public Void run() throws Exception {
1066
      public Void run() throws Exception {
1052
        checkGlobalPerms(Permission.Action.ADMIN);
1067
        checkGlobalPerms(Permission.Action.ADMIN);
1053
        return null;
1068
        return null;
1054
      }
1069
      }
1055
    };
1070
    };
1056
    // verify that only superuser can admin
1071
    //verify that only superuser can admin
1057
    verifyGlobal(globalAdmin);
1072
    verifyGlobal(globalAdmin);
1058

    
   
1073

   

    
   
1074
    //--------------------------------------

    
   
1075
    //test multiple permissions
1059
    PrivilegedExceptionAction<Void> globalReadWrite = new PrivilegedExceptionAction<Void>() {
1076
    PrivilegedExceptionAction<Void> globalReadWrite = new PrivilegedExceptionAction<Void>() {
1060
      @Override
1077
      @Override
1061
      public Void run() throws Exception {
1078
      public Void run() throws Exception {
1062
        checkGlobalPerms(Permission.Action.READ, Permission.Action.WRITE);
1079
        checkGlobalPerms(Permission.Action.READ, Permission.Action.WRITE);
1063
        return null;
1080
        return null;
1064
      }
1081
      }
1065
    };
1082
    };
1066
    //multiple permissions
1083

   
1067
    verifyGlobal(globalReadWrite);
1084
    verifyGlobal(globalReadWrite);
1068

    
   
1085

   
1069
    //table
1086
    //--------------------------------------
1070
    PrivilegedExceptionAction<Void> familyReadWrite = new PrivilegedExceptionAction<Void>() {
1087
    //table/column/qualifier level permissions

    
   
1088
    final byte[] TEST_Q1 = Bytes.toBytes("q1");

    
   
1089
    final byte[] TEST_Q2 = Bytes.toBytes("q2");

    
   
1090

   

    
   
1091
    User userTable = User.createUserForTesting(conf, "user_check_perms_table", new String[0]);

    
   
1092
    User userColumn = User.createUserForTesting(conf, "user_check_perms_family", new String[0]);

    
   
1093
    User userQualifier = User.createUserForTesting(conf, "user_check_perms_q", new String[0]);

    
   
1094

   

    
   
1095
    grant(protocol, userTable, TEST_TABLE, null, null, Permission.Action.READ);

    
   
1096
    grant(protocol, userColumn, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);

    
   
1097
    grant(protocol, userQualifier, TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ);

    
   
1098

   

    
   
1099
    PrivilegedExceptionAction<Void> tableRead = new PrivilegedExceptionAction<Void>() {

    
   
1100
      @Override

    
   
1101
      public Void run() throws Exception {

    
   
1102
        checkTablePerms(TEST_TABLE, null, null, Permission.Action.READ);

    
   
1103
        return null;

    
   
1104
      }

    
   
1105
    };

    
   
1106

   

    
   
1107
    PrivilegedExceptionAction<Void> columnRead = new PrivilegedExceptionAction<Void>() {

    
   
1108
      @Override

    
   
1109
      public Void run() throws Exception {

    
   
1110
        checkTablePerms(TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);

    
   
1111
        return null;

    
   
1112
      }

    
   
1113
    };

    
   
1114

   

    
   
1115
    PrivilegedExceptionAction<Void> qualifierRead = new PrivilegedExceptionAction<Void>() {

    
   
1116
      @Override

    
   
1117
      public Void run() throws Exception {

    
   
1118
        checkTablePerms(TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ);

    
   
1119
        return null;

    
   
1120
      }

    
   
1121
    };

    
   
1122

   

    
   
1123
    PrivilegedExceptionAction<Void> multiQualifierRead = new PrivilegedExceptionAction<Void>() {

    
   
1124
      @Override

    
   
1125
      public Void run() throws Exception {

    
   
1126
        checkTablePerms(TEST_TABLE, new Permission[] {

    
   
1127
          new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ),

    
   
1128
          new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q2, Permission.Action.READ),

    
   
1129
        });

    
   
1130
        return null;

    
   
1131
      }

    
   
1132
    };

    
   
1133

   

    
   
1134
    PrivilegedExceptionAction<Void> globalAndTableRead = new PrivilegedExceptionAction<Void>() {

    
   
1135
      @Override

    
   
1136
      public Void run() throws Exception {

    
   
1137
        checkTablePerms(TEST_TABLE, new Permission[] {

    
   
1138
          new Permission(Permission.Action.READ),

    
   
1139
          new TablePermission(TEST_TABLE, null, (byte[])null, Permission.Action.READ),

    
   
1140
        });

    
   
1141
        return null;

    
   
1142
      }

    
   
1143
    };

    
   
1144

   

    
   
1145
    PrivilegedExceptionAction<Void> noCheck = new PrivilegedExceptionAction<Void>() {
1071
      @Override
1146
      @Override
1072
      public Void run() throws Exception {
1147
      public Void run() throws Exception {
1073
        checkTablePerms(TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ, Permission.Action.WRITE);
1148
        checkTablePerms(TEST_TABLE, new Permission[0]);
1074
        return null;
1149
        return null;
1075
      }
1150
      }
1076
    };
1151
    };
1077

    
   
1152

   

    
   
1153
    verifyAllowed(tableRead, SUPERUSER, userTable);

    
   
1154
    verifyDenied(tableRead, userColumn, userQualifier);

    
   
1155

   

    
   
1156
    verifyAllowed(columnRead, SUPERUSER, userTable, userColumn);

    
   
1157
    verifyDenied(columnRead, userQualifier);

    
   
1158

   

    
   
1159
    verifyAllowed(qualifierRead, SUPERUSER, userTable, userColumn, userQualifier);

    
   
1160

   

    
   
1161
    verifyAllowed(multiQualifierRead, SUPERUSER, userTable, userColumn);

    
   
1162
    verifyDenied(multiQualifierRead, userQualifier);

    
   
1163

   

    
   
1164
    verifyAllowed(globalAndTableRead, SUPERUSER);

    
   
1165
    verifyDenied(globalAndTableRead, userTable, userColumn, userQualifier);

    
   
1166

   

    
   
1167
    verifyAllowed(noCheck, SUPERUSER, userTable, userColumn, userQualifier);

    
   
1168

   

    
   
1169
    //--------------------------------------

    
   
1170
    //test family level multiple permissions

    
   
1171
    PrivilegedExceptionAction<Void> familyReadWrite = new PrivilegedExceptionAction<Void>() {

    
   
1172
      @Override

    
   
1173
      public Void run() throws Exception {

    
   
1174
        checkTablePerms(TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ,

    
   
1175
            Permission.Action.WRITE);

    
   
1176
        return null;

    
   
1177
      }

    
   
1178
    };
1078
    // should be allowed
1179
    // should be allowed
1079
    verifyAllowed(familyReadWrite, SUPERUSER, USER_OWNER, USER_RW);
1180
    verifyAllowed(familyReadWrite, SUPERUSER, USER_OWNER, USER_RW);
1080

    
   

   
1081
    // should be denied
1181
    // should be denied
1082
    verifyDenied(familyReadWrite, USER_NONE, USER_RO);
1182
    verifyDenied(familyReadWrite, USER_NONE, USER_RO);
1083

    
   
1183

   

    
   
1184
    //--------------------------------------
1084
    //check for wrong table region
1185
    //check for wrong table region
1085
    HTable acl = new HTable(conf,  AccessControlLists.ACL_TABLE_NAME); //open the ACL region

   
1086

    
   

   
1087
    AccessControllerProtocol protocol =

   
1088
        acl.coprocessorProxy(AccessControllerProtocol.class, TEST_TABLE);

   
1089
    try {
1186
    try {
1090
      //but ask for TablePermissions for TEST_TABLE
1187
      //but ask for TablePermissions for TEST_TABLE
1091
      protocol.checkPermissions(new Permission[] {
1188
      protocol.checkPermissions(new Permission[] {(Permission) new TablePermission(
1092
          (Permission)new TablePermission(TEST_TABLE, null, (byte[])null, Permission.Action.CREATE)});
1189
          TEST_TABLE, null, (byte[])null, Permission.Action.CREATE)});
1093
      fail("this should have thrown CoprocessorException");
1190
      fail("this should have thrown CoprocessorException");
1094
    } catch(CoprocessorException ex) {
1191
    } catch(CoprocessorException ex) {
1095
      //expected
1192
      //expected
1096
    }
1193
    }
1097

    
   
1194

   
1098
  }
1195
  }
1099
}
1196
}
  1. security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java: Loading...