001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.visibility;
019
020import static org.apache.hadoop.hbase.security.visibility.VisibilityConstants.LABELS_TABLE_NAME;
021import static org.junit.Assert.assertEquals;
022import static org.junit.Assert.assertTrue;
023
024import com.google.protobuf.ByteString;
025import java.io.IOException;
026import java.security.PrivilegedExceptionAction;
027import java.util.ArrayList;
028import java.util.List;
029import org.apache.hadoop.conf.Configuration;
030import org.apache.hadoop.hbase.HBaseClassTestRule;
031import org.apache.hadoop.hbase.HBaseTestingUtility;
032import org.apache.hadoop.hbase.client.Connection;
033import org.apache.hadoop.hbase.client.ConnectionFactory;
034import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.GetAuthsResponse;
035import org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse;
036import org.apache.hadoop.hbase.security.User;
037import org.apache.hadoop.hbase.testclassification.MediumTests;
038import org.apache.hadoop.hbase.testclassification.SecurityTests;
039import org.apache.hadoop.hbase.util.Bytes;
040import org.junit.AfterClass;
041import org.junit.BeforeClass;
042import org.junit.ClassRule;
043import org.junit.Rule;
044import org.junit.Test;
045import org.junit.experimental.categories.Category;
046import org.junit.rules.TestName;
047
048@Category({ SecurityTests.class, MediumTests.class })
049public class TestVisibilityLabelsOpWithDifferentUsersNoACL {
050
051  @ClassRule
052  public static final HBaseClassTestRule CLASS_RULE =
053    HBaseClassTestRule.forClass(TestVisibilityLabelsOpWithDifferentUsersNoACL.class);
054
055  private static final String PRIVATE = "private";
056  private static final String CONFIDENTIAL = "confidential";
057  private static final String SECRET = "secret";
058  private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
059  private static Configuration conf;
060
061  @Rule
062  public final TestName TEST_NAME = new TestName();
063  private static User SUPERUSER;
064  private static User NORMAL_USER;
065  private static User NORMAL_USER1;
066
067  @BeforeClass
068  public static void setupBeforeClass() throws Exception {
069    // setup configuration
070    conf = TEST_UTIL.getConfiguration();
071    VisibilityTestUtil.enableVisiblityLabels(conf);
072    String currentUser = User.getCurrent().getName();
073    conf.set("hbase.superuser", "admin," + currentUser);
074    TEST_UTIL.startMiniCluster(2);
075
076    // Wait for the labels table to become available
077    TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000);
078    SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" });
079    NORMAL_USER = User.createUserForTesting(conf, "user1", new String[] {});
080    NORMAL_USER1 = User.createUserForTesting(conf, "user2", new String[] {});
081    addLabels();
082  }
083
084  @AfterClass
085  public static void tearDownAfterClass() throws Exception {
086    TEST_UTIL.shutdownMiniCluster();
087  }
088
089  @Test
090  public void testLabelsTableOpsWithDifferentUsers() throws Throwable {
091    PrivilegedExceptionAction<VisibilityLabelsResponse> action =
092      new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
093        @Override
094        public VisibilityLabelsResponse run() throws Exception {
095          try (Connection conn = ConnectionFactory.createConnection(conf)) {
096            return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE }, "user1");
097          } catch (Throwable e) {
098          }
099          return null;
100        }
101      };
102    VisibilityLabelsResponse response = SUPERUSER.runAs(action);
103    assertTrue(response.getResult(0).getException().getValue().isEmpty());
104    assertTrue(response.getResult(1).getException().getValue().isEmpty());
105
106    // Ideally this should not be allowed. this operation should fail or do nothing.
107    action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
108      @Override
109      public VisibilityLabelsResponse run() throws Exception {
110        try (Connection conn = ConnectionFactory.createConnection(conf)) {
111          return VisibilityClient.setAuths(conn, new String[] { CONFIDENTIAL, PRIVATE }, "user3");
112        } catch (Throwable e) {
113        }
114        return null;
115      }
116    };
117    response = NORMAL_USER1.runAs(action);
118    assertEquals("org.apache.hadoop.hbase.security.AccessDeniedException",
119      response.getResult(0).getException().getName());
120    assertEquals("org.apache.hadoop.hbase.security.AccessDeniedException",
121      response.getResult(1).getException().getName());
122
123    PrivilegedExceptionAction<GetAuthsResponse> action1 =
124      new PrivilegedExceptionAction<GetAuthsResponse>() {
125        @Override
126        public GetAuthsResponse run() throws Exception {
127          try (Connection conn = ConnectionFactory.createConnection(conf)) {
128            return VisibilityClient.getAuths(conn, "user1");
129          } catch (Throwable e) {
130          }
131          return null;
132        }
133      };
134    GetAuthsResponse authsResponse = NORMAL_USER.runAs(action1);
135    assertTrue(authsResponse.getAuthList().isEmpty());
136    authsResponse = NORMAL_USER1.runAs(action1);
137    assertTrue(authsResponse.getAuthList().isEmpty());
138    authsResponse = SUPERUSER.runAs(action1);
139    List<String> authsList = new ArrayList<>(authsResponse.getAuthList().size());
140    for (ByteString authBS : authsResponse.getAuthList()) {
141      authsList.add(Bytes.toString(authBS.toByteArray()));
142    }
143    assertEquals(2, authsList.size());
144    assertTrue(authsList.contains(CONFIDENTIAL));
145    assertTrue(authsList.contains(PRIVATE));
146
147    PrivilegedExceptionAction<VisibilityLabelsResponse> action2 =
148      new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
149        @Override
150        public VisibilityLabelsResponse run() throws Exception {
151          try (Connection conn = ConnectionFactory.createConnection(conf)) {
152            return VisibilityClient.clearAuths(conn, new String[] { CONFIDENTIAL, PRIVATE },
153              "user1");
154          } catch (Throwable e) {
155          }
156          return null;
157        }
158      };
159    response = NORMAL_USER1.runAs(action2);
160    assertEquals("org.apache.hadoop.hbase.security.AccessDeniedException",
161      response.getResult(0).getException().getName());
162    assertEquals("org.apache.hadoop.hbase.security.AccessDeniedException",
163      response.getResult(1).getException().getName());
164    response = SUPERUSER.runAs(action2);
165    assertTrue(response.getResult(0).getException().getValue().isEmpty());
166    assertTrue(response.getResult(1).getException().getValue().isEmpty());
167    authsResponse = SUPERUSER.runAs(action1);
168    assertTrue(authsResponse.getAuthList().isEmpty());
169  }
170
171  private static void addLabels() throws Exception {
172    PrivilegedExceptionAction<VisibilityLabelsResponse> action =
173      new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
174        @Override
175        public VisibilityLabelsResponse run() throws Exception {
176          String[] labels = { SECRET, CONFIDENTIAL, PRIVATE };
177          try (Connection conn = ConnectionFactory.createConnection(conf)) {
178            VisibilityClient.addLabels(conn, labels);
179          } catch (Throwable t) {
180            throw new IOException(t);
181          }
182          return null;
183        }
184      };
185    SUPERUSER.runAs(action);
186  }
187}