001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.client;
019
020import static org.junit.Assert.assertEquals;
021import static org.junit.Assert.assertFalse;
022import static org.junit.Assert.assertThrows;
023
024import java.io.IOException;
025import java.util.List;
026import java.util.regex.Pattern;
027import org.apache.hadoop.conf.Configuration;
028import org.apache.hadoop.fs.FileSystem;
029import org.apache.hadoop.fs.Path;
030import org.apache.hadoop.hbase.Coprocessor;
031import org.apache.hadoop.hbase.HBaseCommonTestingUtil;
032import org.apache.hadoop.hbase.HBaseTestingUtil;
033import org.apache.hadoop.hbase.HConstants;
034import org.apache.hadoop.hbase.TableName;
035import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
036import org.apache.hadoop.hbase.master.MasterCoprocessorHost;
037import org.apache.hadoop.hbase.security.User;
038import org.apache.hadoop.hbase.security.access.AccessControlConstants;
039import org.apache.hadoop.hbase.security.access.AccessController;
040import org.apache.hadoop.hbase.security.access.Permission;
041import org.apache.hadoop.hbase.security.access.PermissionStorage;
042import org.apache.hadoop.hbase.security.access.SecureTestUtil;
043import org.apache.hadoop.hbase.snapshot.SnapshotDescriptionUtils;
044import org.apache.hadoop.hbase.snapshot.SnapshotManifest;
045import org.apache.hadoop.hbase.util.Bytes;
046import org.junit.AfterClass;
047import org.junit.Assert;
048import org.junit.Before;
049import org.junit.BeforeClass;
050import org.junit.Test;
051
052public abstract class SnapshotWithAclTestBase extends SecureTestUtil {
053
054  private TableName TEST_TABLE = TableName.valueOf(TEST_UTIL.getRandomUUID().toString());
055
056  private static final int ROW_COUNT = 30000;
057
058  private static byte[] TEST_FAMILY = Bytes.toBytes("f1");
059  private static byte[] TEST_QUALIFIER = Bytes.toBytes("cq");
060  private static byte[] TEST_ROW = Bytes.toBytes(0);
061
062  protected static HBaseTestingUtil TEST_UTIL = new HBaseTestingUtil();
063
064  // user is table owner. will have all permissions on table
065  private static User USER_OWNER;
066  // user with rw permissions on column family.
067  private static User USER_RW;
068  // user with read-only permissions
069  private static User USER_RO;
070  // user with none permissions
071  private static User USER_NONE;
072
073  static class AccessReadAction implements AccessTestAction {
074
075    private TableName tableName;
076
077    public AccessReadAction(TableName tableName) {
078      this.tableName = tableName;
079    }
080
081    @Override
082    public Object run() throws Exception {
083      Get g = new Get(TEST_ROW);
084      g.addFamily(TEST_FAMILY);
085      try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());
086        Table t = conn.getTable(tableName)) {
087        t.get(g);
088      }
089      return null;
090    }
091  }
092
093  static class AccessWriteAction implements AccessTestAction {
094    private TableName tableName;
095
096    public AccessWriteAction(TableName tableName) {
097      this.tableName = tableName;
098    }
099
100    @Override
101    public Object run() throws Exception {
102      Put p = new Put(TEST_ROW);
103      p.addColumn(TEST_FAMILY, TEST_QUALIFIER, Bytes.toBytes(0));
104      try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());
105        Table t = conn.getTable(tableName)) {
106        t.put(p);
107      }
108      return null;
109    }
110  }
111
112  @BeforeClass
113  public static void setupBeforeClass() throws Exception {
114    Configuration conf = TEST_UTIL.getConfiguration();
115    // Enable security
116    enableSecurity(conf);
117    conf.set(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY, AccessController.class.getName());
118    // Verify enableSecurity sets up what we require
119    verifyConfiguration(conf);
120    // Enable EXEC permission checking
121    conf.setBoolean(AccessControlConstants.EXEC_PERMISSION_CHECKS_KEY, true);
122    TEST_UTIL.getConfiguration().set(HConstants.SNAPSHOT_RESTORE_FAILSAFE_NAME,
123      "hbase-failsafe-{snapshot.name}-{restore.timestamp}");
124    TEST_UTIL.startMiniCluster();
125    TEST_UTIL.waitUntilAllRegionsAssigned(PermissionStorage.ACL_TABLE_NAME);
126    MasterCoprocessorHost cpHost =
127      TEST_UTIL.getMiniHBaseCluster().getMaster().getMasterCoprocessorHost();
128    cpHost.load(AccessController.class, Coprocessor.PRIORITY_HIGHEST, conf);
129
130    USER_OWNER = User.createUserForTesting(conf, "owner", new String[0]);
131    USER_RW = User.createUserForTesting(conf, "rwuser", new String[0]);
132    USER_RO = User.createUserForTesting(conf, "rouser", new String[0]);
133    USER_NONE = User.createUserForTesting(conf, "usernone", new String[0]);
134
135    // Grant table creation permission to USER_OWNER
136    grantGlobal(TEST_UTIL, USER_OWNER.getShortName(), Permission.Action.CREATE);
137  }
138
139  @Before
140  public void setUp() throws Exception {
141    TableDescriptor tableDescriptor =
142      TableDescriptorBuilder.newBuilder(TEST_TABLE)
143        .setColumnFamily(
144          ColumnFamilyDescriptorBuilder.newBuilder(TEST_FAMILY).setMaxVersions(100).build())
145        .build();
146    createTable(TEST_UTIL, USER_OWNER, tableDescriptor, new byte[][] { Bytes.toBytes("s") });
147    TEST_UTIL.waitTableEnabled(TEST_TABLE);
148
149    grantOnTable(TEST_UTIL, USER_RW.getShortName(), TEST_TABLE, TEST_FAMILY, null,
150      Permission.Action.READ, Permission.Action.WRITE);
151
152    grantOnTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null,
153      Permission.Action.READ);
154  }
155
156  private void loadData() throws IOException {
157    try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration())) {
158      try (Table t = conn.getTable(TEST_TABLE)) {
159        for (int i = 0; i < ROW_COUNT; i++) {
160          Put put = new Put(Bytes.toBytes(i));
161          put.addColumn(TEST_FAMILY, TEST_QUALIFIER, Bytes.toBytes(i));
162          t.put(put);
163        }
164      }
165    }
166  }
167
168  @AfterClass
169  public static void tearDownAfterClass() throws Exception {
170    TEST_UTIL.shutdownMiniCluster();
171  }
172
173  private void verifyRows(TableName tableName) throws IOException {
174    try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());
175      Table t = conn.getTable(tableName); ResultScanner scanner = t.getScanner(new Scan())) {
176      Result result;
177      int rowCount = 0;
178      while ((result = scanner.next()) != null) {
179        byte[] value = result.getValue(TEST_FAMILY, TEST_QUALIFIER);
180        Assert.assertArrayEquals(value, Bytes.toBytes(rowCount++));
181      }
182      assertEquals(ROW_COUNT, rowCount);
183    }
184  }
185
186  protected abstract void snapshot(String snapshotName, TableName tableName) throws Exception;
187
188  protected abstract void cloneSnapshot(String snapshotName, TableName tableName,
189    boolean restoreAcl) throws Exception;
190
191  protected abstract void restoreSnapshot(String snapshotName, boolean takeFailSafeSnapshot,
192    boolean restoreAcl) throws Exception;
193
194  @Test
195  public void testRestoreSnapshot() throws Exception {
196    verifyAllowed(new AccessReadAction(TEST_TABLE), USER_OWNER, USER_RO, USER_RW);
197    verifyDenied(new AccessReadAction(TEST_TABLE), USER_NONE);
198    verifyAllowed(new AccessWriteAction(TEST_TABLE), USER_OWNER, USER_RW);
199    verifyDenied(new AccessWriteAction(TEST_TABLE), USER_RO, USER_NONE);
200
201    loadData();
202    verifyRows(TEST_TABLE);
203
204    String snapshotName1 = TEST_UTIL.getRandomUUID().toString();
205    snapshot(snapshotName1, TEST_TABLE);
206
207    // clone snapshot with restoreAcl true.
208    TableName tableName1 = TableName.valueOf(TEST_UTIL.getRandomUUID().toString());
209    cloneSnapshot(snapshotName1, tableName1, true);
210    verifyRows(tableName1);
211    verifyAllowed(new AccessReadAction(tableName1), USER_OWNER, USER_RO, USER_RW);
212    verifyDenied(new AccessReadAction(tableName1), USER_NONE);
213    verifyAllowed(new AccessWriteAction(tableName1), USER_OWNER, USER_RW);
214    verifyDenied(new AccessWriteAction(tableName1), USER_RO, USER_NONE);
215
216    // clone snapshot with restoreAcl false.
217    TableName tableName2 = TableName.valueOf(TEST_UTIL.getRandomUUID().toString());
218    cloneSnapshot(snapshotName1, tableName2, false);
219    verifyRows(tableName2);
220    verifyDenied(new AccessReadAction(tableName2), USER_OWNER);
221    verifyDenied(new AccessReadAction(tableName2), USER_NONE, USER_RO, USER_RW);
222    verifyDenied(new AccessWriteAction(tableName2), USER_OWNER);
223    verifyDenied(new AccessWriteAction(tableName2), USER_RO, USER_RW, USER_NONE);
224
225    // remove read permission for USER_RO.
226    revokeFromTable(TEST_UTIL, USER_RO.getShortName(), TEST_TABLE, TEST_FAMILY, null,
227      Permission.Action.READ);
228    verifyAllowed(new AccessReadAction(TEST_TABLE), USER_OWNER, USER_RW);
229    verifyDenied(new AccessReadAction(TEST_TABLE), USER_RO, USER_NONE);
230    verifyAllowed(new AccessWriteAction(TEST_TABLE), USER_OWNER, USER_RW);
231    verifyDenied(new AccessWriteAction(TEST_TABLE), USER_RO, USER_NONE);
232
233    // restore snapshot with restoreAcl false.
234    TEST_UTIL.getAdmin().disableTable(TEST_TABLE);
235    restoreSnapshot(snapshotName1, false, false);
236    TEST_UTIL.getAdmin().enableTable(TEST_TABLE);
237    verifyAllowed(new AccessReadAction(TEST_TABLE), USER_OWNER, USER_RW);
238    verifyDenied(new AccessReadAction(TEST_TABLE), USER_RO, USER_NONE);
239    verifyAllowed(new AccessWriteAction(TEST_TABLE), USER_OWNER, USER_RW);
240    verifyDenied(new AccessWriteAction(TEST_TABLE), USER_RO, USER_NONE);
241
242    // restore snapshot with restoreAcl true.
243    TEST_UTIL.getAdmin().disableTable(TEST_TABLE);
244    restoreSnapshot(snapshotName1, false, true);
245    TEST_UTIL.getAdmin().enableTable(TEST_TABLE);
246    verifyAllowed(new AccessReadAction(TEST_TABLE), USER_OWNER, USER_RO, USER_RW);
247    verifyDenied(new AccessReadAction(TEST_TABLE), USER_NONE);
248    verifyAllowed(new AccessWriteAction(TEST_TABLE), USER_OWNER, USER_RW);
249    verifyDenied(new AccessWriteAction(TEST_TABLE), USER_RO, USER_NONE);
250
251    // Delete data.manifest of the snapshot to simulate an invalid snapshot.
252    Configuration configuration = TEST_UTIL.getConfiguration();
253    Path rootDir = new Path(configuration.get(HConstants.HBASE_DIR));
254    Path snapshotDir = SnapshotDescriptionUtils.getCompletedSnapshotDir(snapshotName1, rootDir);
255    FileSystem fileSystem = FileSystem.get(rootDir.toUri(), configuration);
256    Path maniFestPath = new Path(snapshotDir, SnapshotManifest.DATA_MANIFEST_NAME);
257    fileSystem.delete(maniFestPath, false);
258    assertFalse(fileSystem.exists(maniFestPath));
259    assertEquals(1, TEST_UTIL.getAdmin().listSnapshots(Pattern.compile(snapshotName1)).size());
260    // There is no failsafe snapshot before restoring.
261    int failsafeSnapshotCount = TEST_UTIL.getAdmin()
262      .listSnapshots(Pattern.compile("hbase-failsafe-" + snapshotName1 + ".*")).size();
263    assertEquals(0, failsafeSnapshotCount);
264    TEST_UTIL.getAdmin().disableTable(TEST_TABLE);
265    // We would get Exception when restoring data by this an invalid snapshot.
266    assertThrows(Exception.class, () -> restoreSnapshot(snapshotName1, true, true));
267    TEST_UTIL.getAdmin().enableTable(TEST_TABLE);
268    verifyRows(TEST_TABLE);
269    // Fail to store snapshot but rollback successfully, so there is no failsafe snapshot after
270    // restoring.
271    failsafeSnapshotCount = TEST_UTIL.getAdmin()
272      .listSnapshots(Pattern.compile("hbase-failsafe-" + snapshotName1 + ".*")).size();
273    assertEquals(0, failsafeSnapshotCount);
274  }
275
276  final class AccessSnapshotAction implements AccessTestAction {
277    private String snapshotName;
278
279    private AccessSnapshotAction(String snapshotName) {
280      this.snapshotName = snapshotName;
281    }
282
283    @Override
284    public Object run() throws Exception {
285      try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());
286        Admin admin = conn.getAdmin()) {
287        admin.snapshot(this.snapshotName, TEST_TABLE);
288      }
289      return null;
290    }
291  }
292
293  @Test
294  public void testDeleteSnapshot() throws Exception {
295    String testSnapshotName = HBaseCommonTestingUtil.getRandomUUID().toString();
296    verifyAllowed(new AccessSnapshotAction(testSnapshotName), USER_OWNER);
297    verifyDenied(new AccessSnapshotAction(HBaseCommonTestingUtil.getRandomUUID().toString()),
298      USER_RO, USER_RW, USER_NONE);
299    List<SnapshotDescription> snapshotDescriptions =
300      TEST_UTIL.getAdmin().listSnapshots(Pattern.compile(testSnapshotName));
301    assertEquals(1, snapshotDescriptions.size());
302    assertEquals(USER_OWNER.getShortName(), snapshotDescriptions.get(0).getOwner());
303    AccessTestAction deleteSnapshotAction = () -> {
304      try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());
305        Admin admin = conn.getAdmin()) {
306        admin.deleteSnapshot(testSnapshotName);
307      }
308      return null;
309    };
310    verifyDenied(deleteSnapshotAction, USER_RO, USER_RW, USER_NONE);
311    verifyAllowed(deleteSnapshotAction, USER_OWNER);
312
313    List<SnapshotDescription> snapshotsAfterDelete =
314      TEST_UTIL.getAdmin().listSnapshots(Pattern.compile(testSnapshotName));
315    assertEquals(0, snapshotsAfterDelete.size());
316  }
317}