Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.visibility;
019
020import static org.apache.hadoop.hbase.security.visibility.VisibilityConstants.LABELS_TABLE_FAMILY;
021import static org.apache.hadoop.hbase.security.visibility.VisibilityConstants.LABELS_TABLE_NAME;
022
023import java.util.ArrayList;
024import java.util.List;
025import java.util.NavigableMap;
026import org.apache.hadoop.hbase.HBaseClassTestRule;
027import org.apache.hadoop.hbase.TableName;
028import org.apache.hadoop.hbase.client.Result;
029import org.apache.hadoop.hbase.security.User;
030import org.apache.hadoop.hbase.testclassification.MediumTests;
031import org.apache.hadoop.hbase.testclassification.SecurityTests;
032import org.apache.hadoop.hbase.util.Bytes;
033import org.junit.BeforeClass;
034import org.junit.ClassRule;
035import org.junit.Test;
036import org.junit.experimental.categories.Category;
037
038@Category({ SecurityTests.class, MediumTests.class })
039public class TestVisibilityLabelsWithCustomVisLabService extends TestVisibilityLabels {
040
041  @ClassRule
042  public static final HBaseClassTestRule CLASS_RULE =
043    HBaseClassTestRule.forClass(TestVisibilityLabelsWithCustomVisLabService.class);
044
045  @BeforeClass
046  public static void setupBeforeClass() throws Exception {
047    // setup configuration
048    conf = TEST_UTIL.getConfiguration();
049    VisibilityTestUtil.enableVisiblityLabels(conf);
050    conf.setClass(VisibilityUtils.VISIBILITY_LABEL_GENERATOR_CLASS, SimpleScanLabelGenerator.class,
051      ScanLabelGenerator.class);
052    conf.setClass(VisibilityLabelServiceManager.VISIBILITY_LABEL_SERVICE_CLASS,
053      ExpAsStringVisibilityLabelServiceImpl.class, VisibilityLabelService.class);
054    conf.set("hbase.superuser", "admin");
055    TEST_UTIL.startMiniCluster(2);
056    SUPERUSER = User.createUserForTesting(conf, "admin", new String[] { "supergroup" });
057
058    // Wait for the labels table to become available
059    TEST_UTIL.waitTableEnabled(LABELS_TABLE_NAME.getName(), 50000);
060    addLabels();
061  }
062
063  // Extending this test from super as we don't verify predefined labels in
064  // ExpAsStringVisibilityLabelServiceImpl
065  @Override
066  @Test
067  public void testVisibilityLabelsInPutsThatDoesNotMatchAnyDefinedLabels() throws Exception {
068    TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
069    // This put with label "SAMPLE_LABEL" should not get failed.
070    createTableAndWriteDataWithLabels(tableName, "SAMPLE_LABEL", "TEST");
071  }
072
073  @Override
074  protected List<String> extractAuths(String user, List<Result> results) {
075    List<String> auths = new ArrayList<>();
076    for (Result result : results) {
077      if (Bytes.equals(result.getRow(), Bytes.toBytes(user))) {
078        NavigableMap<byte[], byte[]> familyMap = result.getFamilyMap(LABELS_TABLE_FAMILY);
079        for (byte[] q : familyMap.keySet()) {
080          auths.add(Bytes.toString(q, 0, q.length));
081        }
082      }
083    }
084    return auths;
085  }
086}