List of usage examples for org.apache.hadoop.security UserGroupInformation doAs
@InterfaceAudience.Public @InterfaceStability.Evolving public <T> T doAs(PrivilegedExceptionAction<T> action) throws IOException, InterruptedException
From source file:org.apache.blur.command.TableCopyCommand.java
License:Apache License
@Override public Long execute(IndexContext context) throws IOException { final Configuration configuration = context.getTableContext().getConfiguration(); final IndexReader indexReader = context.getIndexReader(); final Shard shard = context.getShard(); UserGroupInformation remoteUser = UserGroupInformation.createRemoteUser(user); try {/* w w w . j a v a 2 s. c om*/ return remoteUser.doAs(new PrivilegedExceptionAction<Long>() { @Override public Long run() throws Exception { Path path = new Path(destUri); Directory srcDirectory = getDiretory(indexReader); HdfsDirectory destDirectory = new HdfsDirectory(configuration, new Path(path, shard.getShard())); long total = 0; for (String srcFile : srcDirectory.listAll()) { if (destDirectory.fileExists(srcFile)) { LOG.info("File [{0}] already exists in dest directory."); long srcFileLength = srcDirectory.fileLength(srcFile); long destFileLength = destDirectory.fileLength(srcFile); if (srcFileLength != destFileLength) { LOG.info("Deleting file [{0}] length of [{1}] is not same as source [{2}].", srcFile, srcFileLength, destFileLength); destDirectory.deleteFile(srcFile); } else { continue; } } LOG.info("Copying file [{0}] to dest directory.", srcFile); total += copy(srcFile, srcDirectory, destDirectory); } return total; } }); } catch (InterruptedException e) { throw new IOException(e); } }
From source file:org.apache.blur.hive.BlurHiveMRLoaderOutputCommitter.java
License:Apache License
private void finishBulkJob(JobContext context, final boolean apply) throws IOException { final Configuration configuration = context.getConfiguration(); PrivilegedExceptionAction<Void> action = new PrivilegedExceptionAction<Void>() { @Override/*from www .j a v a 2 s . com*/ public Void run() throws Exception { String workingPathStr = configuration.get(BlurConstants.BLUR_BULK_UPDATE_WORKING_PATH); Path workingPath = new Path(workingPathStr); Path tmpDir = new Path(workingPath, "tmp"); FileSystem fileSystem = tmpDir.getFileSystem(configuration); String loadId = configuration.get(BlurSerDe.BLUR_MR_LOAD_ID); Path loadPath = new Path(tmpDir, loadId); if (apply) { Path newDataPath = new Path(workingPath, "new"); Path dst = new Path(newDataPath, loadId); if (!fileSystem.rename(loadPath, dst)) { LOG.error("Could not move data from src [" + loadPath + "] to dst [" + dst + "]"); throw new IOException( "Could not move data from src [" + loadPath + "] to dst [" + dst + "]"); } TableDescriptor tableDescriptor = BlurOutputFormat.getTableDescriptor(configuration); String connectionStr = configuration.get(BlurSerDe.BLUR_CONTROLLER_CONNECTION_STR); BulkTableUpdateCommand bulkTableUpdateCommand = new BulkTableUpdateCommand(); bulkTableUpdateCommand.setAutoLoad(true); bulkTableUpdateCommand.setTable(tableDescriptor.getName()); bulkTableUpdateCommand.setWaitForDataBeVisible(true); Configuration config = new Configuration(false); config.addResource(HDFS_SITE_XML); config.addResource(YARN_SITE_XML); config.addResource(MAPRED_SITE_XML); bulkTableUpdateCommand.addExtraConfig(config); if (bulkTableUpdateCommand.run(BlurClient.getClient(connectionStr)) != 0) { throw new IOException("Unknown error occured duing load."); } } else { fileSystem.delete(loadPath, true); } return null; } }; UserGroupInformation userGroupInformation = BlurHiveOutputFormat.getUGI(configuration); try { userGroupInformation.doAs(action); } catch (InterruptedException e) { throw new IOException(e); } }
From source file:org.apache.blur.hive.BlurHiveOutputFormat.java
License:Apache License
private org.apache.hadoop.hive.ql.exec.FileSinkOperator.RecordWriter getMrWorkingPathWriter( final Configuration configuration) throws IOException { PrivilegedExceptionAction<org.apache.hadoop.hive.ql.exec.FileSinkOperator.RecordWriter> privilegedExceptionAction = new PrivilegedExceptionAction<org.apache.hadoop.hive.ql.exec.FileSinkOperator.RecordWriter>() { @Override//w w w. j a va2 s.c o m public org.apache.hadoop.hive.ql.exec.FileSinkOperator.RecordWriter run() throws Exception { String workingPathStr = configuration.get(BlurConstants.BLUR_BULK_UPDATE_WORKING_PATH); Path workingPath = new Path(workingPathStr); Path tmpDir = new Path(workingPath, "tmp"); FileSystem fileSystem = tmpDir.getFileSystem(configuration); String loadId = configuration.get(BlurSerDe.BLUR_MR_LOAD_ID); Path loadPath = new Path(tmpDir, loadId); final Writer writer = new SequenceFile.Writer(fileSystem, configuration, new Path(loadPath, UUID.randomUUID().toString()), Text.class, BlurRecord.class); return new org.apache.hadoop.hive.ql.exec.FileSinkOperator.RecordWriter() { @Override public void write(Writable w) throws IOException { BlurRecord blurRecord = (BlurRecord) w; String rowId = blurRecord.getRowId(); writer.append(new Text(rowId), blurRecord); } @Override public void close(boolean abort) throws IOException { writer.close(); } }; } }; UserGroupInformation userGroupInformation = getUGI(configuration); try { return userGroupInformation.doAs(privilegedExceptionAction); } catch (InterruptedException e) { throw new IOException(e); } }
From source file:org.apache.blur.store.MessingWithPermissions.java
License:Apache License
public static void main(String[] args) throws IOException, InterruptedException { UserGroupInformation blur = UserGroupInformation.createRemoteUser("blur"); final Path path = new Path("/permission_test/tables"); final Configuration configuration = new Configuration(); blur.doAs(new PrivilegedExceptionAction<Void>() { @Override// www.j a v a2s.co m public Void run() throws Exception { FileSystem fileSystem = path.getFileSystem(configuration); FileStatus[] listStatus = fileSystem.listStatus(path); for (FileStatus status : listStatus) { System.out.println(status.getPath()); } return null; } }); }
From source file:org.apache.coheigea.bigdata.hbase.HBaseAuthorizationTest.java
License:Apache License
@org.junit.Test public void testReadTablesAsBob() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "bob"; if ("bob".equals(System.getProperty("user.name"))) { user = "alice"; }/* w w w . j ava 2 s . co m*/ UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin(); try { HTableDescriptor[] tableDescriptors = admin.listTables(); Assert.assertEquals(1, tableDescriptors.length); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); }
From source file:org.apache.coheigea.bigdata.hbase.HBaseAuthorizationTest.java
License:Apache License
@org.junit.Test public void testCreateAndDropTables() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin();/* w w w .j a v a 2s .co m*/ // Create a new table as process owner HTableDescriptor tableDescriptor = new HTableDescriptor(TableName.valueOf("temp2")); // Adding column families to table descriptor tableDescriptor.addFamily(new HColumnDescriptor("colfam1")); tableDescriptor.addFamily(new HColumnDescriptor("colfam2")); admin.createTable(tableDescriptor); conn.close(); // Try to disable + delete the table as "bob" String user = "bob"; if ("bob".equals(System.getProperty("user.name"))) { user = "alice"; } UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin(); try { admin.disableTable(TableName.valueOf("temp2")); admin.deleteTable(TableName.valueOf("temp2")); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); // Now disable and delete as process owner conn = ConnectionFactory.createConnection(conf); admin = conn.getAdmin(); admin.disableTable(TableName.valueOf("temp2")); admin.deleteTable(TableName.valueOf("temp2")); conn.close(); }
From source file:org.apache.coheigea.bigdata.hbase.HBaseAuthorizationTest.java
License:Apache License
@org.junit.Test public void testReadRowAsBob() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "bob"; if ("bob".equals(System.getProperty("user.name"))) { user = "alice"; }/*from ww w.ja va 2 s . c om*/ UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Read a row try { Get get = new Get(Bytes.toBytes("row1")); table.get(get); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); }
From source file:org.apache.coheigea.bigdata.hbase.HBaseAuthorizationTest.java
License:Apache License
@org.junit.Test public void testWriteRowAsBob() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "bob"; if ("bob".equals(System.getProperty("user.name"))) { user = "alice"; }//w w w . j ava 2s. co m UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Add a new row try { Put put = new Put(Bytes.toBytes("row3")); put.addColumn(Bytes.toBytes("colfam1"), Bytes.toBytes("col1"), Bytes.toBytes("val2")); table.put(put); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); }
From source file:org.apache.coheigea.bigdata.hbase.HBaseAuthorizationTest.java
License:Apache License
@org.junit.Test public void testDeleteRowAsBob() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Add a new row (as process owner) Put put = new Put(Bytes.toBytes("row5")); put.addColumn(Bytes.toBytes("colfam1"), Bytes.toBytes("col1"), Bytes.toBytes("val2")); table.put(put);//w w w. j a v a2 s . c o m String user = "bob"; if ("bob".equals(System.getProperty("user.name"))) { user = "alice"; } UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); try { // Delete the new row Delete delete = new Delete(Bytes.toBytes("row5")); table.delete(delete); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); // Delete the new row (as process owner) Delete delete = new Delete(Bytes.toBytes("row5")); table.delete(delete); conn.close(); }
From source file:org.apache.coheigea.bigdata.hbase.ranger.HBaseRangerAuthorizationTest.java
License:Apache License
@org.junit.Test public void testReadTablesAsGroupIT() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "bob"; if ("bob".equals(System.getProperty("user.name"))) { user = "alice"; }/* ww w . j a va 2s. c o m*/ UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin(); HTableDescriptor[] tableDescriptors = admin.listTables(); Assert.assertEquals(0, tableDescriptors.length); conn.close(); return null; } }); }