Java tutorial
/** * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.falcon.regression.security; import org.apache.commons.httpclient.HttpStatus; import org.apache.falcon.regression.Entities.ClusterMerlin; import org.apache.falcon.regression.Entities.FeedMerlin; import org.apache.falcon.regression.Entities.ProcessMerlin; import org.apache.falcon.regression.core.bundle.Bundle; import org.apache.falcon.regression.core.enumsAndConstants.MerlinConstants; import org.apache.falcon.regression.core.helpers.ColoHelper; import org.apache.falcon.regression.core.response.ServiceResponse; import org.apache.falcon.regression.core.util.AssertUtil; import org.apache.falcon.regression.core.util.BundleUtil; import org.apache.falcon.regression.core.util.HadoopUtil; import org.apache.falcon.regression.core.util.OSUtil; import org.apache.falcon.regression.testHelper.BaseTestClass; import org.apache.hadoop.fs.FileSystem; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeClass; import org.testng.annotations.BeforeMethod; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; /** * Tests if ACL info is consistent with user submitting the entity. */ @Test(groups = "authorization") public class AclValidationTest extends BaseTestClass { private ColoHelper cluster = servers.get(0); private FileSystem clusterFS = serverFS.get(0); private String baseTestDir = cleanAndGetTestDir(); private String aggregateWorkflowDir = baseTestDir + "/aggregator"; private String feedInputPath = baseTestDir + "/input" + MINUTE_DATE_PATTERN; private ClusterMerlin clusterMerlin; private FeedMerlin feedMerlin; private ProcessMerlin processMerlin; @BeforeClass(alwaysRun = true) public void uploadWorkflow() throws Exception { HadoopUtil.uploadDir(clusterFS, aggregateWorkflowDir, OSUtil.RESOURCES_OOZIE); } @BeforeMethod(alwaysRun = true) public void setup() throws Exception { Bundle bundle = BundleUtil.readELBundle(); bundles[0] = new Bundle(bundle, cluster); bundles[0].generateUniqueBundle(this); bundles[0].setInputFeedDataPath(feedInputPath); bundles[0].setProcessWorkflow(aggregateWorkflowDir); clusterMerlin = bundles[0].getClusterElement(); feedMerlin = new FeedMerlin(bundles[0].getInputFeedFromBundle()); processMerlin = bundles[0].getProcessObject(); } /** * Test a cluster's acl validations for different aclOwner and aclGroup. * @param aclOwner owner for the acl * @param aclGroup group for the acl * @throws Exception */ @Test(dataProvider = "generateUserAndGroup") public void submitClusterBadAcl(String aclOwner, String aclGroup) throws Exception { clusterMerlin.setACL(aclOwner, aclGroup, "*"); final ServiceResponse serviceResponse = prism.getClusterHelper().submitEntity(clusterMerlin.toString()); AssertUtil.assertFailedWithStatus(serviceResponse, HttpStatus.SC_BAD_REQUEST, "Cluster's ACL owner should be same as submitting user"); } /** * Test a feed's acl validations for different aclOwner and aclGroup. * @param aclOwner owner for the acl * @param aclGroup group for the acl * @throws Exception */ @Test(dataProvider = "generateUserAndGroup") public void submitFeedBadAcl(String aclOwner, String aclGroup) throws Exception { bundles[0].submitClusters(prism); feedMerlin.setACL(aclOwner, aclGroup, "*"); final ServiceResponse serviceResponse = prism.getFeedHelper().submitEntity(feedMerlin.toString()); AssertUtil.assertFailedWithStatus(serviceResponse, HttpStatus.SC_BAD_REQUEST, "Feed's ACL owner should be same as submitting user"); } /** * Test a process's acl validations for different aclOwner and aclGroup. * @param aclOwner owner for the acl * @param aclGroup group for the acl * @throws Exception */ @Test(dataProvider = "generateUserAndGroup") public void submitProcessBadAcl(String aclOwner, String aclGroup) throws Exception { bundles[0].submitAndScheduleAllFeeds(); processMerlin.setACL(aclOwner, aclGroup, "*"); final ServiceResponse serviceResponse = prism.getProcessHelper().submitEntity(processMerlin.toString()); AssertUtil.assertFailedWithStatus(serviceResponse, HttpStatus.SC_BAD_REQUEST, "Process's ACL owner should be same as submitting user"); } @DataProvider(name = "generateUserAndGroup") public Object[][] generateUserAndGroup() { return new Object[][] { { MerlinConstants.CURRENT_USER_NAME, MerlinConstants.DIFFERENT_USER_GROUP }, { MerlinConstants.CURRENT_USER_NAME, "nonexistinggroup" }, { "nonexistinguser", MerlinConstants.CURRENT_USER_GROUP }, }; } @AfterMethod(alwaysRun = true) public void tearDown() { removeTestClassEntities(); } }