Example #1
0
        public virtual void TestAddRemoveAPI()
        {
            AccessControlList    acl;
            ICollection <string> users;
            ICollection <string> groups;

            acl = new AccessControlList(" ");
            Assert.Equal(0, acl.GetUsers().Count);
            Assert.Equal(0, acl.GetGroups().Count);
            Assert.Equal(" ", acl.GetAclString());
            acl.AddUser("drwho");
            users = acl.GetUsers();
            Assert.Equal(users.Count, 1);
            Assert.Equal(users.GetEnumerator().Next(), "drwho");
            Assert.Equal("drwho ", acl.GetAclString());
            acl.AddGroup("tardis");
            groups = acl.GetGroups();
            Assert.Equal(groups.Count, 1);
            Assert.Equal(groups.GetEnumerator().Next(), "tardis");
            Assert.Equal("drwho tardis", acl.GetAclString());
            acl.AddUser("joe");
            acl.AddGroup("users");
            users = acl.GetUsers();
            Assert.Equal(users.Count, 2);
            IEnumerator <string> iter = users.GetEnumerator();

            Assert.Equal(iter.Next(), "drwho");
            Assert.Equal(iter.Next(), "joe");
            groups = acl.GetGroups();
            Assert.Equal(groups.Count, 2);
            iter = groups.GetEnumerator();
            Assert.Equal(iter.Next(), "tardis");
            Assert.Equal(iter.Next(), "users");
            Assert.Equal("drwho,joe tardis,users", acl.GetAclString());
            acl.RemoveUser("joe");
            acl.RemoveGroup("users");
            users = acl.GetUsers();
            Assert.Equal(users.Count, 1);
            NUnit.Framework.Assert.IsFalse(users.Contains("joe"));
            groups = acl.GetGroups();
            Assert.Equal(groups.Count, 1);
            NUnit.Framework.Assert.IsFalse(groups.Contains("users"));
            Assert.Equal("drwho tardis", acl.GetAclString());
            acl.RemoveGroup("tardis");
            groups = acl.GetGroups();
            Assert.Equal(0, groups.Count);
            NUnit.Framework.Assert.IsFalse(groups.Contains("tardis"));
            Assert.Equal("drwho ", acl.GetAclString());
            acl.RemoveUser("drwho");
            Assert.Equal(0, users.Count);
            NUnit.Framework.Assert.IsFalse(users.Contains("drwho"));
            Assert.Equal(0, acl.GetGroups().Count);
            Assert.Equal(0, acl.GetUsers().Count);
            Assert.Equal(" ", acl.GetAclString());
        }
Example #2
0
        public virtual void TestAddRemoveWildCard()
        {
            AccessControlList acl = new AccessControlList("drwho tardis");
            Exception         th  = null;

            try
            {
                acl.AddUser(" * ");
            }
            catch (Exception t)
            {
                th = t;
            }
            NUnit.Framework.Assert.IsNotNull(th);
            Assert.True(th is ArgumentException);
            th = null;
            try
            {
                acl.AddGroup(" * ");
            }
            catch (Exception t)
            {
                th = t;
            }
            NUnit.Framework.Assert.IsNotNull(th);
            Assert.True(th is ArgumentException);
            th = null;
            try
            {
                acl.RemoveUser(" * ");
            }
            catch (Exception t)
            {
                th = t;
            }
            NUnit.Framework.Assert.IsNotNull(th);
            Assert.True(th is ArgumentException);
            th = null;
            try
            {
                acl.RemoveGroup(" * ");
            }
            catch (Exception t)
            {
                th = t;
            }
            NUnit.Framework.Assert.IsNotNull(th);
            Assert.True(th is ArgumentException);
        }
Example #3
0
        public virtual void TestNetgroups()
        {
            if (!NativeCodeLoader.IsNativeCodeLoaded())
            {
                Log.Info("Not testing netgroups, " + "this test only runs when native code is compiled"
                         );
                return;
            }
            string groupMappingClassName = Runtime.GetProperty("TestAccessControlListGroupMapping"
                                                               );

            if (groupMappingClassName == null)
            {
                Log.Info("Not testing netgroups, no group mapping class specified, " + "use -DTestAccessControlListGroupMapping=$className to specify "
                         + "group mapping class (must implement GroupMappingServiceProvider " + "interface and support netgroups)"
                         );
                return;
            }
            Log.Info("Testing netgroups using: " + groupMappingClassName);
            Configuration conf = new Configuration();

            conf.Set(CommonConfigurationKeysPublic.HadoopSecurityGroupMapping, groupMappingClassName
                     );
            Groups            groups = Groups.GetUserToGroupsMappingService(conf);
            AccessControlList acl;

            // create these ACLs to populate groups cache
            acl = new AccessControlList("ja my");
            // plain
            acl = new AccessControlList("sinatra ratpack,@lasVegas");
            // netgroup
            acl = new AccessControlList(" somegroup,@someNetgroup");
            // no user
            // this ACL will be used for testing ACLs
            acl = new AccessControlList("carlPerkins ratpack,@lasVegas");
            acl.AddGroup("@memphis");
            // validate the netgroups before and after rehresh to make
            // sure refresh works correctly
            ValidateNetgroups(groups, acl);
            groups.Refresh();
            ValidateNetgroups(groups, acl);
        }
Example #4
0
        public virtual void TestAddRemoveToWildCardACL()
        {
            AccessControlList acl = new AccessControlList(" * ");

            Assert.True(acl.IsAllAllowed());
            UserGroupInformation drwho = UserGroupInformation.CreateUserForTesting("*****@*****.**"
                                                                                   , new string[] { "aliens" });
            UserGroupInformation drwho2 = UserGroupInformation.CreateUserForTesting("*****@*****.**"
                                                                                    , new string[] { "tardis" });

            acl.AddUser("drwho");
            Assert.True(acl.IsAllAllowed());
            NUnit.Framework.Assert.IsFalse(acl.GetAclString().Contains("drwho"));
            acl.AddGroup("tardis");
            Assert.True(acl.IsAllAllowed());
            NUnit.Framework.Assert.IsFalse(acl.GetAclString().Contains("tardis"));
            acl.RemoveUser("drwho");
            Assert.True(acl.IsAllAllowed());
            AssertUserAllowed(drwho, acl);
            acl.RemoveGroup("tardis");
            Assert.True(acl.IsAllAllowed());
            AssertUserAllowed(drwho2, acl);
        }