public virtual void TestDefaultAcl()
        {
            ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager
                                                                          ();
            Configuration conf = new Configuration();

            // test without setting a default acl
            conf.Set(AclConfig, "user1 group1");
            serviceAuthorizationManager.Refresh(conf, new TestServiceAuthorization.TestPolicyProvider
                                                    ());
            AccessControlList acl = serviceAuthorizationManager.GetProtocolsAcls(typeof(TestRPC.TestProtocol
                                                                                        ));

            Assert.Equal("user1 group1", acl.GetAclString());
            acl = serviceAuthorizationManager.GetProtocolsAcls(typeof(TestServiceAuthorization.TestProtocol1
                                                                      ));
            Assert.Equal(AccessControlList.WildcardAclValue, acl.GetAclString
                             ());
            // test with a default acl
            conf.Set(CommonConfigurationKeys.HadoopSecurityServiceAuthorizationDefaultAcl, "user2 group2"
                     );
            serviceAuthorizationManager.Refresh(conf, new TestServiceAuthorization.TestPolicyProvider
                                                    ());
            acl = serviceAuthorizationManager.GetProtocolsAcls(typeof(TestRPC.TestProtocol));
            Assert.Equal("user1 group1", acl.GetAclString());
            acl = serviceAuthorizationManager.GetProtocolsAcls(typeof(TestServiceAuthorization.TestProtocol1
                                                                      ));
            Assert.Equal("user2 group2", acl.GetAclString());
        }
Exemple #2
0
 private void VerifyServiceACLsRefresh(ServiceAuthorizationManager manager, Type protocol
                                       , string aclString)
 {
     foreach (Type protocolClass in manager.GetProtocolsWithAcls())
     {
         AccessControlList accessList = manager.GetProtocolsAcls(protocolClass);
         if (protocolClass == protocol)
         {
             NUnit.Framework.Assert.AreEqual(accessList.GetAclString(), aclString);
         }
         else
         {
             NUnit.Framework.Assert.AreEqual(accessList.GetAclString(), "*");
         }
     }
 }