public virtual void CreateRootRegistryPaths()
{
IList <ACL> systemACLs = GetRegistrySecurity().GetSystemACLs();
Log.Info("System ACLs {}", RegistrySecurity.AclsToString(systemACLs));
MaybeCreate(string.Empty, CreateMode.Persistent, systemACLs, false);
MaybeCreate(PathUsers, CreateMode.Persistent, systemACLs, false);
MaybeCreate(PathSystemServices, CreateMode.Persistent, systemACLs, false);
}
/// <summary>Init operation sets up the system ACLs.</summary>
/// <param name="conf">configuration of the service</param>
/// <exception cref="System.Exception"/>
protected override void ServiceInit(Configuration conf)
{
base.ServiceInit(conf);
RegistrySecurity registrySecurity = GetRegistrySecurity();
if (registrySecurity.IsSecureRegistry())
{
ACL sasl = registrySecurity.CreateSaslACLFromCurrentUser(ZooDefs.Perms.All);
registrySecurity.AddSystemACL(sasl);
Log.Info("Registry System ACLs:", RegistrySecurity.AclsToString(registrySecurity.
GetSystemACLs()));
}
}
public virtual void TestDigestAccess()
{
RMRegistryOperationsService registryAdmin = StartRMRegistryOperations();
string id = "username";
string pass = "******";
registryAdmin.AddWriteAccessor(id, pass);
IList <ACL> clientAcls = registryAdmin.GetClientAcls();
Log.Info("Client ACLS=\n{}", RegistrySecurity.AclsToString(clientAcls));
string @base = "/digested";
registryAdmin.Mknode(@base, false);
IList <ACL> baseACLs = registryAdmin.ZkGetACLS(@base);
string aclset = RegistrySecurity.AclsToString(baseACLs);
Log.Info("Base ACLs=\n{}", aclset);
ACL found = null;
foreach (ACL acl in baseACLs)
{
if (ZookeeperConfigOptions.SchemeDigest.Equals(acl.GetId().GetScheme()))
{
found = acl;
break;
}
}
NUnit.Framework.Assert.IsNotNull("Did not find digest entry in ACLs " + aclset, found
);
zkClientConf.Set(KeyRegistryUserAccounts, "sasl:[email protected], sasl:other"
);
RegistryOperations operations = RegistryOperationsFactory.CreateAuthenticatedInstance
(zkClientConf, id, pass);
AddToTeardown(operations);
operations.Start();
RegistryOperationsClient operationsClient = (RegistryOperationsClient)operations;
IList <ACL> digestClientACLs = operationsClient.GetClientAcls();
Log.Info("digest client ACLs=\n{}", RegistrySecurity.AclsToString(digestClientACLs
));
operations.Stat(@base);
operations.Mknode(@base + "/subdir", false);
ZKPathDumper pathDumper = registryAdmin.DumpPath(true);
Log.Info(pathDumper.ToString());
}
