public virtual void TestDigestAccess() { RMRegistryOperationsService registryAdmin = StartRMRegistryOperations(); string id = "username"; string pass = "******"; registryAdmin.AddWriteAccessor(id, pass); IList <ACL> clientAcls = registryAdmin.GetClientAcls(); Log.Info("Client ACLS=\n{}", RegistrySecurity.AclsToString(clientAcls)); string @base = "/digested"; registryAdmin.Mknode(@base, false); IList <ACL> baseACLs = registryAdmin.ZkGetACLS(@base); string aclset = RegistrySecurity.AclsToString(baseACLs); Log.Info("Base ACLs=\n{}", aclset); ACL found = null; foreach (ACL acl in baseACLs) { if (ZookeeperConfigOptions.SchemeDigest.Equals(acl.GetId().GetScheme())) { found = acl; break; } } NUnit.Framework.Assert.IsNotNull("Did not find digest entry in ACLs " + aclset, found ); zkClientConf.Set(KeyRegistryUserAccounts, "sasl:[email protected], sasl:other" ); RegistryOperations operations = RegistryOperationsFactory.CreateAuthenticatedInstance (zkClientConf, id, pass); AddToTeardown(operations); operations.Start(); RegistryOperationsClient operationsClient = (RegistryOperationsClient)operations; IList <ACL> digestClientACLs = operationsClient.GetClientAcls(); Log.Info("digest client ACLs=\n{}", RegistrySecurity.AclsToString(digestClientACLs )); operations.Stat(@base); operations.Mknode(@base + "/subdir", false); ZKPathDumper pathDumper = registryAdmin.DumpPath(true); Log.Info(pathDumper.ToString()); }
public virtual void TestUserHomedirsPermissionsRestricted() { // test that the /users/$user permissions are restricted RMRegistryOperationsService rmRegistryOperations = StartRMRegistryOperations(); // create Alice's dir, so it should have an ACL for Alice string home = rmRegistryOperations.InitUserRegistry(Alice); IList <ACL> acls = rmRegistryOperations.ZkGetACLS(home); ACL aliceACL = null; foreach (ACL acl in acls) { Log.Info(RegistrySecurity.AclToString(acl)); ID id = acl.GetId(); if (id.GetScheme().Equals(ZookeeperConfigOptions.SchemeSasl) && id.GetId().StartsWith (Alice)) { aliceACL = acl; break; } } NUnit.Framework.Assert.IsNotNull(aliceACL); NUnit.Framework.Assert.AreEqual(RegistryAdminService.UserHomedirAclPermissions, aliceACL .GetPerms()); }