本文整理汇总了Java中org.apache.zookeeper.data.ACL.getId方法的典型用法代码示例。如果您正苦于以下问题:Java ACL.getId方法的具体用法?Java ACL.getId怎么用?Java ACL.getId使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.zookeeper.data.ACL
的用法示例。
在下文中一共展示了ACL.getId方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testUserHomedirsPermissionsRestricted
import org.apache.zookeeper.data.ACL; //导入方法依赖的package包/类
@Test
public void testUserHomedirsPermissionsRestricted() throws Throwable {
// test that the /users/$user permissions are restricted
RMRegistryOperationsService rmRegistryOperations =
startRMRegistryOperations();
// create Alice's dir, so it should have an ACL for Alice
final String home = rmRegistryOperations.initUserRegistry(ALICE);
List<ACL> acls = rmRegistryOperations.zkGetACLS(home);
ACL aliceACL = null;
for (ACL acl : acls) {
LOG.info(RegistrySecurity.aclToString(acl));
Id id = acl.getId();
if (id.getScheme().equals(ZookeeperConfigOptions.SCHEME_SASL)
&& id.getId().startsWith(ALICE)) {
aliceACL = acl;
break;
}
}
assertNotNull(aliceACL);
assertEquals(RegistryAdminService.USER_HOMEDIR_ACL_PERMISSIONS,
aliceACL.getPerms());
}
示例2: assertZnodePerms
import org.apache.zookeeper.data.ACL; //导入方法依赖的package包/类
private void assertZnodePerms(RecoverableZooKeeper zk, String znode,
boolean expectedWorldReadable) throws KeeperException, InterruptedException {
Stat stat = new Stat();
List<ACL> acls = zk.getZooKeeper().getACL(znode, stat);
String[] superUsers = superUser == null ? null : superUser.split(",");
LOG.info("Checking ACLs for znode znode:" + znode + " acls:" + acls);
for (ACL acl : acls) {
int perms = acl.getPerms();
Id id = acl.getId();
// We should only set at most 3 possible ACL for 3 Ids. One for everyone, one for superuser
// and one for the hbase user
if (Ids.ANYONE_ID_UNSAFE.equals(id)) {
// everyone should be set only if we are expecting this znode to be world readable
assertTrue(expectedWorldReadable);
// assert that anyone can only read
assertEquals(perms, Perms.READ);
} else if (superUsers != null && ZooKeeperWatcher.isSuperUserId(superUsers, id)) {
// assert that super user has all the permissions
assertEquals(perms, Perms.ALL);
} else if (new Id("sasl", masterPrincipal).equals(id)) {
// hbase.master.kerberos.principal?
assertEquals(perms, Perms.ALL);
} else {
fail("An ACL is found which is not expected for the znode:" + znode + " , ACL:" + acl);
}
}
}
示例3: addAclTableItem
import org.apache.zookeeper.data.ACL; //导入方法依赖的package包/类
public TableItem addAclTableItem(ACL acl) {
final Table table = getTable();
final TableItem item = new TableItem(table, SWT.NONE);
item.setData("ACL", acl);
Id id = acl.getId();
int aclPerms = acl.getPerms();
boolean hasAll = ((aclPerms & ZooDefs.Perms.ALL) == ZooDefs.Perms.ALL);
item.setText(0, id.getScheme());
item.setText(1, id.getId());
for (final int perm : PERMS) {
final int permColumnIndex = getPermissionColumnIndex(perm);
TableEditor permCheckBoxTableEditor = new TableEditor(table);
setItemPermTableEditor(item, perm, permCheckBoxTableEditor);
final Button permCheckBox = new Button(table, SWT.CHECK);
boolean hasPerm = ((aclPerms & perm) == perm);
permCheckBox.setSelection(hasPerm);
permCheckBox.setEnabled(!hasAll || (hasAll && perm == ZooDefs.Perms.ALL));
permCheckBox.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
if (perm == ZooDefs.Perms.ALL) {
for (int subPerm : PERMS) {
if (subPerm == ZooDefs.Perms.ALL) {
continue;
}
Button subPermCheckBox = getItemPermCheckBox(item, subPerm);
boolean allIsSelected = permCheckBox.getSelection();
if (allIsSelected) {
subPermCheckBox.setSelection(true);
}
subPermCheckBox.setEnabled(!allIsSelected);
}
}
fireOrchestrationChange();
}
});
permCheckBox.pack();
permCheckBoxTableEditor.minimumWidth = permCheckBox.getSize().x;
permCheckBoxTableEditor.horizontalAlignment = SWT.CENTER;
permCheckBoxTableEditor.setEditor(permCheckBox, item, permColumnIndex);
}
return item;
}
示例4: isBaseZnodeAclSetup
import org.apache.zookeeper.data.ACL; //导入方法依赖的package包/类
/**
* Checks whether the ACLs returned from the base znode (/hbase) is set for secure setup.
* @param acls acls from zookeeper
* @return whether ACLs are set for the base znode
* @throws IOException
*/
private boolean isBaseZnodeAclSetup(List<ACL> acls) throws IOException {
if (LOG.isDebugEnabled()) {
LOG.debug("Checking znode ACLs");
}
String[] superUsers = conf.getStrings(Superusers.SUPERUSER_CONF_KEY);
// Check whether ACL set for all superusers
if (superUsers != null && !checkACLForSuperUsers(superUsers, acls)) {
return false;
}
// this assumes that current authenticated user is the same as zookeeper client user
// configured via JAAS
String hbaseUser = UserGroupInformation.getCurrentUser().getShortUserName();
if (acls.isEmpty()) {
if (LOG.isDebugEnabled()) {
LOG.debug("ACL is empty");
}
return false;
}
for (ACL acl : acls) {
int perms = acl.getPerms();
Id id = acl.getId();
// We should only set at most 3 possible ACLs for 3 Ids. One for everyone, one for superuser
// and one for the hbase user
if (Ids.ANYONE_ID_UNSAFE.equals(id)) {
if (perms != Perms.READ) {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
id, perms, Perms.READ));
}
return false;
}
} else if (superUsers != null && isSuperUserId(superUsers, id)) {
if (perms != Perms.ALL) {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
id, perms, Perms.ALL));
}
return false;
}
} else if ("sasl".equals(id.getScheme())) {
String name = id.getId();
// If ZooKeeper recorded the Kerberos full name in the ACL, use only the shortname
Matcher match = NAME_PATTERN.matcher(name);
if (match.matches()) {
name = match.group(1);
}
if (name.equals(hbaseUser)) {
if (perms != Perms.ALL) {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
id, perms, Perms.ALL));
}
return false;
}
} else {
if (LOG.isDebugEnabled()) {
LOG.debug("Unexpected shortname in SASL ACL: " + id);
}
return false;
}
} else {
if (LOG.isDebugEnabled()) {
LOG.debug("unexpected ACL id '" + id + "'");
}
return false;
}
}
return true;
}