in src/main/java/org/apache/accumulo/testing/randomwalk/security/Validate.java [41:115]
public static void validate(State state, RandWalkEnv env, Logger log) throws Exception {
AccumuloClient client = env.getAccumuloClient();
boolean tableExists = WalkingSecurity.get(state, env).getTableExists();
boolean cloudTableExists =
client.tableOperations().list().contains(WalkingSecurity.get(state, env).getTableName());
if (tableExists != cloudTableExists)
throw new AccumuloException("Table existance out of sync");
boolean tableUserExists = WalkingSecurity.get(state, env)
.userExists(WalkingSecurity.get(state, env).getTabUserName());
boolean cloudTableUserExists = client.securityOperations().listLocalUsers()
.contains(WalkingSecurity.get(state, env).getTabUserName());
if (tableUserExists != cloudTableUserExists)
throw new AccumuloException("Table User existance out of sync");
Properties props = new Properties();
props.setProperty("target", "system");
Authenticate.authenticate(env.getAccumuloUserName(), env.getToken(), state, env, props);
props.setProperty("target", "table");
Authenticate.authenticate(env.getAccumuloUserName(), env.getToken(), state, env, props);
for (String user : new String[] {WalkingSecurity.get(state, env).getSysUserName(),
WalkingSecurity.get(state, env).getTabUserName()}) {
for (SystemPermission sp : SystemPermission.values()) {
boolean hasSp = WalkingSecurity.get(state, env).hasSystemPermission(user, sp);
boolean accuHasSp;
try {
accuHasSp = client.securityOperations().hasSystemPermission(user, sp);
log.debug("Just checked to see if user " + user + " has system perm " + sp.name()
+ " with answer " + accuHasSp);
} catch (AccumuloSecurityException ae) {
if (ae.getSecurityErrorCode().equals(SecurityErrorCode.USER_DOESNT_EXIST)) {
if (tableUserExists)
throw new AccumuloException("Got user DNE error when they should", ae);
else
continue;
} else
throw new AccumuloException("Unexpected exception!", ae);
}
if (hasSp != accuHasSp)
throw new AccumuloException(user + " existance out of sync for system perm " + sp
+ " hasSp/CloudhasSP " + hasSp + " " + accuHasSp);
}
for (TablePermission tp : TablePermission.values()) {
boolean hasTp = WalkingSecurity.get(state, env).hasTablePermission(user,
WalkingSecurity.get(state, env).getTableName(), tp);
boolean accuHasTp;
try {
accuHasTp = client.securityOperations().hasTablePermission(user,
WalkingSecurity.get(state, env).getTableName(), tp);
log.debug("Just checked to see if user " + user + " has table perm " + tp.name()
+ " with answer " + accuHasTp);
} catch (AccumuloSecurityException ae) {
if (ae.getSecurityErrorCode().equals(SecurityErrorCode.USER_DOESNT_EXIST)) {
if (tableUserExists)
throw new AccumuloException("Got user DNE error when they should", ae);
else
continue;
} else if (ae.getSecurityErrorCode().equals(SecurityErrorCode.TABLE_DOESNT_EXIST)) {
if (tableExists)
throw new AccumuloException("Got table DNE when it should", ae);
else
continue;
} else
throw new AccumuloException("Unexpected exception!", ae);
}
if (hasTp != accuHasTp)
throw new AccumuloException(user + " existance out of sync for table perm " + tp
+ " hasTp/CloudhasTP " + hasTp + " " + accuHasTp);
}
}
}