@Test public void testCrossNSMapReduce() throws Exception { createAuthNamespace(); ApplicationId appId = AUTH_NAMESPACE.app(DatasetCrossNSAccessWithMAPApp.class.getSimpleName()); Map<EntityId, Set<Action>> neededPrivileges = ImmutableMap.<EntityId, Set<Action>>builder() .put(appId, EnumSet.of(Action.ADMIN)) .put(AUTH_NAMESPACE.artifact(DatasetCrossNSAccessWithMAPApp.class.getSimpleName(), "1.0-SNAPSHOT"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges); ProgramId programId = appId.program(ProgramType.MAPREDUCE, DatasetCrossNSAccessWithMAPApp.MAPREDUCE_PROGRAM); // bob will be executing the program grantAndAssertSuccess(programId, BOB, EnumSet.of(Action.EXECUTE)); cleanUpEntities.add(programId); ApplicationManager appManager = deployApplication(AUTH_NAMESPACE, DatasetCrossNSAccessWithMAPApp.class); MapReduceManager mrManager = appManager.getMapReduceManager(DatasetCrossNSAccessWithMAPApp.MAPREDUCE_PROGRAM); testCrossNSSystemDatasetAccessWithAuthMapReduce(mrManager); testCrossNSDatasetAccessWithAuthMapReduce(mrManager); }
@Test public void testCrossNSSpark() throws Exception { createAuthNamespace(); ApplicationId appId = AUTH_NAMESPACE.app(TestSparkCrossNSDatasetApp.APP_NAME); Map<EntityId, Set<Action>> neededPrivileges = ImmutableMap.<EntityId, Set<Action>>builder() .put(appId, EnumSet.of(Action.ADMIN)) .put(AUTH_NAMESPACE.artifact(TestSparkCrossNSDatasetApp.class.getSimpleName(), "1.0-SNAPSHOT"), EnumSet.of(Action.ADMIN)) .put(AUTH_NAMESPACE.dataset(TestSparkCrossNSDatasetApp.DEFAULT_OUTPUT_DATASET), EnumSet.of(Action.ADMIN)) .put(AUTH_NAMESPACE.datasetType(KeyValueTable.class.getName()), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges); ProgramId programId = appId.spark(TestSparkCrossNSDatasetApp.SPARK_PROGRAM_NAME); // bob will be executing the program grantAndAssertSuccess(programId, BOB, EnumSet.of(Action.EXECUTE)); cleanUpEntities.add(programId); ApplicationManager appManager = deployApplication(AUTH_NAMESPACE, TestSparkCrossNSDatasetApp.class); SparkManager sparkManager = appManager.getSparkManager(TestSparkCrossNSDatasetApp.SparkCrossNSDatasetProgram .class.getSimpleName()); testCrossNSSystemDatasetAccessWithAuthSpark(sparkManager); testCrossNSDatasetAccessWithAuthSpark(sparkManager); }
@Test public void testCrossNSService() throws Exception { createAuthNamespace(); ApplicationId appId = AUTH_NAMESPACE.app(CrossNsDatasetAccessApp.APP_NAME); Map<EntityId, Set<Action>> neededPrivileges = ImmutableMap.<EntityId, Set<Action>>builder() .put(appId, EnumSet.of(Action.ADMIN)) .put(AUTH_NAMESPACE.artifact(CrossNsDatasetAccessApp.class.getSimpleName(), "1.0-SNAPSHOT"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges); ProgramId programId = appId.service(CrossNsDatasetAccessApp.SERVICE_NAME); cleanUpEntities.add(programId); // grant bob execute on program and READ/WRITE on stream grantAndAssertSuccess(programId, BOB, EnumSet.of(Action.EXECUTE)); ApplicationManager appManager = deployApplication(AUTH_NAMESPACE, CrossNsDatasetAccessApp.class); // switch to to ALICE SecurityRequestContext.setUserId(ALICE.getName()); ServiceManager serviceManager = appManager.getServiceManager(CrossNsDatasetAccessApp.SERVICE_NAME); testSystemDatasetAccessFromService(serviceManager); testCrossNSDatasetAccessFromService(serviceManager); }
.put(dummyModuleId, EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(AUTH_NAMESPACE.datasetType(KeyValueTable.class.getName()), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges); .put(AUTH_NAMESPACE.datasetType(ObjectMappedTable.class.getName()), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, anotherAppNeededPrivilege); .put(appId.program(ProgramType.WORKER, AllProgramsApp.NoOpWorker.NAME), EnumSet.of(Action.EXECUTE)) .build(); setUpPrivilegeAndRegisterForDeletion(BOB, bobDatasetPrivileges); setUpPrivilegeAndRegisterForDeletion(BOB, bobProgramPrivileges);
.put(AUTH_NAMESPACE.datasetModule(DummyApp.CustomDummyDataset.class.getName()), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(AUTH_NAMESPACE.datasetType(PartitionedFileSet.class.getName()), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(outputDatasetNSId.datasetType("keyValueTable"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges ); getNamespaceAdmin().create(outputDatasetNS);
.put(outputDatasetNSId.datasetType("keyValueTable"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(outputDatasetNSMetaId.datasetType("keyValueTable"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(otherNsId.datasetType("keyValueTable"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(AUTH_NAMESPACE.datasetType(ObjectStore.class.getName()), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
.put(otherNSId.datasetType("keyValueTable"), EnumSet.of(Action.ADMIN)) .build(); setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);