if (cl.hasOption(optNamespace.getOpt())) { try { shellState.getAccumuloClient().securityOperations().grantNamespacePermission(user, cl.getOptionValue(optNamespace.getOpt()), NamespacePermission.valueOf(permission[1])); } catch (IllegalArgumentException e) {
private void changeNamespacePermission(Connector conn, Random rand, String userName, String namespace) throws AccumuloException, AccumuloSecurityException { EnumSet<NamespacePermission> perms = EnumSet.noneOf(NamespacePermission.class); for (NamespacePermission p : NamespacePermission.values()) { if (conn.securityOperations().hasNamespacePermission(userName, namespace, p)) perms.add(p); } EnumSet<NamespacePermission> more = EnumSet.allOf(NamespacePermission.class); more.removeAll(perms); if (rand.nextBoolean() && more.size() > 0) { List<NamespacePermission> moreList = new ArrayList<>(more); NamespacePermission choice = moreList.get(rand.nextInt(moreList.size())); log.debug("adding permission " + choice); conn.securityOperations().grantNamespacePermission(userName, namespace, choice); } else { if (perms.size() > 0) { List<NamespacePermission> permList = new ArrayList<>(perms); NamespacePermission choice = permList.get(rand.nextInt(permList.size())); log.debug("removing permission " + choice); conn.securityOperations().revokeNamespacePermission(userName, namespace, choice); } } } }
if (cl.hasOption(optNamespace.getOpt())) { try { shellState.getConnector().securityOperations().grantNamespacePermission(user, cl.getOptionValue(optNamespace.getOpt()), NamespacePermission.valueOf(permission[1])); } catch (IllegalArgumentException e) {
@Override public void grantNamespacePermission(ByteBuffer login, String user, String namespaceName, org.apache.accumulo.proxy.thrift.NamespacePermission perm) throws org.apache.accumulo.proxy.thrift.AccumuloException, org.apache.accumulo.proxy.thrift.AccumuloSecurityException, TException { try { getConnector(login).securityOperations().grantNamespacePermission(user, namespaceName, NamespacePermission.getPermissionById((byte) perm.getValue())); } catch (Exception e) { handleException(e); } }
assertFalse(c.securityOperations().hasNamespacePermission(c.whoami(), namespace, NamespacePermission.READ)); c.securityOperations().grantNamespacePermission(c.whoami(), namespace, NamespacePermission.READ); assertTrue(c.securityOperations().hasNamespacePermission(c.whoami(), namespace, c.securityOperations().grantNamespacePermission(c.whoami(), namespace, NamespacePermission.READ); fail();
c.securityOperations().grantNamespacePermission(u1, n1, NamespacePermission.CREATE_TABLE); loginAs(user1); user1Con.tableOperations().create(t2); c.securityOperations().grantNamespacePermission(u1, n1, NamespacePermission.DROP_TABLE); loginAs(user1); user1Con.tableOperations().delete(t1); c.securityOperations().grantNamespacePermission(u1, n1, NamespacePermission.READ); loginAs(user1); i = user1Con.createScanner(t3, new Authorizations()).iterator(); loginAs(root); c.securityOperations().revokeNamespacePermission(u1, n1, NamespacePermission.READ); c.securityOperations().grantNamespacePermission(u1, n1, NamespacePermission.WRITE); c.securityOperations().grantNamespacePermission(u1, n1, NamespacePermission.ALTER_TABLE); loginAs(user1); user1Con.tableOperations().setProperty(t3, Property.TABLE_FILE_MAX.getKey(), "42"); c.securityOperations().grantNamespacePermission(u1, n1, NamespacePermission.ALTER_NAMESPACE); loginAs(user1); user1Con.namespaceOperations().setProperty(n1, Property.TABLE_FILE_MAX.getKey(), "42"); loginAs(user1); try { user1Con.securityOperations().grantNamespacePermission(u2, n1, NamespacePermission.ALTER_NAMESPACE); fail();