assertUserAllowed(drwho, acl); assertUserAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl);
assertUserAllowed(drwho, acl); assertUserAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl);
assertUserAllowed(drwho, acl); assertUserAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(susan, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl); assertUserNotAllowed(barbara, acl); assertUserNotAllowed(ian, acl);
/** * Validate the netgroups, both group membership and ACL * functionality * * Note: assumes a specific acl setup done by testNetgroups * * @param groups group to user mapping service * @param acl ACL set up in a specific way, see testNetgroups */ private void validateNetgroups(Groups groups, AccessControlList acl) throws Exception { // check that the netgroups are working List<String> elvisGroups = groups.getGroups("elvis"); assertTrue(elvisGroups.contains("@lasVegas")); assertTrue(elvisGroups.contains("@memphis")); List<String> jerryLeeLewisGroups = groups.getGroups("jerryLeeLewis"); assertTrue(jerryLeeLewisGroups.contains("@memphis")); // allowed becuase his netgroup is in ACL UserGroupInformation elvis = UserGroupInformation.createRemoteUser("elvis"); assertUserAllowed(elvis, acl); // allowed because he's in ACL UserGroupInformation carlPerkins = UserGroupInformation.createRemoteUser("carlPerkins"); assertUserAllowed(carlPerkins, acl); // not allowed because he's not in ACL and has no netgroups UserGroupInformation littleRichard = UserGroupInformation.createRemoteUser("littleRichard"); assertUserNotAllowed(littleRichard, acl); }
/** * Validate the netgroups, both group membership and ACL * functionality * * Note: assumes a specific acl setup done by testNetgroups * * @param groups group to user mapping service * @param acl ACL set up in a specific way, see testNetgroups */ private void validateNetgroups(Groups groups, AccessControlList acl) throws Exception { // check that the netgroups are working List<String> elvisGroups = groups.getGroups("elvis"); assertTrue(elvisGroups.contains("@lasVegas")); assertTrue(elvisGroups.contains("@memphis")); List<String> jerryLeeLewisGroups = groups.getGroups("jerryLeeLewis"); assertTrue(jerryLeeLewisGroups.contains("@memphis")); // allowed becuase his netgroup is in ACL UserGroupInformation elvis = UserGroupInformation.createRemoteUser("elvis"); assertUserAllowed(elvis, acl); // allowed because he's in ACL UserGroupInformation carlPerkins = UserGroupInformation.createRemoteUser("carlPerkins"); assertUserAllowed(carlPerkins, acl); // not allowed because he's not in ACL and has no netgroups UserGroupInformation littleRichard = UserGroupInformation.createRemoteUser("littleRichard"); assertUserNotAllowed(littleRichard, acl); }