perms = protocol.getUserPermissions(tableName);
} finally {
acl.close();
}
UserPermission ownerperm = new UserPermission(Bytes.toBytes(USER_OWNER.getName()), tableName,
null, Action.values());
assertTrue("Owner should have all permissions on table",
hasFoundUserPermission(ownerperm, perms));
UserPermission up = new UserPermission(user, tableName, family1, qualifier,
Permission.Action.READ);
assertFalse("User should not be granted permission: " + up.toString(),
hasFoundUserPermission(up, perms));
// grant read permission
UserPermission upToSet = new UserPermission(user, tableName, family1, qualifier,
Permission.Action.READ);
acl = new HTable(conf, AccessControlLists.ACL_TABLE_NAME);
try {
AccessControllerProtocol protocol = acl.coprocessorProxy(AccessControllerProtocol.class,
tableName);
protocol.grant(upToSet);
perms = protocol.getUserPermissions(tableName);
} finally {
acl.close();
}
UserPermission upToVerify = new UserPermission(user, tableName, family1, qualifier,
Permission.Action.READ);
assertTrue("User should be granted permission: " + upToVerify.toString(),
hasFoundUserPermission(upToVerify, perms));
upToVerify = new UserPermission(user, tableName, family1, qualifier, Permission.Action.WRITE);
assertFalse("User should not be granted permission: " + upToVerify.toString(),
hasFoundUserPermission(upToVerify, perms));
// grant read+write
upToSet = new UserPermission(user, tableName, family1, qualifier, Permission.Action.WRITE,
Permission.Action.READ);
acl = new HTable(conf, AccessControlLists.ACL_TABLE_NAME);
try {
AccessControllerProtocol protocol = acl.coprocessorProxy(AccessControllerProtocol.class,
tableName);
protocol.grant(upToSet);
perms = protocol.getUserPermissions(tableName);
} finally {
acl.close();
}
upToVerify = new UserPermission(user, tableName, family1, qualifier, Permission.Action.WRITE,
Permission.Action.READ);
assertTrue("User should be granted permission: " + upToVerify.toString(),
hasFoundUserPermission(upToVerify, perms));
acl = new HTable(conf, AccessControlLists.ACL_TABLE_NAME);
try {
AccessControllerProtocol protocol = acl.coprocessorProxy(AccessControllerProtocol.class,
tableName);
protocol.revoke(upToSet);
perms = protocol.getUserPermissions(tableName);
} finally {
acl.close();
}
assertFalse("User should not be granted permission: " + upToVerify.toString(),
hasFoundUserPermission(upToVerify, perms));
// disable table before modification
admin.disableTable(tableName);
User newOwner = User.createUserForTesting(conf, "new_owner", new String[] {});
htd.setOwner(newOwner);
admin.modifyTable(tableName, htd);
acl = new HTable(conf, AccessControlLists.ACL_TABLE_NAME);
try {
AccessControllerProtocol protocol = acl.coprocessorProxy(AccessControllerProtocol.class,
tableName);
perms = protocol.getUserPermissions(tableName);
} finally {
acl.close();
}
UserPermission newOwnerperm = new UserPermission(Bytes.toBytes(newOwner.getName()), tableName,
null, Action.values());
assertTrue("New owner should have all permissions on table",
hasFoundUserPermission(newOwnerperm, perms));
// delete table