1   /*
2    * Copyright 2010 The Apache Software Foundation
3    *
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *     http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing, software
15   * distributed under the License is distributed on an "AS IS" BASIS,
16   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17   * See the License for the specific language governing permissions and
18   * limitations under the License.
19   */
20  package org.apache.hadoop.hbase.security;
21  
22  import static org.junit.Assert.*;
23  
24  import org.apache.hadoop.conf.Configuration;
25  import org.apache.hadoop.hbase.HBaseConfiguration;
26  import org.junit.Test;
27  
28  import java.io.IOException;
29  import java.security.PrivilegedAction;
30  import java.security.PrivilegedExceptionAction;
31  
32  public class TestUser {
33    @Test
34    public void testBasicAttributes() throws Exception {
35      Configuration conf = HBaseConfiguration.create();
36      User user = User.createUserForTesting(conf, "simple", new String[]{"foo"});
37      assertEquals("Username should match", "simple", user.getName());
38      assertEquals("Short username should match", "simple", user.getShortName());
39      // don't test shortening of kerberos names because regular Hadoop doesn't support them
40    }
41  
42    @Test
43    public void testRunAs() throws Exception {
44      Configuration conf = HBaseConfiguration.create();
45      final User user = User.createUserForTesting(conf, "testuser", new String[]{"foo"});
46      final PrivilegedExceptionAction<String> action = new PrivilegedExceptionAction<String>(){
47        public String run() throws IOException {
48            User u = User.getCurrent();
49            return u.getName();
50        }
51      };
52  
53      String username = user.runAs(action);
54      assertEquals("Current user within runAs() should match",
55          "testuser", username);
56  
57      // ensure the next run is correctly set
58      User user2 = User.createUserForTesting(conf, "testuser2", new String[]{"foo"});
59      String username2 = user2.runAs(action);
60      assertEquals("Second username should match second user",
61          "testuser2", username2);
62  
63      // check the exception version
64      username = user.runAs(new PrivilegedExceptionAction<String>(){
65        public String run() throws Exception {
66          return User.getCurrent().getName();
67        }
68      });
69      assertEquals("User name in runAs() should match", "testuser", username);
70  
71      // verify that nested contexts work
72      user2.runAs(new PrivilegedExceptionAction(){
73        public Object run() throws IOException, InterruptedException{
74          String nestedName = user.runAs(action);
75          assertEquals("Nest name should match nested user", "testuser", nestedName);
76          assertEquals("Current name should match current user",
77              "testuser2", User.getCurrent().getName());
78          return null;
79        }
80      });
81    }
82  }