HDFS-1192. refreshSuperUserGroupsConfiguration should use server side configuration for the refresh (for HADOOP-6815)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/hdfs/trunk@957076 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -91,6 +91,9 @@ Trunk (unreleased changes)
 
     HDFS-1118. Fix socketleak on DFSClient. (Zheng Shao via dhruba)
 
+    HDFS-1192. refreshSuperUserGroupsConfiguration should use server side 
+    configuration for the refresh (for HADOOP-6815) (boryas)
+
 Release 0.21.0 - Unreleased
 
   INCOMPATIBLE CHANGES

src/java/org/apache/hadoop/hdfs/server/namenode/NameNode.java

@@ -1336,17 +1336,17 @@ public class NameNode implements NamenodeProtocols, FSConstants {
   }
 
   @Override
-  public void refreshUserToGroupsMappings(Configuration conf) throws IOException {
+  public void refreshUserToGroupsMappings() throws IOException {
     LOG.info("Refreshing all user-to-groups mappings. Requested by user: " + 
              UserGroupInformation.getCurrentUser().getShortUserName());
-    Groups.getUserToGroupsMappingService(conf).refresh();
+    Groups.getUserToGroupsMappingService().refresh();
   }
 
   @Override
-  public void refreshSuperUserGroupsConfiguration(Configuration conf) {
+  public void refreshSuperUserGroupsConfiguration() {
     LOG.info("Refreshing SuperUser proxy group mapping list ");
 
-    ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
+    ProxyUsers.refreshSuperUserGroupsConfiguration();
   }
 
   private static void printUsage() {

src/java/org/apache/hadoop/hdfs/tools/DFSAdmin.java

@@ -786,7 +786,7 @@ public class DFSAdmin extends FsShell {
               RefreshUserMappingsProtocol.class));
 
     // Refresh the user-to-groups mappings
-    refreshProtocol.refreshUserToGroupsMappings(conf);
+    refreshProtocol.refreshUserToGroupsMappings();
     
     return 0;
   }
@@ -817,7 +817,7 @@ public class DFSAdmin extends FsShell {
               RefreshUserMappingsProtocol.class));
 
     // Refresh the user-to-groups mappings
-    refreshProtocol.refreshSuperUserGroupsConfiguration(conf);
+    refreshProtocol.refreshSuperUserGroupsConfiguration();
 
     return 0;
   }

src/test/hdfs/org/apache/hadoop/hdfs/security/TestDelegationTokenForProxyUser.java

@@ -100,6 +100,7 @@ public class TestDelegationTokenForProxyUser {
         null, null);
     cluster.waitActive();
     cluster.getNamesystem().getDelegationTokenSecretManager().startThreads();
+    ProxyUsers.refreshSuperUserGroupsConfiguration(config);
   }
 
   @After

src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/NNThroughputBenchmark.java

@@ -391,7 +391,7 @@ public class NNThroughputBenchmark {
     void benchmarkOne() throws IOException {
       for(int idx = 0; idx < opsPerThread; idx++) {
         if((localNumOpsExecuted+1) % statsOp.ugcRefreshCount == 0)
-          nameNode.refreshUserToGroupsMappings(config);
+          nameNode.refreshUserToGroupsMappings();
         long stat = statsOp.executeOp(daemonId, idx, arg1);
         localNumOpsExecuted++;
         localCumulativeTime += stat;

src/test/hdfs/org/apache/hadoop/security/TestRefreshUserMappings.java

@@ -25,15 +25,20 @@ import static org.junit.Assert.fail;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
 import java.io.IOException;
+import java.io.PrintWriter;
+import java.net.URL;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.FileSystem;
+import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.hdfs.MiniDFSCluster;
-import org.apache.hadoop.hdfs.server.namenode.NameNode;
 import org.apache.hadoop.hdfs.tools.DFSAdmin;
 import org.apache.hadoop.security.authorize.AuthorizationException;
 import org.apache.hadoop.security.authorize.ProxyUsers;
@@ -46,6 +51,7 @@ public class TestRefreshUserMappings {
   private MiniDFSCluster cluster;
   Configuration config;
   private static long groupRefreshTimeoutSec = 1;
+  private String tempResource = null;
   
   public static class MockUnixGroupsMapping implements GroupMappingServiceProvider {
     private int i=0;
@@ -82,6 +88,10 @@ public class TestRefreshUserMappings {
     if(cluster!=null) {
       cluster.shutdown();
     }
+    if(tempResource!=null) {
+      File f = new File(tempResource);
+      f.delete();
+    }
   }
     
   @Test
@@ -136,6 +146,7 @@ public class TestRefreshUserMappings {
     
     config.set(userKeyGroups, "gr3,gr4,gr5"); // superuser can proxy for this group
     config.set(userKeyHosts,"127.0.0.1");
+    ProxyUsers.refreshSuperUserGroupsConfiguration(config);
     
     UserGroupInformation ugi1 = mock(UserGroupInformation.class);
     UserGroupInformation ugi2 = mock(UserGroupInformation.class);
@@ -173,16 +184,16 @@ public class TestRefreshUserMappings {
       fail("first auth for " + ugi2.getShortUserName() + " should've succeeded: " + e.getLocalizedMessage());
     }
     
+    // refresh will look at configuration on the server side
+    // add additional resource with the new value
+    // so the server side will pick it up
+    String rsrc = "testGroupMappingRefresh_rsrc.xml";
+    addNewConfigResource(rsrc, userKeyGroups, "gr2", userKeyHosts, "127.0.0.1");  
+    
     DFSAdmin admin = new DFSAdmin(config);
     String [] args = new String[]{"-refreshSuperUserGroupsConfiguration"};
-    NameNode nn = cluster.getNameNode();
-    Configuration conf = new Configuration(config);
-    conf.set(userKeyGroups, "gr2"); // superuser can proxy for this group
-    admin.setConf(conf);
     admin.run(args);
     
-    //check after...
-    
     try {
       ProxyUsers.authorize(ugi2, "127.0.0.1", config);
       fail("second auth for " + ugi2.getShortUserName() + " should've failed ");
@@ -196,7 +207,30 @@ public class TestRefreshUserMappings {
       // expected
     } catch (AuthorizationException e) {
       fail("second auth for " + ugi1.getShortUserName() + " should've succeeded: " + e.getLocalizedMessage());
-    }    
+    }
+    
+    
   }
 
+  private void addNewConfigResource(String rsrcName, String keyGroup,
+      String groups, String keyHosts, String hosts)  throws FileNotFoundException {
+    // location for temp resource should be in CLASSPATH
+    Configuration conf = new Configuration();
+    URL url = conf.getResource("hdfs-site.xml");
+    Path p = new Path(url.getPath());
+    Path dir = p.getParent();
+    tempResource = dir.toString() + "/" + rsrcName;
+    
+    
+    String newResource =
+    "<configuration>"+
+    "<property><name>" + keyGroup + "</name><value>"+groups+"</value></property>" +
+    "<property><name>" + keyHosts + "</name><value>"+hosts+"</value></property>" +
+    "</configuration>";
+    PrintWriter writer = new PrintWriter(new FileOutputStream(tempResource));
+    writer.println(newResource);
+    writer.close();
+
+    Configuration.addDefaultResource(rsrcName);
+  }
 }