7 年之前 · b63dcd583f
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
@@ -64,17 +64,19 @@ public class AuthorizationException extends AccessControlException {
 
				 
			
 
				   @Override
			
 
				   public void printStackTrace() {
			
 
				-    // Do not provide the stack-trace
			
 
				+    printStackTrace(System.err);
			
 
				   }
			
 
				 
			
 
				   @Override
			
 
				   public void printStackTrace(PrintStream s) {
			
 
				     // Do not provide the stack-trace
			
 
				+    s.println(this);
			
 
				   }
			
 
				 
			
 
				   @Override
			
 
				   public void printStackTrace(PrintWriter s) {
			
 
				     // Do not provide the stack-trace
			
 
				+    s.println(this);
			
 
				   }
			
 
				-  
			
 
				+
			
 
				 }
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionFaultInjector.java
@@ -51,4 +51,7 @@ public class EncryptionFaultInjector {
 
				 
			
 
				   @VisibleForTesting
			
 
				   public void reencryptUpdaterProcessCheckpoint() throws IOException {}
			
 
				+
			
 
				+  @VisibleForTesting
			
 
				+  public void ensureKeyIsInitialized() throws IOException {}
			
 
				 }
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSDirEncryptionZoneOp.java
@@ -121,6 +121,7 @@ final class FSDirEncryptionZoneOp {
 
				       throw new IOException("Must specify a key name when creating an "
			
 
				           + "encryption zone");
			
 
				     }
			
 
				+    EncryptionFaultInjector.getInstance().ensureKeyIsInitialized();
			
 
				     KeyProvider.Metadata metadata = provider.getMetadata(keyName);
			
 
				     if (metadata == null) {
			
 
				       /*
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java
@@ -80,9 +80,11 @@ import org.apache.hadoop.hdfs.web.WebHdfsConstants;
 
				 import org.apache.hadoop.hdfs.web.WebHdfsFileSystem;
			
 
				 import org.apache.hadoop.hdfs.web.WebHdfsTestUtil;
			
 
				 import org.apache.hadoop.io.EnumSetWritable;
			
 
				+import org.apache.hadoop.ipc.RemoteException;
			
 
				 import org.apache.hadoop.security.AccessControlException;
			
 
				 import org.apache.hadoop.security.Credentials;
			
 
				 import org.apache.hadoop.security.UserGroupInformation;
			
 
				+import org.apache.hadoop.security.authorize.AuthorizationException;
			
 
				 import org.apache.hadoop.security.token.Token;
			
 
				 import org.apache.hadoop.util.DataChecksum;
			
 
				 import org.apache.hadoop.util.ToolRunner;
			
@@ -149,6 +151,9 @@ public class TestEncryptionZones {
 
				   private File testRootDir;
			
 
				   protected final String TEST_KEY = "test_key";
			
 
				   private static final String NS_METRICS = "FSNamesystem";
			
 
				+  private static final String  AUTHORIZATION_EXCEPTION_MESSAGE =
			
 
				+      "User [root] is not authorized to perform [READ] on key " +
			
 
				+          "with ACL name [key2]!!";
			
 
				 
			
 
				   protected FileSystemTestWrapper fsWrapper;
			
 
				   protected FileContextTestWrapper fcWrapper;
			
@@ -447,7 +452,6 @@ public class TestEncryptionZones {
 
				     dfsAdmin.createEncryptionZone(zone2, myKeyName, NO_TRASH);
			
 
				     assertNumZones(++numZones);
			
 
				     assertZonePresent(myKeyName, zone2.toString());
			
 
				-
			
 
				     /* Test failure of create encryption zones as a non super user. */
			
 
				     final UserGroupInformation user = UserGroupInformation.
			
 
				         createUserForTesting("user", new String[] { "mygroup" });
			
@@ -1057,6 +1061,31 @@ public class TestEncryptionZones {
 
				     }
			
 
				   }
			
 
				 
			
 
				+  private class AuthorizationExceptionInjector extends EncryptionFaultInjector {
			
 
				+    @Override
			
 
				+    public void ensureKeyIsInitialized() throws IOException {
			
 
				+      throw new AuthorizationException(AUTHORIZATION_EXCEPTION_MESSAGE);
			
 
				+    }
			
 
				+  }
			
 
				+
			
 
				+  @Test
			
 
				+  public void testExceptionInformationReturn() {
			
 
				+    /* Test exception information can be returned when
			
 
				+    creating transparent encryption zone.*/
			
 
				+    final Path zone1 = new Path("/zone1");
			
 
				+    EncryptionFaultInjector.instance = new AuthorizationExceptionInjector();
			
 
				+    try {
			
 
				+      dfsAdmin.createEncryptionZone(zone1, TEST_KEY, NO_TRASH);
			
 
				+      fail("exception information can be returned when creating " +
			
 
				+          "transparent encryption zone");
			
 
				+    } catch (IOException e) {
			
 
				+      assertTrue(e instanceof RemoteException);
			
 
				+      assertTrue(((RemoteException) e).unwrapRemoteException()
			
 
				+          instanceof AuthorizationException);
			
 
				+      assertExceptionContains(AUTHORIZATION_EXCEPTION_MESSAGE, e);
			
 
				+    }
			
 
				+  }
			
 
				+
			
 
				   private class MyInjector extends EncryptionFaultInjector {
			
 
				     volatile int generateCount;
			
 
				     CountDownLatch ready;