通过权限控制节点操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package com.bai.javaapi;


import org.apache.zookeeper.*;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Id;
import org.apache.zookeeper.data.Stat;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;

/**
 * Created by 2bai on 25/10/2017.
 * 权限控制
 * 主要用于一些比较隐私的数据节点,不能随意变化的数据,通过权限去控制节点
 * ACL:CREATE/DELETE/ADMIN/READ/WRITE
 * <p>
 * 权限模式
 * 可以通过几种方式去控制节点的读写操作
 * schema:授权对象/ip/digest(账号密码)/world(开放权限)/super
 */
public class AuthControlDemo implements Watcher {

    private final static String CONNECTSTRING = "";
    private static CountDownLatch countDownLatch = new CountDownLatch(1);
    private static CountDownLatch countDownLatch2 = new CountDownLatch(1);
    private static ZooKeeper zooKeeper;
    private static Stat stat = new Stat();

    public static void main(String[] args) throws IOException, InterruptedException, KeeperException {
        zooKeeper = new ZooKeeper(CONNECTSTRING, 5000, new AuthControlDemo());
        countDownLatch.await();

        ACL digestAcl = new ACL(ZooDefs.Perms.CREATE, new Id("digest", "root:root"));
        List<ACL> acls = new ArrayList<ACL>();
        acls.add(digestAcl);


        zooKeeper.create("/auth1", "123".getBytes(), acls, CreateMode.PERSISTENT);
        zooKeeper.addAuthInfo("digest", "root:root".getBytes());

        //ZooDefs.Ids.OPEN_ACL_UNSAFE, 则可以删除成功
        zooKeeper.create("/auth", "123".getBytes(), ZooDefs.Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT);
        zooKeeper.create("/auth/auth1-1", "456".getBytes(), ZooDefs.Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT);

        //新创建客户端对象去删除
        ZooKeeper zooKeeper1 = new ZooKeeper(CONNECTSTRING, 5000, new AuthControlDemo());
        countDownLatch2.await();
        //添加权限信息
        zooKeeper1.addAuthInfo("digest", "root:root".getBytes());
        zooKeeper1.delete("/auth/auth1-1", -1);
        zooKeeper1.delete("/auth", -1);
        zooKeeper1.delete("/auth1", -1);

    }

    /**
     * 提供两种监听
     * 1.连接状态;2.事件监听
     *
     * @param watchedEvent
     */
    public void process(WatchedEvent watchedEvent) {

        // 如果当前的连接状态是连接成功,那么就通过计数器去控制
        if (watchedEvent.getState() == Event.KeeperState.SyncConnected) {
            if (Event.EventType.None == watchedEvent.getType() && null == watchedEvent.getPath()) {
                countDownLatch.countDown();
                countDownLatch2.countDown();
                System.out.println(watchedEvent.getState() + "--->" + watchedEvent.getType());
            }
        }
    }
}