Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 2BEC3200B38 for ; Fri, 24 Jun 2016 08:00:36 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 2A8D4160A73; Fri, 24 Jun 2016 06:00:36 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 622E1160A7B for ; Fri, 24 Jun 2016 08:00:34 +0200 (CEST) Received: (qmail 31232 invoked by uid 500); 24 Jun 2016 06:00:33 -0000 Mailing-List: contact commits-help@sentry.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@sentry.apache.org Delivered-To: mailing list commits@sentry.apache.org Received: (qmail 29478 invoked by uid 99); 24 Jun 2016 06:00:31 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 24 Jun 2016 06:00:31 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 5015AE5CE1; Fri, 24 Jun 2016 06:00:31 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: colin@apache.org To: commits@sentry.apache.org Date: Fri, 24 Jun 2016 06:00:58 -0000 Message-Id: <809058f258a3470c8a91c9b27f3cf81f@git.apache.org> In-Reply-To: <69ce40b9667f4711b5187933d6e3aa2f@git.apache.org> References: <69ce40b9667f4711b5187933d6e3aa2f@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [29/44] sentry git commit: SENTRY-1287: Create sentry-service-server module(Colin Ma, reviewed by Dapeng Sun) archived-at: Fri, 24 Jun 2016 06:00:36 -0000 http://git-wip-us.apache.org/repos/asf/sentry/blob/e72e6eac/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java deleted file mode 100644 index 8cf0e70..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java +++ /dev/null @@ -1,416 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.log.util; - -import java.util.ArrayList; -import java.util.List; -import java.util.Set; - -import org.apache.sentry.core.model.db.AccessConstants; -import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable; -import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest; -import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest; -import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption; -import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege; -import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope; -import org.junit.Assert; -import org.junit.Test; - -import com.google.common.collect.Sets; - -public class TestCommandUtil extends Assert { - - @Test - public void testCreateCmdForCreateOrDropRole() { - String roleName = "testRole"; - - String createRoleCmdResult = CommandUtil.createCmdForCreateOrDropRole( - roleName, true); - String dropRoleCmdResult = CommandUtil.createCmdForCreateOrDropRole( - roleName, false); - String createRoleCmdExcepted = "CREATE ROLE testRole"; - String dropRoleCmdExcepted = "DROP ROLE testRole"; - - assertEquals(createRoleCmdExcepted, createRoleCmdResult); - assertEquals(dropRoleCmdResult, dropRoleCmdExcepted); - } - - @Test - public void testCreateCmdForRoleAddOrDeleteGroup1() { - - String createRoleAddGroupCmdResult = CommandUtil.createCmdForRoleAddGroup("testRole", - getGroupStr(1)); - String createRoleAddGroupCmdExcepted = "GRANT ROLE testRole TO GROUP testGroup1"; - String createRoleDeleteGroupCmdResult = CommandUtil.createCmdForRoleDeleteGroup("testRole", - getGroupStr(1)); - String createRoleDeleteGroupCmdExcepted = "REVOKE ROLE testRole FROM GROUP testGroup1"; - - assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult); - assertEquals(createRoleDeleteGroupCmdExcepted, - createRoleDeleteGroupCmdResult); - } - - @Test - public void testCreateCmdForRoleAddOrDeleteGroup2() { - String createRoleAddGroupCmdResult = CommandUtil.createCmdForRoleAddGroup("testRole", - getGroupStr(3)); - String createRoleAddGroupCmdExcepted = "GRANT ROLE testRole TO GROUP testGroup1, testGroup2, testGroup3"; - String createRoleDeleteGroupCmdResult = CommandUtil.createCmdForRoleDeleteGroup("testRole", - getGroupStr(3)); - String createRoleDeleteGroupCmdExcepted = "REVOKE ROLE testRole FROM GROUP testGroup1, testGroup2, testGroup3"; - - assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult); - assertEquals(createRoleDeleteGroupCmdExcepted, - createRoleDeleteGroupCmdResult); - } - - @Test - public void testCreateCmdForRoleAddOrDeleteUser1() { - String createRoleAddGroupCmdResult = - CommandUtil.createCmdForRoleAddUser("testRole", getUserStr(1)); - String createRoleAddGroupCmdExcepted = "GRANT ROLE testRole TO USER testUser1"; - String createRoleDeleteGroupCmdResult = - CommandUtil.createCmdForRoleDeleteUser("testRole", getUserStr(1)); - String createRoleDeleteGroupCmdExcepted = "REVOKE ROLE testRole FROM USER testUser1"; - - assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult); - assertEquals(createRoleDeleteGroupCmdExcepted, createRoleDeleteGroupCmdResult); - } - - @Test - public void testCreateCmdForRoleAddOrDeleteUser2() { - String createRoleAddGroupCmdResult = - CommandUtil.createCmdForRoleAddUser("testRole", getUserStr(3)); - String createRoleAddGroupCmdExcepted = - "GRANT ROLE testRole TO USER testUser1, testUser2, testUser3"; - String createRoleDeleteGroupCmdResult = - CommandUtil.createCmdForRoleDeleteUser("testRole", getUserStr(3)); - String createRoleDeleteGroupCmdExcepted = - "REVOKE ROLE testRole FROM USER testUser1, testUser2, testUser3"; - - assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult); - assertEquals(createRoleDeleteGroupCmdExcepted, createRoleDeleteGroupCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege1() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.ALL, - PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT ALL ON DATABASE dbTest TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE ALL ON DATABASE dbTest FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege2() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.INSERT, - PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT INSERT ON DATABASE dbTest TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE INSERT ON DATABASE dbTest FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege3() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, - PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON DATABASE dbTest TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON DATABASE dbTest FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege4() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(null, - PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT null ON DATABASE dbTest TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE null ON DATABASE dbTest FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege5() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, - PrivilegeScope.TABLE.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON TABLE tableTest TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON TABLE tableTest FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege6() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, - PrivilegeScope.SERVER.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON SERVER serverTest TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON SERVER serverTest FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege7() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, - PrivilegeScope.URI.name(), "dbTest", "tableTest", "serverTest", - "hdfs://namenode:port/path/to/dir"); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil - .createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON URI hdfs://namenode:port/path/to/dir TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON URI hdfs://namenode:port/path/to/dir FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, - createRevokePrivilegeCmdResult); - } - - @Test - public void testCreateCmdForGrantOrRevokePrivilege8() { - TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); - TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); - - TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, PrivilegeScope.SERVER.name(), - "dbTest", "tableTest", "serverTest", "hdfs://namenode:port/path/to/dir"); - privilege.setGrantOption(TSentryGrantOption.TRUE); - Set privileges = Sets.newHashSet(); - privileges.add(privilege); - grantRequest.setPrivileges(privileges); - revokeRequest.setPrivileges(privileges); - - String createGrantPrivilegeCmdResult = CommandUtil.createCmdForGrantPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON SERVER serverTest TO ROLE testRole WITH GRANT OPTION"; - String createRevokePrivilegeCmdResult = CommandUtil.createCmdForRevokePrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON SERVER serverTest FROM ROLE testRole WITH GRANT OPTION"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); - } - - // generate the command without grant option - @Test - public void testCreateCmdForGrantOrRevokeGMPrivilege1() { - org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantGMPrivilegeRequest(); - org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokeGMPrivilegeRequest(); - org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege = getGMPrivilege(); - grantRequest.setPrivilege(privilege); - revokeRequest.setPrivilege(privilege); - - String createGrantPrivilegeCmdResult = CommandUtil.createCmdForGrantGMPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 TO ROLE testRole"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokeGMPrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 FROM ROLE testRole"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); - } - - // generate the command with grant option - @Test - public void testCreateCmdForGrantOrRevokeGMPrivilege2() { - org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantGMPrivilegeRequest(); - org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokeGMPrivilegeRequest(); - org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege = getGMPrivilege(); - privilege - .setGrantOption(org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.TRUE); - grantRequest.setPrivilege(privilege); - revokeRequest.setPrivilege(privilege); - - String createGrantPrivilegeCmdResult = CommandUtil.createCmdForGrantGMPrivilege(grantRequest); - String createGrantPrivilegeCmdExcepted = "GRANT ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 TO ROLE testRole WITH GRANT OPTION"; - String createRevokePrivilegeCmdResult = CommandUtil - .createCmdForRevokeGMPrivilege(revokeRequest); - String createRevokePrivilegeCmdExcepted = "REVOKE ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 FROM ROLE testRole WITH GRANT OPTION"; - - assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); - assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); - } - - private String getGroupStr(int num) { - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < num; i++) { - if (i > 0) { - sb.append(", "); - } - sb.append("testGroup" + (i + 1)); - } - return sb.toString(); - } - - private String getUserStr(int num) { - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < num; i++) { - if (i > 0) { - sb.append(", "); - } - sb.append("testUser" + (i + 1)); - } - return sb.toString(); - } - - private TAlterSentryRoleGrantPrivilegeRequest getGrantPrivilegeRequest() { - TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest(); - request.setRoleName("testRole"); - return request; - } - - private TAlterSentryRoleRevokePrivilegeRequest getRevokePrivilegeRequest() { - TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); - request.setRoleName("testRole"); - return request; - } - - private org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest getGrantGMPrivilegeRequest() { - org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request = new org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest(); - request.setRoleName("testRole"); - return request; - } - - private org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest getRevokeGMPrivilegeRequest() { - org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request = new org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest(); - request.setRoleName("testRole"); - return request; - } - - private TSentryPrivilege getPrivilege(String action, String privilegeScope, - String dbName, String tableName, String serverName, String URI) { - TSentryPrivilege privilege = new TSentryPrivilege(); - privilege.setAction(action); - privilege.setPrivilegeScope(privilegeScope); - privilege.setDbName(dbName); - privilege.setTableName(tableName); - privilege.setServerName(serverName); - privilege.setURI(URI); - return privilege; - } - - private org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege getGMPrivilege() { - org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege = new org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege(); - privilege.setAction("ACTION"); - privilege.setComponent("COMPONENT"); - List authorizables = new ArrayList(); - authorizables.add(new TAuthorizable("resourceType1", "resourceName1")); - authorizables.add(new TAuthorizable("resourceType2", "resourceName2")); - privilege.setAuthorizables(authorizables); - return privilege; - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e72e6eac/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java deleted file mode 100644 index c31233b..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java +++ /dev/null @@ -1,245 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.persistent; - -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import org.apache.sentry.core.model.db.AccessConstants; -import org.apache.sentry.provider.db.service.model.MSentryPrivilege; -import org.junit.Test; - -public class TestSentryPrivilege { - @Test - public void testImpliesPrivilegePositive() throws Exception { - // 1.test server+database+table+action - MSentryPrivilege my = new MSentryPrivilege(); - MSentryPrivilege your = new MSentryPrivilege(); - my.setServerName("server1"); - my.setDbName("db1"); - my.setTableName("tb1"); - my.setAction(AccessConstants.SELECT); - your.setServerName("server1"); - your.setDbName("db1"); - your.setTableName("tb1"); - your.setAction(AccessConstants.SELECT); - assertTrue(my.implies(your)); - - my.setAction(AccessConstants.ALL); - assertTrue(my.implies(your)); - - my.setTableName(""); - assertTrue(my.implies(your)); - - my.setDbName(""); - assertTrue(my.implies(your)); - - my.setAction(AccessConstants.ACTION_ALL); - assertTrue(my.implies(your)); - - my.setTableName(""); - assertTrue(my.implies(your)); - - my.setDbName(""); - assertTrue(my.implies(your)); - - // 2.test server+URI+action using all combinations of * and ALL for action - String[][] actionMap = new String[][] { - { AccessConstants.ALL, AccessConstants.ALL }, - { AccessConstants.ALL, AccessConstants.ACTION_ALL }, - { AccessConstants.ACTION_ALL, AccessConstants.ALL }, - { AccessConstants.ACTION_ALL, AccessConstants.ACTION_ALL } }; - - for (int actions = 0; actions < actionMap.length; actions++) { - my = new MSentryPrivilege(); - your = new MSentryPrivilege(); - my.setServerName("server1"); - my.setAction(actionMap[actions][0]); - your.setServerName("server1"); - your.setAction(actionMap[actions][1]); - my.setURI("hdfs://namenode:9000/path"); - your.setURI("hdfs://namenode:9000/path"); - assertTrue(my.implies(your)); - - my.setURI("hdfs://namenode:9000/path"); - your.setURI("hdfs://namenode:9000/path/to/some/dir"); - assertTrue(my.implies(your)); - - my.setURI("file:///path"); - your.setURI("file:///path"); - assertTrue(my.implies(your)); - - my.setURI("file:///path"); - your.setURI("file:///path/to/some/dir"); - assertTrue(my.implies(your)); - - // my is SERVER level privilege, your is URI level privilege - my.setURI(""); - your.setURI("file:///path"); - assertTrue(my.implies(your)); - } - } - - @Test - public void testImpliesPrivilegeNegative() throws Exception { - // 1.test server+database+table+action - MSentryPrivilege my = new MSentryPrivilege(); - MSentryPrivilege your = new MSentryPrivilege(); - // bad action - my.setServerName("server1"); - my.setDbName("db1"); - my.setTableName("tb1"); - my.setAction(AccessConstants.SELECT); - your.setServerName("server1"); - your.setDbName("db1"); - your.setTableName("tb1"); - your.setAction(AccessConstants.INSERT); - assertFalse(my.implies(your)); - - // bad action - your.setAction(AccessConstants.ALL); - assertFalse(my.implies(your)); - - - // bad table - your.setTableName("tb2"); - assertFalse(my.implies(your)); - - // bad database - your.setTableName("tb1"); - your.setDbName("db2"); - assertFalse(my.implies(your)); - - // bad server - your.setTableName("tb1"); - your.setDbName("db1"); - your.setServerName("server2"); - assertFalse(my.implies(your)); - - // 2.test server+URI+action - my = new MSentryPrivilege(); - your = new MSentryPrivilege(); - my.setServerName("server1"); - my.setAction(AccessConstants.ALL); - your.setServerName("server2"); - your.setAction(AccessConstants.ALL); - - // relative path - my.setURI("hdfs://namenode:9000/path"); - your.setURI("hdfs://namenode:9000/path/to/../../other"); - assertFalse(my.implies(your)); - my.setURI("file:///path"); - your.setURI("file:///path/to/../../other"); - assertFalse(my.implies(your)); - - // bad uri - my.setURI("blah"); - your.setURI("hdfs://namenode:9000/path/to/some/dir"); - assertFalse(my.implies(your)); - my.setURI("hdfs://namenode:9000/path/to/some/dir"); - your.setURI("blah"); - assertFalse(my.implies(your)); - - // bad scheme - my.setURI("hdfs://namenode:9000/path"); - your.setURI("file:///path/to/some/dir"); - assertFalse(my.implies(your)); - my.setURI("hdfs://namenode:9000/path"); - your.setURI("file://namenode:9000/path/to/some/dir"); - assertFalse(my.implies(your)); - - // bad hostname - my.setURI("hdfs://namenode1:9000/path"); - your.setURI("hdfs://namenode2:9000/path"); - assertFalse(my.implies(your)); - - // bad port - my.setURI("hdfs://namenode:9000/path"); - your.setURI("hdfs://namenode:9001/path"); - assertFalse(my.implies(your)); - - // bad path - my.setURI("hdfs://namenode:9000/path1"); - your.setURI("hdfs://namenode:9000/path2"); - assertFalse(my.implies(your)); - my.setURI("file:///path1"); - your.setURI("file:///path2"); - assertFalse(my.implies(your)); - - // bad server - your.setServerName("server2"); - my.setURI("hdfs://namenode:9000/path1"); - your.setURI("hdfs://namenode:9000/path1"); - assertFalse(my.implies(your)); - - // bad implies - my.setServerName("server1"); - my.setURI("hdfs://namenode:9000/path1"); - your.setServerName("server1"); - your.setURI(""); - assertFalse(my.implies(your)); - } - - @Test - public void testImpliesPrivilegePositiveWithColumn() throws Exception { - // 1.test server+database+table+column+action - MSentryPrivilege my = new MSentryPrivilege(); - MSentryPrivilege your = new MSentryPrivilege(); - my.setServerName("server1"); - my.setAction(AccessConstants.SELECT); - your.setServerName("server1"); - your.setDbName("db1"); - your.setTableName("tb1"); - your.setColumnName("c1"); - your.setAction(AccessConstants.SELECT); - assertTrue(my.implies(your)); - - my.setDbName("db1"); - assertTrue(my.implies(your)); - - my.setTableName("tb1"); - assertTrue(my.implies(your)); - - my.setColumnName("c1"); - assertTrue(my.implies(your)); - } - - @Test - public void testImpliesPrivilegeNegativeWithColumn() throws Exception { - // 1.test server+database+table+column+action - MSentryPrivilege my = new MSentryPrivilege(); - MSentryPrivilege your = new MSentryPrivilege(); - // bad column - my.setServerName("server1"); - my.setDbName("db1"); - my.setTableName("tb1"); - my.setColumnName("c1"); - my.setAction(AccessConstants.SELECT); - your.setServerName("server1"); - your.setDbName("db1"); - your.setTableName("tb1"); - your.setColumnName("c2"); - your.setAction(AccessConstants.SELECT); - assertFalse(my.implies(your)); - - // bad scope - your.setColumnName(""); - assertFalse(my.implies(your)); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e72e6eac/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java deleted file mode 100644 index 7cbcc11..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java +++ /dev/null @@ -1,123 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.persistent; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import org.apache.hadoop.conf.Configuration; - -import org.apache.curator.test.TestingServer; -import org.apache.curator.x.discovery.ServiceInstance; -import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; -import org.junit.After; -import org.junit.Before; -import org.junit.Test; -import static org.junit.Assert.assertEquals; - -public class TestSentryServiceDiscovery { - - private HAContext haContext; - private TestingServer server; - - @Before - public void setup() throws Exception { - server = new TestingServer(); - // HA conf - Configuration conf = new Configuration(false); - conf.set(ServerConfig.SENTRY_HA_ENABLED, "true"); - conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE, "sentry-test"); - conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM, server.getConnectString()); - haContext = HAContext.getHAContext(conf); - } - - @After - public void teardown() { - HAContext.clearServerContext(); - if (server != null) { - try { - server.stop(); - } catch (IOException e) { - } - } - } - - @Test - public void testRegisterOneService() throws Exception { - final String hostname = "localhost1"; - final Integer port = 123; - ServiceRegister register = new ServiceRegister(haContext); - register.regService(hostname, port); - ServiceManager manager = new ServiceManager(haContext); - ServiceInstance instance = manager.getServiceInstance(); - assertEquals("'hostname' doesn't match.", hostname, instance.getAddress()); - assertEquals("'port' doesn't match.", port, instance.getPort()); - } - - @Test - public void testRegisterMultiService() throws Exception { - - final String hostname1 = "localhost1"; - final Integer port1 = 123; - final String hostname2 = "localhost2"; - final Integer port2 = 456; - final String hostname3 = "localhost3"; - final Integer port3 = 789; - - Map servicesMap = new HashMap(); - servicesMap.put(hostname1, port1); - servicesMap.put(hostname2, port2); - servicesMap.put(hostname3, port3); - - ServiceRegister register1 = new ServiceRegister(haContext); - register1.regService(hostname1, port1); - ServiceRegister register2 = new ServiceRegister(haContext); - register2.regService(hostname2, port2); - ServiceRegister register3 = new ServiceRegister(haContext); - register3.regService(hostname3, port3); - - ServiceManager manager = new ServiceManager(haContext); - ServiceInstance instance = manager.getServiceInstance(); - assertEquals("'instance' doesn't match.", instance.getPort(), servicesMap.get(instance.getAddress())); - instance = manager.getServiceInstance(); - assertEquals("'instance' doesn't match.", instance.getPort(), servicesMap.get(instance.getAddress())); - instance = manager.getServiceInstance(); - assertEquals("'instance' doesn't match.", instance.getPort(), servicesMap.get(instance.getAddress())); - } - - @Test - public void testReportError() throws Exception { - final String hostname1 = "localhost1"; - final Integer port1 = 123; - - ServiceRegister register1 = new ServiceRegister(haContext); - register1.regService(hostname1, port1); - - ServiceManager manager = new ServiceManager(haContext); - ServiceInstance instance = manager.getServiceInstance(); - manager.reportError(instance); - // report twice, manager will not return temporarily - instance = manager.getServiceInstance(); - manager.reportError(instance); - instance = manager.getServiceInstance(); - assertEquals("'instance' should be null.", null, instance); - } - -}