sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ak...@apache.org
Subject sentry git commit: SENTRY-1629: Current MAuthzPathsMapping table definition may cause error 'Duplicate entry XX for key PRIMARY' (Kalyan Kalvagadda, reviewed by Hao Hao and Alex Kolbasov)
Date Tue, 11 Apr 2017 23:11:52 GMT
Repository: sentry
Updated Branches:
  refs/heads/sentry-ha-redesign a21a41971 -> c94cfa6ed


SENTRY-1629: Current MAuthzPathsMapping table definition may cause error 'Duplicate entry
XX for key PRIMARY' (Kalyan Kalvagadda, reviewed by Hao Hao and Alex Kolbasov)

- Changed the JDO definition to have Path as separate entity.
- SQL changes needed for the handle the new JDO definition.
- Application changes to use new JDO definition.
- Updated unit test cases to test the case where an authz object is associated with more than
one path.

Testing done:
1. Tested the sql changes with derby, mysql, oracle, postgres and db2.
2. Added unit tests to be sure that the actual issues is addressed.


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/c94cfa6e
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/c94cfa6e
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/c94cfa6e

Branch: refs/heads/sentry-ha-redesign
Commit: c94cfa6ed4de85ae8e88cca649e583db5cfb0cc7
Parents: a21a419
Author: Alexander Kolbasov <akolb@cloudera.com>
Authored: Tue Apr 11 16:09:34 2017 -0700
Committer: Alexander Kolbasov <akolb@cloudera.com>
Committed: Tue Apr 11 16:09:34 2017 -0700

----------------------------------------------------------------------
 .../db/service/model/MAuthzPathsMapping.java    | 28 ++++++--
 .../sentry/provider/db/service/model/MPath.java | 69 ++++++++++++++++++++
 .../provider/db/service/model/package.jdo       | 20 ++++--
 .../db/service/persistent/SentryStore.java      | 11 ++--
 .../main/resources/007-SENTRY-1365.derby.sql    | 25 +++----
 .../main/resources/007-SENTRY-1365.mysql.sql    | 24 +++----
 .../main/resources/007-SENTRY-1365.oracle.sql   | 25 +++----
 .../main/resources/007-SENTRY-1365.postgres.sql | 24 +++----
 .../src/main/resources/sentry-db2-1.8.0.sql     | 22 ++++---
 .../src/main/resources/sentry-derby-1.8.0.sql   | 25 +++----
 .../src/main/resources/sentry-mysql-1.8.0.sql   | 24 +++----
 .../src/main/resources/sentry-oracle-1.8.0.sql  | 27 ++++----
 .../main/resources/sentry-postgres-1.8.0.sql    | 25 +++----
 .../sentry-upgrade-db2-1.7.0-to-1.8.0.sql       | 22 ++++---
 .../db/service/persistent/TestSentryStore.java  | 52 +++++++++++++--
 15 files changed, 293 insertions(+), 130 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MAuthzPathsMapping.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MAuthzPathsMapping.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MAuthzPathsMapping.java
index 56e456e..c22364f 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MAuthzPathsMapping.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MAuthzPathsMapping.java
@@ -19,6 +19,7 @@
 package org.apache.sentry.provider.db.service.model;
 
 import javax.jdo.annotations.PersistenceCapable;
+import java.util.HashSet;
 import java.util.Set;
 
 /**
@@ -29,13 +30,16 @@ import java.util.Set;
 public class MAuthzPathsMapping {
 
   private String authzObjName;
-  private Set<String> paths;
+  private Set<MPath> paths;
   private long createTimeMs;
 
-  public MAuthzPathsMapping(String authzObjName, Set<String> paths, long createTimeMs)
{
+  public MAuthzPathsMapping(String authzObjName, Iterable<String> paths) {
     this.authzObjName = authzObjName;
-    this.paths = paths;
-    this.createTimeMs = createTimeMs;
+    this.paths = new HashSet<>();
+    for (String path : paths) {
+      this.paths.add(new MPath(path));
+    }
+    this.createTimeMs = System.currentTimeMillis();
   }
 
   public long getCreateTime() {
@@ -54,11 +58,23 @@ public class MAuthzPathsMapping {
     this.authzObjName = authzObjName;
   }
 
-  public void setPaths(Set<String> paths) {
+  public void setPaths(Set<MPath> paths) {
     this.paths = paths;
   }
 
-  public Set<String> getPaths() {
+  public Set<MPath> getPaths() {
+    return paths;
+  }
+
+  /*
+  This method is used to get path set in string format
+  constructed from Set<MPath>.
+  */
+  public Set<String> getPathStrings() {
+    Set<String> paths = new HashSet<>(this.paths.size());
+    for (MPath path : this.paths) {
+      paths.add(path.getPath());
+    }
     return paths;
   }
 

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MPath.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MPath.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MPath.java
new file mode 100644
index 0000000..c743846
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MPath.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db.service.model;
+
+/**
+ * Used to store the path for the Authorizable object
+ *
+ * New class is created for path in order to have 1 to many mapping
+ * between path and Authorizable object.
+ */
+public class MPath {
+  private String path;
+
+  public MPath(String path) {
+    this.path = path;
+  }
+
+  public String getPath() {
+    return path;
+  }
+
+  public void setPath(String path) { this.path = path; }
+
+  @Override
+  public int hashCode() {
+    final int prime = 31;
+    int result = 1;
+    result = prime * result + ((path == null) ? 0 : path.hashCode());
+    return result;
+  }
+
+  @Override
+  public boolean equals(Object obj) {
+    if (this == obj) {
+      return true;
+    }
+
+    if (obj == null) {
+      return false;
+    }
+
+    if (getClass() != obj.getClass()) {
+      return false;
+    }
+
+    MPath other = (MPath) obj;
+
+    if (path == null) {
+      return other.path == null;
+    }
+
+    return path.equals(other.path);
+  }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
index e981bcf..dfeb221 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
@@ -237,7 +237,7 @@
       </field>
      </class>
 
-     <class name="MAuthzPathsMapping" identity-type="datastore" table="AUTHZ_PATHS_MAPPING"
detachable="true">
+    <class name="MAuthzPathsMapping" identity-type="datastore" table="AUTHZ_PATHS_MAPPING"
detachable="true">
        <datastore-identity>
          <column name="AUTHZ_OBJ_ID"/>
        </datastore-identity>
@@ -254,14 +254,22 @@
          <column name="CREATE_TIME_MS" jdbc-type="BIGINT"/>
        </field>
        <field name = "paths">
-         <collection element-type="java.lang.String"/>
-             <join/>
-             <element>
-                 <column name="PATHS"/>
-             </element>
+         <collection element-type="org.apache.sentry.provider.db.service.model.MPath"/>
+           <element>
+             <column name="AUTHZ_OBJ_ID"/>
+           </element>
        </field>
      </class>
 
+    <class name="MPath" identity-type="datastore" table="AUTHZ_PATH" detachable="true">
+      <datastore-identity>
+        <column name="PATH_ID"/>
+      </datastore-identity>
+      <field name="path">
+        <column name="PATH_NAME" length="4000" jdbc-type="VARCHAR"/>
+      </field>
+    </class>
+
      <class name="MSentryPermChange" table="SENTRY_PERM_CHANGE" identity-type="application"
detachable="true">
        <field name="changeID" primary-key="true" value-strategy="increment">
          <column name="CHANGE_ID" jdbc-type="BIGINT" allows-null="false"/>

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 19bae55..aaea979 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -65,6 +65,7 @@ import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
 import org.apache.sentry.provider.db.service.model.MSentryUser;
 import org.apache.sentry.provider.db.service.model.MSentryVersion;
 import org.apache.sentry.provider.db.service.model.MSentryRole;
+import org.apache.sentry.provider.db.service.model.MPath;
 import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor;
 import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
 import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
@@ -489,6 +490,8 @@ public class SentryStore {
               pm.newQuery(MSentryPrivilege.class).deletePersistentAll();
               pm.newQuery(MSentryPermChange.class).deletePersistentAll();
               pm.newQuery(MSentryPathChange.class).deletePersistentAll();
+              pm.newQuery(MAuthzPathsMapping.class).deletePersistentAll();
+              pm.newQuery(MPath.class).deletePersistentAll();
               return null;
             }
           });
@@ -2423,7 +2426,7 @@ public class SentryStore {
         (Iterable<MAuthzPathsMapping>) query.execute();
 
     for (MAuthzPathsMapping authzToPaths : authzToPathsMappings) {
-      retVal.put(authzToPaths.getAuthzObjName(), authzToPaths.getPaths());
+      retVal.put(authzToPaths.getAuthzObjName(), authzToPaths.getPathStrings());
     }
     return retVal;
   }
@@ -2460,11 +2463,11 @@ public class SentryStore {
   private void createAuthzPathsMappingCore(PersistenceManager pm, String authzObj,
       Set<String> paths) throws SentryAlreadyExistsException {
 
-    MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMapping(pm, authzObj);
+    MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMappingCore(pm, authzObj);
 
     if (mAuthzPathsMapping == null) {
       mAuthzPathsMapping =
-          new MAuthzPathsMapping(authzObj, paths, System.currentTimeMillis());
+          new MAuthzPathsMapping(authzObj, paths);
       pm.makePersistent(mAuthzPathsMapping);
     } else {
       throw new SentryAlreadyExistsException("AuthzObj: " + authzObj);
@@ -2474,7 +2477,7 @@ public class SentryStore {
   /**
    * Get the MAuthzPathsMapping object from authzObj
    */
-  public MAuthzPathsMapping getMAuthzPathsMapping(PersistenceManager pm, String authzObj)
{
+  public MAuthzPathsMapping getMAuthzPathsMappingCore(PersistenceManager pm, String authzObj)
{
     Query query = pm.newQuery(MAuthzPathsMapping.class);
     query.setFilter("this.authzObjName == t");
     query.declareParameters("java.lang.String t");

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.derby.sql
b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.derby.sql
index 1883626..1935ef0 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.derby.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.derby.sql
@@ -8,23 +8,24 @@ CREATE TABLE AUTHZ_PATHS_MAPPING
 
 ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHS_MAPPING_PK PRIMARY KEY (AUTHZ_OBJ_ID);
 
--- Table MAUTHZPATHSMAPPING_PATHS for join relationship
-CREATE TABLE MAUTHZPATHSMAPPING_PATHS
-(
-    AUTHZ_OBJ_ID_OID BIGINT NOT NULL,
-    PATHS VARCHAR(4000) NOT NULL
-);
-
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_PK PRIMARY KEY
(AUTHZ_OBJ_ID_OID,PATHS);
-
 -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX AUTHZOBJNAME ON AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_NAME);
 
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE AUTHZ_PATH
+ (
+    PATH_ID BIGINT NOT NULL,
+    PATH_NAME VARCHAR(4000),
+    AUTHZ_OBJ_ID BIGINT
+);
 
--- Constraints for table MAUTHZPATHSMAPPING_PATHS
-CREATE INDEX MAUTHZPATHSMAPPING_PATHS_N49 ON MAUTHZPATHSMAPPING_PATHS (AUTHZ_OBJ_ID_OID);
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID);
 
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_FK1 FOREIGN
KEY (AUTHZ_OBJ_ID_OID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID) ;
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_FK
+  FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID);
 
 ------------------------------------------------------------------
 -- Sequences and SequenceTables
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.mysql.sql
b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.mysql.sql
index 1829e2f..c0973b8 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.mysql.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.mysql.sql
@@ -7,21 +7,23 @@ CREATE TABLE `AUTHZ_PATHS_MAPPING`
     CONSTRAINT `AUTHZ_PATHS_MAPPING_PK` PRIMARY KEY (`AUTHZ_OBJ_ID`)
 ) ENGINE=INNODB;
 
--- Table `MAUTHZPATHSMAPPING_PATHS` for join relationship
-CREATE TABLE `MAUTHZPATHSMAPPING_PATHS`
-(
-    `AUTHZ_OBJ_ID_OID` BIGINT NOT NULL,
-    `PATHS` VARCHAR(4000) BINARY NOT NULL,
-    CONSTRAINT `MAUTHZPATHSMAPPING_PATHS_PK` PRIMARY KEY (`AUTHZ_OBJ_ID_OID`,`PATHS`)
-) ENGINE=INNODB;
-
 -- Constraints for table `AUTHZ_PATHS_MAPPING` for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX `AUTHZOBJNAME` ON `AUTHZ_PATHS_MAPPING` (`AUTHZ_OBJ_NAME`);
 
--- Constraints for table `MAUTHZPATHSMAPPING_PATHS`
-CREATE INDEX `MAUTHZPATHSMAPPING_PATHS_N49` ON `MAUTHZPATHSMAPPING_PATHS` (`AUTHZ_OBJ_ID_OID`);
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE `AUTHZ_PATH` (
+    `PATH_ID` BIGINT NOT NULL,
+    `PATH_NAME` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin,
+    `AUTHZ_OBJ_ID` BIGINT
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE `AUTHZ_PATH`
+  ADD CONSTRAINT `AUTHZ_PATH_PK` PRIMARY KEY (`PATH_ID`);
 
-ALTER TABLE `MAUTHZPATHSMAPPING_PATHS` ADD CONSTRAINT `MAUTHZPATHSMAPPING_PATHS_FK1` FOREIGN
KEY (`AUTHZ_OBJ_ID_OID`) REFERENCES `AUTHZ_PATHS_MAPPING` (`AUTHZ_OBJ_ID`) ;
+ALTER TABLE `AUTHZ_PATH`
+  ADD CONSTRAINT `AUTHZ_PATH_FK`
+  FOREIGN KEY (`AUTHZ_OBJ_ID`) REFERENCES `AUTHZ_PATHS_MAPPING`(`AUTHZ_OBJ_ID`);
 
 ------------------------------------------------------------------
 -- Sequences and SequenceTables
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.oracle.sql
b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.oracle.sql
index 7de9751..081a369 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.oracle.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.oracle.sql
@@ -8,22 +8,23 @@ CREATE TABLE AUTHZ_PATHS_MAPPING
 
 ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHS_MAPPING_PK PRIMARY KEY (AUTHZ_OBJ_ID);
 
--- Table MAUTHZPATHSMAPPING_PATHS for join relationship
-CREATE TABLE MAUTHZPATHSMAPPING_PATHS
-(
-    AUTHZ_OBJ_ID_OID NUMBER NOT NULL,
-    PATHS VARCHAR2(4000) NOT NULL
-);
-
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_PK PRIMARY KEY
(AUTHZ_OBJ_ID_OID,PATHS);
-
 -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX AUTHZOBJNAME ON AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_NAME);
 
--- Constraints for table MAUTHZPATHSMAPPING_PATHS
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_FK1 FOREIGN
KEY (AUTHZ_OBJ_ID_OID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID) INITIALLY DEFERRED ;
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE AUTHZ_PATH
+ (
+    PATH_ID NUMBER NOT NULL,
+    PATH_NAME VARCHAR(4000),
+    AUTHZ_OBJ_ID NUMBER
+);
 
-CREATE INDEX MAUTHZPATHSMAPPING_PATHS_N49 ON MAUTHZPATHSMAPPING_PATHS (AUTHZ_OBJ_ID_OID);
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID);
 
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_FK
+  FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID);
 ------------------------------------------------------------------
 -- Sequences and SequenceTables
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.postgres.sql
b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.postgres.sql
index adf5f1f..9456925 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.postgres.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.postgres.sql
@@ -7,21 +7,23 @@ CREATE TABLE "AUTHZ_PATHS_MAPPING"
     CONSTRAINT "AUTHZ_PATHS_MAPPING_PK" PRIMARY KEY ("AUTHZ_OBJ_ID")
 );
 
--- Table "MAUTHZPATHSMAPPING_PATHS" for join relationship
-CREATE TABLE "MAUTHZPATHSMAPPING_PATHS"
-(
-    "AUTHZ_OBJ_ID_OID" int8 NOT NULL,
-    "PATHS" varchar(4000) NOT NULL,
-    CONSTRAINT "MAUTHZPATHSMAPPING_PATHS_PK" PRIMARY KEY ("AUTHZ_OBJ_ID_OID","PATHS")
-);
-
 -- Constraints for table "AUTHZ_PATHS_MAPPING" for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX "AUTHZOBJNAME" ON "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_NAME");
 
--- Constraints for table "MAUTHZPATHSMAPPING_PATHS"
-ALTER TABLE "MAUTHZPATHSMAPPING_PATHS" ADD CONSTRAINT "MAUTHZPATHSMAPPING_PATHS_FK1" FOREIGN
KEY ("AUTHZ_OBJ_ID_OID") REFERENCES "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_ID") INITIALLY DEFERRED
;
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE "AUTHZ_PATH"
+ (
+    "PATH_ID" BIGINT NOT NULL,
+    "PATH_NAME" varchar(4000),
+    "AUTHZ_OBJ_ID" BIGINT
+);
 
-CREATE INDEX "MAUTHZPATHSMAPPING_PATHS_N49" ON "MAUTHZPATHSMAPPING_PATHS" ("AUTHZ_OBJ_ID_OID");
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE "AUTHZ_PATH"
+  ADD CONSTRAINT "AUTHZ_PATH_PK" PRIMARY KEY ("PATH_ID");
 
+ALTER TABLE "AUTHZ_PATH"
+  ADD CONSTRAINT "AUTHZ_PATH_FK"
+  FOREIGN KEY ("AUTHZ_OBJ_ID") REFERENCES "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_ID") DEFERRABLE;
 ------------------------------------------------------------------
 -- Sequences and SequenceTables
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
index 547bbe8..037e6c3 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
@@ -187,18 +187,24 @@ CREATE TABLE AUTHZ_PATHS_MAPPING(AUTHZ_OBJ_ID BIGINT NOT NULL generated
always a
 
 ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHSCO7K_PK PRIMARY KEY (AUTHZ_OBJ_ID);
 
--- Table MAUTHZPATHSMAPPING_PATHS for join relationship
-CREATE TABLE MAUTHZPATHSMAPPING_PATHS(AUTHZ_OBJ_ID_OID BIGINT NOT NULL,PATHS VARCHAR(4000)
NOT NULL);
-
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSS184_PK PRIMARY KEY (AUTHZ_OBJ_ID_OID,PATHS);
-
 -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX AUTHZOBJNAME ON AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_NAME);
 
--- Constraints for table MAUTHZPATHSMAPPING_PATHS
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHS184_FK1 FOREIGN KEY (AUTHZ_OBJ_ID_OID)
REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID) ;
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE AUTHZ_PATH
+ (
+    PATH_ID BIGINT NOT NULL,
+    PATH_NAME VARCHAR(4000),
+    AUTHZ_OBJ_ID BIGINT
+);
+
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID);
 
-CREATE INDEX MAUTHZPATHS184_N49 ON MAUTHZPATHSMAPPING_PATHS (AUTHZ_OBJ_ID_OID);
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_FK
+  FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID);
 
 -- Table SENTRY_PERM_CHANGE for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange]
 CREATE TABLE "SENTRY_PERM_CHANGE"

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
index 6474389..847c879 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
@@ -191,23 +191,24 @@ CREATE TABLE AUTHZ_PATHS_MAPPING
 
 ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHS_MAPPING_PK PRIMARY KEY (AUTHZ_OBJ_ID);
 
--- Table MAUTHZPATHSMAPPING_PATHS for join relationship
-CREATE TABLE MAUTHZPATHSMAPPING_PATHS
-(
-    AUTHZ_OBJ_ID_OID BIGINT NOT NULL,
-    PATHS VARCHAR(4000) NOT NULL
-);
-
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_PK PRIMARY KEY
(AUTHZ_OBJ_ID_OID,PATHS);
-
 -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX AUTHZOBJNAME ON AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_NAME);
 
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE AUTHZ_PATH
+ (
+    PATH_ID BIGINT NOT NULL,
+    PATH_NAME VARCHAR(4000),
+    AUTHZ_OBJ_ID BIGINT
+);
 
--- Constraints for table MAUTHZPATHSMAPPING_PATHS
-CREATE INDEX MAUTHZPATHSMAPPING_PATHS_N49 ON MAUTHZPATHSMAPPING_PATHS (AUTHZ_OBJ_ID_OID);
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID);
 
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_FK1 FOREIGN
KEY (AUTHZ_OBJ_ID_OID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID) ;
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_FK
+  FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID);
 
 -- Table SENTRY_PERM_CHANGE for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange]
 CREATE TABLE SENTRY_PERM_CHANGE

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
index 1ab8343..78e318b 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
@@ -230,21 +230,23 @@ CREATE TABLE `AUTHZ_PATHS_MAPPING`
     CONSTRAINT `AUTHZ_PATHS_MAPPING_PK` PRIMARY KEY (`AUTHZ_OBJ_ID`)
 ) ENGINE=INNODB;
 
--- Table `MAUTHZPATHSMAPPING_PATHS` for join relationship
-CREATE TABLE `MAUTHZPATHSMAPPING_PATHS`
-(
-    `AUTHZ_OBJ_ID_OID` BIGINT NOT NULL,
-    `PATHS` VARCHAR(4000) BINARY NOT NULL,
-    CONSTRAINT `MAUTHZPATHSMAPPING_PATHS_PK` PRIMARY KEY (`AUTHZ_OBJ_ID_OID`,`PATHS`)
-) ENGINE=INNODB;
-
 -- Constraints for table `AUTHZ_PATHS_MAPPING` for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX `AUTHZOBJNAME` ON `AUTHZ_PATHS_MAPPING` (`AUTHZ_OBJ_NAME`);
 
--- Constraints for table `MAUTHZPATHSMAPPING_PATHS`
-CREATE INDEX `MAUTHZPATHSMAPPING_PATHS_N49` ON `MAUTHZPATHSMAPPING_PATHS` (`AUTHZ_OBJ_ID_OID`);
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE `AUTHZ_PATH` (
+    `PATH_ID` BIGINT NOT NULL,
+    `PATH_NAME` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin,
+    `AUTHZ_OBJ_ID` BIGINT
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE `AUTHZ_PATH`
+  ADD CONSTRAINT `AUTHZ_PATH_PK` PRIMARY KEY (`PATH_ID`);
 
-ALTER TABLE `MAUTHZPATHSMAPPING_PATHS` ADD CONSTRAINT `MAUTHZPATHSMAPPING_PATHS_FK1` FOREIGN
KEY (`AUTHZ_OBJ_ID_OID`) REFERENCES `AUTHZ_PATHS_MAPPING` (`AUTHZ_OBJ_ID`) ;
+ALTER TABLE `AUTHZ_PATH`
+  ADD CONSTRAINT `AUTHZ_PATH_FK`
+  FOREIGN KEY (`AUTHZ_OBJ_ID`) REFERENCES `AUTHZ_PATHS_MAPPING`(`AUTHZ_OBJ_ID`);
 
 -- Table `SENTRY_PERM_CHANGE` for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange]
 CREATE TABLE `SENTRY_PERM_CHANGE`

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
index 0418b29..e972bbf 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
@@ -206,22 +206,25 @@ CREATE TABLE AUTHZ_PATHS_MAPPING
 
 ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHS_MAPPING_PK PRIMARY KEY (AUTHZ_OBJ_ID);
 
--- Table MAUTHZPATHSMAPPING_PATHS for join relationship
-CREATE TABLE MAUTHZPATHSMAPPING_PATHS
-(
-    AUTHZ_OBJ_ID_OID NUMBER NOT NULL,
-    PATHS VARCHAR2(4000) NOT NULL
-);
-
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_PK PRIMARY KEY
(AUTHZ_OBJ_ID_OID,PATHS);
-
 -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX AUTHZOBJNAME ON AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_NAME);
 
--- Constraints for table MAUTHZPATHSMAPPING_PATHS
-ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSMAPPING_PATHS_FK1 FOREIGN
KEY (AUTHZ_OBJ_ID_OID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID) INITIALLY DEFERRED ;
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE AUTHZ_PATH
+ (
+    PATH_ID NUMBER NOT NULL,
+    PATH_NAME VARCHAR(4000),
+    AUTHZ_OBJ_ID NUMBER
+);
+
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID);
+
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_FK
+  FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID);
 
-CREATE INDEX MAUTHZPATHSMAPPING_PATHS_N49 ON MAUTHZPATHSMAPPING_PATHS (AUTHZ_OBJ_ID_OID);
 
 -- Table "SENTRY_PERM_CHANGE" for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange]
 CREATE TABLE "SENTRY_PERM_CHANGE"

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
index 68d2c8d..d2a4e0d 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
@@ -217,21 +217,24 @@ CREATE TABLE "AUTHZ_PATHS_MAPPING"
     CONSTRAINT "AUTHZ_PATHS_MAPPING_PK" PRIMARY KEY ("AUTHZ_OBJ_ID")
 );
 
--- Table "MAUTHZPATHSMAPPING_PATHS" for join relationship
-CREATE TABLE "MAUTHZPATHSMAPPING_PATHS"
-(
-    "AUTHZ_OBJ_ID_OID" int8 NOT NULL,
-    "PATHS" varchar(4000) NOT NULL,
-    CONSTRAINT "MAUTHZPATHSMAPPING_PATHS_PK" PRIMARY KEY ("AUTHZ_OBJ_ID_OID","PATHS")
-);
-
 -- Constraints for table "AUTHZ_PATHS_MAPPING" for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
 CREATE UNIQUE INDEX "AUTHZOBJNAME" ON "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_NAME");
 
--- Constraints for table "MAUTHZPATHSMAPPING_PATHS"
-ALTER TABLE "MAUTHZPATHSMAPPING_PATHS" ADD CONSTRAINT "MAUTHZPATHSMAPPING_PATHS_FK1" FOREIGN
KEY ("AUTHZ_OBJ_ID_OID") REFERENCES "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_ID") INITIALLY DEFERRED
;
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE "AUTHZ_PATH"
+ (
+    "PATH_ID" BIGINT NOT NULL,
+    "PATH_NAME" varchar(4000),
+    "AUTHZ_OBJ_ID" BIGINT
+);
+
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE "AUTHZ_PATH"
+  ADD CONSTRAINT "AUTHZ_PATH_PK" PRIMARY KEY ("PATH_ID");
 
-CREATE INDEX "MAUTHZPATHSMAPPING_PATHS_N49" ON "MAUTHZPATHSMAPPING_PATHS" ("AUTHZ_OBJ_ID_OID");
+ALTER TABLE "AUTHZ_PATH"
+  ADD CONSTRAINT "AUTHZ_PATH_FK"
+  FOREIGN KEY ("AUTHZ_OBJ_ID") REFERENCES "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_ID") DEFERRABLE;
 
 -- Table `SENTRY_PERM_CHANGE` for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange]
 CREATE TABLE "SENTRY_PERM_CHANGE"

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
index 5376c16..7c3db17 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
@@ -33,18 +33,24 @@ ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1
FOREIGN
 
  ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHSCO7K_PK PRIMARY KEY (AUTHZ_OBJ_ID);
 
--- Table MAUTHZPATHSMAPPING_PATHS for join relationship
- CREATE TABLE MAUTHZPATHSMAPPING_PATHS(AUTHZ_OBJ_ID_OID BIGINT NOT NULL,PATHS VARCHAR(4000)
NOT NULL);
-
- ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHSS184_PK PRIMARY KEY (AUTHZ_OBJ_ID_OID,PATHS);
-
 -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping]
  CREATE UNIQUE INDEX AUTHZOBJNAME ON AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_NAME);
 
--- Constraints for table MAUTHZPATHSMAPPING_PATHS
- ALTER TABLE MAUTHZPATHSMAPPING_PATHS ADD CONSTRAINT MAUTHZPATHS184_FK1 FOREIGN KEY (AUTHZ_OBJ_ID_OID)
REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID) ;
+-- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath]
+CREATE TABLE AUTHZ_PATH
+ (
+    PATH_ID BIGINT NOT NULL,
+    PATH_NAME VARCHAR(4000),
+    AUTHZ_OBJ_ID BIGINT
+);
+
+-- Constraints for table `AUTHZ_PATH`
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID);
 
-CREATE INDEX MAUTHZPATHS184_N49 ON MAUTHZPATHSMAPPING_PATHS (AUTHZ_OBJ_ID_OID);
+ALTER TABLE AUTHZ_PATH
+  ADD CONSTRAINT AUTHZ_PATH_FK
+  FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID);
 
 -- Table `SENTRY_PERM_CHANGE` for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange]
 CREATE TABLE "SENTRY_PERM_CHANGE"

http://git-wip-us.apache.org/repos/asf/sentry/blob/c94cfa6e/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index fe3880d..31a309b 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -2240,24 +2240,64 @@ public class TestSentryStore extends org.junit.Assert {
     assertEquals(2, roles.size());
   }
 
+  /*
+  Makes sure that Authorizable object could be associated with multiple paths and can be
properly persisted into
+  database.
+  */
   @Test
   public void testAuthzPathsMapping() throws Exception {
-    sentryStore.createAuthzPathsMapping("db1.table1", Sets.newHashSet("/user/hive/warehouse/db1.db/table1"));
-    sentryStore.createAuthzPathsMapping("db1.table2", Sets.newHashSet("/user/hive/warehouse/db1.db/table2"));
+    sentryStore.createAuthzPathsMapping("db1.table1", Sets.newHashSet("/user/hive/warehouse/db1.db/table1.1","/user/hive/warehouse/db1.db/table1.2"));
+    sentryStore.createAuthzPathsMapping("db1.table2", Sets.newHashSet("/user/hive/warehouse/db1.db/table2.1","/user/hive/warehouse/db1.db/table2.2"));
 
     PathsImage pathsImage = sentryStore.retrieveFullPathsImage();
     Map<String, Set<String>> pathImage = pathsImage.getPathImage();
     assertEquals(2, pathImage.size());
-    assertEquals(Sets.newHashSet("/user/hive/warehouse/db1.db/table1"), pathImage.get("db1.table1"));
+    for (Map.Entry<String, Set<String>> entry : pathImage.entrySet()) {
+      assertEquals(2, entry.getValue().size());
+    }
+    assertEquals(Sets.newHashSet("/user/hive/warehouse/db1.db/table1.1","/user/hive/warehouse/db1.db/table1.2"),
pathImage.get("db1.table1"));
+    assertEquals(Sets.newHashSet("/user/hive/warehouse/db1.db/table2.1","/user/hive/warehouse/db1.db/table2.2"),
pathImage.get("db1.table2"));
 
     Map<String, Set<String>> authzPaths = new HashMap<>();
-    authzPaths.put("db2.table1", Sets.newHashSet("/user/hive/warehouse/db2.db/table1"));
-    authzPaths.put("db2.table2", Sets.newHashSet("/user/hive/warehouse/db2.db/table2"));
+    authzPaths.put("db2.table1", Sets.newHashSet("/user/hive/warehouse/db2.db/table1.1","/user/hive/warehouse/db2.db/table1.2"));
+    authzPaths.put("db2.table2", Sets.newHashSet("/user/hive/warehouse/db2.db/table2.1","/user/hive/warehouse/db2.db/table2.2"));
     sentryStore.persistFullPathsImage(authzPaths);
     pathsImage = sentryStore.retrieveFullPathsImage();
     pathImage = pathsImage.getPathImage();
     assertEquals(4, pathImage.size());
-    assertEquals(Sets.newHashSet("/user/hive/warehouse/db2.db/table1"), pathImage.get("db2.table1"));
+    for (Map.Entry<String, Set<String>> entry : pathImage.entrySet()) {
+      assertEquals(2, entry.getValue().size());
+    }
+    assertEquals(Sets.newHashSet("/user/hive/warehouse/db2.db/table1.1","/user/hive/warehouse/db2.db/table1.2"),
pathImage.get("db2.table1"));
+    assertEquals(Sets.newHashSet("/user/hive/warehouse/db2.db/table2.1","/user/hive/warehouse/db2.db/table2.2"),
pathImage.get("db2.table2"));
+  }
+
+  /*
+  Makes sure that Authorizable object could be associated with multiple files and are associated
with other Authorizable
+  objects and can be properly persisted into database.
+ */
+  @Test
+  public void testAuthzSharedPathsMapping() throws Exception {
+    sentryStore.createAuthzPathsMapping("db1.table1", Sets.newHashSet("/user/hive/warehouse/db1.db/table1.1","/user/hive/warehouse/db1.db/table1.2"));
+
+    PathsImage pathsImage = sentryStore.retrieveFullPathsImage();
+    Map<String, Set<String>> pathImage = pathsImage.getPathImage();
+    assertEquals(1, pathImage.size());
+    for (Map.Entry<String, Set<String>> entry : pathImage.entrySet()) {
+      assertEquals(2, entry.getValue().size());
+    }
+    assertEquals(Sets.newHashSet("/user/hive/warehouse/db1.db/table1.1","/user/hive/warehouse/db1.db/table1.2"),
pathImage.get("db1.table1"));
+
+    Map<String, Set<String>> authzPaths = new HashMap<>();
+    authzPaths.put("db2.table1", Sets.newHashSet("/user/hive/warehouse/db1.db/table1.1","/user/hive/warehouse/db1.db/table1.2"));
+    sentryStore.persistFullPathsImage(authzPaths);
+    pathsImage = sentryStore.retrieveFullPathsImage();
+    pathImage = pathsImage.getPathImage();
+    assertEquals(2, pathImage.size());
+    for (Map.Entry<String, Set<String>> entry : pathImage.entrySet()) {
+      assertEquals(2, entry.getValue().size());
+    }
+    assertEquals(Sets.newHashSet("/user/hive/warehouse/db1.db/table1.1","/user/hive/warehouse/db1.db/table1.2"),
pathImage.get("db2.table1"));
   }
 
   public void testQueryParamBuilder() {


Mime
View raw message