You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by br...@apache.org on 2014/02/25 03:52:50 UTC
[07/26] git commit: SENTRY-70: Solr Query authorization tests for
Sentry (Vamsee Yarlagadda via Gregory Chanan)
SENTRY-70: Solr Query authorization tests for Sentry (Vamsee Yarlagadda via Gregory Chanan)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/ee9565f0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/ee9565f0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/ee9565f0
Branch: refs/heads/db_policy_store
Commit: ee9565f046c967fb379e293b4f85da2a0161f997
Parents: 09f0e58
Author: Gregory Chanan <gc...@cloudera.com>
Authored: Fri Jan 3 16:26:17 2014 -0800
Committer: Gregory Chanan <gc...@cloudera.com>
Committed: Fri Jan 3 16:26:17 2014 -0800
----------------------------------------------------------------------
.../e2e/solr/AbstractSolrSentryTestBase.java | 307 ++++++++++++-------
.../ModifiableUserAuthenticationFilter.java | 8 +
.../tests/e2e/solr/TestQueryOperations.java | 69 +++++
.../tests/e2e/solr/TestUpdateOperations.java | 1 -
4 files changed, 281 insertions(+), 104 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ee9565f0/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java
index c0abd28..fcbc67c 100644
--- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java
+++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java
@@ -19,9 +19,7 @@ package org.apache.sentry.tests.e2e.solr;
import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
-import java.util.Arrays;
import java.util.Comparator;
-import java.util.List;
import java.util.Random;
import java.util.SortedMap;
import java.util.TreeMap;
@@ -34,6 +32,7 @@ import org.apache.solr.SolrTestCaseJ4;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.impl.CloudSolrServer;
import org.apache.solr.client.solrj.response.QueryResponse;
+import org.apache.solr.client.solrj.util.ClientUtils;
import org.apache.solr.cloud.AbstractFullDistribZkTestBase;
import org.apache.solr.cloud.ZkController;
import org.apache.solr.common.SolrDocument;
@@ -55,6 +54,7 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
private static MiniDFSCluster dfsCluster;
private static SortedMap<Class, String> extraRequestFilters;
protected static final String ADMIN_USER = "admin";
+ protected static final String ALL_DOCS = "*:*";
protected static final Random RANDOM = new Random();
private static void addPropertyToSentry(StringBuilder builder, String name, String value) {
@@ -160,6 +160,15 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
}
/**
+ * Get the user defined in the Solr authentication filter
+ * @return - the username as String
+ * @throws Exception
+ */
+ private String getAuthenticatedUser() throws Exception {
+ return ModifiableUserAuthenticationFilter.getUser();
+ }
+
+ /**
* Function to return the user name based on the permissions provided.
* @param collectionName - Name of the solr collection.
* @param isQuery - Boolean that specifies query permission.
@@ -199,22 +208,28 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
* @throws Exception
*/
protected void verifyUpdatePass(String solrUserName,
- String collectionName,
- SolrInputDocument solrInputDoc)
- throws Exception {
- int originalSolrDocCount = getSolrDocs(collectionName).size();
- setAuthenticationUser(solrUserName);
- CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ String collectionName,
+ SolrInputDocument solrInputDoc) throws Exception {
+ String originalUser = getAuthenticatedUser();
try {
- cloudSolrServer.add(solrInputDoc);
- cloudSolrServer.commit();
- } finally {
- cloudSolrServer.shutdown();
- }
+ SolrDocumentList orginalSolrDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ setAuthenticationUser(solrUserName);
+ CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ try {
+ cloudSolrServer.add(solrInputDoc);
+ cloudSolrServer.commit();
+ } finally {
+ cloudSolrServer.shutdown();
+ }
- // Validate Solr content to check whether the update command went through.
- // Authenticate as user "admin"
- validateSolrDocCountAndContent(collectionName, originalSolrDocCount+1, solrInputDoc);
+ orginalSolrDocs.add(ClientUtils.toSolrDocument(solrInputDoc));
+ SolrDocumentList solrRespDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ // Validate Solr content to check whether the update command went through.
+ validateSolrDocCountAndContent(orginalSolrDocs, solrRespDocs);
+ }
+ finally {
+ setAuthenticationUser(originalUser);
+ }
}
/**
@@ -225,26 +240,30 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
* @throws Exception
*/
protected void verifyUpdateFail(String solrUserName,
- String collectionName,
- SolrInputDocument solrInputDoc)
- throws Exception {
- int originalSolrDocCount = getSolrDocs(collectionName).size();
- setAuthenticationUser(solrUserName);
- CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ String collectionName,
+ SolrInputDocument solrInputDoc) throws Exception {
+ String originalUser = getAuthenticatedUser();
try {
- cloudSolrServer.add(solrInputDoc);
- cloudSolrServer.commit();
- fail("The specified user: " + solrUserName + " shouldn't get update access!");
- } catch (Exception exception) {
- assertTrue("Expected " + SENTRY_ERROR_MSG + " in " + exception.toString(),
- exception.toString().contains(SENTRY_ERROR_MSG));
+ SolrDocumentList orginalSolrDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ setAuthenticationUser(solrUserName);
+ CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ try {
+ cloudSolrServer.add(solrInputDoc);
+ cloudSolrServer.commit();
+ fail("The specified user: " + solrUserName + " shouldn't get update access!");
+ } catch (Exception exception) {
+ assertTrue("Expected " + SENTRY_ERROR_MSG + " in " + exception.toString(),
+ exception.toString().contains(SENTRY_ERROR_MSG));
+ } finally {
+ cloudSolrServer.shutdown();
+ }
+
+ SolrDocumentList solrRespDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ // Validate Solr content to check whether the update command didn't go through.
+ validateSolrDocCountAndContent(orginalSolrDocs, solrRespDocs);
} finally {
- cloudSolrServer.shutdown();
+ setAuthenticationUser(originalUser);
}
-
- // Validate Solr content to check whether the update command didn't go through.
- // Authenticate as user "admin"
- validateSolrDocCountAndContent(collectionName, originalSolrDocCount, null);
}
/**
@@ -256,25 +275,30 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
* @throws MalformedURLException, SolrServerException, IOException
*/
protected void verifyDeletedocsPass(String solrUserName,
- String collectionName, boolean allowZeroDocs)
- throws Exception {
- int originalSolrDocCount = getSolrDocs(collectionName).size();
- if (allowZeroDocs == false) {
- assertTrue("Solr should contain atleast one solr doc to run this test.", originalSolrDocCount > 0);
- }
-
- setAuthenticationUser(solrUserName);
- CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ String collectionName,
+ boolean allowZeroDocs) throws Exception {
+ String originalUser = getAuthenticatedUser();
try {
- cloudSolrServer.deleteByQuery("*:*");
- cloudSolrServer.commit();
+ SolrDocumentList orginalSolrDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ if (allowZeroDocs == false) {
+ assertTrue("Solr should contain atleast one solr doc to run this test.", orginalSolrDocs.size() > 0);
+ }
+
+ setAuthenticationUser(solrUserName);
+ CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ try {
+ cloudSolrServer.deleteByQuery(ALL_DOCS);
+ cloudSolrServer.commit();
+ } finally {
+ cloudSolrServer.shutdown();
+ }
+
+ // Validate Solr doc count is zero
+ SolrDocumentList solrRespDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ validateSolrDocCountAndContent(new SolrDocumentList(), solrRespDocs);
} finally {
- cloudSolrServer.shutdown();
+ setAuthenticationUser(originalUser);
}
-
- // Validate Solr content to check whether the update command didn't go through.
- // Authenticate as user "admin"
- validateSolrDocCountAndContent(collectionName, 0, null);
}
/**
@@ -286,71 +310,132 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
* @throws Exception
*/
protected void verifyDeletedocsFail(String solrUserName,
- String collectionName, boolean allowZeroDocs)
- throws Exception {
- int originalSolrDocCount = getSolrDocs(collectionName).size();
- if (allowZeroDocs == false) {
- assertTrue("Solr should contain atleast one solr doc to run this test.", originalSolrDocCount > 0);
+ String collectionName,
+ boolean allowZeroDocs) throws Exception {
+ String originalUser = getAuthenticatedUser();
+ try {
+ SolrDocumentList orginalSolrDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ if (allowZeroDocs == false) {
+ assertTrue("Solr should contain atleast one solr doc to run this test.", orginalSolrDocs.size() > 0);
+ }
+
+ setAuthenticationUser(solrUserName);
+ CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ try {
+ cloudSolrServer.deleteByQuery(ALL_DOCS);
+ cloudSolrServer.commit();
+ fail("The specified user: " + solrUserName + " shouldn't get deletedocs access!");
+ } catch (Exception exception) {
+ assertTrue("Expected " + SENTRY_ERROR_MSG + " in " + exception.toString(),
+ exception.toString().contains(SENTRY_ERROR_MSG));
+ } finally {
+ cloudSolrServer.shutdown();
+ }
+
+ // Validate Solr doc count and content is same as original set.
+ SolrDocumentList solrRespDocs = getSolrDocs(collectionName, ALL_DOCS, true);
+ validateSolrDocCountAndContent(orginalSolrDocs, solrRespDocs);
+ } finally {
+ setAuthenticationUser(originalUser);
}
+ }
- setAuthenticationUser(solrUserName);
- CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ /**
+ * Method to validate Solr query passes
+ * @param solrUserName - User authenticated into Solr
+ * @param collectionName - Name of the collection to be queried
+ * @param solrQueryStr - Query string to be searched in Solr
+ * @throws Exception
+ */
+ protected void verifyQueryPass(String solrUserName,
+ String collectionName,
+ String solrQueryStr) throws Exception {
+ String originalUser = getAuthenticatedUser();
try {
- cloudSolrServer.deleteByQuery("*:*");
- cloudSolrServer.commit();
- fail("The specified user: " + solrUserName + " shouldn't get deletedocs access!");
- } catch (Exception exception) {
- assertTrue("Expected " + SENTRY_ERROR_MSG + " in " + exception.toString(),
- exception.toString().contains(SENTRY_ERROR_MSG));
+ SolrDocumentList orginalSolrDocs = getSolrDocs(collectionName, solrQueryStr, true);
+ setAuthenticationUser(solrUserName);
+ SolrDocumentList solrRespDocs = null;
+ solrRespDocs = getSolrDocs(collectionName, solrQueryStr, false);
+
+ // Validate Solr content to check whether the query command went through.
+ validateSolrDocCountAndContent(orginalSolrDocs, solrRespDocs);
} finally {
- cloudSolrServer.shutdown();
+ setAuthenticationUser(originalUser);
}
-
- // Validate Solr content to check whether the deletedocs command didn't go through.
- // Authenticate as user "admin"
- validateSolrDocCountAndContent(collectionName, originalSolrDocCount, null);
}
/**
- * Function to verify whether Solr doc count matches the expected number and
- * also to verify if the Input document is present in present in the response.
- * @param collectionName - Name of the Solr collection
- * @param expectedDocCount - Count of expected Solr docs
- * @param solrInputDoc - Solr doc inserted into Solr
+ * Method to validate Solr query fails
+ * @param solrUserName - User authenticated into Solr
+ * @param collectionName - Name of the collection to be queried
+ * @param solrQueryStr - Query string to be searched in Solr
* @throws Exception
*/
- public void validateSolrDocCountAndContent(String collectionName, int expectedDocCount, SolrInputDocument solrInputDoc)
- throws Exception {
- // Authenticate as user "admin"
- setAuthenticationUser(ADMIN_USER);
- SolrDocumentList solrRespDocs = getSolrDocs(collectionName);
- assertEquals("Expected: " + expectedDocCount + " Solr docs; But, found "
- + solrRespDocs.size() + " Solr docs.", solrRespDocs.size(), expectedDocCount);
- if (solrInputDoc != null) {
- validateSolrDocContent(solrInputDoc, solrRespDocs);
+ protected void verifyQueryFail(String solrUserName,
+ String collectionName,
+ String solrQueryStr) throws Exception {
+ String originalUser = getAuthenticatedUser();
+ try {
+ setAuthenticationUser(solrUserName);
+ try {
+ getSolrDocs(collectionName, solrQueryStr, false);
+ fail("The specified user: " + solrUserName + " shouldn't get query access!");
+ } catch (Exception exception) {
+ assertTrue("Expected " + SENTRY_ERROR_MSG + " in " + exception.toString(),
+ exception.toString().contains(SENTRY_ERROR_MSG));
}
+ } finally {
+ setAuthenticationUser(originalUser);
+ }
+ }
+
+ /**
+ * Function to validate the count and content of two SolrDocumentList's.
+ * @param solrOriginalDocs - Instance of initial set of solr docs before processing
+ * @param solrResponseDocs - Instance of response solr docs after processing
+ */
+ protected void validateSolrDocCountAndContent(SolrDocumentList solrOriginalDocs,
+ SolrDocumentList solrResponseDocs) {
+ assertEquals("Expected number of Solr docs: " + solrOriginalDocs.size() + "; But found:" + solrResponseDocs.size(),
+ solrOriginalDocs.size(), solrResponseDocs.size());
+ for (SolrDocument solrDoc : solrOriginalDocs) {
+ SolrInputDocument solrInputDoc = ClientUtils.toSolrInputDocument(solrDoc);
+ validateSolrDocContent(solrInputDoc, solrResponseDocs);
+ }
}
/**
* Function to query the collection and fetch the Solr docs
* @param collectionName - Name of the collection
+ * @param solrQueryStr - Query string to be searched in Solr
+ * @param runAsAdmin - Boolean to specify whether to execute the Solr query as admin user
* @return - Instance of SolrDocumentList
* @throws Exception
*/
- protected SolrDocumentList getSolrDocs(String collectionName) throws Exception {
- // Authenticate as user "admin"
- setAuthenticationUser(ADMIN_USER);
- CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
- SolrDocumentList solrDocs = null;
+ protected SolrDocumentList getSolrDocs(String collectionName,
+ String solrQueryStr,
+ boolean runAsAdmin) throws Exception {
+ String originalUser = getAuthenticatedUser();
try {
- SolrQuery query = new SolrQuery("*:*");
- QueryResponse response = cloudSolrServer.query(query);
- solrDocs = response.getResults();
+ if (runAsAdmin == true) {
+ // Authenticate as user "admin"
+ setAuthenticationUser(ADMIN_USER);
+ }
+
+ CloudSolrServer cloudSolrServer = getCloudSolrServer(collectionName);
+ assertNotNull("Solr query shouldn't be null.", solrQueryStr);
+ SolrDocumentList solrDocs = null;
+ try {
+ SolrQuery query = new SolrQuery(solrQueryStr);
+ QueryResponse response = cloudSolrServer.query(query);
+ solrDocs = response.getResults();
+ return solrDocs;
+ } finally {
+ cloudSolrServer.shutdown();
+ }
} finally {
- cloudSolrServer.shutdown();
+ setAuthenticationUser(originalUser);
}
-
- return solrDocs;
}
/**
@@ -359,16 +444,27 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
* @param solrRespDocs - List of Solr doc obtained as response
* (NOTE: This function ignores "_version_" field in validating Solr doc content)
*/
- public void validateSolrDocContent(SolrInputDocument solrInputDoc, SolrDocumentList solrRespDocs) {
- solrInputDoc.removeField("_version_");
+ public void validateSolrDocContent(SolrInputDocument solrInputDoc,
+ SolrDocumentList solrRespDocs) {
for (SolrDocument solrRespDoc : solrRespDocs) {
- solrRespDoc.removeFields("_version_");
String expFieldValue = (String) solrInputDoc.getFieldValue("id");
String resFieldValue = (String) solrRespDoc.getFieldValue("id");
if (expFieldValue.equals(resFieldValue)) {
- assertEquals("Expected " + solrInputDoc.size() + " fields. But, found "
- + solrRespDoc.size() + " fields", solrInputDoc.size() , solrRespDoc.size());
+ int expectedRespFieldCount = solrRespDoc.size();
+ if (solrRespDoc.containsKey("_version_")) {
+ expectedRespFieldCount = expectedRespFieldCount - 1;
+ }
+ int expectedOrigFieldCount = solrInputDoc.size();
+ if (solrInputDoc.containsKey("_version_")) {
+ expectedOrigFieldCount = expectedOrigFieldCount - 1;
+ }
+ assertEquals("Expected " + expectedOrigFieldCount + " fields. But, found "
+ + expectedRespFieldCount + " fields", expectedOrigFieldCount , expectedRespFieldCount);
for (String field : solrInputDoc.getFieldNames()) {
+ if (field.equals("_version_") == true) {
+ continue;
+ }
+
expFieldValue = (String) solrInputDoc.getFieldValue(field);
resFieldValue = (String) solrRespDoc.getFieldValue(field);
assertEquals("Expected value for field: " + field + " is " + expFieldValue
@@ -404,11 +500,16 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
*/
protected void setupCollection(String collectionName) throws Exception {
// Authenticate as user "admin"
- setAuthenticationUser(ADMIN_USER);
- uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION
- + File.separator + "conf");
- createCollection(collectionName, 1, 1, 1);
- waitForRecoveriesToFinish(collectionName, false);
+ String originalUser = getAuthenticatedUser();
+ try {
+ setAuthenticationUser(ADMIN_USER);
+ uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION
+ + File.separator + "conf");
+ createCollection(collectionName, 1, 1, 1);
+ waitForRecoveriesToFinish(collectionName, false);
+ } finally {
+ setAuthenticationUser(originalUser);
+ }
}
/**
@@ -441,7 +542,7 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe
* @throws Exception
*/
protected void uploadSolrDoc(String collectionName,
- SolrInputDocument solrInputDoc) throws Exception {
+ SolrInputDocument solrInputDoc) throws Exception {
if (solrInputDoc == null) {
solrInputDoc = createSolrTestDoc();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ee9565f0/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java
index 997d420..b7081ba 100644
--- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java
+++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java
@@ -68,4 +68,12 @@ public class ModifiableUserAuthenticationFilter implements Filter {
public static void setUser(String solrUser) {
userName = solrUser;
}
+
+ /**
+ * Function to return the authenticated user name defined.
+ * @param solrUser
+ */
+ public static String getUser() {
+ return userName;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ee9565f0/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java
new file mode 100644
index 0000000..2ccbbce
--- /dev/null
+++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.tests.e2e.solr;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
+import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope;
+import java.util.ArrayList;
+
+import java.util.Arrays;
+import java.util.List;
+
+import org.apache.solr.common.SolrInputDocument;
+
+@ThreadLeakScope(Scope.NONE) // hdfs client currently leaks thread(s)
+public class TestQueryOperations extends AbstractSolrSentryTestBase {
+ private static final Logger LOG = LoggerFactory
+ .getLogger(TestQueryOperations.class);
+ private static final String COLLECTION_NAME = "sentryCollection";
+ private static final List<Boolean> BOOLEAN_VALUES = Arrays.asList(new Boolean[]{true, false});
+
+ @Override
+ public void doTest() throws Exception {
+ setupCollection(COLLECTION_NAME);
+ ArrayList<String> testFailures = new ArrayList<String>();
+
+ for (boolean query : BOOLEAN_VALUES) {
+ for (boolean update : BOOLEAN_VALUES) {
+ for (boolean all : BOOLEAN_VALUES) {
+ String test_user = getUsernameForPermissions(COLLECTION_NAME, query, update, all);
+ LOG.info("TEST_USER: " + test_user);
+
+ try {
+ cleanSolrCollection(COLLECTION_NAME);
+ SolrInputDocument solrInputDoc = createSolrTestDoc();
+ uploadSolrDoc(COLLECTION_NAME, solrInputDoc);
+ if (all || query) {
+ verifyQueryPass(test_user, COLLECTION_NAME, ALL_DOCS);
+ } else {
+ verifyQueryFail(test_user, COLLECTION_NAME, ALL_DOCS);
+ }
+ } catch (Throwable testException) {
+ testFailures.add("\n\nTestFailure: User -> " + test_user + "\n"
+ + testException.toString());
+ }
+ }
+ }
+ }
+
+ assertEquals("Total test failures: " + testFailures.size() + " \n\n"
+ + testFailures.toString(), 0, testFailures.size());
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ee9565f0/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java
index 131fa2c..1703fe6 100644
--- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java
+++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java
@@ -43,7 +43,6 @@ public class TestUpdateOperations extends AbstractSolrSentryTestBase {
for (boolean query : BOOLEAN_VALUES) {
for (boolean update : BOOLEAN_VALUES) {
for (boolean all : BOOLEAN_VALUES) {
- // Create user name to be used for Solr requests based on the permissions generated by the for-loop.
String test_user = getUsernameForPermissions(COLLECTION_NAME, query, update, all);
LOG.info("TEST_USER: " + test_user);