You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2016/07/21 05:54:59 UTC
[05/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java
deleted file mode 100644
index 36fa4b5..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Test;
-
-@Ignore("SENTRY-515: Not part of automated unit testing, as it takes too long. Fails until we move to a hadoop 2.6.1. See HADOOP-10786")
-public class TestConnectionWithTicketTimeout extends
- org.apache.sentry.service.thrift.SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- public static void beforeSetup() throws Exception {
- kdcConfOverlay.setProperty(MiniKdc.MAX_TICKET_LIFETIME, "360001");
- //Only UGI based client connections renew their TGT, this is not a problem in the real world
- // as this is not configurable and always true
- conf.set(ServiceConstants.ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true");
- }
-
- /***
- * Test is run only when sentry.hive.test.ticket.timeout is set to "true"
- * @throws Exception
- */
- @Test
- public void testConnectionAfterTicketTimeout() throws Exception {
- Thread.sleep(400000);
- connectToSentryService();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java
deleted file mode 100644
index 6a2f48f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.UUID;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Mockito;
-
-import com.google.common.collect.Lists;
-
-public class TestNotificationHandlerInvoker {
-
- private Configuration conf;
- private CommitContext commitContext;
- private NotificationHandler handler;
- private NotificationHandlerInvoker invoker;
-
- @Before
- public void setup() throws Exception {
- conf = new Configuration(false);
- commitContext = new CommitContext(UUID.randomUUID(), 1L);
- handler = Mockito.spy(new NotificationHandler(conf) {});
- invoker = new NotificationHandlerInvoker(conf,
- Lists.newArrayList(new ThrowingNotificationHandler(conf), handler));
- }
-
- @Test
- public void testCreateSentryRole() throws Exception {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
- invoker.create_sentry_role(commitContext, request, response);
- Mockito.verify(handler).create_sentry_role(commitContext,
- request, response);
- }
-
- @Test
- public void testDropSentryRole() throws Exception {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- TDropSentryRoleResponse response = new TDropSentryRoleResponse();
- invoker.drop_sentry_role(commitContext, request, response);
- Mockito.verify(handler).drop_sentry_role(commitContext,
- request, response);
- }
-
-
-
- @Test
- public void testAlterSentryRoleAddGroups() throws Exception {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
- TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse();
- invoker.alter_sentry_role_add_groups(commitContext, request, response);
- Mockito.verify(handler).alter_sentry_role_add_groups(commitContext,
- request, response);
- }
-
- @Test
- public void testAlterSentryRoleDeleteGroups() throws Exception {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
- TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
- invoker.alter_sentry_role_delete_groups(commitContext, request, response);
- Mockito.verify(handler).alter_sentry_role_delete_groups(commitContext,
- request, response);
- }
-
- public static class ThrowingNotificationHandler extends NotificationHandler {
- public ThrowingNotificationHandler(Configuration config) throws Exception {
- super(config);
- }
- @Override
- public void create_sentry_role(CommitContext args,
- TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- throw new RuntimeException();
- }
- public void drop_sentry_role(CommitContext context,
- TDropSentryRoleRequest request,
- TDropSentryRoleResponse response) {
- throw new RuntimeException();
- }
- @Override
- public void alter_sentry_role_add_groups(CommitContext args,
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- throw new RuntimeException();
- }
- @Override
- public void alter_sentry_role_delete_groups(
- CommitContext args, TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- throw new RuntimeException();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
deleted file mode 100644
index 04d92dd..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.junit.Assert;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.junit.Before;
-import org.junit.Test;
-
-public class TestSentryPolicyStoreProcessor {
-
- private Configuration conf;
-
- @Before
- public void setup() {
- conf = new Configuration(false);
- }
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigNotNotificationHandler() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, Object.class.getName());
- SentryPolicyStoreProcessor.createHandlers(conf);
- }
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigCannotCreateNotificationHandler() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS,
- ExceptionInConstructorNotificationHandler.class.getName());
- SentryPolicyStoreProcessor.createHandlers(conf);
- }
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigNotAClassNotificationHandler() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, "junk");
- SentryPolicyStoreProcessor.createHandlers(conf);
- }
- @Test
- public void testConfigMultipleNotificationHandlers() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS,
- NoopNotificationHandler.class.getName() + "," +
- NoopNotificationHandler.class.getName() + " " +
- NoopNotificationHandler.class.getName());
- Assert.assertEquals(3, SentryPolicyStoreProcessor.createHandlers(conf).size());
- }
- public static class ExceptionInConstructorNotificationHandler extends NotificationHandler {
- public ExceptionInConstructorNotificationHandler(Configuration config) throws Exception {
- super(config);
- throw new Exception();
- }
- }
- public static class NoopNotificationHandler extends NotificationHandler {
- public NoopNotificationHandler(Configuration config) throws Exception {
- super(config);
- }
- }
- @Test(expected=SentryThriftAPIMismatchException.class)
- public void testSentryThriftAPIMismatch() throws Exception {
- SentryPolicyStoreProcessor.validateClientVersion(ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT -1);
- }
- @Test
- public void testSentryThriftAPIMatchVersion() throws Exception {
- SentryPolicyStoreProcessor.validateClientVersion(ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java
deleted file mode 100644
index 6c78942..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java
+++ /dev/null
@@ -1,219 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import static org.junit.Assert.assertEquals;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.Database;
-import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-
-public class TestSentryServerForHaWithoutKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- haEnabled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- @Test
- public void testCreateRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.dropRole(requestorUserName, roleName);
- }
-
- @Test
- public void testQueryPushDown() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- String group1 = "g1";
- String group2 = "g2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
-
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
-
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
- client.grantRoleToGroup(requestorUserName, group1, roleName2);
- client.grantRoleToGroup(requestorUserName, group2, roleName2);
-
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");
-
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
- assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
- assertEquals("Privilege not correctly assigned to roles !!",
- Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"),
- listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
- assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
- }
-
-
-
- /**
- * Create role, add privileges and grant it to a group drop the role and
- * verify the privileges are no longer visible recreate the role with same
- * name and verify the privileges again.
- * @throws Exception
- */
- @Test
- public void testDropRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- }
-
- @Test
- public void testDropRoleOnUser() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- }
-
- /**
- * Test that we are correctly substituting "_HOST" if/when needed.
- *
- * @throws Exception
- */
- @Test
- public void testHostSubstitution() throws Exception {
- // We just need to ensure that we are able to correct connect to the server
- connectToSentryService();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java
deleted file mode 100644
index 9ba7d23..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServerForPoolHAWithoutKerberos extends TestSentryServerForHaWithoutKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- haEnabled = true;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java
deleted file mode 100644
index 62fbb2f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServerForPoolWithoutKerberos extends TestSentryServerWithoutKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- haEnabled = false;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java
deleted file mode 100644
index b37f057..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java
+++ /dev/null
@@ -1,214 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import static org.junit.Assert.assertEquals;
-
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.Database;
-import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-
-public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- @Test
- public void testCreateRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.dropRole(requestorUserName, roleName);
- }
-
- @Test
- public void testQueryPushDown() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- String group1 = "g1";
- String group2 = "g2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
-
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
- client.grantRoleToGroup(requestorUserName, group1, roleName2);
- client.grantRoleToGroup(requestorUserName, group2, roleName2);
-
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");
-
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, null);
- assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, new ArrayList<Authorizable>());
- assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
- assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
- assertEquals("Privilege not correctly assigned to roles !!",
- Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"),
- listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
- assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
- }
-
-
-
- /**
- * Create role, add privileges and grant it to a group drop the role and
- * verify the privileges are no longer visible recreate the role with same
- * name and verify the privileges again.
- * @throws Exception
- */
- @Test
- public void testDropRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- }
-
- @Test
- public void testDropRoleOnUser() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java
deleted file mode 100644
index fe4164d..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java
+++ /dev/null
@@ -1,111 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import static org.junit.Assert.assertTrue;
-
-import java.security.PrivilegedExceptionAction;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-import java.util.concurrent.Callable;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.concurrent.FutureTask;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.service.thrift.SentryServiceFactory;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-public class TestSentryServiceClientPool extends SentryServiceIntegrationBase {
-
- @Test
- public void testConnectionWhenReconnect() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.listRoles(requestorUserName);
- stopSentryService();
- server = new SentryServiceFactory().create(conf);
- startSentryService();
- client.listRoles(requestorUserName);
- client.dropRole(requestorUserName, roleName);
- }
- });
- }
-
- @Test
- public void testConnectionWithMultipleRetries() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- List<Future<Boolean>> tasks = new ArrayList<Future<Boolean>>();
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
-
- ExecutorService executorService = Executors.newFixedThreadPool(20);
-
- Callable<Boolean> func = new Callable<Boolean>() {
- public Boolean call() throws Exception {
- return clientUgi.doAs(new PrivilegedExceptionAction<Boolean>() {
- @Override
- public Boolean run() throws Exception {
- try {
- client.listRoles(ADMIN_USER);
- return true;
- } catch (SentryUserException sue) {
- return false;
- }
- }
- });
- }
- };
-
- for (int i = 0; i < 30; i++) {
- FutureTask<Boolean> task = new FutureTask<Boolean>(func);
- tasks.add(task);
- executorService.submit(task);
- }
-
- for (Future<Boolean> task : tasks) {
- Boolean result = task.get();
- assertTrue("Some tasks are failed.", result);
- }
- }
- });
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
deleted file mode 100644
index 51bba31..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Strings;
-
-public class TestSentryServiceFailureCase extends SentryServiceIntegrationBase {
- private static final Logger LOGGER = LoggerFactory.getLogger(TestSentryServiceFailureCase.class);
- private static final String PEER_CALLBACK_FAILURE = "Peer indicated failure: Problem with callback handler";
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- beforeSetup();
- setupConf();
- conf.set(ServerConfig.ALLOW_CONNECT, "");
- startSentryService();
- afterSetup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- }
-
- @Override
- @After
- public void after() {
- }
-
- @Test
- public void testClientServerConnectionFailure() throws Exception {
- try {
- connectToSentryService();
- Assert.fail("Failed to receive Exception");
- } catch(Exception e) {
- LOGGER.info("Excepted exception", e);
- Throwable cause = e.getCause();
- if (cause == null) {
- throw e;
- }
- String msg = "Exception message: " + cause.getMessage() + " to contain " +
- PEER_CALLBACK_FAILURE;
- Assert.assertTrue(msg, Strings.nullToEmpty(cause.getMessage())
- .contains(PEER_CALLBACK_FAILURE));
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
deleted file mode 100644
index 813b30b..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-
-import java.io.File;
-import java.util.Set;
-
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-/**
- * Test various kerberos related stuff on the SentryService side
- */
-public class TestSentryServiceForHAWithKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- haEnabled = true;
- SERVER_KERBEROS_NAME = "sentry/_HOST@" + REALM;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- policyFilePath = new File(dbDir, "local_policy_file.ini");
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
- policyFilePath.getPath());
- policyFile = new PolicyFile();
- connectToSentryService();
- }
-
- @Test
- public void testCreateRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.dropRole(requestorUserName, roleName);
- }
- });
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java
deleted file mode 100644
index acb906f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServiceForPoolHAWithKerberos extends TestSentryServiceWithKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- haEnabled = true;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java
deleted file mode 100644
index bd3c1cc..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServiceForPoolWithKerberos extends TestSentryServiceWithKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- haEnabled = false;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file