You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ja...@apache.org on 2014/06/07 02:11:40 UTC

git commit: SENTRY-246: Load command does not seem to work with filter push down

Repository: incubator-sentry
Updated Branches:
  refs/heads/master 7cfcc3002 -> cdc25da32


SENTRY-246: Load command does not seem to work with filter push down

(Sravya Tirukkovalur via Jarek Jarcec Cecho)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/cdc25da3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/cdc25da3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/cdc25da3

Branch: refs/heads/master
Commit: cdc25da32c714b53a23228946cc0d1e4fe3e45c3
Parents: 7cfcc30
Author: Jarek Jarcec Cecho <ja...@apache.org>
Authored: Fri Jun 6 17:10:28 2014 -0700
Committer: Jarek Jarcec Cecho <ja...@apache.org>
Committed: Fri Jun 6 17:10:28 2014 -0700

----------------------------------------------------------------------
 .../db/service/persistent/SentryStore.java      |  2 +-
 .../db/service/persistent/TestSentryStore.java  | 42 ++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/cdc25da3/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index a959b13..5560729 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -826,7 +826,7 @@ public class SentryStore {
         }
       }
     } else {
-      authorizable.add(KV_JOINER.join(AuthorizableType.URI.name().toLowerCase(),
+      authorizable.add(KV_JOINER.join(AuthorizableType.URI.name(),
           privilege.getURI()));
     }
     if (!Strings.nullToEmpty(privilege.getAction()).isEmpty()

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/cdc25da3/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index 524eea3..b90d07d 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -19,21 +19,30 @@
 package org.apache.sentry.provider.db.service.persistent;
 
 import static junit.framework.Assert.assertEquals;
+import static junit.framework.Assert.assertTrue;
 import static junit.framework.Assert.fail;
 
 import java.io.File;
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;
 
 import org.apache.commons.io.FileUtils;
 import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.model.db.AccessConstants;
+import org.apache.sentry.core.model.db.AccessURI;
+import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.provider.db.SentryAlreadyExistsException;
 import org.apache.sentry.provider.db.SentryNoSuchObjectException;
 import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
 import org.apache.sentry.provider.db.service.model.MSentryRole;
 import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
+import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
 import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
 import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
 import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
@@ -94,6 +103,39 @@ public class TestSentryStore {
     assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(roleName, privilege).getSequenceId());
     assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(roleName, privilege).getSequenceId());
   }
+  @Test
+  public void testURI() throws Exception {
+    String roleName = "test-dup-role";
+    String grantor = "g1";
+    String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat";
+    sentryStore.createSentryRole(roleName, grantor);
+    TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL");
+    tSentryPrivilege.setURI(uri);
+    tSentryPrivilege.setPrivilegeName(SentryStore.constructPrivilegeName(tSentryPrivilege));
+    sentryStore.alterSentryRoleGrantPrivilege(roleName, tSentryPrivilege);
+
+    TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
+    tSentryAuthorizable.setUri(uri);
+    tSentryAuthorizable.setServer("server1");
+
+
+    Set<TSentryPrivilege> privileges =
+        sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable);
+
+    assertTrue(privileges.size() == 1);
+
+    Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>();
+    tSentryGroups.add(new TSentryGroup("group1"));
+    sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups);
+
+    TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName)));
+
+    Set<String> privs =
+        sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable);
+
+    assertTrue(privs.size()==1);
+    assertTrue(privs.contains("server=server1->URI=" + uri + "->action=ALL"));
+  }
 
   @Test
   public void testCreateDuplicateRole() throws Exception {