You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ja...@apache.org on 2014/06/07 02:11:40 UTC
git commit: SENTRY-246: Load command does not seem to work with
filter push down
Repository: incubator-sentry
Updated Branches:
refs/heads/master 7cfcc3002 -> cdc25da32
SENTRY-246: Load command does not seem to work with filter push down
(Sravya Tirukkovalur via Jarek Jarcec Cecho)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/cdc25da3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/cdc25da3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/cdc25da3
Branch: refs/heads/master
Commit: cdc25da32c714b53a23228946cc0d1e4fe3e45c3
Parents: 7cfcc30
Author: Jarek Jarcec Cecho <ja...@apache.org>
Authored: Fri Jun 6 17:10:28 2014 -0700
Committer: Jarek Jarcec Cecho <ja...@apache.org>
Committed: Fri Jun 6 17:10:28 2014 -0700
----------------------------------------------------------------------
.../db/service/persistent/SentryStore.java | 2 +-
.../db/service/persistent/TestSentryStore.java | 42 ++++++++++++++++++++
2 files changed, 43 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/cdc25da3/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index a959b13..5560729 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -826,7 +826,7 @@ public class SentryStore {
}
}
} else {
- authorizable.add(KV_JOINER.join(AuthorizableType.URI.name().toLowerCase(),
+ authorizable.add(KV_JOINER.join(AuthorizableType.URI.name(),
privilege.getURI()));
}
if (!Strings.nullToEmpty(privilege.getAction()).isEmpty()
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/cdc25da3/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index 524eea3..b90d07d 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -19,21 +19,30 @@
package org.apache.sentry.provider.db.service.persistent;
import static junit.framework.Assert.assertEquals;
+import static junit.framework.Assert.assertTrue;
import static junit.framework.Assert.fail;
import java.io.File;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.model.db.AccessConstants;
+import org.apache.sentry.core.model.db.AccessURI;
+import org.apache.sentry.core.model.db.Server;
import org.apache.sentry.provider.db.SentryAlreadyExistsException;
import org.apache.sentry.provider.db.SentryNoSuchObjectException;
import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
+import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
@@ -94,6 +103,39 @@ public class TestSentryStore {
assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(roleName, privilege).getSequenceId());
assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(roleName, privilege).getSequenceId());
}
+ @Test
+ public void testURI() throws Exception {
+ String roleName = "test-dup-role";
+ String grantor = "g1";
+ String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat";
+ sentryStore.createSentryRole(roleName, grantor);
+ TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL");
+ tSentryPrivilege.setURI(uri);
+ tSentryPrivilege.setPrivilegeName(SentryStore.constructPrivilegeName(tSentryPrivilege));
+ sentryStore.alterSentryRoleGrantPrivilege(roleName, tSentryPrivilege);
+
+ TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
+ tSentryAuthorizable.setUri(uri);
+ tSentryAuthorizable.setServer("server1");
+
+
+ Set<TSentryPrivilege> privileges =
+ sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable);
+
+ assertTrue(privileges.size() == 1);
+
+ Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>();
+ tSentryGroups.add(new TSentryGroup("group1"));
+ sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups);
+
+ TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName)));
+
+ Set<String> privs =
+ sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable);
+
+ assertTrue(privs.size()==1);
+ assertTrue(privs.contains("server=server1->URI=" + uri + "->action=ALL"));
+ }
@Test
public void testCreateDuplicateRole() throws Exception {