You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sp...@apache.org on 2018/05/29 18:06:29 UTC
[10/43] sentry git commit: SENTRY-2208: Refactor out Sentry service
into own module from sentry-provider-db (Anthony Young-Garner,
reviewed by Sergio Pena, Steve Moist, Na Li)
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestNotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestNotificationHandlerInvoker.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestNotificationHandlerInvoker.java
new file mode 100644
index 0000000..92f3f8b
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestNotificationHandlerInvoker.java
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import org.apache.hadoop.conf.Configuration;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import com.google.common.collect.Lists;
+
+public class TestNotificationHandlerInvoker {
+
+ private Configuration conf;
+ private NotificationHandler handler;
+ private NotificationHandlerInvoker invoker;
+
+ @Before
+ public void setup() throws Exception {
+ conf = new Configuration(false);
+ handler = Mockito.spy(new NotificationHandler(conf) {});
+ invoker = new NotificationHandlerInvoker(conf,
+ Lists.newArrayList(new ThrowingNotificationHandler(conf), handler));
+ }
+
+ @Test
+ public void testCreateSentryRole() throws Exception {
+ TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
+ TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
+ invoker.create_sentry_role(request, response);
+ Mockito.verify(handler).create_sentry_role(request, response);
+ }
+
+ @Test
+ public void testDropSentryRole() throws Exception {
+ TDropSentryRoleRequest request = new TDropSentryRoleRequest();
+ TDropSentryRoleResponse response = new TDropSentryRoleResponse();
+ invoker.drop_sentry_role(request, response);
+ Mockito.verify(handler).drop_sentry_role(request, response);
+ }
+
+
+
+ @Test
+ public void testAlterSentryRoleAddGroups() throws Exception {
+ TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
+ TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse();
+ invoker.alter_sentry_role_add_groups(request, response);
+ Mockito.verify(handler).alter_sentry_role_add_groups(request, response);
+ }
+
+ @Test
+ public void testAlterSentryRoleDeleteGroups() throws Exception {
+ TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
+ TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
+ invoker.alter_sentry_role_delete_groups(request, response);
+ Mockito.verify(handler).alter_sentry_role_delete_groups(request, response);
+ }
+
+ public static class ThrowingNotificationHandler extends NotificationHandler {
+ public ThrowingNotificationHandler(Configuration config) throws Exception {
+ super(config);
+ }
+ @Override
+ public void create_sentry_role(TCreateSentryRoleRequest request,
+ TCreateSentryRoleResponse response) {
+ throw new RuntimeException();
+ }
+ public void drop_sentry_role(TDropSentryRoleRequest request,
+ TDropSentryRoleResponse response) {
+ throw new RuntimeException();
+ }
+ @Override
+ public void alter_sentry_role_add_groups(
+ TAlterSentryRoleAddGroupsRequest request,
+ TAlterSentryRoleAddGroupsResponse response) {
+ throw new RuntimeException();
+ }
+ @Override
+ public void alter_sentry_role_delete_groups(
+ TAlterSentryRoleDeleteGroupsRequest request,
+ TAlterSentryRoleDeleteGroupsResponse response) {
+ throw new RuntimeException();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyServiceClient.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyServiceClient.java
new file mode 100644
index 0000000..6ebe785
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyServiceClient.java
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import java.util.Set;
+
+import org.apache.sentry.service.thrift.SentryServiceFactory;
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.google.common.collect.Sets;
+
+public class TestSentryPolicyServiceClient extends SentryServiceIntegrationBase {
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ SentryServiceIntegrationBase.beforeSetup();
+ SentryServiceIntegrationBase.setupConf();
+ SentryServiceIntegrationBase.startSentryService();
+ SentryServiceIntegrationBase.afterSetup();
+ SentryServiceIntegrationBase.kerberos = false;
+ }
+
+ @Test
+ public void testConnectionWhenReconnect() throws Exception {
+ runTestAsSubject(new TestOperation() {
+ @Override
+ public void runTestAsSubject() throws Exception {
+ String requestorUserName = SentryServiceIntegrationBase.ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(SentryServiceIntegrationBase.ADMIN_GROUP);
+ String roleName = "admin_r";
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+ client.listAllRoles(requestorUserName);
+ stopSentryService();
+ SentryServiceIntegrationBase.server = SentryServiceFactory.create(SentryServiceIntegrationBase.conf);
+ SentryServiceIntegrationBase.startSentryService();
+ client.listAllRoles(requestorUserName);
+ client.dropRole(requestorUserName, roleName);
+ }
+ });
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java
new file mode 100644
index 0000000..efacf19
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.api.service.thrift;
+
+import org.apache.sentry.api.common.ThriftConstants;
+import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
+import org.junit.Assert;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException;
+import org.apache.sentry.core.common.utils.PolicyStoreConstants.PolicyStoreServerConfig;
+import org.junit.Before;
+import org.junit.Test;
+
+public class TestSentryPolicyStoreProcessor {
+
+ private Configuration conf;
+
+ @Before
+ public void setup() {
+ conf = new Configuration(false);
+ }
+ @Test(expected=SentrySiteConfigurationException.class)
+ public void testConfigNotNotificationHandler() throws Exception {
+ conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, Object.class.getName());
+ SentryPolicyStoreProcessor.createHandlers(conf);
+ }
+ @Test(expected=SentrySiteConfigurationException.class)
+ public void testConfigCannotCreateNotificationHandler() throws Exception {
+ conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS,
+ ExceptionInConstructorNotificationHandler.class.getName());
+ SentryPolicyStoreProcessor.createHandlers(conf);
+ }
+ @Test(expected=SentrySiteConfigurationException.class)
+ public void testConfigNotAClassNotificationHandler() throws Exception {
+ conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, "junk");
+ SentryPolicyStoreProcessor.createHandlers(conf);
+ }
+ @Test
+ public void testConfigMultipleNotificationHandlers() throws Exception {
+ conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS,
+ NoopNotificationHandler.class.getName() + "," +
+ NoopNotificationHandler.class.getName() + " " +
+ NoopNotificationHandler.class.getName());
+ Assert.assertEquals(3, SentryPolicyStoreProcessor.createHandlers(conf).size());
+ }
+ public static class ExceptionInConstructorNotificationHandler extends NotificationHandler {
+ public ExceptionInConstructorNotificationHandler(Configuration config) throws Exception {
+ super(config);
+ throw new Exception();
+ }
+ }
+ public static class NoopNotificationHandler extends NotificationHandler {
+ public NoopNotificationHandler(Configuration config) throws Exception {
+ super(config);
+ }
+ }
+ @Test(expected=SentryThriftAPIMismatchException.class)
+ public void testSentryThriftAPIMismatch() throws Exception {
+ SentryPolicyStoreProcessor.validateClientVersion(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT -1);
+ }
+ @Test
+ public void testSentryThriftAPIMatchVersion() throws Exception {
+ SentryPolicyStoreProcessor.validateClientVersion(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerForPoolWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerForPoolWithoutKerberos.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerForPoolWithoutKerberos.java
new file mode 100644
index 0000000..7330204
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerForPoolWithoutKerberos.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless createRequired by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import org.junit.BeforeClass;
+
+public class TestSentryServerForPoolWithoutKerberos extends TestSentryServerWithoutKerberos {
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ kerberos = false;
+ pooled = true;
+ beforeSetup();
+ setupConf();
+ startSentryService();
+ afterSetup();
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerLogLevel.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerLogLevel.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerLogLevel.java
new file mode 100644
index 0000000..6290fb7
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerLogLevel.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.api.service.thrift;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.LogManager;
+import org.apache.log4j.Logger;
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+import org.junit.*;
+
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+public class TestSentryServerLogLevel extends SentryServiceIntegrationBase {
+ private final String CLASS_NAME = "org.eclipse.jetty.server.handler.ContextHandler";
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ webServerEnabled = true;
+ webSecurity = false;
+ SentryServiceIntegrationBase.setup();
+ }
+
+ @Override
+ @Before
+ public void before() throws Exception {
+ }
+
+ @Override
+ @After
+ public void after() {
+ }
+
+ /**
+ * Get the log level for the specified class
+ * @param className: Name of class
+ * @return
+ * Log level of the class
+ */
+ private String getLogLevel(String className) {
+ Logger logInstance = LogManager.getLogger(className);
+ return logInstance.getEffectiveLevel().toString();
+ }
+
+ /**
+ * Send log level and class name via the HTTP interface and verify that it is set at the loogger.
+ * @throws Exception
+ */
+ @Test
+ public void testSetLogLevel() throws Exception {
+ final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/admin/logLevel?log="
+ + CLASS_NAME + "&level=INFO");
+ HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ String response = IOUtils.toString(conn.getInputStream());
+ Assert.assertTrue(response.contains("INFO"));
+ Assert.assertEquals("INFO", getLogLevel(CLASS_NAME));
+ }
+
+ /**
+ * Send class name via the HTTP interface and verify that it is get at the loogger.
+ * @throws Exception
+ */
+ @Test
+ public void testGetLogLevel() throws Exception {
+ final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/admin/logLevel?log=" + CLASS_NAME);
+ HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ String response = IOUtils.toString(conn.getInputStream());
+ Assert.assertTrue(response.contains("INFO"));
+ Assert.assertEquals("INFO", getLogLevel(CLASS_NAME));
+ }
+
+ /**
+ * Send class name and invalid log level via the HTTP interface and verify that it returns error response.
+ * @throws Exception
+ */
+ @Test
+ public void testInvalidLogLevel() throws Exception {
+ final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/admin/logLevel?log="
+ + CLASS_NAME + "&level=ABCD");
+ HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, conn.getResponseCode());
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerPubSub.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerPubSub.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerPubSub.java
new file mode 100644
index 0000000..716109f
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerPubSub.java
@@ -0,0 +1,181 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.api.service.thrift;
+
+import org.apache.sentry.core.common.utils.PubSub;
+import org.apache.sentry.core.common.utils.PubSub.Topic;
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+
+import org.junit.*;
+
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+public class TestSentryServerPubSub extends SentryServiceIntegrationBase {
+
+ private static final Topic[] topics = Topic.values();
+ private static final String[] messages = { "message1", "message2", "message3", "" };
+
+ private static volatile String REQUEST_URL;
+
+ private final TestSubscriber testSubscriber = new TestSubscriber();
+
+ private static final class TestSubscriber implements PubSub.Subscriber {
+ private volatile Topic topic;
+ private volatile String message;
+ private volatile int count;
+ @Override
+ public void onMessage(Topic topic, String message) {
+ this.topic = topic;
+ this.message = message;
+ this.count++;
+ }
+ }
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ webServerEnabled = true;
+ webSecurity = false;
+ SentryServiceIntegrationBase.setup();
+ REQUEST_URL= "http://" + SERVER_HOST + ":" + webServerPort + "/admin/publishMessage?topic=%s&message=%s";
+ }
+
+ @Override
+ @Before
+ public void before() throws Exception {
+
+ // Subscribe to all defined topics.
+ // After each successfull HTTP-GET, testSubscriber.onMessage()
+ // will be called and "topic" and "message" fields will be
+ // set according to HTTP-GET parameters.
+ testSubscriber.count = 0;
+ for (Topic topic : topics) {
+ PubSub.getInstance().subscribe(topic, testSubscriber);
+ }
+ Assert.assertEquals("Unexpected number of registered topics", topics.length, PubSub.getInstance().getTopics().size());
+ }
+
+ @Override
+ @After
+ public void after() {
+ // unsubscribe
+ for (Topic topic : topics) {
+ PubSub.getInstance().unsubscribe(topic, testSubscriber);
+ }
+ testSubscriber.count = 0;
+ Assert.assertTrue("Topics should have been removed after unsubscribe()", PubSub.getInstance().getTopics().isEmpty());
+ }
+
+ /**
+ * Successfully publish notifications
+ * @throws Exception
+ */
+ @Test
+ public void testPubSub() throws Exception {
+ int count = 0;
+ for (Topic topic : topics) {
+ for (String message : messages) {
+ URL url = new URL(String.format(REQUEST_URL, topic.getName(), message));
+ HttpURLConnection conn = null;
+ try {
+ conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals("Unexpected response code", HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ } finally {
+ safeClose(conn);
+ }
+ Assert.assertEquals("Unexpected topic", topic, testSubscriber.topic);
+ if (message.isEmpty()) {
+ Assert.assertEquals("Unexpected message", null, testSubscriber.message);
+ } else {
+ Assert.assertEquals("Unexpected message", message, testSubscriber.message);
+ }
+ Assert.assertEquals("Unexpected number of PubSub.onMessage() callbacks", ++count, testSubscriber.count);
+ }
+ }
+ }
+
+ /**
+ * Submit empty topic. It's ok, generates form page.
+ * @throws Exception
+ */
+ @Test
+ public void testPubSubEmptyTopic() throws Exception {
+ URL url = new URL(String.format(REQUEST_URL, "", "message"));
+ HttpURLConnection conn = null;
+ try {
+ conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals("Unexpected response code", HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ } finally {
+ safeClose(conn);
+ }
+ Assert.assertEquals("Unexpected number of PubSub.onMessage() callbacks", 0, testSubscriber.count);
+ }
+
+ /**
+ * Submit invalid topic
+ * @throws Exception
+ */
+ @Test
+ public void testPubSubInvalidTopic() throws Exception {
+ String[] invalid_topics = { "invalid_topic_1", "invalid_topic_2", "invalid_topic_3" };
+ for (String topic : invalid_topics) {
+ URL url = new URL(String.format(REQUEST_URL, topic, "message"));
+ HttpURLConnection conn = null;
+ try {
+ conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals("Unexpected response code", HttpURLConnection.HTTP_BAD_REQUEST, conn.getResponseCode());
+ } finally {
+ safeClose(conn);
+ }
+ Assert.assertEquals("Unexpected number of PubSub.onMessage() callbacks", 0, testSubscriber.count);
+ }
+ }
+
+ /**
+ * Submit topic that has no subscribers.
+ * @throws Exception
+ */
+ @Test
+ public void testPubSubNonSubscribedTopic() throws Exception {
+ // At this point all valid Topic values have been subscribed to
+ // in before() method.
+ // Unsubscribe from one topic and then try publishing to it.
+ PubSub.getInstance().unsubscribe(Topic.HDFS_SYNC_HMS, testSubscriber);
+ Assert.assertEquals("Unexpected number of registered topics", topics.length-1, PubSub.getInstance().getTopics().size());
+
+ URL url = new URL(String.format(REQUEST_URL, Topic.HDFS_SYNC_HMS.getName(), "message"));
+ HttpURLConnection conn = null;
+ try {
+ conn = (HttpURLConnection) url.openConnection();
+ Assert.assertEquals("Unexpected response code", HttpURLConnection.HTTP_BAD_REQUEST, conn.getResponseCode());
+ } finally {
+ safeClose(conn);
+ }
+ // re-subscribe, not to upset after() method which expects all topics to be subscribed to
+ PubSub.getInstance().subscribe(Topic.HDFS_SYNC_HMS, testSubscriber);
+ }
+
+ private static void safeClose(HttpURLConnection conn) {
+ if (conn != null) {
+ try {
+ conn.disconnect();
+ } catch (Exception ignore) {
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerWithoutKerberos.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerWithoutKerberos.java
new file mode 100644
index 0000000..3deadab
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerWithoutKerberos.java
@@ -0,0 +1,214 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless createRequired by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
+import org.apache.sentry.core.model.db.AccessConstants;
+import org.apache.sentry.core.model.db.Database;
+import org.apache.sentry.core.model.db.Server;
+import org.apache.sentry.core.model.db.Table;
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.google.common.collect.Lists;
+import com.google.common.collect.Sets;
+
+public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBase {
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ kerberos = false;
+ beforeSetup();
+ setupConf();
+ startSentryService();
+ afterSetup();
+ }
+
+ @Test
+ public void testCreateRole() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+ String roleName = "admin_r";
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+ client.dropRole(requestorUserName, roleName);
+ }
+
+ @Test
+ public void testQueryPushDown() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ String roleName1 = "admin_r1";
+ String roleName2 = "admin_r2";
+
+ String group1 = "g1";
+ String group2 = "g2";
+
+ client.dropRoleIfExists(requestorUserName, roleName1);
+ client.createRole(requestorUserName, roleName1);
+ client.grantRoleToGroup(requestorUserName, group1, roleName1);
+
+ client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
+
+ client.dropRoleIfExists(requestorUserName, roleName2);
+ client.createRole(requestorUserName, roleName2);
+ client.grantRoleToGroup(requestorUserName, group1, roleName2);
+ client.grantRoleToGroup(requestorUserName, group2, roleName2);
+
+ client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
+ client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");
+
+ Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, null);
+ assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size());
+
+ listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, new ArrayList<Authorizable>());
+ assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size());
+
+ listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
+ assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());
+
+ listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
+ assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());
+
+ listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
+ assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
+
+ listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
+ assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
+
+ Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
+ assertEquals("Privilege not correctly assigned to roles !!",
+ Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"),
+ listPrivilegesForProvider);
+
+ listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
+ assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider);
+
+ listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
+ assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);
+
+ listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
+ assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
+ }
+
+
+
+ /**
+ * Create role, add privileges and grant it to a group drop the role and
+ * verify the privileges are no longer visible recreate the role with same
+ * name and verify the privileges again.
+ * @throws Exception
+ */
+ @Test
+ public void testDropRole() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+ String roleName = "admin_r";
+
+ // create role and add privileges
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+ client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
+ client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
+ client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
+ assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null,
+ ActiveRoleSet.ALL).size());
+
+ // drop role and verify privileges
+ client.dropRole(requestorUserName, roleName);
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
+ ActiveRoleSet.ALL).size());
+
+ // recreate the role
+ client.createRole(requestorUserName, roleName);
+ client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
+ ActiveRoleSet.ALL).size());
+
+ // grant different privileges and verify
+ client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
+ assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null,
+ ActiveRoleSet.ALL).size());
+ client.dropRole(requestorUserName, roleName);
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
+ ActiveRoleSet.ALL).size());
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
+ ActiveRoleSet.ALL).size());
+ }
+
+ @Test
+ public void testDropRoleOnUser() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER);
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+ String roleName = "admin_r";
+
+ // create role and add privileges
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+ client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName);
+ client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
+ client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
+ assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
+ ActiveRoleSet.ALL).size());
+
+ // drop role and verify privileges
+ client.dropRole(requestorUserName, roleName);
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
+ ActiveRoleSet.ALL).size());
+
+ // recreate the role
+ client.createRole(requestorUserName, roleName);
+ client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
+ ActiveRoleSet.ALL).size());
+
+ // grant different privileges and verify
+ client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
+ assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
+ ActiveRoleSet.ALL).size());
+ client.dropRole(requestorUserName, roleName);
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
+ ActiveRoleSet.ALL).size());
+ assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
+ ActiveRoleSet.ALL).size());
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceClientPool.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceClientPool.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceClientPool.java
new file mode 100644
index 0000000..85ab1b1
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceClientPool.java
@@ -0,0 +1,111 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import static org.junit.Assert.assertTrue;
+
+import java.security.PrivilegedExceptionAction;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.Callable;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.FutureTask;
+
+import org.apache.sentry.core.common.exception.SentryUserException;
+import org.apache.sentry.service.thrift.SentryServiceFactory;
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+import org.junit.Test;
+
+import com.google.common.collect.Sets;
+
+public class TestSentryServiceClientPool extends SentryServiceIntegrationBase {
+
+ @Test
+ public void testConnectionWhenReconnect() throws Exception {
+ runTestAsSubject(new TestOperation() {
+ @Override
+ public void runTestAsSubject() throws Exception {
+ String requestorUserName = SentryServiceIntegrationBase.ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(SentryServiceIntegrationBase.ADMIN_GROUP);
+ String roleName = "admin_r";
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+ client.listAllRoles(requestorUserName);
+ stopSentryService();
+ SentryServiceIntegrationBase.server = SentryServiceFactory.create(SentryServiceIntegrationBase.conf);
+ SentryServiceIntegrationBase.startSentryService();
+ client.listAllRoles(requestorUserName);
+ client.dropRole(requestorUserName, roleName);
+ }
+ });
+ }
+
+ @Test
+ public void testConnectionWithMultipleRetries() throws Exception {
+ runTestAsSubject(new TestOperation() {
+ @Override
+ public void runTestAsSubject() throws Exception {
+ List<Future<Boolean>> tasks = new ArrayList<Future<Boolean>>();
+ String requestorUserName = SentryServiceIntegrationBase.ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(SentryServiceIntegrationBase.ADMIN_GROUP);
+ String roleName = "admin_r";
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+
+ ExecutorService executorService = Executors.newFixedThreadPool(20);
+
+ Callable<Boolean> func = new Callable<Boolean>() {
+ public Boolean call() throws Exception {
+ return SentryServiceIntegrationBase.clientUgi.doAs(new PrivilegedExceptionAction<Boolean>() {
+ @Override
+ public Boolean run() throws Exception {
+ try {
+ client.listAllRoles(SentryServiceIntegrationBase.ADMIN_USER);
+ return true;
+ } catch (SentryUserException sue) {
+ return false;
+ }
+ }
+ });
+ }
+ };
+
+ for (int i = 0; i < 30; i++) {
+ FutureTask<Boolean> task = new FutureTask<Boolean>(func);
+ tasks.add(task);
+ executorService.submit(task);
+ }
+
+ for (Future<Boolean> task : tasks) {
+ Boolean result = task.get();
+ assertTrue("Some tasks are failed.", result);
+ }
+ }
+ });
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceFailureCase.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceFailureCase.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceFailureCase.java
new file mode 100644
index 0000000..fa67f27
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceFailureCase.java
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.base.Strings;
+
+public class TestSentryServiceFailureCase extends SentryServiceIntegrationBase {
+ private static final Logger LOGGER = LoggerFactory.getLogger(TestSentryServiceFailureCase.class);
+ private static final String PEER_CALLBACK_FAILURE = "Peer indicated failure: Problem with callback handler";
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ kerberos = true;
+ beforeSetup();
+ setupConf();
+ conf.set(ServerConfig.ALLOW_CONNECT, "");
+ startSentryService();
+ afterSetup();
+ }
+
+ @Override
+ @Before
+ public void before() throws Exception {
+ }
+
+ @Override
+ @After
+ public void after() {
+ }
+
+ @Test
+ public void testClientServerConnectionFailure() throws Exception {
+ try {
+ connectToSentryService();
+ String requestorUserName = ADMIN_USER;
+ client.listAllRoles(requestorUserName);
+ Assert.fail("Failed to receive Exception");
+ } catch(Exception e) {
+ LOGGER.info("Excepted exception", e);
+ Throwable cause = e.getCause();
+ if (cause == null) {
+ throw e;
+ }
+ String msg = "Exception message: " + cause.getMessage();
+ Assert.assertTrue(msg, Strings.nullToEmpty(cause.getMessage())
+ .contains(PEER_CALLBACK_FAILURE));
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/b97f5c7a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceForPoolWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceForPoolWithKerberos.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceForPoolWithKerberos.java
new file mode 100644
index 0000000..aa156f2
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceForPoolWithKerberos.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless createRequired by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import org.junit.BeforeClass;
+
+public class TestSentryServiceForPoolWithKerberos extends TestSentryServiceWithKerberos {
+
+ @BeforeClass
+ public static void setup() throws Exception {
+ kerberos = true;
+ pooled = true;
+ beforeSetup();
+ setupConf();
+ startSentryService();
+ afterSetup();
+ }
+
+}
\ No newline at end of file