You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@impala.apache.org by ta...@apache.org on 2016/05/12 22:09:51 UTC
[16/50] [abbrv] incubator-impala git commit: IMPALA-3460:
test_grant_revoke: remove S3-specific workload
IMPALA-3460: test_grant_revoke: remove S3-specific workload
Now that we functionally support writes to S3 via Impala,
test_grant_revoke should not have a special case for S3, which
till this patch did the test without INSERTs.
Change-Id: Id981e7f83bf86b32d1a5b267ad3781db02337e86
Reviewed-on: http://gerrit.cloudera.org:8080/2949
Reviewed-by: Sailesh Mukil <sa...@cloudera.com>
Tested-by: Internal Jenkins
Project: http://git-wip-us.apache.org/repos/asf/incubator-impala/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-impala/commit/3093054e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-impala/tree/3093054e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-impala/diff/3093054e
Branch: refs/heads/master
Commit: 3093054e95a70436b197ac878639b6864140a36d
Parents: 8c2bf97
Author: Sailesh Mukil <sa...@cloudera.com>
Authored: Tue May 3 23:43:21 2016 -0700
Committer: Tim Armstrong <ta...@cloudera.com>
Committed: Thu May 12 14:17:54 2016 -0700
----------------------------------------------------------------------
.../QueryTest/grant_revoke_no_insert.test | 618 -------------------
tests/authorization/test_grant_revoke.py | 5 +-
2 files changed, 1 insertion(+), 622 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-impala/blob/3093054e/testdata/workloads/functional-query/queries/QueryTest/grant_revoke_no_insert.test
----------------------------------------------------------------------
diff --git a/testdata/workloads/functional-query/queries/QueryTest/grant_revoke_no_insert.test b/testdata/workloads/functional-query/queries/QueryTest/grant_revoke_no_insert.test
deleted file mode 100644
index c6d10f6..0000000
--- a/testdata/workloads/functional-query/queries/QueryTest/grant_revoke_no_insert.test
+++ /dev/null
@@ -1,618 +0,0 @@
-====
----- QUERY
-create role grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-create role grant_revoke_test_ALL_TEST_DB
----- RESULTS
-====
----- QUERY
-create role grant_revoke_test_SELECT_INSERT_TEST_TBL
----- RESULTS
-====
----- QUERY
-create role grant_revoke_test_ALL_URI
----- RESULTS
-====
----- QUERY
-# Shows all roles in the system
-show roles
----- RESULTS: VERIFY_IS_SUBSET
-'grant_revoke_test_ALL_SERVER'
-'grant_revoke_test_ALL_TEST_DB'
-'grant_revoke_test_SELECT_INSERT_TEST_TBL'
-'grant_revoke_test_ALL_URI'
----- TYPES
-STRING
-====
----- QUERY
-create database grant_rev_db location '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_db.db'
----- CATCH
-does not have privileges to execute 'CREATE' on: grant_rev_db
-====
----- QUERY
-grant all on server to grant_revoke_test_ALL_SERVER
-====
----- QUERY
-# Group name will be replaced with the actual user's group in the test
-# framework.
-grant role grant_revoke_test_ALL_SERVER to group $GROUP_NAME
-====
----- QUERY
-show current roles
----- RESULTS: VERIFY_IS_SUBSET
-'grant_revoke_test_ALL_SERVER'
----- TYPES
-STRING
-====
----- USER
-does_not_exist
----- QUERY
-# Run this query as a different user and verify no roles show up but the
-# stmt does not fail with an authorization error.
-show current roles
----- RESULTS: VERIFY_IS_SUBSET
----- TYPES
-STRING
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS
-'SERVER','','','','','ALL',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER on server
----- RESULTS
-'SERVER','','','','','ALL',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- USER
-does_not_exist
----- QUERY
-# User should not have privileges to execute SHOW ROLES
-show roles
----- RESULTS: VERIFY_IS_SUBSET
----- TYPES
-STRING
----- CATCH
-User 'does_not_exist' does not have privileges to access the requested policy metadata
-====
----- USER
-does_not_exist
----- QUERY
-# User should not have privileges to execute SHOW ROLE GRANT GROUP for a group they do not
-# belong to.
-show role grant group root
----- RESULTS: VERIFY_IS_SUBSET
----- TYPES
-STRING
----- CATCH
-User 'does_not_exist' does not have privileges to access the requested policy metadata
-====
----- USER
-root
----- QUERY
-# The 'root' user doesn't have any roles granted to them, but since they are part of the
-# 'root' group, they should have privileges to execute this statement.
-show role grant group root
----- RESULTS: VERIFY_IS_SUBSET
----- TYPES
-STRING
-====
----- QUERY
-drop database if exists grant_rev_db
-====
----- QUERY
-create database grant_rev_db location '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_db.db'
-====
----- QUERY
-show tables in grant_rev_db
----- RESULTS
----- TYPES
-STRING
-====
----- QUERY
-create table grant_rev_db.test_tbl1(i int)
-====
----- QUERY
-show tables in grant_rev_db
----- RESULTS
-'test_tbl1'
----- TYPES
-STRING
-====
----- QUERY
-revoke role grant_revoke_test_ALL_SERVER from group $GROUP_NAME
-====
----- QUERY
-create database grant_rev_db location '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_db.db'
----- CATCH
-does not have privileges to execute 'CREATE' on: grant_rev_db
-====
----- QUERY
-show tables in grant_rev_db
----- CATCH
-does not have privileges to access: grant_rev_db.*
-====
----- QUERY
-grant role grant_revoke_test_ALL_TEST_DB to group $GROUP_NAME
-====
----- QUERY
-# Should now have all privileges on the test db
-grant all on database grant_rev_db to grant_revoke_test_ALL_TEST_DB
-====
----- QUERY
-show tables in grant_rev_db
----- RESULTS
-'test_tbl1'
----- TYPES
-STRING
-====
----- QUERY
-# Even though the user has all privileges on the database, they do not have privileges
-# on any URIs. The FE tests have additional error message verification.
-create table grant_rev_db.test_tbl2(i int) location '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_test_tbl2';
----- CATCH
-does not have privileges to access: $NAMENODE/test-warehouse/grant_rev_test_tbl2
-====
----- QUERY
-grant role grant_revoke_test_ALL_URI to group $GROUP_NAME
-====
----- QUERY
-grant all on uri '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_test_tbl2' to grant_revoke_test_ALL_URI
-====
----- QUERY
-# Should now have privileges to create the table.
-create table grant_rev_db.test_tbl2(i int) location '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_test_tbl2';
-====
----- QUERY
-show tables in grant_rev_db
----- RESULTS
-'test_tbl1'
-'test_tbl2'
----- TYPES
-STRING
-====
----- QUERY
-show grant role grant_revoke_test_ALL_URI
----- RESULTS
-'URI','','','','$NAMENODE/test-warehouse/grant_rev_test_tbl2','ALL',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-# To create a database server-level privileges are required.
-create database grant_rev_db location '$FILESYSTEM_PREFIX/test-warehouse/grant_rev_db.db'
----- CATCH
-does not have privileges to execute 'CREATE' on: grant_rev_db
-====
----- QUERY
-# Dropping the role should remove the privileges
-drop role grant_revoke_test_ALL_TEST_DB
-====
----- QUERY
-show tables in grant_rev_db
----- CATCH
-does not have privileges to access: grant_rev_db.*
-====
----- QUERY
-grant role grant_revoke_test_SELECT_INSERT_TEST_TBL to group $GROUP_NAME
-====
----- QUERY
-GRANT SELECT ON TABLE grant_rev_db.test_tbl1 TO grant_revoke_test_SELECT_INSERT_TEST_TBL
-====
----- QUERY
-select * from grant_rev_db.test_tbl1
----- RESULTS
----- TYPES
-INT
-====
----- QUERY
-select * from grant_rev_db.test_tbl2
----- CATCH
-does not have privileges to execute 'SELECT' on: grant_rev_db.test_tbl2
-====
----- QUERY
-insert overwrite grant_rev_db.test_tbl1 select 1
----- CATCH
-does not have privileges to execute 'INSERT' on: grant_rev_db.test_tbl1
-====
----- QUERY
-GRANT INSERT ON TABLE grant_rev_db.test_tbl1 TO grant_revoke_test_SELECT_INSERT_TEST_TBL
-====
----- QUERY
-show grant role grant_revoke_test_SELECT_INSERT_TEST_TBL on table grant_rev_db.test_tbl1
----- RESULTS
-'TABLE','grant_rev_db','test_tbl1','','','SELECT',FALSE,regex:.+
-'TABLE','grant_rev_db','test_tbl1','','','INSERT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-# Attempt to INSERT to S3 will give an error about inserting to non-HDFS filesystem.
-# When INSERT to S3 is supported, this subtest will fail and we can remove this test file
-# and alawys use the normal grant_revoke.test.
-insert overwrite grant_rev_db.test_tbl1 select 1
----- CATCH
-Unable to INSERT into target table (grant_rev_db.test_tbl1) because $NAMENODE/test-warehouse/grant_rev_db.db/test_tbl1 is not an HDFS filesystem.
-====
----- USER
-test_user
----- QUERY
-create role some_test_role
----- CATCH
-User 'test_user' does not have privileges to execute: CREATE_ROLE
-====
----- USER
-test_user
----- QUERY
-drop role grant_revoke_test_ALL_SERVER
----- CATCH
-User 'test_user' does not have privileges to execute: DROP_ROLE
-====
----- USER
-test_user
----- QUERY
-grant role grant_revoke_test_ALL_SERVER to group $GROUP_NAME
----- CATCH
-User 'test_user' does not have privileges to execute: GRANT_ROLE
-====
----- USER
-test_user
----- QUERY
-revoke role grant_revoke_test_ALL_SERVER from group $GROUP_NAME
----- CATCH
-User 'test_user' does not have privileges to execute: REVOKE_ROLE
-====
----- USER
-test_user
----- QUERY
-grant all on server to grant_revoke_test_ALL_SERVER
----- CATCH
-User 'test_user' does not have privileges to execute: GRANT_PRIVILEGE
-====
----- USER
-test_user
----- QUERY
-revoke all on server from grant_revoke_test_ALL_SERVER
----- CATCH
-User 'test_user' does not have privileges to execute: REVOKE_PRIVILEGE
-====
----- QUERY
-# Set up a role to test the WITH GRANT OPTION. Assumes that tests are not running as
-# 'root' and that 'root' exists on all machines.
-create role grant_revoke_test_ROOT;
-grant role grant_revoke_test_ROOT to group root;
-grant all on database functional to grant_revoke_test_ROOT WITH GRANT OPTION;
-====
----- USER
-root
----- QUERY
-# There should only be one role that exists for root
-show current roles
----- RESULTS
-'grant_revoke_test_ROOT'
----- TYPES
-STRING
-====
----- USER
-root
----- QUERY
-# This privilege actually active
-show databases
----- RESULTS
-'default','Default Hive database'
-'functional',''
----- TYPES
-STRING,STRING
-====
----- USER
-root
----- QUERY
-# The root user should be able to grant/revoke child privileges.
-# Due to SENTRY-445 they cannot grant SELECT/INSERT even though they have been granted
-# ALL.
-grant all on table functional.alltypes to grant_revoke_test_ROOT
-====
----- USER
-root
----- QUERY
-show grant role grant_revoke_test_ROOT
----- RESULTS
-'DATABASE','functional','','','','ALL',TRUE,regex:.+
-'TABLE','functional','alltypes','','','ALL',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
----- USER
-root
-====
----- QUERY
-revoke all on table functional.alltypes from grant_revoke_test_ROOT
-====
----- USER
-root
----- QUERY
-# User should not be able to grant privileges outside of this scope.
-grant all on table functional_seq.alltypes to grant_revoke_test_ROOT
----- CATCH
-User 'root' does not have privileges to execute: GRANT_PRIVILEGE
-====
----- USER
-root
----- QUERY
-# Also cannot create/drop/grant roles
-create role grant_revoke_test_ROOT2
----- CATCH
-User 'root' does not have privileges to execute: CREATE_ROLE
-====
----- USER
-root
----- QUERY
-# Also cannot create/drop/grant roles
-grant role grant_revoke_test_ROOT to group root
----- CATCH
-User 'root' does not have privileges to execute: GRANT_ROLE
-====
----- QUERY
-# Revoke the GRANT OPTION and verify the user can no longer GRANT or REVOKE
-revoke grant option for all on database functional from grant_revoke_test_ROOT
-====
----- USER
-root
----- QUERY
-grant all on table functional.alltypes to grant_revoke_test_ROOT
----- CATCH
-User 'root' does not have privileges to execute: GRANT_PRIVILEGE
-====
----- USER
-root
----- QUERY
-# The privilege is still active
-show databases
----- RESULTS
-'default','Default Hive database'
-'functional',''
----- TYPES
-STRING,STRING
-====
----- QUERY
-# Privilege still exists, but grant option is set to false
-show grant role grant_revoke_test_ROOT
----- RESULTS
-'DATABASE','functional','','','','ALL',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
----- USER
-root
-====
----- QUERY
-REVOKE ROLE grant_revoke_test_ALL_URI FROM GROUP $GROUP_NAME;
-REVOKE ROLE grant_revoke_test_SELECT_INSERT_TEST_TBL FROM GROUP $GROUP_NAME;
----- RESULTS
-====
----- QUERY
-GRANT ROLE grant_revoke_test_ALL_SERVER TO GROUP $GROUP_NAME
----- RESULTS
-====
----- QUERY
-show current roles
----- RESULTS: VERIFY_IS_SUBSET
-'grant_revoke_test_ALL_SERVER'
----- TYPES
-STRING
-====
----- QUERY
-# Create a table with multiple columns to test column-level security.
-create table grant_rev_db.test_tbl3(a int, b int, c int, d int, e int) partitioned by (x int, y int)
----- RESULTS
-====
----- QUERY
-GRANT SELECT (a, b, x) ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','a','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','b','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','x','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-GRANT SELECT (c, d, y) ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','a','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','b','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','c','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','d','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','x','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','y','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-GRANT SELECT (a, a, e, x) ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','a','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','b','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','c','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','d','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','e','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','x','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','y','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-# Revoke SELECT privileges from columns
-REVOKE SELECT (a, b, b, y) ON TABLE grant_rev_db.test_tbl3 FROM grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','c','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','d','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','e','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','x','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-REVOKE SELECT (a, b, c, x) ON TABLE grant_rev_db.test_tbl3 FROM grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','d','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','e','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-REVOKE SELECT (a, b, c, d, e) ON TABLE grant_rev_db.test_tbl3 FROM grant_revoke_test_ALL_SERVER;
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-# Grant SELECT on table to 'root' without 'WITH GRANT' option.
-GRANT ROLE grant_revoke_test_ROOT TO GROUP root;
-GRANT SELECT ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ROOT;
-REVOKE ALL ON DATABASE functional FROM grant_revoke_test_ROOT;
----- RESULTS
-====
----- USER
-root
----- QUERY
-show grant role grant_revoke_test_ROOT
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'TABLE','grant_rev_db','test_tbl3','','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- USER
-root
----- QUERY
-GRANT SELECT (a) ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ROOT
----- CATCH
-User 'root' does not have privileges to execute: GRANT_PRIVILEGE
-====
----- QUERY
-REVOKE SELECT ON TABLE grant_rev_db.test_tbl3 FROM grant_revoke_test_ROOT
----- RESULTS
-====
----- QUERY
-# Grant SELECT on table to 'root' with 'WITH GRANT' option.
-GRANT SELECT ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ROOT WITH GRANT OPTION
----- RESULTS
-====
----- USER
-root
----- QUERY
-GRANT SELECT (a) ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ROOT
----- RESULTS
-====
----- USER
-root
----- QUERY
-show grant role grant_revoke_test_ROOT
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'TABLE','grant_rev_db','test_tbl3','','','SELECT',TRUE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','a','','SELECT',FALSE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-GRANT SELECT (a, c, e) ON TABLE grant_rev_db.test_tbl3 TO grant_revoke_test_ALL_SERVER WITH GRANT OPTION
----- RESULTS
-====
----- QUERY
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','a','','SELECT',TRUE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','c','','SELECT',TRUE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','e','','SELECT',TRUE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-REVOKE GRANT OPTION FOR SELECT (a, c) ON TABLE grant_rev_db.test_tbl3 FROM grant_revoke_test_ALL_SERVER
----- RESULTS
-====
----- QUERY
-# TODO: Add a test case that exercises the cascading effect of REVOKE ALL.
-show grant role grant_revoke_test_ALL_SERVER
----- RESULTS: VERIFY_IS_EQUAL_SORTED
-'SERVER','','','','','ALL',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','a','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','c','','SELECT',FALSE,regex:.+
-'COLUMN','grant_rev_db','test_tbl3','e','','SELECT',TRUE,regex:.+
----- LABELS
-scope, database, table, column, uri, privilege, grant_option, create_time
----- TYPES
-STRING, STRING, STRING, STRING, STRING, STRING, BOOLEAN, STRING
-====
----- QUERY
-# Cleanup test roles
-drop role grant_revoke_test_ALL_SERVER;
-drop role grant_revoke_test_SELECT_INSERT_TEST_TBL;
-drop role grant_revoke_test_ALL_URI;
-drop role grant_revoke_test_ROOT;
----- RESULTS
-====
http://git-wip-us.apache.org/repos/asf/incubator-impala/blob/3093054e/tests/authorization/test_grant_revoke.py
----------------------------------------------------------------------
diff --git a/tests/authorization/test_grant_revoke.py b/tests/authorization/test_grant_revoke.py
index 94a5d5c..b51cb77 100644
--- a/tests/authorization/test_grant_revoke.py
+++ b/tests/authorization/test_grant_revoke.py
@@ -75,7 +75,4 @@ class TestGrantRevoke(CustomClusterTestSuite, ImpalaTestSuite):
impalad_args="--server_name=server1",
catalogd_args="--sentry_config=" + SENTRY_CONFIG_FILE)
def test_grant_revoke(self, vector):
- if IS_S3:
- self.run_test_case('QueryTest/grant_revoke_no_insert', vector, use_db="default")
- else:
- self.run_test_case('QueryTest/grant_revoke', vector, use_db="default")
+ self.run_test_case('QueryTest/grant_revoke', vector, use_db="default")