sentry git commit: SENTRY-2277: Add to SentryStore testURI test case testing with multiple URI privileges (Arjun Mishra reviewed by Kalyan Kumar Kalvagadda and Lina Li)

[ka...@apache.org]

Repository: sentry
Updated Branches:
  refs/heads/master d0536f55c -> 00274ccd6


SENTRY-2277: Add to SentryStore testURI test case testing with multiple URI privileges (Arjun Mishra reviewed by Kalyan Kumar Kalvagadda and Lina Li)


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/00274ccd
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/00274ccd
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/00274ccd

Branch: refs/heads/master
Commit: 00274ccd676b8378b9cf80f414c6a643a46655b5
Parents: d0536f5
Author: Kalyan Kumar Kalvagadda <kk...@cloudera.com>
Authored: Fri Jun 29 17:06:16 2018 -0500
Committer: Kalyan Kumar Kalvagadda <kk...@cloudera.com>
Committed: Fri Jun 29 17:06:16 2018 -0500

----------------------------------------------------------------------
 .../db/service/persistent/TestSentryStore.java  | 71 ++++++++++++++------
 1 file changed, 52 insertions(+), 19 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/00274ccd/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index 954122e..d33ae26 100644
--- a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -254,50 +254,83 @@ public class TestSentryStore extends org.junit.Assert {
 
   @Test
   public void testURI() throws Exception {
-    String roleName = "test-dup-role";
+    String roleName1 = "test-role1";
+    String roleName2 = "test-role2";
     String grantor = "g1";
-    String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat";
-    createRole(roleName);
-    TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL");
-    tSentryPrivilege.setURI(uri);
-    sentryStore.alterSentryGrantPrivilege(grantor, SentryEntityType.ROLE, roleName, tSentryPrivilege, null);
+    String uri1 = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat";
+    String uri2 = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv2.dat";
+    createRole(roleName1);
+    createRole(roleName2);
+    TSentryPrivilege tSentryPrivilege1 = new TSentryPrivilege("URI", "server1", "ALL");
+    tSentryPrivilege1.setURI(uri1);
+    TSentryPrivilege tSentryPrivilege2 = new TSentryPrivilege("URI", "server1", "ALL");
+    tSentryPrivilege2.setURI(uri2);
+    sentryStore.alterSentryGrantPrivilege(grantor, SentryEntityType.ROLE, roleName1, tSentryPrivilege1, null);
+    sentryStore.alterSentryGrantPrivilege(grantor, SentryEntityType.ROLE, roleName2, tSentryPrivilege2, null);
 
-    TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
-    tSentryAuthorizable.setUri(uri);
-    tSentryAuthorizable.setServer("server1");
+    TSentryAuthorizable tSentryAuthorizable1 = new TSentryAuthorizable();
+    tSentryAuthorizable1.setUri(uri1);
+    tSentryAuthorizable1.setServer("server1");
+
+    TSentryAuthorizable tSentryAuthorizable2 = new TSentryAuthorizable();
+    tSentryAuthorizable2.setUri(uri2);
+    tSentryAuthorizable2.setServer("server1");
 
     Set<TSentryPrivilege> privileges =
-        sentryStore.getTSentryPrivileges(SentryEntityType.ROLE, new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable);
+        sentryStore.getTSentryPrivileges(SentryEntityType.ROLE, new HashSet<String>(Arrays.asList(roleName1, roleName2)), tSentryAuthorizable1);
+
+    assertTrue(privileges.size() == 1);
 
+    //Test with other URI Authorizable
+    privileges =
+        sentryStore.getTSentryPrivileges(SentryEntityType.ROLE, new HashSet<String>(Arrays.asList(roleName1, roleName2)), tSentryAuthorizable2);
     assertTrue(privileges.size() == 1);
 
     Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>();
     tSentryGroups.add(new TSentryGroup("group1"));
-    sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups);
-    sentryStore.alterSentryRoleAddUsers(roleName, Sets.newHashSet("user1"));
+    sentryStore.alterSentryRoleAddGroups(grantor, roleName1, tSentryGroups);
+    sentryStore.alterSentryRoleAddUsers(roleName1, Sets.newHashSet("user1"));
+    sentryStore.alterSentryRoleAddGroups(grantor, roleName2, tSentryGroups);
+    sentryStore.alterSentryRoleAddUsers(roleName2, Sets.newHashSet("user1"));
 
-    TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName)));
+    TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName1,roleName2)));
 
     // list privilege for group only
     Set<String> privs = sentryStore.listSentryPrivilegesForProvider(
         new HashSet<String>(Arrays.asList("group1")), Sets.newHashSet(""), thriftRoleSet,
-        tSentryAuthorizable);
+        tSentryAuthorizable1);
+    assertTrue(privs.size()==1);
+    assertTrue(privs.contains("server=server1->uri=" + uri1 + "->action=all"));
 
+    privs = sentryStore.listSentryPrivilegesForProvider(
+        new HashSet<String>(Arrays.asList("group1")), Sets.newHashSet(""), thriftRoleSet,
+        tSentryAuthorizable2);
     assertTrue(privs.size()==1);
-    assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all"));
+    assertTrue(privs.contains("server=server1->uri=" + uri2 + "->action=all"));
 
     // list privilege for user only
     privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("")),
-        Sets.newHashSet("user1"), thriftRoleSet, tSentryAuthorizable);
+        Sets.newHashSet("user1"), thriftRoleSet, tSentryAuthorizable1);
+    assertTrue(privs.size() == 1);
+    assertTrue(privs.contains("server=server1->uri=" + uri1 + "->action=all"));
+
+    privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("")),
+        Sets.newHashSet("user1"), thriftRoleSet, tSentryAuthorizable2);
     assertTrue(privs.size() == 1);
-    assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all"));
+    assertTrue(privs.contains("server=server1->uri=" + uri2 + "->action=all"));
 
     // list privilege for both user and group
     privs = sentryStore.listSentryPrivilegesForProvider(
         new HashSet<String>(Arrays.asList("group1")), Sets.newHashSet("user1"), thriftRoleSet,
-        tSentryAuthorizable);
+        tSentryAuthorizable1);
+    assertTrue(privs.size() == 1);
+    assertTrue(privs.contains("server=server1->uri=" + uri1 + "->action=all"));
+
+    privs = sentryStore.listSentryPrivilegesForProvider(
+        new HashSet<String>(Arrays.asList("group1")), Sets.newHashSet("user1"), thriftRoleSet,
+        tSentryAuthorizable2);
     assertTrue(privs.size() == 1);
-    assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all"));
+    assertTrue(privs.contains("server=server1->uri=" + uri2 + "->action=all"));
   }
 
   @Test