You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sd...@apache.org on 2016/06/21 03:15:44 UTC
sentry git commit: SENTRY-1134: Add user defined udf test case (Ke
Jia, reviewed Dapeng Sun, Anne Yu)
Repository: sentry
Updated Branches:
refs/heads/master 38098b461 -> 8cd392b55
SENTRY-1134: Add user defined udf test case (Ke Jia, reviewed Dapeng Sun, Anne Yu)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/8cd392b5
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/8cd392b5
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/8cd392b5
Branch: refs/heads/master
Commit: 8cd392b55560e6c109469e5efabc2d96053f741e
Parents: 38098b4
Author: Sun Dapeng <sd...@apache.org>
Authored: Tue Jun 21 11:09:28 2016 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Tue Jun 21 11:09:28 2016 +0800
----------------------------------------------------------------------
.../e2e/hive/TestPrivilegesAtFunctionScope.java | 32 +++++++++++++++++++-
.../apache/sentry/tests/e2e/hive/TestUDF.java | 29 ++++++++++++++++++
2 files changed, 60 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/8cd392b5/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
index ef7a86c..61fecc7 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
@@ -83,6 +83,9 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
if(udfLocation == null) {
udfLocation = udfSrc.getLocation().getPath();
}
+ String udf1ClassName = "org.apache.sentry.tests.e2e.hive.TestUDF";
+ CodeSource udf1Src = Class.forName(udf1ClassName).getProtectionDomain().getCodeSource();
+ String udf1Location = udf1Src.getLocation().getPath();
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
@@ -96,17 +99,44 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
context.close();
policyFile
- .addRolesToGroup(USERGROUP1, "db1_all", "UDF_JAR", "data_read")
+ .addRolesToGroup(USERGROUP1, "db1_all", "UDF1_JAR", "UDF_JAR", "data_read")
.addRolesToGroup(USERGROUP2, "db1_tab1", "UDF_JAR")
.addRolesToGroup(USERGROUP3, "db1_tab1")
.addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
.addPermissionsToRole("db1_tab1", "server=server1->db=" + DB1 + "->table=" + tableName1)
.addPermissionsToRole("UDF_JAR", "server=server1->uri=file://" + udfLocation)
+ .addPermissionsToRole("UDF1_JAR", "server=server1->uri=file://" + udf1Location)
.addPermissionsToRole("data_read", "server=server1->URI=" + "file:///tmp");
writePolicyFile(policyFile);
}
@Test
+ public void testCreateUdf() throws Exception {
+ setUpContext();
+ // user1 should be able create/drop temp functions
+ Connection connection = context.createConnection(USER1_1);
+ Statement statement = context.createStatement(connection);
+ statement.execute("USE " + DB1);
+
+ statement.execute("CREATE TEMPORARY FUNCTION test_1 AS 'org.apache.sentry.tests.e2e.hive.TestUDF'");
+ statement.close();
+ connection.close();
+
+ // user3 shouldn't be able to create/drop temp functions since it doesn't have permission for jar
+ connection = context.createConnection(USER3_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE " + DB1);
+ try {
+ statement.execute("CREATE TEMPORARY FUNCTION test_2 AS 'org.apache.sentry.tests.e2e.hive.TestUDF'");
+ assertFalse("CREATE TEMPORARY FUNCTION should fail for user3", true);
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ statement.close();
+ connection.close();
+ }
+
+ @Test
public void testAndVerifyFuncPrivilegesPart1() throws Exception {
setUpContext();
// user1 should be able create/drop temp functions
http://git-wip-us.apache.org/repos/asf/sentry/blob/8cd392b5/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUDF.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUDF.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUDF.java
new file mode 100644
index 0000000..0cd0cf5
--- /dev/null
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUDF.java
@@ -0,0 +1,29 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements. See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License. You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package org.apache.sentry.tests.e2e.hive;
+
+import org.apache.hadoop.hive.ql.exec.UDF;
+import org.apache.hadoop.io.Text;
+
+
+public final class TestUDF extends UDF {
+
+ public Text evaluate(final Text s) {
+ if (s == null) { return null; }
+ return new Text(s.toString().toUpperCase());
+ }
+}