You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ak...@apache.org on 2017/03/11 01:58:24 UTC

sentry git commit: SENTRY-1354: add column level test cases for select ... group by, order by and where in V2 (Ke Jia via Dapeng Sun)

Repository: sentry
Updated Branches:
  refs/heads/sentry-ha-redesign 51209d98f -> dbf72f5ae


SENTRY-1354: add column level test cases for select ... group by, order by and where in V2 (Ke Jia via Dapeng Sun)


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/dbf72f5a
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/dbf72f5a
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/dbf72f5a

Branch: refs/heads/sentry-ha-redesign
Commit: dbf72f5ae908fc1ff78b209048d5470c1dbe4aaf
Parents: 51209d9
Author: Alexander Kolbasov <ak...@cloudera.com>
Authored: Fri Mar 10 17:58:17 2017 -0800
Committer: Alexander Kolbasov <ak...@cloudera.com>
Committed: Fri Mar 10 17:58:17 2017 -0800

----------------------------------------------------------------------
 .../TestPrivilegeWithGrantOption.java           | 66 ++++++++++++++++++++
 1 file changed, 66 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/dbf72f5a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
index 5eb6030..74a7ec7 100644
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
+++ b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
@@ -65,6 +65,72 @@ public class TestPrivilegeWithGrantOption extends AbstractTestWithStaticConfigur
     super.setup();
   }
 
+  @Test
+  public void testOnGrantSelectColumnPrivilege() throws Exception {
+    // setup db objects needed by the test
+    Connection connection = context.createConnection(ADMIN1);
+    Statement statement = context.createStatement(connection);
+    statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE");
+    statement.execute("CREATE DATABASE db_1");
+    statement.execute("CREATE ROLE group1_role");
+    statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role WITH GRANT OPTION");
+    statement.execute("GRANT ROLE group1_role TO GROUP " + USERGROUP1);
+    statement.execute("CREATE ROLE group2_role");
+    statement.execute("GRANT ROLE group2_role TO GROUP " + USERGROUP2);
+
+    connection = context.createConnection(USER1_1);
+    statement = context.createStatement(connection);
+
+    statement.execute("USE db_1");
+    statement.execute("CREATE TABLE test_tb(s STRING, i INT)");
+    statement.execute("INSERT INTO TABLE test_tb VALUES('Test', 1)");
+    statement.execute("GRANT SELECT(s) ON TABLE test_tb TO ROLE group2_role");
+
+    connection = context.createConnection(USER2_1);
+    statement = context.createStatement(connection);
+    statement.execute("USE db_1");
+    //positive test for order by
+    statement.execute("SELECT s FROM test_tb ORDER BY s");
+    //negative test for order by
+    try {
+      statement.execute("SELECT s FROM test_tb ORDER BY i");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    try {
+      statement.execute("SELECT s FROM test_tb SORT BY i");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    //positive test for group by
+    statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY s ");
+    //negative test for group by
+    try {
+      statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY i");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    try {
+      statement.execute("SELECT s FROM test_tb GROUP BY s HAVING SUM(i) > 1");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    //positive test for where clause
+    statement.execute("SELECT s FROM test_tb WHERE s = 'Test' ");
+    //negative test fot where clause
+    try {
+      statement.execute("SELECT s FROM test_tb WHERE i = 1 ");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+
+  }
+
   /*
    * Admin grant DB_1 user1 without grant option, grant user3 with grant option,
    * user1 tries to grant it to user2, but failed.