You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ak...@apache.org on 2017/03/11 01:58:24 UTC
sentry git commit: SENTRY-1354: add column level test cases for
select ... group by, order by and where in V2 (Ke Jia via Dapeng Sun)
Repository: sentry
Updated Branches:
refs/heads/sentry-ha-redesign 51209d98f -> dbf72f5ae
SENTRY-1354: add column level test cases for select ... group by, order by and where in V2 (Ke Jia via Dapeng Sun)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/dbf72f5a
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/dbf72f5a
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/dbf72f5a
Branch: refs/heads/sentry-ha-redesign
Commit: dbf72f5ae908fc1ff78b209048d5470c1dbe4aaf
Parents: 51209d9
Author: Alexander Kolbasov <ak...@cloudera.com>
Authored: Fri Mar 10 17:58:17 2017 -0800
Committer: Alexander Kolbasov <ak...@cloudera.com>
Committed: Fri Mar 10 17:58:17 2017 -0800
----------------------------------------------------------------------
.../TestPrivilegeWithGrantOption.java | 66 ++++++++++++++++++++
1 file changed, 66 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/dbf72f5a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
index 5eb6030..74a7ec7 100644
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
+++ b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
@@ -65,6 +65,72 @@ public class TestPrivilegeWithGrantOption extends AbstractTestWithStaticConfigur
super.setup();
}
+ @Test
+ public void testOnGrantSelectColumnPrivilege() throws Exception {
+ // setup db objects needed by the test
+ Connection connection = context.createConnection(ADMIN1);
+ Statement statement = context.createStatement(connection);
+ statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE");
+ statement.execute("CREATE DATABASE db_1");
+ statement.execute("CREATE ROLE group1_role");
+ statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role WITH GRANT OPTION");
+ statement.execute("GRANT ROLE group1_role TO GROUP " + USERGROUP1);
+ statement.execute("CREATE ROLE group2_role");
+ statement.execute("GRANT ROLE group2_role TO GROUP " + USERGROUP2);
+
+ connection = context.createConnection(USER1_1);
+ statement = context.createStatement(connection);
+
+ statement.execute("USE db_1");
+ statement.execute("CREATE TABLE test_tb(s STRING, i INT)");
+ statement.execute("INSERT INTO TABLE test_tb VALUES('Test', 1)");
+ statement.execute("GRANT SELECT(s) ON TABLE test_tb TO ROLE group2_role");
+
+ connection = context.createConnection(USER2_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE db_1");
+ //positive test for order by
+ statement.execute("SELECT s FROM test_tb ORDER BY s");
+ //negative test for order by
+ try {
+ statement.execute("SELECT s FROM test_tb ORDER BY i");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ try {
+ statement.execute("SELECT s FROM test_tb SORT BY i");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ //positive test for group by
+ statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY s ");
+ //negative test for group by
+ try {
+ statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY i");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ try {
+ statement.execute("SELECT s FROM test_tb GROUP BY s HAVING SUM(i) > 1");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ //positive test for where clause
+ statement.execute("SELECT s FROM test_tb WHERE s = 'Test' ");
+ //negative test fot where clause
+ try {
+ statement.execute("SELECT s FROM test_tb WHERE i = 1 ");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+
+ }
+
/*
* Admin grant DB_1 user1 without grant option, grant user3 with grant option,
* user1 tries to grant it to user2, but failed.