You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ak...@apache.org on 2017/03/11 02:01:35 UTC
sentry git commit: SENTRY-1391: Add more test cases for perm and temp
UDF (Hao Hao, Reviewed by: Anne Yu)
Repository: sentry
Updated Branches:
refs/heads/sentry-ha-redesign b385440ed -> 86f67e606
SENTRY-1391: Add more test cases for perm and temp UDF (Hao Hao, Reviewed by: Anne Yu)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/86f67e60
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/86f67e60
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/86f67e60
Branch: refs/heads/sentry-ha-redesign
Commit: 86f67e606acd2c1b8a357b50ab82b1ced62e3c2a
Parents: b385440
Author: Alexander Kolbasov <ak...@cloudera.com>
Authored: Fri Mar 10 18:01:26 2017 -0800
Committer: Alexander Kolbasov <ak...@cloudera.com>
Committed: Fri Mar 10 18:01:26 2017 -0800
----------------------------------------------------------------------
.../e2e/hive/TestPrivilegesAtFunctionScope.java | 87 ++++++++++++++++++--
1 file changed, 82 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/86f67e60/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
index 6c92c30..c996bd3 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
@@ -90,6 +90,7 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
Statement statement = context.createStatement(connection);
statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
+ statement.execute("CREATE DATABASE " + DB2);
statement.execute("USE " + DB1);
statement.execute("create table " + DB1 + "." + tableName1
+ " (number INT comment 'column as a number', value STRING comment 'column as a string')");
@@ -111,8 +112,36 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
writePolicyFile(policyFile);
}
+ /**
+ * Test the required permission to create/drop permanent function.
+ * @throws Exception
+ */
+ @Test
+ public void testCreateDropPermUdf() throws Exception {
+ setUpContext();
+ // user1 has URI privilege for the Jar and should be able create the perm function.
+ Connection connection = context.createConnection(USER1_1);
+ Statement statement = context.createStatement(connection);
+
+ statement.execute("CREATE FUNCTION db_2.test_1 AS 'org.apache.sentry.tests.e2e.hive.TestUDF'");
+ statement.close();
+ connection.close();
+
+ connection = context.createConnection(USER3_1);
+ statement = context.createStatement(connection);
+
+ // user3 does not have URI privilege but still should be able drop the perm function.
+ statement.execute("DROP FUNCTION IF EXISTS db_2.test_1");
+ statement.close();
+ connection.close();
+ }
+
+ /**
+ * Test the required permission to create/drop temporary function.
+ * @throws Exception
+ */
@Test
- public void testCreateUdf() throws Exception {
+ public void testCreateDropTempUdf() throws Exception {
setUpContext();
// user1 should be able create/drop temp functions
Connection connection = context.createConnection(USER1_1);
@@ -135,6 +164,12 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
}
statement.close();
connection.close();
+
+ connection = context.createConnection(USER3_1);
+ statement = context.createStatement(connection);
+
+ // user3 does not have URI privilege but still should be able drop the temp function.
+ statement.execute("DROP FUNCTION IF EXISTS test_2");
}
@Test
@@ -152,10 +187,31 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
} catch (Exception ex) {
LOGGER.error("test temp func printf_test failed with reason: ", ex);
fail("fail to test temp func printf_test");
- } finally {
- statement.execute("DROP TEMPORARY FUNCTION IF EXISTS printf_test");
}
+ statement.close();
+ connection.close();
+
+ connection = context.createConnection(USER3_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE " + DB1);
+
+ // user3 only has db1_tab1 privilege but still should be able execute the temp function.
+ try {
+ verifyPrintFuncValues(statement, "SELECT printf_test('%s', value) FROM " + tableName1);
+ } catch (Exception ex) {
+ LOGGER.error("test temp func printf_test failed with reason: " + ex.getStackTrace() + " " + ex.getMessage());
+ fail("fail to test temp func printf_test");
+ }
+
+ statement.close();
+ connection.close();
+
+ connection = context.createConnection(USER1_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE " + DB1);
+ statement.execute("DROP TEMPORARY FUNCTION IF EXISTS printf_test");
+
LOGGER.info("Testing select from perm func printf_test_perm");
try {
statement.execute(
@@ -164,10 +220,31 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
} catch (Exception ex) {
LOGGER.error("test perm func printf_test_perm failed with reason: ", ex);
fail("Fail to test perm func printf_test_perm");
- } finally {
- statement.execute("DROP FUNCTION IF EXISTS printf_test_perm");
}
+ statement.close();
+ connection.close();
+
+ connection = context.createConnection(USER3_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE " + DB1);
+
+ // user3 only has db1_tab1 privilege but still should be able execute the perm function.
+ try {
+ verifyPrintFuncValues(statement, "SELECT printf_test_perm('%s', value) FROM " + tableName1);
+ } catch (Exception ex) {
+ LOGGER.error("test perm func printf_test_perm failed with reason: " + ex.getStackTrace() + " " + ex.getMessage());
+ fail("Fail to test perm func printf_test_perm");
+ }
+
+ statement.close();
+ connection.close();
+
+ connection = context.createConnection(USER1_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE " + DB1);
+ statement.execute("DROP FUNCTION IF EXISTS printf_test_perm");
+
// test perm UDF with 'using file' syntax
LOGGER.info("Testing select from perm func printf_test_perm_use_file");
try {