You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2016/06/13 02:52:20 UTC
[16/18] sentry git commit: SENTRY-950: add column level test cases
for select ... group by, order by and where (Ke Jia, reviewed by Colin Ma,
Anne Yu)
SENTRY-950: add column level test cases for select ... group by, order by and where (Ke Jia, reviewed by Colin Ma, Anne Yu)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/79204bc2
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/79204bc2
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/79204bc2
Branch: refs/heads/SENTRY-1205
Commit: 79204bc2cc886dafc30818dd1bf4b3727c5d09fc
Parents: 26fbeba
Author: Sun Dapeng <sd...@apache.org>
Authored: Mon Jun 6 10:32:49 2016 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Mon Jun 6 10:32:49 2016 +0800
----------------------------------------------------------------------
.../TestPrivilegeWithGrantOption.java | 66 ++++++++++++++++++++
1 file changed, 66 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/79204bc2/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
index c67910a..cfbef4a 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
@@ -65,6 +65,72 @@ public class TestPrivilegeWithGrantOption extends AbstractTestWithStaticConfigur
super.setup();
}
+ @Test
+ public void testOnGrantSelectColumnPrivilege() throws Exception {
+ // setup db objects needed by the test
+ Connection connection = context.createConnection(ADMIN1);
+ Statement statement = context.createStatement(connection);
+ statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE");
+ statement.execute("CREATE DATABASE db_1");
+ statement.execute("CREATE ROLE group1_role");
+ statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role WITH GRANT OPTION");
+ statement.execute("GRANT ROLE group1_role TO GROUP " + USERGROUP1);
+ statement.execute("CREATE ROLE group2_role");
+ statement.execute("GRANT ROLE group2_role TO GROUP " + USERGROUP2);
+
+ connection = context.createConnection(USER1_1);
+ statement = context.createStatement(connection);
+
+ statement.execute("USE db_1");
+ statement.execute("CREATE TABLE test_tb(s STRING, i INT)");
+ statement.execute("INSERT INTO TABLE test_tb VALUES('Test', 1)");
+ statement.execute("GRANT SELECT(s) ON TABLE test_tb TO ROLE group2_role");
+
+ connection = context.createConnection(USER2_1);
+ statement = context.createStatement(connection);
+ statement.execute("USE db_1");
+ //positive test for order by
+ statement.execute("SELECT s FROM test_tb ORDER BY s");
+ //negative test for order by
+ try {
+ statement.execute("SELECT s FROM test_tb ORDER BY i");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ try {
+ statement.execute("SELECT s FROM test_tb SORT BY i");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ //positive test for group by
+ statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY s ");
+ //negative test for group by
+ try {
+ statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY i");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ try {
+ statement.execute("SELECT s FROM test_tb GROUP BY s HAVING SUM(i) > 1");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+ //positive test for where clause
+ statement.execute("SELECT s FROM test_tb WHERE s = 'Test' ");
+ //negative test fot where clause
+ try {
+ statement.execute("SELECT s FROM test_tb WHERE i = 1 ");
+ Assert.fail("Expected SQL exception");
+ } catch (SQLException e) {
+ context.verifyAuthzException(e);
+ }
+
+ }
+
/*
* Admin grant DB_1 user1 without grant option, grant user3 with grant option,
* user1 tries to grant it to user2, but failed.