You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2016/06/13 02:52:20 UTC

[16/18] sentry git commit: SENTRY-950: add column level test cases for select ... group by, order by and where (Ke Jia, reviewed by Colin Ma, Anne Yu)

SENTRY-950: add column level test cases for select ... group by, order by and where (Ke Jia, reviewed by Colin Ma, Anne Yu)


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/79204bc2
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/79204bc2
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/79204bc2

Branch: refs/heads/SENTRY-1205
Commit: 79204bc2cc886dafc30818dd1bf4b3727c5d09fc
Parents: 26fbeba
Author: Sun Dapeng <sd...@apache.org>
Authored: Mon Jun 6 10:32:49 2016 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Mon Jun 6 10:32:49 2016 +0800

----------------------------------------------------------------------
 .../TestPrivilegeWithGrantOption.java           | 66 ++++++++++++++++++++
 1 file changed, 66 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/79204bc2/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
index c67910a..cfbef4a 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java
@@ -65,6 +65,72 @@ public class TestPrivilegeWithGrantOption extends AbstractTestWithStaticConfigur
     super.setup();
   }
 
+  @Test
+  public void testOnGrantSelectColumnPrivilege() throws Exception {
+    // setup db objects needed by the test
+    Connection connection = context.createConnection(ADMIN1);
+    Statement statement = context.createStatement(connection);
+    statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE");
+    statement.execute("CREATE DATABASE db_1");
+    statement.execute("CREATE ROLE group1_role");
+    statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role WITH GRANT OPTION");
+    statement.execute("GRANT ROLE group1_role TO GROUP " + USERGROUP1);
+    statement.execute("CREATE ROLE group2_role");
+    statement.execute("GRANT ROLE group2_role TO GROUP " + USERGROUP2);
+
+    connection = context.createConnection(USER1_1);
+    statement = context.createStatement(connection);
+
+    statement.execute("USE db_1");
+    statement.execute("CREATE TABLE test_tb(s STRING, i INT)");
+    statement.execute("INSERT INTO TABLE test_tb VALUES('Test', 1)");
+    statement.execute("GRANT SELECT(s) ON TABLE test_tb TO ROLE group2_role");
+
+    connection = context.createConnection(USER2_1);
+    statement = context.createStatement(connection);
+    statement.execute("USE db_1");
+    //positive test for order by
+    statement.execute("SELECT s FROM test_tb ORDER BY s");
+    //negative test for order by
+    try {
+      statement.execute("SELECT s FROM test_tb ORDER BY i");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    try {
+      statement.execute("SELECT s FROM test_tb SORT BY i");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    //positive test for group by
+    statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY s ");
+    //negative test for group by
+    try {
+      statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY i");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    try {
+      statement.execute("SELECT s FROM test_tb GROUP BY s HAVING SUM(i) > 1");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+    //positive test for where clause
+    statement.execute("SELECT s FROM test_tb WHERE s = 'Test' ");
+    //negative test fot where clause
+    try {
+      statement.execute("SELECT s FROM test_tb WHERE i = 1 ");
+      Assert.fail("Expected SQL exception");
+    } catch (SQLException e) {
+      context.verifyAuthzException(e);
+    }
+
+  }
+
   /*
    * Admin grant DB_1 user1 without grant option, grant user3 with grant option,
    * user1 tries to grant it to user2, but failed.