You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sp...@apache.org on 2018/06/27 16:47:40 UTC
[13/17] sentry git commit: SENTRY-2282: Remove hive-authzv2 binding
and tests modules completely (Sergio Pena, reviewed by Na Li)
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java b/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java
deleted file mode 100644
index 9335c37..0000000
--- a/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.sentry.binding.hive.v2;
-
-import java.util.List;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.hive.ql.metadata.HiveException;
-import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider;
-import org.apache.hadoop.hive.ql.session.SessionState;
-
-public class DummyHiveAuthenticationProvider implements HiveAuthenticationProvider {
-
- private String userName;
- private Configuration conf;
-
- @Override
- public void setConf(Configuration conf) {
- this.conf = conf;
- }
-
- @Override
- public Configuration getConf() {
- return conf;
- }
-
- @Override
- public String getUserName() {
- return userName;
- }
-
- @Override
- public List<String> getGroupNames() {
- return null;
- }
-
- @Override
- public void destroy() throws HiveException {
-
- }
-
- @Override
- public void setSessionState(SessionState ss) {
-
- }
-
- public void setUserName(String user) {
- this.userName = user;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/pom.xml b/sentry-tests/sentry-tests-hive-v2/pom.xml
deleted file mode 100644
index b129ed6..0000000
--- a/sentry-tests/sentry-tests-hive-v2/pom.xml
+++ /dev/null
@@ -1,530 +0,0 @@
-<?xml version="1.0"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
--->
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-tests</artifactId>
- <version>2.1.0-SNAPSHOT</version>
- </parent>
- <artifactId>sentry-tests-hive-v2</artifactId>
- <name>Sentry Hive Tests v2</name>
- <description>end to end tests for sentry-hive-v2 integration</description>
- <properties>
- <!--
- <hadoop-dist>.</hadoop-dist>
- <hive-dist>${hadoop-dist}</hive-dist>
- -->
- <HADOOP_CONF_DIR>${env.HADOOP_CONF_DIR}</HADOOP_CONF_DIR>
- <HIVE_CONF_DIR>${env.HIVE_CONF_DIR}</HIVE_CONF_DIR>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.apache.thrift</groupId>
- <artifactId>libthrift</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpcore</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.derby</groupId>
- <artifactId>derby</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-service</artifactId>
- <version>${hive.version}</version>
- <exclusions>
- <exclusion>
- <groupId>ant</groupId>
- <artifactId>ant</artifactId>
- </exclusion>
- </exclusions>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-shims</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-serde</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-metastore</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-core</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-rdbms</artifactId>
- </exclusion>
- </exclusions>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-jdbc</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-hbase-handler</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-exec</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-core</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-rdbms</artifactId>
- </exclusion>
- </exclusions>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-contrib</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-common</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-cli</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive.hcatalog</groupId>
- <artifactId>hive-hcatalog-core</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive.hcatalog</groupId>
- <artifactId>hive-hcatalog-pig-adapter</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-beeline</artifactId>
- <version>${hive.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-common</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-annotations</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-auth</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-hdfs</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-mapreduce-client-common</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-mapreduce-client-core</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-mapreduce-client-jobclient</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-mapreduce-client-shuffle</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-yarn-api</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-yarn-common</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-yarn-server-common</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-yarn-server-nodemanager</artifactId>
- <version>${hadoop.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.pig</groupId>
- <artifactId>pig</artifactId>
- <version>${pig.version}</version>
- <classifier>h2</classifier>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- </dependency>
- <dependency>
- <groupId>org.easytesting</groupId>
- <artifactId>fest-reflect</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-binding-hive-v2</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-core</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-db</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-beeline</artifactId>
- </exclusion>
- </exclusions>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-hdfs-common</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-hdfs-service</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-hdfs-namenode-plugin</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-policy-engine</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-minicluster</artifactId>
- <scope>test</scope>
-<!--
- <exclusions>
- <exclusion>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-mapreduce-client-jobclient</artifactId>
- </exclusion>
- </exclusions>
--->
- </dependency>
- <dependency>
- <groupId>org.hamcrest</groupId>
- <artifactId>hamcrest-all</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.curator</groupId>
- <artifactId>curator-framework</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.zookeeper</groupId>
- <artifactId>zookeeper</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.jboss.netty</groupId>
- <artifactId>netty</artifactId>
- </exclusion>
- </exclusions>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>joda-time</groupId>
- <artifactId>joda-time</artifactId>
- <version>${joda-time.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <reuseForks>false</reuseForks>
- <systemPropertyVariables>
- <buildDirectory>${project.build.directory}</buildDirectory>
- </systemPropertyVariables>
- </configuration>
- </plugin>
- </plugins>
- <pluginManagement>
- <plugins>
- <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
- <plugin>
- <groupId>org.eclipse.m2e</groupId>
- <artifactId>lifecycle-mapping</artifactId>
- <version>1.0.0</version>
- <configuration>
- <lifecycleMappingMetadata>
- <pluginExecutions>
- <pluginExecution>
- <pluginExecutionFilter>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-antrun-plugin</artifactId>
- <versionRange>[1.7,)</versionRange>
- <goals>
- <goal>run</goal>
- </goals>
- </pluginExecutionFilter>
- <action>
- <ignore></ignore>
- </action>
- </pluginExecution>
- </pluginExecutions>
- </lifecycleMappingMetadata>
- </configuration>
- </plugin>
- </plugins>
- </pluginManagement>
- </build>
- <profiles>
- <profile>
- <id>link-hadoop</id>
- <activation>
- <activeByDefault>false</activeByDefault>
- <property><name>!skipTests</name></property>
- </activation>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <environmentVariables>
- <SENTRY_HADOOP_TEST_CLASSPATH>${maven.test.classpath}</SENTRY_HADOOP_TEST_CLASSPATH>
- </environmentVariables>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- <profile>
- <id>cluster-hadoop</id>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-enforcer-plugin</artifactId>
- <version>1.0</version>
- <executions>
- <execution>
- <id>enforce-property</id>
- <goals>
- <goal>enforce</goal>
- </goals>
- <configuration>
- <rules>
- <requireProperty>
- <property>HADOOP_CONF_DIR</property>
- <message>HADOOP_CONF_DIR env. variable has to be set</message>
- </requireProperty>
- <requireProperty>
- <property>HIVE_CONF_DIR</property>
- <message>HIVE_CONF_DIR env. variable has to be set</message>
- </requireProperty>
- </rules>
- <fail>true</fail>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <systemPropertyVariables>
- <buildDirectory>${project.build.directory}</buildDirectory>
- </systemPropertyVariables>
- <additionalClasspathElements>
- <additionalClasspathElement>${HIVE_CONF_DIR}</additionalClasspathElement>
- <additionalClasspathElement>${HADOOP_CONF_DIR}</additionalClasspathElement>
- </additionalClasspathElements>
- <includes>
- <include>**/TestCrossDbOps.java</include>
- <include>**/TestEndToEnd.java</include>
- <include>**/TestMetadataObjectRetrieval.java</include>
- <include>**/TestMetadataPermissions.java</include>
- <include>**/TestMovingToProduction.java</include>
- <include>**/TestPerDatabasePolicyFile.java</include>
- <include>**/TestPrivilegeAtTransform.java</include>
- <include>**/TestPrivilegesAtDatabaseScope.java</include>
- <include>**/TestPrivilegesAtTableScope.java</include>
- <include>**/TestSandboxOps.java</include>
- <include>**/TestExportImportPrivileges.java</include>
- <include>**/TestUriPermissions.java</include>
- <include>**/TestRuntimeMetadataRetrieval.java</include>
- <include>**/TestOperations.java</include>
- <include>**/TestPrivilegesAtColumnScope.java</include>
- </includes>
- <argLine>-Dsentry.e2etest.hiveServer2Type=UnmanagedHiveServer2 -Dsentry.e2etest.DFSType=ClusterDFS</argLine>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- <profile>
- <id>cluster-hadoop-provider-db</id>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-enforcer-plugin</artifactId>
- <version>1.0</version>
- <executions>
- <execution>
- <id>enforce-property</id>
- <goals>
- <goal>enforce</goal>
- </goals>
- <configuration>
- <rules>
- <requireProperty>
- <property>HADOOP_CONF_DIR</property>
- <message>HADOOP_CONF_DIR env. variable has to be set</message>
- </requireProperty>
- <requireProperty>
- <property>HIVE_CONF_DIR</property>
- <message>HIVE_CONF_DIR env. variable has to be set</message>
- </requireProperty>
- </rules>
- <fail>true</fail>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <systemPropertyVariables>
- <buildDirectory>${project.build.directory}</buildDirectory>
- </systemPropertyVariables>
- <additionalClasspathElements>
- <additionalClasspathElement>${HIVE_CONF_DIR}</additionalClasspathElement>
- <additionalClasspathElement>${HADOOP_CONF_DIR}</additionalClasspathElement>
- </additionalClasspathElements>
- <includes>
- <include>**/TestDbCrossDbOps.java</include>
- <include>**/TestDbEndToEnd.java</include>
- <include>**/TestDbMetadataObjectRetrieval.java</include>
- <include>**/TestDbMetadataPermissions.java</include>
- <include>**/TestDbMovingToProduction.java</include>
- <include>**/TestDbPerDatabasePolicyFile.java</include>
- <include>**/TestDbPrivilegeAtTransform.java</include>
- <include>**/TestDbPrivilegesAtDatabaseScope.java</include>
- <include>**/TestDbPrivilegesAtTableScope.java</include>
- <include>**/TestDbSandboxOps.java</include>
- <include>**/TestDbExportImportPrivileges.java</include>
- <include>**/TestDbUriPermissions.java</include>
- <include>**/TestDbRuntimeMetadataRetrieval.java</include>
- <include>**/TestDatabaseProvider.java</include>
- <include>**/TestDbOperations.java</include>
- <include>**/TestPrivilegeWithGrantOption.java</include>
- <include>**/TestDbPrivilegesAtColumnScope.java</include>
- <include>**/TestColumnEndToEnd.java</include>
- <include>**/TestDbComplexView.java</include>
- <include>**/TestConcurrentClients</include>
- </includes>
- <argLine>-Dsentry.e2etest.hiveServer2Type=UnmanagedHiveServer2 -Dsentry.e2etest.DFSType=ClusterDFS -Dsentry.e2etest.external.sentry=true</argLine>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- </profiles>
-</project>
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java
deleted file mode 100644
index 4c416f7..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import java.io.File;
-import java.sql.Connection;
-import java.sql.Statement;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.TimeoutException;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.hive.conf.HiveConf;
-import org.apache.hadoop.hive.conf.HiveConf.ConfVars;
-import org.apache.sentry.binding.hive.v2.SentryHiveAuthorizationTaskFactoryImplV2;
-import org.apache.sentry.provider.db.SimpleDBProviderBackend;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.SentryService;
-import org.apache.sentry.service.thrift.SentryServiceFactory;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithHiveServer;
-import org.apache.sentry.tests.e2e.hive.Context;
-import org.apache.sentry.tests.e2e.hive.StaticUserGroup;
-import org.apache.sentry.tests.e2e.hive.hiveserver.HiveServerFactory;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-
-import com.google.common.base.Preconditions;
-import com.google.common.collect.Maps;
-import com.google.common.io.Files;
-
-public abstract class AbstractTestWithDbProvider extends AbstractTestWithHiveServer {
-
- protected static final String SERVER_HOST = "localhost";
-
- protected static Map<String, String> properties = Maps.newHashMap();
- private static File dbDir;
- private static int sentryServerCount = 1;
- private static List<SentryService> servers = new ArrayList<SentryService>(sentryServerCount);
- private static Configuration conf;
- private static PolicyFile policyFile;
- private static File policyFilePath;
- protected static Context context;
-
- @BeforeClass
- public static void setupTest() throws Exception {
- }
-
- public static void createContext() throws Exception {
- conf = new Configuration(false);
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- properties.put(HiveServerFactory.AUTHZ_PROVIDER_BACKEND, SimpleDBProviderBackend.class.getName());
- properties.put(ConfVars.HIVE_AUTHORIZATION_TASK_FACTORY.varname,
- SentryHiveAuthorizationTaskFactoryImplV2.class.getName());
- properties.put(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE);
- properties.put(ServerConfig.ADMIN_GROUPS, ADMINGROUP);
- properties.put(ServerConfig.RPC_ADDRESS, SERVER_HOST);
- properties.put(ServerConfig.RPC_PORT, String.valueOf(0));
- dbDir = new File(Files.createTempDir(), "sentry_policy_db");
- properties.put(ServerConfig.SENTRY_STORE_JDBC_URL,
- "jdbc:derby:;databaseName=" + dbDir.getPath() + ";create=true");
- properties.put(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- properties.put(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- properties.put(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
- ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
- policyFilePath = new File(Files.createTempDir(), "sentry-policy-file.ini");
- properties.put(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
- policyFilePath.getPath());
-
- for (Map.Entry<String, String> entry : properties.entrySet()) {
- conf.set(entry.getKey(), entry.getValue());
- }
- for (int i = 0; i < sentryServerCount; i++) {
- SentryService server = new SentryServiceFactory().create(new Configuration(conf));
- servers.add(server);
- properties.put(ClientConfig.SERVER_RPC_ADDRESS, server.getAddress()
- .getHostName());
- properties.put(ClientConfig.SERVER_RPC_PORT,
- String.valueOf(server.getAddress().getPort()));
- }
- properties.put(HiveConf.ConfVars.METASTORE_AUTO_CREATE_ALL.varname, "true");
- context = AbstractTestWithHiveServer.createContext(properties);
- policyFile
- .setUserGroupMapping(StaticUserGroup.getStaticMapping())
- .write(context.getPolicyFile(), policyFilePath);
-
- startSentryService();
- }
-
- @AfterClass
- public static void tearDown() throws Exception {
- for (SentryService server : servers) {
- if (server != null) {
- server.stop();
- }
- }
- if (context != null) {
- context.close();
- }
- if (dbDir != null) {
- FileUtils.deleteQuietly(dbDir);
- }
- }
-
- protected void setupAdmin(Context context) throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = connection.createStatement();
- statement.execute("CREATE ROLE admin_role");
- statement.execute("GRANT ALL ON SERVER "
- + HiveServerFactory.DEFAULT_AUTHZ_SERVER_NAME + " TO ROLE admin_role");
- statement.execute("GRANT ROLE admin_role TO GROUP " + ADMINGROUP);
- statement.close();
- connection.close();
- }
-
- private static void startSentryService() throws Exception {
- for (SentryService server : servers) {
- server.start();
- final long start = System.currentTimeMillis();
- while(!server.isRunning()) {
- Thread.sleep(1000);
- if(System.currentTimeMillis() - start > 60000L) {
- throw new TimeoutException("Server did not start after 60 seconds");
- }
- }
- }
- }
-
- protected void shutdownAllSentryService() throws Exception {
- for (SentryService server : servers) {
- if (server != null) {
- server.stop();
- }
- }
- servers = null;
- }
-
- protected void startSentryService(int serverCount) throws Exception {
- Preconditions.checkArgument((serverCount > 0), "Server count should > 0.");
- servers = new ArrayList<SentryService>(serverCount);
- for (int i = 0; i < sentryServerCount; i++) {
- SentryService server = new SentryServiceFactory().create(new Configuration(conf));
- servers.add(server);
- }
- startSentryService();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
deleted file mode 100644
index 22d4cf8..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
+++ /dev/null
@@ -1,417 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import static org.junit.Assert.*;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.sql.Connection;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Statement;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.io.Resources;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class TestColumnEndToEnd extends AbstractTestWithStaticConfiguration {
- private static final Logger LOGGER = LoggerFactory.
- getLogger(TestColumnEndToEnd.class);
-
- private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
- private File dataFile;
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception{
- LOGGER.info("TestColumnEndToEnd setupTestStaticConfiguration");
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- super.setupPolicy();
- dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
- FileOutputStream to = new FileOutputStream(dataFile);
- Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
- to.close();
- }
-
- @Test
- public void testBasic() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("CREATE database " + DB1);
- statement.execute("USE " + DB1);
- statement.execute("CREATE TABLE t1 (c1 string)");
- statement.execute("CREATE ROLE user_role");
- statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role");
- statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1);
- statement.close();
- connection.close();
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- context.assertSentryException(statement, "CREATE ROLE r2",
- SentryAccessDeniedException.class.getSimpleName());
-
- statement.execute("SELECT * FROM " + DB1 + ".t1");
- statement.close();
- connection.close();
- }
-
- @Test
- public void testDescribeTbl() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("CREATE TABLE IF NOT EXISTS t1 (c1 string, c2 string)");
- statement.execute("CREATE TABLE t2 (c1 string, c2 string)");
- statement.execute("CREATE ROLE user_role1");
- statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1");
- statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1);
- statement.close();
- connection.close();
-
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
-
- // Expect that DESCRIBE table works with only column-level privileges, but other
- // DESCRIBE variants like DESCRIBE FORMATTED fail. Note that if a user has privileges
- // on any column they can describe all columns.
- ResultSet rs = statement.executeQuery("DESCRIBE t1");
- assertTrue(rs.next());
- assertEquals("c1", rs.getString(1));
- assertEquals("string", rs.getString(2));
- assertTrue(rs.next());
- assertEquals("c2", rs.getString(1));
- assertEquals("string", rs.getString(2));
-
- statement.executeQuery("DESCRIBE t1 c1");
- statement.executeQuery("DESCRIBE t1 c2");
-
- try {
- statement.executeQuery("DESCRIBE t2");
- fail("Expected DESCRIBE to fail on t2");
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
-
- try {
- statement.executeQuery("DESCRIBE FORMATTED t1");
- fail("Expected DESCRIBE FORMATTED to fail");
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
-
- try {
- statement.executeQuery("DESCRIBE EXTENDED t1");
- fail("Expected DESCRIBE EXTENDED to fail");
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
- statement.close();
- connection.close();
-
- // Cleanup
- connection = context.createConnection(ADMIN1);
- statement = context.createStatement(connection);
- statement.execute("DROP TABLE t1");
- statement.execute("DROP TABLE t2");
- statement.execute("DROP ROLE user_role1");
- statement.close();
- connection.close();
- }
-
- @Test
- public void testNegative() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("CREATE TABLE t1 (c1 string, c2 string)");
- statement.execute("CREATE ROLE user_role1");
- statement.execute("CREATE ROLE user_role2");
- statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1");
- statement.execute("GRANT SELECT (c1,c2) ON TABLE t1 TO ROLE user_role2");
-
- //Make sure insert/all are not supported
- try {
- statement.execute("GRANT INSERT (c2) ON TABLE t1 TO ROLE user_role2");
- assertTrue("Sentry should not support privilege: Insert on Column", false);
- } catch (Exception e) {
- assertTrue("The error should be 'Sentry does not support privilege: Insert on Column'",
- e.getMessage().toUpperCase().contains("SENTRY DOES NOT SUPPORT PRIVILEGE: INSERT ON COLUMN"));
- }
- try {
- statement.execute("GRANT ALL (c2) ON TABLE t1 TO ROLE user_role2");
- assertTrue("Sentry should not support privilege: ALL on Column", false);
- } catch (Exception e) {
- assertTrue("The error should be 'Sentry does not support privilege: All on Column'",
- e.getMessage().toUpperCase().contains("SENTRY DOES NOT SUPPORT PRIVILEGE: ALL ON COLUMN"));
- }
- statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1);
- statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2);
- statement.close();
- connection.close();
-
- /*
- Behavior of select col, select count(col), select *, and select count(*), count(1)
- */
- // 1.1 user_role1 select c1,c2 from t1, will throw exception
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- try {
- statement.execute("SELECT c1,c2 FROM t1");
- assertTrue("User with privilege on one column is able to access other column!!", false);
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
-
- // 1.2 user_role1 count(col) works, *, count(*) and count(1) fails
- statement.execute("SELECT count(c1) FROM t1");
- try {
- statement.execute("SELECT * FROM t1");
- assertTrue("Select * should fail - only SELECT allowed on t1.c1!!", false);
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
- try {
- statement.execute("SELECT count(*) FROM t1");
- assertTrue("Select count(*) should fail - only SELECT allowed on t1.c1!!", false);
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
- try {
- statement.execute("SELECT count(1) FROM t1");
- assertTrue("Select count(1) should fail - only SELECT allowed on t1.c1!!", false);
- } catch (SQLException e) {
- context.verifyAuthzException(e);
- }
-
- statement.close();
- connection.close();
-
-
- // 2.1 user_role2 can do *, count(col), but count(*) and count(1) fails
- connection = context.createConnection(USER2_1);
- statement = context.createStatement(connection);
- statement.execute("SELECT count(c1) FROM t1");
- statement.execute("SELECT * FROM t1");
-
- //SENTRY-838
- try {
- statement.execute("SELECT count(*) FROM t1");
- assertTrue("Select count(*) works only with table level privileges - User has select on all columns!!", false);
- } catch (Exception e) {
- // Ignore
- }
- try {
- statement.execute("SELECT count(1) FROM t1");
- assertTrue("Select count(1) works only with table level privileges - User has select on all columns!!", false);
- } catch (Exception e) {
- // Ignore
- }
- statement.close();
- connection.close();
- }
-
- @Test
- public void testPositive() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("CREATE database " + DB1);
- statement.execute("use " + DB1);
- statement.execute("CREATE TABLE t1 (c1 string, c2 string)");
- statement.execute("CREATE ROLE user_role1");
- statement.execute("CREATE ROLE user_role2");
- statement.execute("CREATE ROLE user_role3");
- statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1");
- statement.execute("GRANT SELECT (c1, c2) ON TABLE t1 TO ROLE user_role2");
- statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role3");
- statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1);
- statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2);
- statement.execute("GRANT ROLE user_role3 TO GROUP " + USERGROUP3);
- statement.close();
- connection.close();
-
- // 1 user_role1 select c1 on t1
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("SELECT c1 FROM t1");
- statement.execute("DESCRIBE t1");
-
- // 2.1 user_role2 select c1,c2 on t1
- connection = context.createConnection(USER2_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("SELECT c1,c2 FROM t1");
- // 2.2 user_role2 select * on t1
- statement.execute("SELECT * FROM t1");
-
- // 3.1 user_role3 select * on t1
- connection = context.createConnection(USER3_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("SELECT * FROM t1");
- // 3.2 user_role3 select c1,c2 on t1
- statement.execute("SELECT c1,c2 FROM t1");
-
- statement.close();
- connection.close();
- }
-
- @Test
- public void testCreateTableAsSelect() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("CREATE database " + DB1);
- statement.execute("use " + DB1);
- statement.execute("CREATE TABLE t1 (c1 string, c2 string)");
- statement.execute("CREATE ROLE user_role1");
- statement.execute("CREATE ROLE user_role2");
- statement.execute("CREATE ROLE user_role3");
- statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1");
- statement.execute("GRANT SELECT (c1, c2) ON TABLE t1 TO ROLE user_role2");
- statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role3");
- statement.execute("GRANT CREATE ON DATABASE " + DB1 + " TO ROLE user_role1");
- statement.execute("GRANT CREATE ON DATABASE " + DB1 + " TO ROLE user_role2");
- statement.execute("GRANT CREATE ON DATABASE " + DB1 + " TO ROLE user_role3");
- statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1);
- statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2);
- statement.execute("GRANT ROLE user_role3 TO GROUP " + USERGROUP3);
- statement.close();
- connection.close();
-
- // 1 user_role1 create table as select
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("CREATE TABLE t1_1 AS SELECT c1 FROM t1");
- try {
- statement.execute("CREATE TABLE t1_2 AS SELECT * FROM t1");
- assertTrue("no permission on table t1!!", false);
- } catch (Exception e) {
- // Ignore
- }
-
- // 2 user_role2 create table as select
- connection = context.createConnection(USER2_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("CREATE TABLE t2_1 AS SELECT c1 FROM t1");
- statement.execute("CREATE TABLE t2_2 AS SELECT * FROM t1");
-
- // 3 user_role3 create table as select
- connection = context.createConnection(USER3_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("CREATE TABLE t3_1 AS SELECT c1 FROM t1");
- statement.execute("CREATE TABLE t3_2 AS SELECT * FROM t1");
-
- statement.close();
- connection.close();
- }
-
- @Test
- public void testShowColumns() throws Exception {
- // grant select on test_tb(s) to USER1_1
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("CREATE database " + DB1);
- statement.execute("use " + DB1);
- statement.execute("CREATE TABLE test_tb (s string, i string)");
- statement.execute("CREATE ROLE user_role1");
- statement.execute("GRANT SELECT (s) ON TABLE test_tb TO ROLE user_role1");
- statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1);
- statement.close();
- connection.close();
-
- // USER1_1 executes "show columns in test_tb" and gets the s column information
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- ResultSet res = statement.executeQuery("show columns in test_tb");
-
- List<String> expectedResult = new ArrayList<String>();
- List<String> returnedResult = new ArrayList<String>();
- expectedResult.add("s");
- while (res.next()) {
- returnedResult.add(res.getString(1).trim());
- }
- validateReturnedResult(expectedResult, returnedResult);
- returnedResult.clear();
- expectedResult.clear();
- res.close();
-
- statement.close();
- connection.close();
-
- // grant select on test_tb(s, i) to USER2_1
- connection = context.createConnection(ADMIN1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- statement.execute("CREATE ROLE user_role2");
- statement.execute("GRANT SELECT(s, i) ON TABLE test_tb TO ROLE user_role2");
- statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2);
- statement.close();
- connection.close();
-
- // USER2_1 executes "show columns in test_tb" and gets the s,i columns information
- connection = context.createConnection(USER2_1);
- statement = context.createStatement(connection);
- statement.execute("use " + DB1);
- res = statement.executeQuery("show columns in test_tb");
-
- expectedResult.add("s");
- expectedResult.add("i");
- while (res.next()) {
- returnedResult.add(res.getString(1).trim());
- }
- validateReturnedResult(expectedResult, returnedResult);
- returnedResult.clear();
- expectedResult.clear();
- res.close();
-
- statement.close();
- connection.close();
-
- // USER3_1 executes "show columns in test_tb" and the exception will be thrown
- connection = context.createConnection(USER3_1);
- statement = context.createStatement(connection);
- try {
- // USER3_1 has no privilege on any column, so "show columns in test_tb" will throw an exception
- statement.execute("show columns in db_1.test_tb");
- fail("No valid privileges exception should have been thrown");
- } catch (Exception e) {
- }
-
- statement.close();
- connection.close();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java
deleted file mode 100644
index f7f60c7..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java
+++ /dev/null
@@ -1,343 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-
-import org.apache.sentry.tests.e2e.hive.StaticUserGroup;
-import static org.junit.Assume.assumeTrue;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.sql.Connection;
-import java.sql.ResultSet;
-import java.sql.Statement;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.commons.lang.RandomStringUtils;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertEquals;
-
-/**
- * The test class implements concurrency tests to test:
- * Sentry client, HS2 jdbc client etc.
- */
-public class TestConcurrentClients extends AbstractTestWithStaticConfiguration {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(TestConcurrentClients.class);
-
- private PolicyFile policyFile;
-
- // define scale for tests
- private final int NUM_OF_TABLES = Integer.parseInt(System.getProperty(
- "sentry.e2e.concurrency.test.tables-per-db", "1"));
- private final int NUM_OF_PAR = Integer.parseInt(System.getProperty(
- "sentry.e2e.concurrency.test.partitions-per-tb", "3"));
- private final int NUM_OF_THREADS = Integer.parseInt(System.getProperty(
- "sentry.e2e.concurrency.test.threads", "30"));
- private final int NUM_OF_TASKS = Integer.parseInt(System.getProperty(
- "sentry.e2e.concurrency.test.tasks", "100"));
- private final Long HS2_CLIENT_TEST_DURATION_MS = Long.parseLong(System.getProperty(
- "sentry.e2e.concurrency.test.hs2client.test.time.ms", "10000")); //millis
- private final Long SENTRY_CLIENT_TEST_DURATION_MS = Long.parseLong(System.getProperty(
- "sentry.e2e.concurrency.test.sentryclient.test.time.ms", "10000")); //millis
-
- private static Map<String, String> privileges = new HashMap<String, String>();
- static {
- privileges.put("all_db1", "server=server1->db=" + DB1 + "->action=all");
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP)
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
- }
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- assumeTrue(Boolean.parseBoolean(System.getProperty("sentry.scaletest.oncluster", "false")));
- useSentryService = true; // configure sentry client
- clientKerberos = true; // need to get client configuration from testing environments
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
- static String randomString( int len ){
- return RandomStringUtils.random(len, true, false);
- }
-
- private void execStmt(Statement stmt, String sql) throws Exception {
- LOGGER.info("Running [" + sql + "]");
- stmt.execute(sql);
- }
-
- private void createDbTb(String user, String db, String tb) throws Exception{
- Connection connection = context.createConnection(user);
- Statement statement = context.createStatement(connection);
- try {
- execStmt(statement, "DROP DATABASE IF EXISTS " + db + " CASCADE");
- execStmt(statement, "CREATE DATABASE " + db);
- execStmt(statement, "USE " + db);
- for (int i = 0; i < NUM_OF_TABLES; i++) {
- String tbName = tb + "_" + Integer.toString(i);
- execStmt(statement, "CREATE TABLE " + tbName + " (a string) PARTITIONED BY (b string)");
- }
- } catch (Exception ex) {
- LOGGER.error("caught exception: " + ex);
- } finally {
- statement.close();
- connection.close();
- }
- }
-
- private void createPartition(String user, String db, String tb) throws Exception{
- Connection connection = context.createConnection(user);
- Statement statement = context.createStatement(connection);
- try {
- execStmt(statement, "USE " + db);
- for (int j = 0; j < NUM_OF_TABLES; j++) {
- String tbName = tb + "_" + Integer.toString(j);
- for (int i = 0; i < NUM_OF_PAR; i++) {
- String randStr = randomString(4);
- String sql = "ALTER TABLE " + tbName + " ADD IF NOT EXISTS PARTITION (b = '" + randStr + "') ";
- LOGGER.info("[" + i + "] " + sql);
- execStmt(statement, sql);
- }
- }
- } catch (Exception ex) {
- LOGGER.error("caught exception: " + ex);
- } finally {
- statement.close();
- connection.close();
- }
- }
-
- private void adminCreateRole(String roleName) throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement stmt = context.createStatement(connection);
- try {
- execStmt(stmt, "DROP ROLE " + roleName);
- } catch (Exception ex) {
- LOGGER.warn("Role does not exist " + roleName);
- } finally {
- try {
- execStmt(stmt, "CREATE ROLE " + roleName);
- } catch (Exception ex) {
- LOGGER.error("caught exception when create new role: " + ex);
- } finally {
- stmt.close();
- connection.close();
- }
- }
- }
-
- private void adminCleanUp(String db, String roleName) throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement stmt = context.createStatement(connection);
- try {
- execStmt(stmt, "DROP DATABASE IF EXISTS " + db + " CASCADE");
- execStmt(stmt, "DROP ROLE " + roleName);
- } catch (Exception ex) {
- LOGGER.warn("Failed to clean up ", ex);
- } finally {
- stmt.close();
- connection.close();
- }
- }
-
- private void adminShowRole(String roleName) throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement stmt = context.createStatement(connection);
- boolean found = false;
- try {
- ResultSet rs = stmt.executeQuery("SHOW ROLES ");
- while (rs.next()) {
- if (rs.getString("role").equalsIgnoreCase(roleName)) {
- LOGGER.info("Found role " + roleName);
- found = true;
- }
- }
- } catch (Exception ex) {
- LOGGER.error("caught exception when show roles: " + ex);
- } finally {
- stmt.close();
- connection.close();
- }
- assertTrue("failed to detect " + roleName, found);
- }
-
- private void adminGrant(String test_db, String test_tb,
- String roleName, String group) throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement stmt = context.createStatement(connection);
- try {
- execStmt(stmt, "USE " + test_db);
- for (int i = 0; i < NUM_OF_TABLES; i++) {
- String tbName = test_tb + "_" + Integer.toString(i);
- execStmt(stmt, "GRANT ALL ON TABLE " + tbName + " TO ROLE " + roleName);
- }
- execStmt(stmt, "GRANT ROLE " + roleName + " TO GROUP " + group);
- } catch (Exception ex) {
- LOGGER.error("caught exception when grant permission and role: " + ex);
- } finally {
- stmt.close();
- connection.close();
- }
- }
-
- /**
- * A synchronized state class to track concurrency test status from each thread
- */
- private final static class TestRuntimeState {
- private int numSuccess = 0;
- private boolean failed = false;
- private Throwable firstException = null;
-
- public synchronized void setFirstException(Throwable e) {
- failed = true;
- if (firstException == null) {
- firstException = e;
- }
- }
- public synchronized void setNumSuccess() {
- numSuccess += 1;
- }
- public synchronized int getNumSuccess() {
- return numSuccess;
- }
- public synchronized Throwable getFirstException() {
- return firstException;
- }
- }
-
- /**
- * Test when concurrent HS2 clients talking to server,
- * Privileges are correctly created and updated.
- * @throws Exception
- */
- @Test
- public void testConccurentHS2Client() throws Exception {
- ExecutorService executor = Executors.newFixedThreadPool(NUM_OF_THREADS);
- final TestRuntimeState state = new TestRuntimeState();
-
- for (int i = 0; i < NUM_OF_TASKS; i ++) {
- executor.execute(new Runnable() {
- @Override
- public void run() {
- LOGGER.info("Starting tests: create role, show role, create db and tbl, and create partitions");
- if (state.failed) {
- return;
- }
- try {
- Long startTime = System.currentTimeMillis();
- Long elapsedTime = 0L;
- while (Long.compare(elapsedTime, HS2_CLIENT_TEST_DURATION_MS) <= 0) {
- String randStr = randomString(5);
- String test_role = "test_role_" + randStr;
- String test_db = "test_db_" + randStr;
- String test_tb = "test_tb_" + randStr;
- LOGGER.info("Start to test sentry with hs2 client with role " + test_role);
- adminCreateRole(test_role);
- adminShowRole(test_role);
- createDbTb(ADMIN1, test_db, test_tb);
- adminGrant(test_db, test_tb, test_role, USERGROUP1);
- createPartition(USER1_1, test_db, test_tb);
- adminCleanUp(test_db, test_role);
- elapsedTime = System.currentTimeMillis() - startTime;
- LOGGER.info("elapsedTime = " + elapsedTime);
- }
- state.setNumSuccess();
- } catch (Exception e) {
- LOGGER.error("Exception: " + e);
- state.setFirstException(e);
- }
- }
- });
- }
- executor.shutdown();
- while (!executor.isTerminated()) {
- Thread.sleep(1000); //millisecond
- }
- Throwable ex = state.getFirstException();
- assertFalse( ex == null ? "Test failed" : ex.toString(), state.failed);
- assertEquals(NUM_OF_TASKS, state.getNumSuccess());
- }
-
- /**
- * Test when concurrent sentry clients talking to sentry server, threads data are synchronized
- * @throws Exception
- */
- @Test
- public void testConcurrentSentryClient() throws Exception {
- final String HIVE_KEYTAB_PATH =
- System.getProperty("sentry.e2etest.hive.policyOwnerKeytab");
- final SentryPolicyServiceClient client = getSentryClient("hive", HIVE_KEYTAB_PATH);
- ExecutorService executor = Executors.newFixedThreadPool(NUM_OF_THREADS);
-
- final TestRuntimeState state = new TestRuntimeState();
- for (int i = 0; i < NUM_OF_TASKS; i ++) {
- LOGGER.info("Start to test sentry client with task id [" + i + "]");
- executor.execute(new Runnable() {
- @Override
- public void run() {
- if (state.failed) {
- LOGGER.error("found one failed state, abort test from here.");
- return;
- }
- try {
- String randStr = randomString(5);
- String test_role = "test_role_" + randStr;
- LOGGER.info("Start to test role: " + test_role);
- Long startTime = System.currentTimeMillis();
- Long elapsedTime = 0L;
- while (Long.compare(elapsedTime, SENTRY_CLIENT_TEST_DURATION_MS) <= 0) {
- LOGGER.info("Test role " + test_role + " runs " + elapsedTime + " ms.");
- client.createRole(ADMIN1, test_role);
- client.listAllRoles(ADMIN1);
- client.grantServerPrivilege(ADMIN1, test_role, "server1", false);
- client.listAllPrivilegesByRoleName(ADMIN1, test_role);
- client.dropRole(ADMIN1, test_role);
- elapsedTime = System.currentTimeMillis() - startTime;
- }
- state.setNumSuccess();
- } catch (Exception e) {
- LOGGER.error("Sentry Client Testing Exception: ", e);
- state.setFirstException(e);
- }
- }
- });
- }
- executor.shutdown();
- while (!executor.isTerminated()) {
- Thread.sleep(1000); //millisecond
- }
- Throwable ex = state.getFirstException();
- assertFalse( ex == null ? "Test failed" : ex.toString(), state.failed);
- assertEquals(NUM_OF_TASKS, state.getNumSuccess());
- }
-}