You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sd...@apache.org on 2015/08/28 10:01:35 UTC
[3/5] incubator-sentry git commit: SENTRY-850: Fix dbprovider test
failures when run on a real cluster or setMetastoreListener = true,
when db/tab gets recreated their associated privileges will be deleted. ( Anne
Yu, Reviewed By: Sravya Tirukkovalur)
SENTRY-850: Fix dbprovider test failures when run on a real cluster or setMetastoreListener = true, when db/tab gets recreated their associated privileges will be deleted. ( Anne Yu, Reviewed By: Sravya Tirukkovalur)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/e11062d3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/e11062d3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/e11062d3
Branch: refs/heads/hive_plugin_v2
Commit: e11062d3fc9f2cce0d706f575f98b1c5e3a17f9b
Parents: 5303089
Author: Sravya Tirukkovalur <sr...@cloudera.com>
Authored: Tue Aug 18 13:38:12 2015 -0700
Committer: Sravya Tirukkovalur <sr...@cloudera.com>
Committed: Tue Aug 18 13:38:12 2015 -0700
----------------------------------------------------------------------
.../e2e/dbprovider/TestColumnEndToEnd.java | 8 +-
.../tests/e2e/dbprovider/TestDbCrossDbOps.java | 3 -
.../TestDbExportImportPrivileges.java | 2 -
.../e2e/dbprovider/TestDbJDBCInterface.java | 2 -
.../TestDbMetadataObjectRetrieval.java | 2 -
.../TestDbPrivilegeCleanupOnDrop.java | 21 ++-
.../TestDbPrivilegesAtDatabaseScope.java | 8 +-
.../TestDbPrivilegesAtTableScope.java | 2 +-
.../TestDbRuntimeMetadataRetrieval.java | 7 +
.../TestDbSentryOnFailureHookLoading.java | 5 +
.../e2e/dbprovider/TestDbUriPermissions.java | 8 ++
.../AbstractTestWithStaticConfiguration.java | 18 ++-
.../sentry/tests/e2e/hive/TestCrossDbOps.java | 14 +-
.../e2e/hive/TestExportImportPrivileges.java | 11 +-
.../tests/e2e/hive/TestJDBCInterface.java | 12 +-
.../e2e/hive/TestMetadataObjectRetrieval.java | 12 +-
.../tests/e2e/hive/TestPerDBConfiguration.java | 9 +-
.../e2e/hive/TestPrivilegesAtColumnScope.java | 15 +--
.../e2e/hive/TestPrivilegesAtDatabaseScope.java | 133 ++++++++-----------
.../e2e/hive/TestPrivilegesAtTableScope.java | 21 +--
.../e2e/hive/TestRuntimeMetadataRetrieval.java | 117 ++++++++--------
.../sentry/tests/e2e/hive/TestSandboxOps.java | 131 +++++++-----------
.../tests/e2e/hive/TestUriPermissions.java | 67 +++++-----
.../tests/e2e/hive/TestUserManagement.java | 5 +-
...actMetastoreTestWithStaticConfiguration.java | 2 +-
.../metastore/TestAuthorizingObjectStore.java | 68 +++++-----
.../e2e/metastore/TestMetastoreEndToEnd.java | 51 ++++---
27 files changed, 362 insertions(+), 392 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
index 9ed38ae..159b9d9 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java
@@ -33,14 +33,20 @@ import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.io.Resources;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class TestColumnEndToEnd extends AbstractTestWithStaticConfiguration {
+ private static final Logger LOGGER = LoggerFactory.
+ getLogger(TestColumnEndToEnd.class);
+
private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
private File dataFile;
private PolicyFile policyFile;
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception{
+ LOGGER.info("TestColumnEndToEnd setupTestStaticConfiguration");
useSentryService = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
@@ -50,11 +56,11 @@ public class TestColumnEndToEnd extends AbstractTestWithStaticConfiguration {
public void setup() throws Exception {
super.setupAdmin();
super.setup();
+ policyFile = super.setupPolicy();
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
index 8d23ea6..0aa166c 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
@@ -31,13 +31,10 @@ public class TestDbCrossDbOps extends TestCrossDbOps {
public void setup() throws Exception {
super.setupAdmin();
super.setup();
- clearAll(true);
}
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception{
useSentryService = true;
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
index e60225c..43064ee 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
@@ -38,8 +38,6 @@ public class TestDbExportImportPrivileges extends TestExportImportPrivileges {
public static void setupTestStaticConfiguration() throws Exception {
LOGGER.info("TestDbExportImportPrivileges setupTestStaticConfiguration");
useSentryService = true;
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
index f98caa9..a26e90a 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
@@ -39,8 +39,6 @@ public class TestDbJDBCInterface extends TestJDBCInterface {
public static void setupTestStaticConfiguration() throws Exception {
LOGGER.info("TestDbJDBCInterface setupTestStaticConfiguration");
useSentryService = true;
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
index 9606b41..ec99b30 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
@@ -38,8 +38,6 @@ public class TestDbMetadataObjectRetrieval extends TestMetadataObjectRetrieval {
public static void setupTestStaticConfiguration() throws Exception {
LOGGER.info("TestDbMetadataObjectRetrieval setupTestStaticConfiguration");
useSentryService = true;
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java
index a35cf21..39b67f6 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java
@@ -33,15 +33,20 @@ import java.util.List;
import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
import org.junit.After;
+import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.collect.Lists;
import com.google.common.io.Resources;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class TestDbPrivilegeCleanupOnDrop extends
AbstractTestWithStaticConfiguration {
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(TestDbPrivilegeCleanupOnDrop.class);
private final static int SHOW_GRANT_TABLE_POSITION = 2;
private final static int SHOW_GRANT_DB_POSITION = 1;
@@ -57,15 +62,19 @@ public class TestDbPrivilegeCleanupOnDrop extends
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
useSentryService = true;
- setMetastoreListener = true;
+ if (!setMetastoreListener) {
+ setMetastoreListener = true;
+ }
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
+ @Override
@Before
- public void setUp() throws Exception {
+ public void setup() throws Exception {
+ super.setupAdmin();
+ super.setup();
// context = createContext();
File dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
- setupAdmin();
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
@@ -181,8 +190,6 @@ public class TestDbPrivilegeCleanupOnDrop extends
*/
@Test
public void testDropAndRenameWithMultiAction() throws Exception {
- super.setupAdmin();
-
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
statement.execute("CREATE ROLE user_role");
@@ -322,7 +329,9 @@ public class TestDbPrivilegeCleanupOnDrop extends
ResultSet resultSet = statement.executeQuery("SHOW GRANT ROLE "
+ roleName);
while (resultSet.next()) {
- assertFalse(objectName.equalsIgnoreCase(resultSet.getString(resultPos)));
+ String returned = resultSet.getString(resultPos);
+ assertFalse("value " + objectName + " shouldn't be detected, but actually " + returned + " is found from resultSet",
+ objectName.equalsIgnoreCase(returned));
}
resultSet.close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtDatabaseScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtDatabaseScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtDatabaseScope.java
index e1cda29..883bedd 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtDatabaseScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtDatabaseScope.java
@@ -21,20 +21,26 @@ import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
import org.apache.sentry.tests.e2e.hive.TestPrivilegesAtDatabaseScope;
import org.junit.Before;
import org.junit.BeforeClass;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class TestDbPrivilegesAtDatabaseScope extends
TestPrivilegesAtDatabaseScope {
+ private static final Logger LOGGER = LoggerFactory.
+ getLogger(TestDbPrivilegesAtDatabaseScope.class);
+
@Override
@Before
public void setup() throws Exception {
+ LOGGER.info("TestDbPrivilegesAtDatabaseScope setup");
super.setupAdmin();
super.setup();
}
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
+ LOGGER.info("TestDbPrivilegesAtDatabaseScope setupTestStaticConfiguration");
useSentryService = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
-
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtTableScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtTableScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtTableScope.java
index 9fb6f7f..a4f07df 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtTableScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtTableScope.java
@@ -28,12 +28,12 @@ public class TestDbPrivilegesAtTableScope extends TestPrivilegesAtTableScope {
public void setup() throws Exception {
super.setupAdmin();
super.setup();
+ prepareDBDataForTest();
}
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
useSentryService = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- prepareDBDataForTest();
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbRuntimeMetadataRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbRuntimeMetadataRetrieval.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbRuntimeMetadataRetrieval.java
index 5324656..8d98179 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbRuntimeMetadataRetrieval.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbRuntimeMetadataRetrieval.java
@@ -20,17 +20,24 @@ import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
import org.apache.sentry.tests.e2e.hive.TestRuntimeMetadataRetrieval;
import org.junit.Before;
import org.junit.BeforeClass;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class TestDbRuntimeMetadataRetrieval extends
TestRuntimeMetadataRetrieval {
+ private static final Logger LOGGER = LoggerFactory.
+ getLogger(TestDbRuntimeMetadataRetrieval.class);
+
@Override
@Before
public void setup() throws Exception {
+ LOGGER.info("TestDbRuntimeMetadataRetrieval setup");
super.setupAdmin();
super.setup();
}
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
+ LOGGER.info("TestDbRuntimeMetadataRetrieval setupTestStaticConfiguration");
useSentryService = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbSentryOnFailureHookLoading.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbSentryOnFailureHookLoading.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbSentryOnFailureHookLoading.java
index 66e81a8..b06cf59 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbSentryOnFailureHookLoading.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbSentryOnFailureHookLoading.java
@@ -94,6 +94,11 @@ public class TestDbSentryOnFailureHookLoading extends AbstractTestWithDbProvider
// setup db objects needed by the test
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
+ try {
+ statement.execute("DROP ROLE admin_role");
+ } catch (Exception ex) {
+ //It is ok if admin_role already exists
+ }
statement.execute("CREATE ROLE admin_role");
statement.execute("GRANT ALL ON SERVER "
+ HiveServerFactory.DEFAULT_AUTHZ_SERVER_NAME + " TO ROLE admin_role");
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbUriPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbUriPermissions.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbUriPermissions.java
index 43a310f..1a90e06 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbUriPermissions.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbUriPermissions.java
@@ -21,15 +21,23 @@ import org.apache.sentry.tests.e2e.hive.TestUriPermissions;
import org.junit.Before;
import org.junit.BeforeClass;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
public class TestDbUriPermissions extends TestUriPermissions {
+ private static final Logger LOGGER = LoggerFactory.
+ getLogger(TestDbUriPermissions.class);
+
@Override
@Before
public void setup() throws Exception {
+ LOGGER.info("TestDbUriPermissions setup");
super.setupAdmin();
super.setup();
}
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
+ LOGGER.info("TestDbUriPermissions setupTestStaticConfiguration");
useSentryService = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
index f0d8ac4..cc5daef 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
@@ -115,12 +115,11 @@ public abstract class AbstractTestWithStaticConfiguration {
protected static boolean policyOnHdfs = false;
protected static boolean useSentryService = false;
- protected static boolean setMetastoreListener = false;
+ protected static boolean setMetastoreListener = true;
protected static String testServerType = null;
protected static boolean enableHiveConcurrency = false;
// indicate if the database need to be clear for every test case in one test class
- protected static boolean clearDbAfterPerTest = true;
- protected static boolean clearDbBeforePerTest = false;
+ protected static boolean clearDbPerTest = true;
protected static File baseDir;
protected static File logDir;
@@ -450,7 +449,7 @@ public abstract class AbstractTestWithStaticConfiguration {
public void setup() throws Exception{
LOGGER.info("AbstractTestStaticConfiguration setup");
dfs.createBaseDir();
- if (clearDbBeforePerTest) {
+ if (clearDbPerTest) {
LOGGER.info("Before per test run clean up");
clearAll(true);
}
@@ -459,7 +458,7 @@ public abstract class AbstractTestWithStaticConfiguration {
@After
public void clearAfterPerTest() throws Exception {
LOGGER.info("AbstractTestStaticConfiguration clearAfterPerTest");
- if (clearDbAfterPerTest) {
+ if (clearDbPerTest) {
LOGGER.info("After per test run clean up");
clearAll(true);
}
@@ -513,6 +512,7 @@ public abstract class AbstractTestWithStaticConfiguration {
protected static void setupAdmin() throws Exception {
if(useSentryService) {
+ LOGGER.info("setupAdmin to create admin_role");
Connection connection = context.createConnection(ADMIN1);
Statement statement = connection.createStatement();
try {
@@ -528,6 +528,14 @@ public abstract class AbstractTestWithStaticConfiguration {
}
}
+ protected PolicyFile setupPolicy() throws Exception {
+ LOGGER.info("Pre create policy file with admin group mapping");
+ PolicyFile policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
+ policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+ return policyFile;
+ }
+
@AfterClass
public static void tearDownTestStaticConfiguration() throws Exception {
if(hiveServer != null) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
index 659d820..2e4be8a 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
@@ -53,28 +53,24 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception{
+ LOGGER.info("TestCrossDbOps setupTestStaticConfiguration");
policyOnHdfs = true;
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
+
}
@Before
public void setup() throws Exception {
+ LOGGER.info("TestCrossDbOps setup");
+ policyFile = super.setupPolicy();
+ super.setup();
File dataDir = context.getDataDir();
// copy data file to test dir
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- // Precreate policy file
- policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
loadData = "server=server1->uri=file://" + dataFile.getPath();
- // debug
- LOGGER.info("setMetastoreListener = " + String.valueOf(setMetastoreListener));
- clearAll(true);
}
/*
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
index 58a27a6..5242bb1 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
@@ -42,25 +42,18 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat
@BeforeClass
public static void setupTestStaticConfiguration () throws Exception {
LOGGER.info("TestExportImportPrivileges setupTestStaticConfiguration");
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
@Before
public void setup() throws Exception {
LOGGER.info("TestExportImportPrivileges setup");
+ policyFile = super.setupPolicy();
+ super.setup();
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
- if (clearDbBeforePerTest) {
- LOGGER.info("Before per test run clean up");
- clearAll(true);
- }
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestJDBCInterface.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestJDBCInterface.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestJDBCInterface.java
index 194fe63..bc5c08b 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestJDBCInterface.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestJDBCInterface.java
@@ -44,22 +44,14 @@ public class TestJDBCInterface extends AbstractTestWithStaticConfiguration {
public static void setupTestStaticConfiguration() throws Exception {
LOGGER.info("TestJDBCInterface setupTestStaticConfiguration");
policyOnHdfs = true;
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
@Before
public void setup() throws Exception {
LOGGER.info("TestJDBCInterface setup");
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- if (clearDbBeforePerTest) {
- // Precreate policy file
- policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
- LOGGER.info("Before per test run clean up");
- clearAll(true);
- }
+ policyFile = super.setupPolicy();
+ super.setup();
}
/*
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
index 3a718e8..7dd0f01 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
@@ -44,26 +44,18 @@ public class TestMetadataObjectRetrieval extends AbstractTestWithStaticConfigura
@BeforeClass
public static void setupTestStaticConfiguration () throws Exception {
LOGGER.info("TestMetadataObjectRetrieval setupTestStaticConfiguration");
- clearDbAfterPerTest = true;
- clearDbBeforePerTest = true;
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
@Before
public void setup() throws Exception {
LOGGER.info("TestMetadataObjectRetrieval setup");
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
+ policyFile = super.setupPolicy();
+ super.setup();
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- if (clearDbBeforePerTest) {
- // Precreate policy file
- policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
- LOGGER.info("Before per test run clean up");
- clearAll(true);
- }
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java
index 30541d9..985f969 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java
@@ -50,7 +50,6 @@ public class TestPerDBConfiguration extends AbstractTestWithStaticConfiguration
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- prepareDBDataForTest();
}
@Before
@@ -64,14 +63,12 @@ public class TestPerDBConfiguration extends AbstractTestWithStaticConfiguration
prefix = "file://" + context.getPolicyFile().getParent() + "/";
}
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
+ policyFile = super.setupPolicy();
+ super.setup();
+ prepareDBDataForTest();
}
protected static void prepareDBDataForTest() throws Exception {
- clearDbAfterPerTest = false;
- PolicyFile policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP).setUserGroupMapping(
- StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
// copy data file to test dir
dataDir = context.getDataDir();
dataFile = new File(dataDir, MULTI_TYPE_DATA_FILE_NAME);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtColumnScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtColumnScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtColumnScope.java
index 8adc5bb..ecf1117 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtColumnScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtColumnScope.java
@@ -47,26 +47,17 @@ public class TestPrivilegesAtColumnScope extends AbstractTestWithStaticConfigura
@Before
public void setup() throws Exception {
- if (useSentryService) {
- policyFile = new PolicyFile();
- } else {
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- }
+ policyFile = super.setupPolicy();
+ super.setup();
+ prepareDBDataForTest();
}
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- prepareDBDataForTest();
}
private static void prepareDBDataForTest() throws Exception {
- clearDbAfterPerTest = false;
- // if use sentry service, need setup admin role first
- setupAdmin();
- PolicyFile policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP).setUserGroupMapping(
- StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
// copy data file to test dir
File dataDir = context.getDataDir();
File dataFile = new File(dataDir, MULTI_TYPE_DATA_FILE_NAME);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
index 7c9a66d..3f6f246 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
@@ -33,44 +33,53 @@ import java.util.Map;
import junit.framework.Assert;
import org.junit.Before;
+import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.io.Resources;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/* Tests privileges at table scope within a single database.
*/
public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfiguration {
+ private static final Logger LOGGER = LoggerFactory.
+ getLogger(TestPrivilegesAtDatabaseScope.class);
private PolicyFile policyFile;
Map <String, String >testProperties;
private static final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
+ @BeforeClass
+ public static void setupTestStaticConfiguration () throws Exception {
+ AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
+ }
+
@Override
@Before
public void setup() throws Exception {
+ policyFile = super.setupPolicy();
+ super.setup();
testProperties = new HashMap<String, String>();
-
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
}
// SENTRY-285 test
@Test
public void testAllOnDb() throws Exception {
-
- policyFile
- .addRolesToGroup(USERGROUP1, "all_db1")
- .addPermissionsToRole("all_db1", "server=server1->db=" + DB1 + "->action=all")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
// setup db objects needed by the test
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
statement.execute("create database " + DB1);
statement.execute("create table " + DB1 + ".tab1(a int)");
+ policyFile
+ .addRolesToGroup(USERGROUP1, "all_db1")
+ .addPermissionsToRole("all_db1", "server=server1->db=" + DB1 + "->action=all")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("use " + DB1);
@@ -97,25 +106,23 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile
- .addRolesToGroup(USERGROUP1, "all_db1", "load_data")
- .addRolesToGroup(USERGROUP2, "all_db2")
- .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
- .addPermissionsToRole("all_db2", "server=server1->db=" + DB2)
- .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataFile.getPath())
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
// setup db objects needed by the test
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
- statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("CREATE DATABASE " + DB2);
statement.close();
connection.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "all_db1", "load_data")
+ .addRolesToGroup(USERGROUP2, "all_db2")
+ .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
+ .addPermissionsToRole("all_db2", "server=server1->db=" + DB2)
+ .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataFile.getPath())
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
// test execution
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
@@ -182,14 +189,6 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
statement.close();
connection.close();
-
- //test cleanup
- connection = context.createConnection(ADMIN1);
- statement = context.createStatement(connection);
- statement.execute("DROP DATABASE " + DB2 + " CASCADE");
- statement.close();
- connection.close();
- context.close();
}
/* Admin creates database DB_1, creates table TAB_1, loads data into it
@@ -206,21 +205,9 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile
- .addRolesToGroup(USERGROUP1, "all_db1", "load_data", "exttab")
- .addRolesToGroup(USERGROUP2, "all_db2")
- .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
- .addPermissionsToRole("all_db2", "server=server1->db=" + DB2)
- .addPermissionsToRole("exttab", "server=server1->uri=file://" + dataDir.getPath())
- .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataFile.getPath())
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
// setup db objects needed by the test
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
- statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("CREATE DATABASE " + DB2);
statement.execute("USE " + DB1);
@@ -232,6 +219,16 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
statement.close();
connection.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "all_db1", "load_data", "exttab")
+ .addRolesToGroup(USERGROUP2, "all_db2")
+ .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
+ .addPermissionsToRole("all_db2", "server=server1->db=" + DB2)
+ .addPermissionsToRole("exttab", "server=server1->uri=file://" + dataDir.getPath())
+ .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataFile.getPath())
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
// test execution
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
@@ -289,15 +286,6 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
statement.close();
connection.close();
-
- //test cleanup
- connection = context.createConnection(ADMIN1);
- statement = context.createStatement(connection);
- statement.execute("DROP DATABASE " + DB1 + " CASCADE");
- statement.execute("DROP DATABASE " + DB2 + " CASCADE");
- statement.close();
- connection.close();
- context.close();
}
/**
@@ -310,32 +298,27 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
*/
@Test
public void testUseDbPrivilege() throws Exception {
-
- policyFile
- .addRolesToGroup(USERGROUP1, "all_db1")
- .addRolesToGroup(USERGROUP2, "select_db2")
- .addRolesToGroup(USERGROUP3, "all_db3")
- .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
- .addPermissionsToRole("select_db2", "server=server1->db=" + DB2 + "->table=tab_2->action=select")
- .addPermissionsToRole("all_db3", "server=server1->db=DB_3")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
-
-
// setup db objects needed by the test
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("use " + DB1);
statement.execute("CREATE TABLE TAB_1(A STRING)");
- statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE");
statement.execute("CREATE DATABASE " + DB2);
statement.execute("use " + DB1);
statement.execute("CREATE TABLE TAB_2(A STRING)");
context.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "all_db1")
+ .addRolesToGroup(USERGROUP2, "select_db2")
+ .addRolesToGroup(USERGROUP3, "all_db3")
+ .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
+ .addPermissionsToRole("select_db2", "server=server1->db=" + DB2 + "->table=tab_2->action=select")
+ .addPermissionsToRole("all_db3", "server=server1->db=DB_3")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
// user1 should be able to connect db_1
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
@@ -374,24 +357,22 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
*/
@Test
public void testDefaultDbPrivilege() throws Exception {
-
- policyFile
- .addRolesToGroup(USERGROUP1, "all_db1")
- .addRolesToGroup(USERGROUP2, "select_db2")
- .addRolesToGroup(USERGROUP3, "all_default")
- .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
- .addPermissionsToRole("select_db2", "server=server1->db=" + DB2 + "->table=tab_2->action=select")
- .addPermissionsToRole("all_default", "server=server1->db=default")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
-
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
statement.execute("use default");
statement.execute("create table tab1(a int)");
context.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "all_db1")
+ .addRolesToGroup(USERGROUP2, "select_db2")
+ .addRolesToGroup(USERGROUP3, "all_default")
+ .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
+ .addPermissionsToRole("select_db2", "server=server1->db=" + DB2 + "->table=tab_2->action=select")
+ .addPermissionsToRole("all_default", "server=server1->db=default")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("use default");
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
index 46c6cbb..6272752 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
@@ -45,19 +45,19 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
private static PolicyFile policyFile;
private final static String MULTI_TYPE_DATA_FILE_NAME = "emp.dat";
+ @Before
+ public void setup() throws Exception {
+ policyFile = super.setupPolicy();
+ super.setup();
+ prepareDBDataForTest();
+ }
+
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- prepareDBDataForTest();
}
protected static void prepareDBDataForTest() throws Exception {
- clearDbAfterPerTest = false;
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP).setUserGroupMapping(
- StaticUserGroup.getStaticMapping());
- // The setupAdmin is for TestDbPrivilegesAtTableScope to add role admin_role
- setupAdmin();
- writePolicyFile(policyFile);
// copy data file to test dir
File dataDir = context.getDataDir();
File dataFile = new File(dataDir, MULTI_TYPE_DATA_FILE_NAME);
@@ -85,13 +85,6 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
connection.close();
}
- @Before
- public void setup() throws Exception {
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP)
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
- }
-
/*
* Admin creates database DB_1, table TAB_1, TAB_2 in DB_1, loads data into
* TAB_1, TAB_2 Admin grants SELECT on TAB_1, TAB_2, INSERT on TAB_1 to
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
index c47686b..0f27a7e 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
@@ -29,6 +29,7 @@ import java.util.List;
import org.apache.sentry.provider.file.PolicyFile;
import org.junit.Assert;
import org.junit.Before;
+import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.io.Resources;
@@ -44,16 +45,20 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
private File dataDir;
private File dataFile;
+ @BeforeClass
+ public static void setupTestStaticConfiguration () throws Exception {
+ AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
+ }
+
@Before
public void setup() throws Exception {
+ policyFile = super.setupPolicy();
+ super.setup();
dataDir = context.getDataDir();
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP)
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
}
/**
@@ -67,22 +72,10 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
String tableNames[] = {"tb_1", "tb_2", "tb_3", "tb_4"};
List<String> tableNamesValidation = new ArrayList<String>();
- policyFile
- .addRolesToGroup(USERGROUP1, "tab1_priv,tab2_priv,tab3_priv")
- .addPermissionsToRole("tab1_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[0] + "->action=select")
- .addPermissionsToRole("tab2_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[1] + "->action=insert")
- .addPermissionsToRole("tab3_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[2] + "->action=select")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
String user1TableNames[] = {"tb_1", "tb_2", "tb_3"};
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("USE " + DB1);
createTabs(statement, DB1, tableNames);
@@ -93,6 +86,17 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
validateTables(rs, DB1, tableNamesValidation);
statement.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "tab1_priv,tab2_priv,tab3_priv")
+ .addPermissionsToRole("tab1_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[0] + "->action=select")
+ .addPermissionsToRole("tab2_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[1] + "->action=insert")
+ .addPermissionsToRole("tab3_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[2] + "->action=select")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -114,17 +118,10 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
String tableNames[] = {"tb_1", "tb_2", "tb_3", "tb_4"};
List<String> tableNamesValidation = new ArrayList<String>();
- policyFile
- .addRolesToGroup(USERGROUP1, "db_priv")
- .addPermissionsToRole("db_priv", "server=server1->db=" + DB1)
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
String user1TableNames[] = {"tb_1", "tb_2", "tb_3", "tb_4"};
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("USE " + DB1);
createTabs(statement, DB1, tableNames);
@@ -134,6 +131,12 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
validateTables(rs, DB1, tableNamesValidation);
statement.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "db_priv")
+ .addPermissionsToRole("db_priv", "server=server1->db=" + DB1)
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -155,19 +158,11 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
String tableNames[] = {"tb_1", "tb_2", "tb_3", "newtab_3"};
List<String> tableNamesValidation = new ArrayList<String>();
- policyFile
- .addRolesToGroup(USERGROUP1, "tab_priv")
- .addPermissionsToRole("tab_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[3] + "->action=insert")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
String adminTableNames[] = {"tb_3", "newtab_3", "tb_2", "tb_1"};
String user1TableNames[] = {"newtab_3"};
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("USE " + DB1);
createTabs(statement, DB1, tableNames);
@@ -177,6 +172,13 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
validateTables(rs, DB1, tableNamesValidation);
statement.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "tab_priv")
+ .addPermissionsToRole("tab_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[3] + "->action=insert")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -197,18 +199,11 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
String tableNames[] = {"tb_1", "tb_2", "tb_3", "newtab_3"};
List<String> tableNamesValidation = new ArrayList<String>();
- policyFile
- .addRolesToGroup(USERGROUP1, "tab_priv")
- .addPermissionsToRole("tab_priv", "server=server1->db=" + DB1)
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
String adminTableNames[] = {"tb_3", "newtab_3", "tb_1", "tb_2"};
String user1TableNames[] = {"tb_3", "newtab_3", "tb_1", "tb_2"};
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("USE " + DB1);
createTabs(statement, DB1, tableNames);
@@ -218,6 +213,12 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
validateTables(rs, DB1, tableNamesValidation);
statement.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "tab_priv")
+ .addPermissionsToRole("tab_priv", "server=server1->db=" + DB1)
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -236,13 +237,14 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
public void testShowTables5() throws Exception {
String tableNames[] = {"tb_1", "tb_2", "tb_3", "tb_4"};
- policyFile
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
createTabs(statement, "default", tableNames);
+ policyFile
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
// User1 should see tables with any level of access
@@ -263,22 +265,10 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
String tableNames[] = {"tb_1", "tb_2", "tb_3", "tb_4", "table_5"};
List<String> tableNamesValidation = new ArrayList<String>();
- policyFile
- .addRolesToGroup(USERGROUP1, "tab1_priv,tab2_priv,tab3_priv")
- .addPermissionsToRole("tab1_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[0] + "->action=select")
- .addPermissionsToRole("tab2_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[1] + "->action=insert")
- .addPermissionsToRole("tab3_priv", "server=server1->db=" + DB1 + "->table="
- + tableNames[2] + "->action=select")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
String user1TableNames[] = {"tb_1", "tb_2", "tb_3"};
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("USE " + DB1);
createTabs(statement, DB1, tableNames);
@@ -288,6 +278,17 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
validateTablesInRs(rs, DB1, tableNamesValidation);
statement.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "tab1_priv,tab2_priv,tab3_priv")
+ .addPermissionsToRole("tab1_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[0] + "->action=select")
+ .addPermissionsToRole("tab2_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[1] + "->action=insert")
+ .addPermissionsToRole("tab3_priv", "server=server1->db=" + DB1 + "->table="
+ + tableNames[2] + "->action=select")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -309,12 +310,6 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
String[] dbNames = {DB1, DB2, DB3};
String[] user1DbNames = {DB1};
- policyFile
- .addRolesToGroup(USERGROUP1, "db1_all")
- .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
createDb(ADMIN1, dbNames);
dbNamesValidation.addAll(Arrays.asList(dbNames));
dbNamesValidation.add("default");
@@ -324,6 +319,12 @@ public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfigur
validateDBs(rs, dbNamesValidation); // admin should see all dbs
rs.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "db1_all")
+ .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
rs = statement.executeQuery("SHOW DATABASES");
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java
index 626fd40..fe837e4 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java
@@ -43,13 +43,12 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
@Before
public void setup() throws Exception {
+ policyFile = super.setupPolicy();
+ super.setup();
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
to.close();
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
loadData = "server=server1->uri=file://" + dataFile.getPath();
}
@@ -66,13 +65,14 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testDbPrivileges() throws Exception {
- addTwoUsersWithAllDb();
- writePolicyFile(policyFile);
String[] dbs = new String[] { DB1, DB2 };
for (String dbName : dbs) {
- dropDb(ADMIN1, dbName);
createDb(ADMIN1, dbName);
}
+
+ addTwoUsersWithAllDb();
+ writePolicyFile(policyFile);
+
for (String user : new String[] { USER1_1, USER1_2 }) {
for (String dbName : dbs) {
Connection userConn = context.createConnection(user);
@@ -90,12 +90,8 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
userConn.close();
}
}
-
- for (String dbName : dbs) {
- dropDb(ADMIN1, dbName);
- }
-
}
+
/**
* Test Case 2.11 admin user create a new database DB_1 and grant ALL to
* himself on DB_1 should work
@@ -105,7 +101,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
// access the new databases
@@ -115,12 +110,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
adminStmt.execute("load data local inpath '" + dataFile.getPath() + "' into table "
+ tabName);
adminStmt.execute("select * from " + tabName);
-
- // cleanup
- adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE " + DB1 + " CASCADE");
- adminStmt.close();
- adminCon.close();
}
/**
@@ -131,20 +120,21 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testNegativeUserDMLPrivileges() throws Exception {
- policyFile
- .addPermissionsToRole("db1_tab2_all", "server=server1->db=" + DB1 + "->table=table_2")
- .addRolesToGroup(USERGROUP1, "db1_tab2_all");
- writePolicyFile(policyFile);
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
adminStmt.execute("use " + DB1);
adminStmt.execute("create table table_1 (id int)");
adminStmt.execute("create table table_2 (id int)");
adminStmt.close();
adminCon.close();
+
+ policyFile
+ .addPermissionsToRole("db1_tab2_all", "server=server1->db=" + DB1 + "->table=table_2")
+ .addRolesToGroup(USERGROUP1, "db1_tab2_all");
+ writePolicyFile(policyFile);
+
Connection userConn = context.createConnection(USER1_1);
Statement userStmt = context.createStatement(userConn);
userStmt.execute("use " + DB1);
@@ -173,17 +163,10 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testNegUserPrivilegesAll() throws Exception {
- policyFile
- .addRolesToGroup(USERGROUP1, "db1_all")
- .addRolesToGroup(USERGROUP2, "db1_tab1_select")
- .addPermissionsToRole("db1_tab1_select", "server=server1->db="+ DB1 + "->table=table_1->action=select")
- .addPermissionsToRole("db1_all", "server=server1->db=" + DB1);
- writePolicyFile(policyFile);
// create dbs
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
adminStmt.execute("use " + DB1);
adminStmt.execute("create table table_1 (name string)");
@@ -197,6 +180,13 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
adminStmt.close();
adminCon.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "db1_all")
+ .addRolesToGroup(USERGROUP2, "db1_tab1_select")
+ .addPermissionsToRole("db1_tab1_select", "server=server1->db="+ DB1 + "->table=table_1->action=select")
+ .addPermissionsToRole("db1_all", "server=server1->db=" + DB1);
+ writePolicyFile(policyFile);
+
Connection userConn = context.createConnection(USER2_1);
Statement userStmt = context.createStatement(userConn);
userStmt.execute("use " + DB1);
@@ -247,15 +237,13 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testSandboxOpt9() throws Exception {
+ createDb(ADMIN1, DB1, DB2);
policyFile
- .addPermissionsToRole(GROUP1_ROLE, ALL_DB1, ALL_DB2, loadData)
- .addRolesToGroup(USERGROUP1, GROUP1_ROLE);
+ .addPermissionsToRole(GROUP1_ROLE, ALL_DB1, ALL_DB2, loadData)
+ .addRolesToGroup(USERGROUP1, GROUP1_ROLE);
writePolicyFile(policyFile);
- dropDb(ADMIN1, DB1, DB2);
- createDb(ADMIN1, DB1, DB2);
-
Connection connection = context.createConnection(USER1_1);
Statement statement = context.createStatement(connection);
@@ -295,7 +283,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
+ " (value) AS SELECT value from " + DB2 + "." + TBL3 + " LIMIT 10");
statement.close();
connection.close();
- dropDb(ADMIN1, DB1, DB2);
}
/**
@@ -316,12 +303,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testSandboxOpt13() throws Exception {
- // unrelated permission to allow user1 to connect to db1
- policyFile
- .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL2)
- .addRolesToGroup(USERGROUP1, GROUP1_ROLE);
- writePolicyFile(policyFile);
- dropDb(ADMIN1, DB1);
createDb(ADMIN1, DB1);
createTable(ADMIN1, DB1, dataFile, TBL1);
Connection connection = context.createConnection(ADMIN1);
@@ -332,6 +313,13 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
+ " (under_col) as 'COMPACT' WITH DEFERRED REBUILD");
statement.close();
connection.close();
+
+ // unrelated permission to allow user1 to connect to db1
+ policyFile
+ .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL2)
+ .addRolesToGroup(USERGROUP1, GROUP1_ROLE);
+ writePolicyFile(policyFile);
+
connection = context.createConnection(USER1_1);
statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -342,7 +330,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
statement.execute("USE " + DB1);
assertTrue(statement.execute("SELECT * FROM " + TBL1 + " WHERE under_col == 5"));
assertTrue(statement.execute("SHOW INDEXES ON " + TBL1));
- dropDb(ADMIN1, DB1, DB2);
}
/**
@@ -372,8 +359,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testSandboxOpt17() throws Exception {
-
- dropDb(ADMIN1, DB1);
createDb(ADMIN1, DB1);
policyFile
@@ -436,17 +421,17 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
//Hive needs write permissions on this local directory
baseDir.setWritable(true, false);
+ createDb(ADMIN1, DB1);
+ createTable(ADMIN1, DB1, dataFile, TBL1);
+
policyFile
- .addRolesToGroup(USERGROUP1, "all_db1", "load_data")
- .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
- .addPermissionsToRole("load_data", "server=server1->uri=file://" + allowedDir.getPath() +
- ", server=server1->uri=file://" + allowedDir.getPath() +
- ", server=server1->uri=" + allowedDfsDir.toString());
+ .addRolesToGroup(USERGROUP1, "all_db1", "load_data")
+ .addPermissionsToRole("all_db1", "server=server1->db=" + DB1)
+ .addPermissionsToRole("load_data", "server=server1->uri=file://" + allowedDir.getPath() +
+ ", server=server1->uri=file://" + allowedDir.getPath() +
+ ", server=server1->uri=" + allowedDfsDir.toString());
writePolicyFile(policyFile);
- dropDb(ADMIN1, DB1);
- createDb(ADMIN1, DB1);
- createTable(ADMIN1, DB1, dataFile, TBL1);
Connection connection = context.createConnection(USER1_1);
Statement statement = context.createStatement(connection);
statement.execute("USE " + DB1);
@@ -468,20 +453,18 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
*/
@Test
public void testSandboxOpt10() throws Exception {
-
String rTab1 = "rtab_1";
String rTab2 = "rtab_2";
- policyFile
- .addPermissionsToRole(GROUP1_ROLE, ALL_DB1, SELECT_DB2_TBL2, loadData)
- .addRolesToGroup(USERGROUP1, GROUP1_ROLE);
- writePolicyFile(policyFile);
-
- dropDb(ADMIN1, DB1, DB2);
createDb(ADMIN1, DB1, DB2);
createTable(ADMIN1, DB1, dataFile, TBL1);
createTable(ADMIN1, DB2, dataFile, TBL2, TBL3);
+ policyFile
+ .addPermissionsToRole(GROUP1_ROLE, ALL_DB1, SELECT_DB2_TBL2, loadData)
+ .addRolesToGroup(USERGROUP1, GROUP1_ROLE);
+ writePolicyFile(policyFile);
+
// a
Connection connection = context.createConnection(USER1_1);
Statement statement = context.createStatement(connection);
@@ -492,20 +475,11 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
statement.close();
connection.close();
- dropDb(ADMIN1, DB1, DB2);
}
// Create per-db policy file on hdfs and global policy on local.
@Test
public void testPerDbPolicyOnDFS() throws Exception {
-
- policyFile
- .addRolesToGroup(USERGROUP1, "select_tbl1")
- .addRolesToGroup(USERGROUP2, "select_tbl2")
- .addPermissionsToRole("select_tbl1", "server=server1->db=" + DB1 + "->table=tbl1->action=select")
- .addDatabase(DB2, dfs.getBaseDir().toUri().toString() + "/" + DB2_POLICY_FILE);
- writePolicyFile(policyFile);
-
File db2PolicyFileHandle = new File(baseDir.getPath(), DB2_POLICY_FILE);
PolicyFile db2PolicyFile = new PolicyFile();
@@ -519,14 +493,11 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
Connection connection = context.createConnection(ADMIN1);
Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
- statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE");
statement.execute("CREATE DATABASE " + DB1);
statement.execute("USE " + DB1);
statement.execute("CREATE TABLE tbl1(B INT, A STRING) " +
" row format delimited fields terminated by '|' stored as textfile");
statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE tbl1");
- statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE");
statement.execute("CREATE DATABASE " + DB2);
statement.execute("USE " + DB2);
statement.execute("CREATE TABLE tbl2(B INT, A STRING) " +
@@ -535,6 +506,13 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
statement.close();
connection.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "select_tbl1")
+ .addRolesToGroup(USERGROUP2, "select_tbl2")
+ .addPermissionsToRole("select_tbl1", "server=server1->db=" + DB1 + "->table=tbl1->action=select")
+ .addDatabase(DB2, dfs.getBaseDir().toUri().toString() + "/" + DB2_POLICY_FILE);
+ writePolicyFile(policyFile);
+
// test per-db file for db2
connection = context.createConnection(USER2_1);
@@ -545,15 +523,6 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration {
statement.close();
connection.close();
-
- //test cleanup
- connection = context.createConnection(ADMIN1);
- statement = context.createStatement(connection);
- statement.execute("DROP DATABASE " + DB1 + " CASCADE");
-
- statement.execute("DROP DATABASE " + DB2 + " CASCADE");
- statement.close();
- connection.close();
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
index 7c7c63e..911608a 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
@@ -29,19 +29,28 @@ import junit.framework.Assert;
import org.apache.sentry.provider.file.PolicyFile;
import org.apache.sentry.tests.e2e.hive.hiveserver.HiveServerFactory;
import org.junit.Before;
+import org.junit.BeforeClass;
import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
+ private static final Logger LOGGER = LoggerFactory.
+ getLogger(TestUriPermissions.class);
+
private PolicyFile policyFile;
private File dataFile;
private String loadData;
+ @BeforeClass
+ public static void setupTestStaticConfiguration () throws Exception {
+ AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
+ }
+
@Before
public void setup() throws Exception {
- policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
- policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
- writePolicyFile(policyFile);
-
+ policyFile = super.setupPolicy();
+ super.setup();
}
// test load data into table
@@ -57,24 +66,23 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
Connection userConn = null;
Statement userStmt = null;
- policyFile
- .addRolesToGroup(USERGROUP1, "db1_read", "db1_write", "data_read")
- .addRolesToGroup(USERGROUP2, "db1_write")
- .addPermissionsToRole("db1_write", "server=server1->db=" + DB1 + "->table=" + tabName + "->action=INSERT")
- .addPermissionsToRole("db1_read", "server=server1->db=" + DB1 + "->table=" + tabName + "->action=SELECT")
- .addPermissionsToRole("data_read", loadData);
- writePolicyFile(policyFile);
-
// create dbs
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
adminStmt.execute("use " + DB1);
adminStmt.execute("CREATE TABLE " + tabName + "(id int)");
context.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "db1_read", "db1_write", "data_read")
+ .addRolesToGroup(USERGROUP2, "db1_write")
+ .addPermissionsToRole("db1_write", "server=server1->db=" + DB1 + "->table=" + tabName + "->action=INSERT")
+ .addPermissionsToRole("db1_read", "server=server1->db=" + DB1 + "->table=" + tabName + "->action=SELECT")
+ .addPermissionsToRole("data_read", loadData);
+ writePolicyFile(policyFile);
+
// positive test, user1 has access to file being loaded
userConn = context.createConnection(USER1_1);
userStmt = context.createStatement(userConn);
@@ -111,7 +119,6 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
adminStmt.execute("use " + DB1);
adminStmt.execute("CREATE TABLE " + tabName + " (id int) PARTITIONED BY (dt string)");
@@ -176,24 +183,23 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
Connection userConn = null;
Statement userStmt = null;
- policyFile
- .addRolesToGroup(USERGROUP1, "server1_all")
- .addRolesToGroup(USERGROUP2, "db1_all, data_read")
- .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
- .addPermissionsToRole("data_read", "server=server1->URI=" + tabDir)
- .addPermissionsToRole("server1_all", "server=server1");
- writePolicyFile(policyFile);
-
// create dbs
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
adminStmt.execute("use " + DB1);
adminStmt.execute("CREATE TABLE " + tabName + " (id int) PARTITIONED BY (dt string)");
adminCon.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "server1_all")
+ .addRolesToGroup(USERGROUP2, "db1_all, data_read")
+ .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
+ .addPermissionsToRole("data_read", "server=server1->URI=" + tabDir)
+ .addPermissionsToRole("server1_all", "server=server1");
+ writePolicyFile(policyFile);
+
// positive test: user2 has privilege to alter table set partition
userConn = context.createConnection(USER2_1);
userStmt = context.createStatement(userConn);
@@ -223,22 +229,21 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
baseDir.setWritable(true, false);
dataDir.setWritable(true, false);
- policyFile
- .addRolesToGroup(USERGROUP1, "db1_all", "data_read")
- .addRolesToGroup(USERGROUP2, "db1_all")
- .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
- .addPermissionsToRole("data_read", "server=server1->URI=" + dataDirPath);
- writePolicyFile(policyFile);
-
// create dbs
Connection adminCon = context.createConnection(ADMIN1);
Statement adminStmt = context.createStatement(adminCon);
adminStmt.execute("use default");
- adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
adminStmt.execute("CREATE DATABASE " + DB1);
adminStmt.close();
adminCon.close();
+ policyFile
+ .addRolesToGroup(USERGROUP1, "db1_all", "data_read")
+ .addRolesToGroup(USERGROUP2, "db1_all")
+ .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
+ .addPermissionsToRole("data_read", "server=server1->URI=" + dataDirPath);
+ writePolicyFile(policyFile);
+
// negative test: user2 doesn't have privilege to create external table in given path
userConn = context.createConnection(USER2_1);
userStmt = context.createStatement(userConn);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
index be9f601..471af1a 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
@@ -42,8 +42,11 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
private File dataFile;
private PolicyFile policyFile;
+ @Override
@Before
- public void setUp() throws Exception {
+ public void setup() throws Exception {
+ policyFile = super.setupPolicy();
+ super.setup();
dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
FileOutputStream to = new FileOutputStream(dataFile);
Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/AbstractMetastoreTestWithStaticConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/AbstractMetastoreTestWithStaticConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/AbstractMetastoreTestWithStaticConfiguration.java
index 2c14c82..2c16cd6 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/AbstractMetastoreTestWithStaticConfiguration.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/AbstractMetastoreTestWithStaticConfiguration.java
@@ -54,7 +54,7 @@ public abstract class AbstractMetastoreTestWithStaticConfiguration extends
@BeforeClass
public static void setupTestStaticConfiguration() throws Exception {
useSentryService = true;
- clearDbAfterPerTest = false;
+ clearDbPerTest = false;
testServerType = HiveServer2Type.InternalMetastore.name();
AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/e11062d3/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestAuthorizingObjectStore.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestAuthorizingObjectStore.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestAuthorizingObjectStore.java
index 30041c5..44ed096 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestAuthorizingObjectStore.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestAuthorizingObjectStore.java
@@ -33,6 +33,7 @@ import org.apache.sentry.provider.file.PolicyFile;
import org.apache.sentry.tests.e2e.hive.StaticUserGroup;
import org.apache.thrift.TException;
import org.junit.Before;
+import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.collect.Lists;
@@ -53,42 +54,19 @@ public class TestAuthorizingObjectStore extends
// this user is configured for sentry.metastore.service.users,
// for this test, the value is set when creating the HiveServer.
private static final String userWithoutAccess = "accessAllMetaUser";
- private boolean isSetup = false;
+ @BeforeClass
+ public static void setupTestStaticConfiguration () throws Exception {
+ AbstractMetastoreTestWithStaticConfiguration.setupTestStaticConfiguration();
+ }
+
+ @Override
@Before
public void setup() throws Exception {
- if (isSetup) {
- return;
- }
- isSetup = true;
policyFile = setAdminOnServer1(ADMINGROUP);
- policyFile
- .addRolesToGroup(USERGROUP1, all_role)
- .addRolesToGroup(USERGROUP2, db1_t1_role)
- .addPermissionsToRole(all_role, "server=server1->db=" + dbName1)
- .addPermissionsToRole(all_role, "server=server1->db=" + dbName2)
- .addPermissionsToRole(
- all_role,
- "server=server1->db=" + dbName1 + "->table=" + tabName1
- + "->action=SELECT")
- .addPermissionsToRole(
- all_role,
- "server=server1->db=" + dbName1 + "->table=" + tabName2
- + "->action=SELECT")
- .addPermissionsToRole(
- all_role,
- "server=server1->db=" + dbName2 + "->table=" + tabName3
- + "->action=SELECT")
- .addPermissionsToRole(
- all_role,
- "server=server1->db=" + dbName2 + "->table=" + tabName4
- + "->action=SELECT")
- .addPermissionsToRole(
- db1_t1_role,
- "server=server1->db=" + dbName1 + "->table=" + tabName1
- + "->action=SELECT")
- .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ policyFile.setUserGroupMapping(StaticUserGroup.getStaticMapping());
writePolicyFile(policyFile);
+ super.setup();
HiveMetaStoreClient client = context.getMetaStoreClient(ADMIN1);
client.dropDatabase(dbName1, true, true, true);
@@ -117,6 +95,34 @@ public class TestAuthorizingObjectStore extends
addPartition(client, dbName2, tabName4, Lists.newArrayList(partitionVal), tbl4);
client.close();
+
+ policyFile
+ .addRolesToGroup(USERGROUP1, all_role)
+ .addRolesToGroup(USERGROUP2, db1_t1_role)
+ .addPermissionsToRole(all_role, "server=server1->db=" + dbName1)
+ .addPermissionsToRole(all_role, "server=server1->db=" + dbName2)
+ .addPermissionsToRole(
+ all_role,
+ "server=server1->db=" + dbName1 + "->table=" + tabName1
+ + "->action=SELECT")
+ .addPermissionsToRole(
+ all_role,
+ "server=server1->db=" + dbName1 + "->table=" + tabName2
+ + "->action=SELECT")
+ .addPermissionsToRole(
+ all_role,
+ "server=server1->db=" + dbName2 + "->table=" + tabName3
+ + "->action=SELECT")
+ .addPermissionsToRole(
+ all_role,
+ "server=server1->db=" + dbName2 + "->table=" + tabName4
+ + "->action=SELECT")
+ .addPermissionsToRole(
+ db1_t1_role,
+ "server=server1->db=" + dbName1 + "->table=" + tabName1
+ + "->action=SELECT")
+ .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+ writePolicyFile(policyFile);
}
/**