You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ak...@apache.org on 2017/03/11 02:07:44 UTC
sentry git commit: SENTRY-1327: Enable show grant role roleName on
all command (Ke Jia via Dapeng Sun)
Repository: sentry
Updated Branches:
refs/heads/sentry-ha-redesign 63352d834 -> 7868f80c2
SENTRY-1327: Enable show grant role roleName on all command (Ke Jia via Dapeng Sun)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/7868f80c
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/7868f80c
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/7868f80c
Branch: refs/heads/sentry-ha-redesign
Commit: 7868f80c2b07ad7eae62d58de24cfa0246b28744
Parents: 63352d8
Author: Alexander Kolbasov <ak...@cloudera.com>
Authored: Fri Mar 10 18:07:38 2017 -0800
Committer: Alexander Kolbasov <ak...@cloudera.com>
Committed: Fri Mar 10 18:07:38 2017 -0800
----------------------------------------------------------------------
.../SentryHiveAuthorizationTaskFactoryImpl.java | 3 +++
.../e2e/dbprovider/TestDatabaseProvider.java | 22 ++++++++++++++++++++
2 files changed, 25 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/7868f80c/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
index ca6bb17..ceb3b17 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
@@ -214,6 +214,9 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
ASTNode child = (ASTNode) ast.getChild(1);
if (child.getToken().getType() == HiveParser.TOK_PRIV_OBJECT_COL) {
privHiveObj = analyzePrivilegeObject(child);
+ } else if(child.getToken().getType() == HiveParser.TOK_RESOURCE_ALL) {
+ //if privHiveObj is null, it will return all priveleges.
+ privHiveObj = null;
} else {
throw new SemanticException("Unrecognized Token: " + child.getToken().getType());
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/7868f80c/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
index 255e266..eff0b6c 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java
@@ -2214,4 +2214,26 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration {
connection.close();
}
+ @Test
+ public void testShowGrantOnALL() throws Exception {
+
+ // setup db objects needed by the test
+ Connection connection = context.createConnection(ADMIN1);
+ Statement statement = context.createStatement(connection);
+ statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE");
+ statement.execute("DROP DATABASE IF EXISTS db_2 CASCADE");
+ statement.execute("CREATE DATABASE db_1");
+ statement.execute("CREATE ROLE group1_role");
+ statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role");
+ statement.execute("grant select on database db_1 to role group1_role");
+ ResultSet res = statement.executeQuery("show grant role group1_role on all");
+ List<String> returnedResult = new ArrayList<String>();
+ List<String> expectedResult = new ArrayList<String>();
+ expectedResult.add("db_1");
+ while (res.next()) {
+ returnedResult.add(res.getString(1).trim());
+ }
+ validateReturnedResult(expectedResult, returnedResult);
+ connection.close();
+ }
}