You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sp...@apache.org on 2018/06/27 16:47:38 UTC
[11/17] sentry git commit: SENTRY-2282: Remove hive-authzv2 binding
and tests modules completely (Sergio Pena, reviewed by Na Li)
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java
deleted file mode 100644
index 35870c3..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java
+++ /dev/null
@@ -1,374 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import java.sql.Connection;
-import java.sql.ResultSet;
-import java.sql.Statement;
-
-import org.apache.hive.service.cli.HiveSQLException;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.PrivilegeResultSet;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Test;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Contains tests for meta data operations with column level privileges
- */
-public class TestDbColumnLevelMetaDataOps extends AbstractTestWithStaticConfiguration {
- private static final Logger LOGGER = LoggerFactory.
- getLogger(TestDbColumnLevelMetaDataOps.class);
-
- private static final String TEST_COL_METADATA_OPS_DB = "test_col_metadata_ops_db";
- private static final String TEST_COL_METADATA_OPS_TB = "test_col_metadata_ops_tb";
- private static final String TEST_COL_METADATA_OPS_ROLE = "test_col_metadata_ops_role";
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception{
- LOGGER.info("TestColumnEndToEnd setupTestStaticConfiguration");
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- createTestData();
- }
- private static Statement statement = null;
- private static Connection connection = null;
-
- private static void establishSession(String user) throws Exception{
- if (statement != null) {
- statement.close();
- }
- if (connection != null) {
- connection.close();
- }
- connection = context.createConnection(user);
- statement = context.createStatement(connection);
- }
-
- /**
- * Create test database, table and role
- * and grant column level privilege
- * @throws Exception
- */
- private void createTestData() throws Exception {
- establishSession(ADMIN1);
- statement.execute("CREATE DATABASE " + TEST_COL_METADATA_OPS_DB);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- statement.execute("CREATE TABLE " + TEST_COL_METADATA_OPS_TB
- + " (privileged STRING, unprivileged INT) partitioned by (privileged_par STRING, unprivileged_par INT)");
- statement.execute("INSERT INTO TABLE " + TEST_COL_METADATA_OPS_TB
- + " PARTITION(privileged_par = 'privileged_par', unprivileged_par = 1) VALUES ('test1', 1)");
-
- statement.execute("CREATE ROLE " + TEST_COL_METADATA_OPS_ROLE);
- statement.execute("GRANT SELECT(privileged) ON TABLE " + TEST_COL_METADATA_OPS_TB + " TO ROLE " + TEST_COL_METADATA_OPS_ROLE);
- statement.execute("GRANT ROLE " + TEST_COL_METADATA_OPS_ROLE + " TO GROUP " + USERGROUP1);
-
- PrivilegeResultSet prset = new PrivilegeResultSet(statement, "SHOW GRANT ROLE "
- + TEST_COL_METADATA_OPS_ROLE + " ON DATABASE " + TEST_COL_METADATA_OPS_DB);
- LOGGER.info("SHOW GRANT : " + prset.toString());
- prset.verifyResultSetColumn("table", TEST_COL_METADATA_OPS_TB);
- prset.verifyResultSetColumn("column", "privileged");
- prset.verifyResultSetColumn("privilege", "select");
- }
-
- private ResultSet executeQueryWithLog(String query) throws Exception {
- ResultSet rs;
- try {
- LOGGER.info("Running " + query);
- rs = statement.executeQuery(query);
- return rs;
- } catch (HiveSQLException ex) {
- LOGGER.error("Privilege exception occurs when running : " + query);
- throw ex;
- }
- }
-
- private void validateFiltersInaccessibleColumns(String query, String colMetaField, String user,
- String privileged) throws Exception {
- establishSession(user);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- ResultSet rs = executeQueryWithLog(query);
- int numColumns = 0;
- while (rs.next()) {
- String val = rs.getString(colMetaField);
- numColumns++;
- // Relax validation for now:
- // user with any select privilege can perform metadata operations,
- // even though it might show some columns which he doesn't have privileges
- assertTrue("Can access non privileged column", val.equalsIgnoreCase(privileged));
- }
- rs.close();
- assertTrue("Looks like we accessed more columns than needed", numColumns == 1);
- }
-
- private void validateShowsAllColumns(String query, String colMetaField, String user,
- String privileged, String unprivileged) throws Exception {
- establishSession(user);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- ResultSet rs = executeQueryWithLog(query);
- boolean found = false;
- while (rs.next()) {
- String val = rs.getString(colMetaField);
- // Relax validation for now:
- // user with any select privilege can perform metadata operations,
- // even though it might show some columns which he doesn't have privileges
- //assertFalse("column unprivileged shouldn't be shown in result",
- // val.equalsIgnoreCase("unprivileged"));
- if (val.equalsIgnoreCase("unprivileged")) {
- LOGGER.warn("column unprivileged related metadata info is not disabled from result");
- }
- if (val.toLowerCase().contains(privileged)) {
- LOGGER.info("detected privileged column information: " + privileged);
- found = true;
- } else if (val.toLowerCase().contains(unprivileged)) {
- LOGGER.warn("detected unexpected column information: " + unprivileged);
- }
- }
- rs.close();
- assertTrue("failed to detect column privileged from result", found);
- }
-
- private void validateShowsAllColumns(String query, String colMetaField, String user) throws Exception {
- validateShowsAllColumns(query, colMetaField, user, "privileged", "unprivileged");
- }
-
-
- private void validateSemanticException(String query, String user) throws Exception {
- establishSession(user);
- try {
- LOGGER.info("Running " + query);
- statement.execute(query);
- fail("failed to throw SemanticException");
- } catch (Exception ex) {
- String err = "Exception No valid privileges";
- assertTrue("failed to detect " + err + "\n" + ex.getMessage(),
- ex.getMessage().contains("Exception No valid privileges"));
- }
- }
-
- /**
- * Test with column level privilege
- * user can NOT "show table extended"
- */
- @Test
- public void testShowExtended() throws Exception {
- String query = "SHOW TABLE EXTENDED IN " + TEST_COL_METADATA_OPS_DB
- + " like '" + TEST_COL_METADATA_OPS_TB + "'";
- // with column level privileges, user can not do show extended
- validateSemanticException(query, USER1_1);
- // negative test, without any privileges, user can not do it also
- validateSemanticException(query, USER2_1);
- }
-
- /**
- * Test with column level privileges,
- * user can list all columns for now
- */
- @Test
- public void testShowColumns() throws Exception {
- String query = "SHOW COLUMNS IN " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- // with column level privileges, user can show columns
- validateFiltersInaccessibleColumns(query, "field", USER1_1, "privileged");
- // without column/table level privileges, any user can NOT show columns
- validateSemanticException(query, USER2_1);
- }
-
- /**
- * Test SHOW TBLPROPERTIES requires table level privileges
- * @throws Exception
- */
- @Test
- public void testShowProperties() throws Exception {
- String query = "SHOW TBLPROPERTIES " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
- }
-
- /**
- * Test with column level select privilege,
- * user can do "describe table"
- */
- @Test
- public void testDescribeTable() throws Exception {
- String query = "DESCRIBE " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- // with column level privilege, user can describe table, but columns are not filtered for now
- validateShowsAllColumns(query, "col_name", USER1_1);
- // without column/table level privileges, any user can NOT describe table
- validateSemanticException(query, USER2_1);
-
- // only with table level privileges user can describe extended/formatted
- query = "DESCRIBE EXTENDED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
-
- query = "DESCRIBE EXTENDED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + " s";
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
-
- query = "DESCRIBE FORMATTED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
-
- query = "DESCRIBE FORMATTED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + " s";
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
- }
-
- /**
- * Test with column level select privilege,
- * user can only do "explain select column";
- * any other select requires table level privileges
- * @throws Exception
- */
- @Ignore("After fix SENTRY-849, should enable this test")
- @Test
- public void testExplainSelect() throws Exception {
- String query = "EXPLAIN SELECT privileged FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- // With column level privilege, user can explain select column
- validateShowsAllColumns(query, "Explain", USER1_1);
- // Without column/table level privilege, user can NOT explain select column
- validateSemanticException(query, USER2_1);
-
- // user can NOT explain select unprivileged column
- query = "EXPLAIN SELECT unprivileged FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
-
- query = "EXPLAIN SELECT * FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
-
- query = "EXPLAIN SELECT count(*) FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
-
- query = "EXPLAIN SELECT * FROM (SELECT privileged AS c FROM " +
- TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + " union all select unprivileged as c from "
- + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + ") subq1 order by c";
- validateSemanticException(query, USER1_1);
- validateSemanticException(query, USER2_1);
- }
-
- /**
- * Test if add a new column and grant privilege,
- * user1 needs explicit grant on new column to access this column
- */
- @Test
- public void testShowNewColumn() throws Exception {
- String colName = "newcol";
- establishSession(ADMIN1);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- statement.execute("ALTER TABLE " + TEST_COL_METADATA_OPS_TB + " ADD COLUMNS (" + colName + " STRING)");
-
- String query = "SHOW COLUMNS IN " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- establishSession(USER1_1);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- ResultSet rs = executeQueryWithLog(query);
- boolean found = false;
- while (rs.next() && !found) {
- String val = rs.getString("field");
- LOGGER.info("found " + val);
- if (val.equalsIgnoreCase(colName)) {
- found = true;
- }
- }
- assertTrue("Should not have implicit access to new column " + colName, !found);
- rs.close();
-
- establishSession(ADMIN1);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- statement.execute("GRANT SELECT(" + colName + ") ON TABLE " + TEST_COL_METADATA_OPS_TB + " TO ROLE " + TEST_COL_METADATA_OPS_ROLE);
-
- establishSession(USER1_1);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- rs = executeQueryWithLog(query);
- found = false;
- while (rs.next() && !found) {
- String val = rs.getString("field");
- LOGGER.info("found " + val);
- if (val.equalsIgnoreCase(colName)) {
- found = true;
- }
- }
- assertTrue("Should have implicit access to new column " + colName, found);
- rs.close();
- validateSemanticException(query, USER2_1);
- }
-
- /**
- * Grant user column level privileges, show partitions
- * should list user's granted columns
- * @throws Exception
- */
- @Ignore("After fix SENTRY-898, turn on this test")
- @Test
- public void testShowPartitions() throws Exception {
- final String PAR_ROLE_NAME = TEST_COL_METADATA_OPS_ROLE + "_2";
-
- establishSession(ADMIN1);
- statement.execute("USE " + TEST_COL_METADATA_OPS_DB);
- statement.execute("CREATE ROLE " + PAR_ROLE_NAME);
- statement.execute("GRANT SELECT(privileged_par) ON TABLE " + TEST_COL_METADATA_OPS_TB + " TO ROLE " + PAR_ROLE_NAME);
- statement.execute("GRANT ROLE " + PAR_ROLE_NAME + " TO GROUP " + USERGROUP1);
-
- String query = "SHOW PARTITIONS " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateFiltersInaccessibleColumns(query, "partition", USER1_1, "privileged_par");
- }
-
- /**
- * Requires table level privileges
- */
- @Test
- public void testShowTblProperties() throws Exception {
- String query = "SHOW TBLPROPERTIES " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- }
-
- /**
- * Requires table level privileges
- */
- @Test
- public void testShowCreateTable() throws Exception {
- String query = "SHOW CREATE TABLE " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- }
-
- /**
- * Requires table level privileges
- */
- @Test
- public void testTableExtendLike() throws Exception {
- String query = "SHOW TABLE EXTENDED IN " + TEST_COL_METADATA_OPS_DB + " LIKE " + TEST_COL_METADATA_OPS_TB;
- validateSemanticException(query, USER1_1);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java
deleted file mode 100644
index 8ee93cc..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java
+++ /dev/null
@@ -1,314 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import java.sql.Connection;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Statement;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Test;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class TestDbComplexView extends AbstractTestWithStaticConfiguration {
-
- private static final Logger LOGGER = LoggerFactory
- .getLogger(TestDbComplexView.class);
-
- private static final String TEST_VIEW_DB = "test_complex_view_database";
- private static final String TEST_VIEW_TB = "test_complex_view_table";
- private static final String TEST_VIEW_TB2 = "test_complex_view_table_2";
- private static final String TEST_VIEW = "test_complex_view";
- private static final String TEST_VIEW_ROLE = "test_complex_view_role";
-
- /**
- * Run query and validate one column with given column name
- * @param user
- * @param sql
- * @param db
- * @param colName
- * @param colVal
- * @return
- * @throws Exception
- */
- private static boolean execValidate(String user, String sql, String db,
- String colName, String colVal) throws Exception {
- boolean status = false;
- Connection conn = null;
- Statement stmt = null;
- try {
- conn = context.createConnection(user);
- stmt = context.createStatement(conn);
- LOGGER.info("Running [USE " + db + ";" + sql + "] to validate column " + colName + " = " + colVal);
- stmt.execute("USE " + db);
- ResultSet rset = stmt.executeQuery(sql);
- while (rset.next()) {
- String val = rset.getString(colName);
- if (val.equalsIgnoreCase(colVal)) {
- LOGGER.info("found [" + colName + "] = " + colVal);
- status = true;
- break;
- } else {
- LOGGER.warn("[" + colName + "] = " + val + " not equal to " + colVal);
- }
- }
- rset.close();
- } catch (SQLException ex) {
- LOGGER.error("SQLException: ", ex);
- } catch (Exception ex) {
- LOGGER.error("Exception: ", ex);
- } finally {
- try {
- if (stmt != null) {
- stmt.close();
- }
- if (conn != null) {
- conn.close();
- }
- } catch (Exception ex) {
- LOGGER.error("failed to close connection and statement: " + ex);
- }
- }
- return status;
- }
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- PolicyFile.setAdminOnServer1(ADMINGROUP);
-
- // prepare test db and base table
- List<String> sqls = new ArrayList<String>();
- sqls.add("USE DEFAULT");
- sqls.add("DROP DATABASE IF EXISTS " + TEST_VIEW_DB + " CASCADE");
- sqls.add("CREATE DATABASE IF NOT EXISTS " + TEST_VIEW_DB);
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("CREATE TABLE " + TEST_VIEW_TB + " (userid VARCHAR(64), link STRING, source STRING) "
- + "PARTITIONED BY (datestamp STRING) CLUSTERED BY (userid) INTO 256 BUCKETS STORED AS ORC");
- sqls.add("INSERT INTO TABLE " + TEST_VIEW_TB + " PARTITION (datestamp = '2014-09-23') VALUES "
- + "('tlee', " + "'mail.com', 'sports.com'), ('jdoe', 'mail.com', null)");
- sqls.add("SELECT userid FROM " + TEST_VIEW_TB);
- sqls.add("CREATE TABLE " + TEST_VIEW_TB2 + " (userid VARCHAR(64), name VARCHAR(64), age INT, "
- + "gpa DECIMAL(3, 2)) CLUSTERED BY (age) INTO 2 BUCKETS STORED AS ORC");
- sqls.add("INSERT INTO TABLE " + TEST_VIEW_TB2 + " VALUES ('rgates', 'Robert Gates', 35, 1.28), "
- + "('tlee', 'Tod Lee', 32, 2.32)");
- sqls.add("SELECT * FROM " + TEST_VIEW_TB2);
- execBatch(ADMIN1, sqls);
- }
-
- private void createTestRole(String user, String roleName) throws Exception {
- Connection conn = context.createConnection(user);
- Statement stmt = conn.createStatement();
- try {
- exec(stmt, "DROP ROLE " + roleName);
- } catch (Exception ex) {
- LOGGER.info("test role doesn't exist, but it's ok");
- } finally {
- exec(stmt, "CREATE ROLE " + roleName);
- }
- if (stmt != null) {
- stmt.close();
- }
- if (conn != null) {
- conn.close();
- }
- }
-
- private void grantAndValidatePrivilege(String testView, String testRole, String testGroup,
- String user, boolean revoke) throws Exception {
- createTestRole(ADMIN1, testRole);
- List<String> sqls = new ArrayList<String>();
-
- // grant privilege
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("GRANT SELECT ON TABLE " + testView + " TO ROLE " + testRole);
- sqls.add("GRANT ROLE " + testRole + " TO GROUP " + testGroup);
- execBatch(ADMIN1, sqls);
-
- // show grant should pass and could list view
- assertTrue("can not find select privilege from " + testRole,
- execValidate(ADMIN1, "SHOW GRANT ROLE " + testRole + " ON TABLE " + testView,
- TEST_VIEW_DB, "privilege", "select"));
- assertTrue("can not find " + testView,
- execValidate(user, "SHOW TABLES", TEST_VIEW_DB, "tab_name", testView));
-
- // select from view should pass
- sqls.clear();
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("SELECT * FROM " + testView);
- execBatch(user, sqls);
-
- if (revoke) {
- // revoke privilege
- sqls.clear();
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("REVOKE SELECT ON TABLE " + testView + " FROM ROLE " + testRole);
- execBatch(ADMIN1, sqls);
-
- // shouldn't be able to show grant
- assertFalse("should not find select from " + testRole,
- execValidate(ADMIN1, "SHOW GRANT ROLE " + testRole + " ON TABLE " + testView,
- TEST_VIEW_DB, "privilege", "select"));
-
- // select from view should fail
- sqls.clear();
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("SELECT * FROM " + testView);
- try {
- execBatch(user, sqls);
- } catch (SQLException ex) {
- LOGGER.info("Expected SQLException here", ex);
- }
- }
- }
-
- private void grantAndValidatePrivilege(String testView, String testRole,
- String testGroup, String user) throws Exception {
- grantAndValidatePrivilege(testView, testRole, testGroup, user, true);
- }
- /**
- * Create view1 and view2 from view1
- * Grant and validate select privileges to both views
- * @throws Exception
- */
- @Test
- public void testDbViewFromView() throws Exception {
- List<String> sqls = new ArrayList<String>();
- // create a simple view
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("CREATE VIEW " + TEST_VIEW +
- "(userid,link) AS SELECT userid,link from " + TEST_VIEW_TB);
-
- // create another view from the previous view
- String testView2 = "view1_from_" + TEST_VIEW;
- //String testRole2 = testView2 + "_test_role";
- sqls.add(String.format("CREATE VIEW %s AS SELECT userid,link from %s",
- testView2, TEST_VIEW));
-
- String testView3 = "view2_from_" + TEST_VIEW;
- sqls.add(String.format("CREATE VIEW %s(userid,link) AS SELECT userid,link from %s",
- testView3, TEST_VIEW));
-
- execBatch(ADMIN1, sqls);
-
- // validate privileges
- grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1);
- //grantAndValidatePrivilege(testView2, testRole2, USERGROUP2, USER2_1);
-
- // Disabled because of SENTRY-745, also need to backport HIVE-10875
- //grantAndValidatePrivilege(testView3, testRole3, USERGROUP3, USER3_1);
- }
-
- /**
- * Create a view by join two tables
- * Grant and verify select privilege
- * @throws Exception
- */
- @Test
- public void TestDbViewWithJoin() throws Exception {
- List<String> sqls = new ArrayList<String>();
- // create a joint view
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add(String.format("create view %s as select name,age,gpa from %s join %s on "
- + "(%s.userid=%s.userid) where name='Tod Lee'", TEST_VIEW, TEST_VIEW_TB2,
- TEST_VIEW_TB, TEST_VIEW_TB2, TEST_VIEW_TB));
- execBatch(ADMIN1, sqls);
-
- // validate privileges
- grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1);
- }
-
- /**
- * Create a view with nested query
- * Grant and verify select privilege
- * @throws Exception
- * SENTRY-716: Hive plugin does not correctly enforce
- * privileges for new in case of nested queries
- * Once backport HIVE-10875 to Sentry repo, will enable this test.
- */
- @Ignore ("After SENTRY-716 is fixed, turn on this test")
- @Test
- public void TestDbViewWithNestedQuery() throws Exception {
- List<String> sqls = new ArrayList<String>();
- // create a joint view
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("CREATE VIEW " + TEST_VIEW + " AS SELECT * FROM " + TEST_VIEW_TB);
- execBatch(ADMIN1, sqls);
- grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1, false);
-
- sqls.clear();
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("SELECT * FROM (SELECT * FROM " + TEST_VIEW + ") v2");
- execBatch(USER1_1, sqls);
- }
-
- /**
- * Create a view with union two tables
- * Grant and verify select privilege
- * @throws Exception
- * SENTRY-747: Create a view by union tables, grant select
- * then select from view encounter errors
- * Once backport HIVE-10875 to Sentry repo, will enable this test.
- */
- @Ignore ("After SENTRY-747 is fixed, turn on this test")
- @Test
- public void TestDbViewWithUnion() throws Exception {
- List<String> sqls = new ArrayList<String>();
- String testTable = "test_user_info";
- sqls.add("USE " + TEST_VIEW_DB);
- sqls.add("DROP TABLE IF EXISTS " + testTable);
- sqls.add("CREATE TABLE " + testTable + " (userid VARCHAR(64), name STRING, address STRING, tel STRING) ");
- sqls.add("INSERT INTO TABLE " + testTable + " VALUES "
- + "('tlee', " + "'Tod Lee', '1234 23nd Ave SFO, CA', '123-456-7890')");
- sqls.add("SELECT * FROM " + testTable);
- sqls.add(String.format("CREATE VIEW " + TEST_VIEW + " AS "
- + "SELECT u.userid, u.name, u.address, res.uid "
- + "FROM ("
- + "SELECT t1.userid AS uid "
- + "FROM %s t1 "
- + "UNION ALL "
- + "SELECT t2.userid AS uid "
- + "FROM %s t2 "
- + ") res JOIN %s u ON (u.userid = res.uid)",
- TEST_VIEW_TB, TEST_VIEW_TB2, testTable));
- execBatch(ADMIN1, sqls);
- grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java
deleted file mode 100644
index 867b84c..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java
+++ /dev/null
@@ -1,150 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import static org.junit.Assert.*;
-
-import java.sql.Connection;
-import java.sql.Statement;
-
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class TestDbConnections extends AbstractTestWithStaticConfiguration {
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- PolicyFile.setAdminOnServer1(ADMINGROUP);
- }
-
- /**
- * Currently the hive binding opens a new server connection for each
- * statement. This test verifies that the client connection is closed properly
- * at the end. Test Queries, DDLs, Auth DDLs and metadata filtering (eg show
- * tables/databases)
- * @throws Exception
- */
- @Test
- public void testClientConnections() throws Exception {
- String roleName = "connectionTest";
- long preConnectionClientId;
- // Connect through user admin1.
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
-
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.execute("DROP DATABASE IF EXISTS DB_1 CASCADE");
- statement.execute("CREATE DATABASE DB_1");
- statement.execute("USE DB_1");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client connection is closed after DDLs.
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.execute("CREATE TABLE t1 (c1 string)");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client connection is closed after queries.
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.execute("SELECT * FROM t1");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify client invocation via metastore filter.
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.executeQuery("show tables");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client connection is closed after drop table.
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.execute("DROP TABLE t1");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client connection is closed after auth DDL.
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.execute("CREATE ROLE " + roleName);
- assertEquals(0, getSentrySrv().getNumActiveClients());
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
-
- context.assertSentryException(statement, "CREATE ROLE " + roleName,
- SentryAlreadyExistsException.class.getSimpleName());
- assertEquals(0, getSentrySrv().getNumActiveClients());
- statement.execute("DROP ROLE " + roleName);
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify client invocation via metastore filter
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.executeQuery("show tables");
- // There are no tables, so auth check does not happen
- // sentry will create connection to get privileges for cache
- assertTrue(preConnectionClientId <= getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- statement.close();
- connection.close();
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Connect through user user1_1.
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client connection is closed after statement auth error.
- preConnectionClientId = getSentrySrv().getTotalClients();
- context.assertAuthzException(statement, "USE DB_1");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client connection is closed after auth DDL error.
- preConnectionClientId = getSentrySrv().getTotalClients();
- context.assertSentryException(statement, "CREATE ROLE " + roleName,
- SentryAccessDeniedException.class.getSimpleName());
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- // Verify that client invocation via metastore filter.
- preConnectionClientId = getSentrySrv().getTotalClients();
- statement.executeQuery("show databases");
- assertTrue(preConnectionClientId < getSentrySrv().getTotalClients());
- assertEquals(0, getSentrySrv().getNumActiveClients());
-
- statement.close();
- connection.close();
- assertEquals(0, getSentrySrv().getNumActiveClients());
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
deleted file mode 100644
index 0aa166c..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestCrossDbOps;
-import org.junit.Before;
-import org.junit.BeforeClass;
-
-/* Tests privileges at table scope with cross database access */
-
-public class TestDbCrossDbOps extends TestCrossDbOps {
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception{
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java
deleted file mode 100644
index ffc37c4..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java
+++ /dev/null
@@ -1,293 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import static org.hamcrest.core.Is.is;
-import static org.junit.Assert.assertThat;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.sql.Connection;
-import java.sql.Statement;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.log4j.Level;
-import org.apache.log4j.Logger;
-import org.apache.sentry.provider.db.log.appender.AuditLoggerTestAppender;
-import org.apache.sentry.provider.db.log.util.CommandUtil;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.codehaus.jettison.json.JSONObject;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Test;
-
-public class TestDbDDLAuditLog extends AbstractTestWithStaticConfiguration {
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- Logger logger = Logger.getLogger("sentry.hive.authorization.ddl.logger");
- AuditLoggerTestAppender testAppender = new AuditLoggerTestAppender();
- logger.addAppender(testAppender);
- logger.setLevel(Level.INFO);
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- }
-
- @Test
- @Ignore
- public void testBasic() throws Exception {
- String roleName = "testRole";
- String groupName = "testGroup";
- String dbName = "dbTest";
- String tableName = "tableTest";
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- Map<String, String> fieldValueMap = new HashMap<String, String>();
-
- // for success audit log
- statement.execute("CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- statement.execute("GRANT ROLE " + roleName + " TO GROUP " + groupName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE " + roleName + " TO GROUP "
- + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- statement.execute("create database " + dbName);
- statement.execute("use " + dbName);
- statement.execute("CREATE TABLE " + tableName + " (c1 string)");
- statement.execute("GRANT ALL ON DATABASE " + dbName + " TO ROLE " + roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ALL ON DATABASE " + dbName
- + " TO ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_DATABASE_NAME, dbName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- statement.execute("GRANT SELECT ON TABLE " + tableName + " TO ROLE " + roleName
- + " WITH GRANT OPTION");
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON TABLE " + tableName
- + " TO ROLE " + roleName + " WITH GRANT OPTION");
- fieldValueMap.put(Constants.LOG_FIELD_TABLE_NAME, tableName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // for error audit log
- try {
- statement.execute("CREATE ROLE " + roleName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- statement.execute("GRANT ROLE errorROLE TO GROUP " + groupName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE errorROLE TO GROUP "
- + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- statement.execute("GRANT ALL ON DATABASE " + dbName + " TO ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ALL ON DATABASE " + dbName
- + " TO ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- statement.execute("GRANT INSERT ON DATABASE " + dbName + " TO ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT INSERT ON DATABASE " + dbName
- + " TO ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- statement.execute("GRANT SELECT ON DATABASE " + dbName + " TO ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON DATABASE " + dbName
- + " TO ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- statement.execute("GRANT SELECT ON TABLE " + tableName + " TO ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON TABLE " + tableName
- + " TO ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- statement.execute("REVOKE SELECT ON TABLE " + tableName + " FROM ROLE " + roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE SELECT ON TABLE " + tableName
- + " FROM ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_TABLE_NAME, tableName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- statement.execute("REVOKE ALL ON DATABASE " + dbName + " FROM ROLE " + roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ALL ON DATABASE " + dbName
- + " FROM ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_DATABASE_NAME, dbName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- statement.execute("REVOKE ROLE " + roleName + " FROM GROUP " + groupName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE " + roleName
- + " FROM GROUP " + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- statement.execute("DROP ROLE " + roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // for error audit log
- try {
- statement.execute("REVOKE SELECT ON TABLE " + tableName + " FROM ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE SELECT ON TABLE " + tableName
- + " FROM ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- try {
- statement.execute("REVOKE ALL ON DATABASE " + dbName + " FROM ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ALL ON DATABASE " + dbName
- + " FROM ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- try {
- statement.execute("REVOKE ROLE errorRole FROM GROUP " + groupName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE errorRole FROM GROUP "
- + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- try {
- statement.execute("DROP ROLE errorRole");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE errorRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- statement.close();
- connection.close();
- }
-
- private void assertAuditLog(Map<String, String> fieldValueMap) throws Exception {
- assertThat(AuditLoggerTestAppender.getLastLogLevel(), is(Level.INFO));
- JSONObject jsonObject = new JSONObject(AuditLoggerTestAppender.getLastLogEvent());
- if (fieldValueMap != null) {
- for (Map.Entry<String, String> entry : fieldValueMap.entrySet()) {
- String entryKey = entry.getKey();
- if (Constants.LOG_FIELD_IP_ADDRESS.equals(entryKey)) {
- assertTrue(CommandUtil.assertIPInAuditLog(jsonObject.get(entryKey).toString()));
- } else {
- assertTrue(entry.getValue().equalsIgnoreCase(jsonObject.get(entryKey).toString()));
- }
- }
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java
deleted file mode 100644
index a0450af..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.sql.Connection;
-import java.sql.ResultSet;
-import java.sql.Statement;
-
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.io.Resources;
-
-public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration {
- private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
- private File dataFile;
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception{
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
- FileOutputStream to = new FileOutputStream(dataFile);
- Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
- to.close();
- PolicyFile.setAdminOnServer1(ADMINGROUP);
- }
-
- @Test
- public void testBasic() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("DROP TABLE IF EXISTS t1");
- statement.execute("CREATE TABLE t1 (c1 string)");
- statement.execute("CREATE ROLE user_role");
- statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role");
- statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1);
- statement.close();
- connection.close();
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- context.assertSentryException(statement, "CREATE ROLE r2",
- SentryAccessDeniedException.class.getSimpleName());
- // test default of ALL
- statement.execute("SELECT * FROM t1");
- // test a specific role
- statement.execute("SET ROLE user_role");
- statement.execute("SELECT * FROM t1");
-
- /** Dissabling test : see https://issues.apache.org/jira/browse/HIVE-6629
- // test NONE
- statement.execute("SET ROLE NONE");
- context.assertAuthzException(statement, "SELECT * FROM t1");
- */
-
- // test ALL
- statement.execute("SET ROLE ALL");
- statement.execute("SELECT * FROM t1");
- statement.close();
- connection.close();
- }
-
- @Test
- public void testNonDefault() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
- statement.execute("CREATE database " + DB1);
- statement.execute("USE " + DB1);
- statement.execute("CREATE TABLE t1 (c1 string)");
- statement.execute("CREATE ROLE user_role");
- statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role");
- statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1);
- statement.close();
- connection.close();
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
-
- statement.execute("SELECT * FROM " + DB1 + ".t1");
- statement.close();
- connection.close();
- }
-
- @Test
- public void testUPrivileges() throws Exception {
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- statement.execute("DROP TABLE IF EXISTS t1");
- statement.execute("CREATE TABLE t1 (c1 string)");
- statement.execute("CREATE ROLE user_role");
- statement.execute("CREATE ROLE uri_role");
- statement.execute("GRANT SELECT ON URI 'file://" + dataDir.getPath()
- + "' TO ROLE uri_role");
- statement.execute("GRANT INSERT ON TABLE t1 TO ROLE user_role");
-
- statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1);
- statement.execute("GRANT ROLE uri_role TO GROUP " + USERGROUP1);
-
- ResultSet resultSet = statement.executeQuery("SHOW GRANT ROLE uri_role");
- assertTrue(resultSet.next());
- assertEquals("file://" + dataDir.getPath(), resultSet.getString(1));
- resultSet.close();
-
- resultSet = statement.executeQuery("SHOW GRANT ROLE user_role");
- assertTrue(resultSet.next());
- assertEquals("default", resultSet.getString(1));
- assertEquals("t1", resultSet.getString(2));
- resultSet.close();
-
- statement.close();
- connection.close();
-
- }
-
-
-
-/**
- * Steps:
- * 1. admin create a new experimental database
- * 2. admin create a new production database, create table, load data
- * 3. admin grant privilege all@'experimental database' to usergroup1
- * 4. user create table, load data in experimental DB
- * 5. user create view based on table in experimental DB
- * 6. admin create table (same name) in production DB
- * 7. admin grant read@DB2.table to group
- * admin grant select@DB2.table to group
- * 8. user load data from experimental table to production table
- */
- @Test
- public void testEndToEnd1() throws Exception {
-
- String tableName1 = "tb_1";
- String tableName2 = "tb_2";
- String viewName1 = "view_1";
- Connection connection = context.createConnection(ADMIN1);
- Statement statement = context.createStatement(connection);
- // 1
- statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE");
- statement.execute("CREATE DATABASE " + DB1);
- // 2
- statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE");
- statement.execute("CREATE DATABASE " + DB2);
- statement.execute("USE " + DB2);
- statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName1);
- statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName2);
- statement.execute("create table " + DB2 + "." + tableName1
- + " (under_col int comment 'the under column', value string)");
- statement.execute("create table " + DB2 + "." + tableName2
- + " (under_col int comment 'the under column', value string)");
- statement.execute("load data local inpath '" + dataFile.getPath()
- + "' into table " + tableName2);
-
- // 3
- statement.execute("CREATE ROLE all_db1");
- statement.execute("GRANT ALL ON DATABASE " + DB1 + " TO ROLE all_db1");
-
- statement.execute("CREATE ROLE select_tb1");
- statement.execute("CREATE ROLE insert_tb1");
- statement.execute("CREATE ROLE insert_tb2");
- statement.execute("CREATE ROLE data_uri");
-
- statement.execute("USE " + DB2);
- statement.execute("GRANT INSERT ON TABLE " + tableName1
- + " TO ROLE insert_tb1");
- statement.execute("GRANT INSERT ON TABLE " + tableName2
- + " TO ROLE insert_tb2");
- statement.execute("GRANT ALL ON URI 'file://" + dataDir.getPath()
- + "' TO ROLE data_uri");
-
- statement.execute("USE " + DB1);
- statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1);
- statement.execute("create table " + DB1 + "." + tableName1
- + " (under_col int comment 'the under column', value string)");
- statement.execute("GRANT SELECT ON TABLE " + tableName1
- + " TO ROLE select_tb1");
-
- statement
- .execute("GRANT ROLE all_db1, select_tb1, insert_tb1, insert_tb2, data_uri TO GROUP "
- + USERGROUP1);
-
- statement.close();
- connection.close();
-
- // 4
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- statement.execute("USE " + DB1);
- statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1);
- statement.execute("create table " + DB1 + "." + tableName1
- + " (under_col int comment 'the under column', value string)");
- statement.execute("load data local inpath '" + dataFile.getPath()
- + "' into table " + tableName1);
-
- // 5
- statement.execute("CREATE VIEW " + viewName1 + " (value) AS SELECT value from " + tableName1 + " LIMIT 10");
- statement.close();
- connection.close();
-
- // 7
- connection = context.createConnection(ADMIN1);
- statement = context.createStatement(connection);
- statement.execute("USE " + DB1);
- statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1);
- statement.execute("create table " + DB1 + "." + tableName1
- + " (under_col int comment 'the under column', value string)");
- statement.close();
- connection.close();
-
- // 8
- connection = context.createConnection(USER1_1);
- statement = context.createStatement(connection);
- statement.execute("USE " + DB2);
-
- statement.execute("INSERT OVERWRITE TABLE " +
- DB2 + "." + tableName2 + " SELECT * FROM " + DB1
- + "." + tableName1);
- statement.close();
- connection.close();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
deleted file mode 100644
index 43064ee..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestExportImportPrivileges;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class TestDbExportImportPrivileges extends TestExportImportPrivileges {
- private static final Logger LOGGER = LoggerFactory.
- getLogger(TestDbExportImportPrivileges.class);
- @Override
- @Before
- public void setup() throws Exception {
- LOGGER.info("TestDbExportImportPrivileges setup");
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- LOGGER.info("TestDbExportImportPrivileges setupTestStaticConfiguration");
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
deleted file mode 100644
index a26e90a..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestJDBCInterface;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class TestDbJDBCInterface extends TestJDBCInterface {
- private static final Logger LOGGER = LoggerFactory.
- getLogger(TestDbJDBCInterface.class);
- @Override
- @Before
- public void setup() throws Exception {
- LOGGER.info("TestDbJDBCInterface setup");
- super.setupAdmin();
- super.setup();
- }
-
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- LOGGER.info("TestDbJDBCInterface setupTestStaticConfiguration");
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
deleted file mode 100644
index ec99b30..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestMetadataObjectRetrieval;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class TestDbMetadataObjectRetrieval extends TestMetadataObjectRetrieval {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(TestDbMetadataObjectRetrieval.class);
- @Override
- @Before
- public void setup() throws Exception {
- LOGGER.info("TestDbMetadataObjectRetrieval setup");
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- LOGGER.info("TestDbMetadataObjectRetrieval setupTestStaticConfiguration");
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java
deleted file mode 100644
index 97b0e06..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestMetadataPermissions;
-import org.junit.Before;
-import org.junit.BeforeClass;
-
-public class TestDbMetadataPermissions extends TestMetadataPermissions {
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
-
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java
deleted file mode 100644
index cd27a4f..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestMovingToProduction;
-import org.junit.Before;
-import org.junit.BeforeClass;
-
-public class TestDbMovingToProduction extends TestMovingToProduction {
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java
deleted file mode 100644
index 3fab344..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestOperations;
-import org.junit.Before;
-import org.junit.BeforeClass;
-
-public class TestDbOperations extends TestOperations{
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
-
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java
deleted file mode 100644
index 1bb82ed..0000000
--- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.tests.e2e.dbprovider;
-
-import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration;
-import org.apache.sentry.tests.e2e.hive.TestPrivilegeAtTransform;
-import org.junit.Before;
-import org.junit.BeforeClass;
-
-public class TestDbPrivilegeAtTransform extends TestPrivilegeAtTransform {
- @Override
- @Before
- public void setup() throws Exception {
- super.setupAdmin();
- super.setup();
- }
- @BeforeClass
- public static void setupTestStaticConfiguration() throws Exception {
- useSentryService = true;
- AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
-
- }
-}