You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sd...@apache.org on 2015/08/14 09:28:39 UTC
[05/50] [abbrv] incubator-sentry git commit: SENTRY-777:
SentryServiceIntegrationBase#after() should be run under client subject
(Dapeng Sun, reviewed by Guoquan Shen)
SENTRY-777: SentryServiceIntegrationBase#after() should be run under client subject (Dapeng Sun, reviewed by Guoquan Shen)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/1556781c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/1556781c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/1556781c
Branch: refs/heads/hive_plugin_v2
Commit: 1556781c49361b821b8db55b28d9e5de5394565e
Parents: 9943a33
Author: Sun Dapeng <sd...@apache.org>
Authored: Mon Jun 29 15:52:00 2015 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Tue Jun 30 09:55:22 2015 +0800
----------------------------------------------------------------------
.../hdfs/SentryHdfsServiceIntegrationBase.java | 3 +-
.../TestSentryGenericServiceIntegration.java | 30 ++++++++++----
.../thrift/TestSentryServiceFailureCase.java | 3 +-
.../TestSentryServiceForHAWithKerberos.java | 41 +++++++++++++-------
.../thrift/TestSentryServiceWithKerberos.java | 3 +-
.../thrift/TestSentryWebServerWithKerberos.java | 3 +-
.../TestSentryWebServerWithoutSecurity.java | 3 +-
.../thrift/SentryServiceIntegrationBase.java | 29 +++++++++-----
8 files changed, 72 insertions(+), 43 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/SentryHdfsServiceIntegrationBase.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/SentryHdfsServiceIntegrationBase.java b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/SentryHdfsServiceIntegrationBase.java
index 7c75be9..eccf83b 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/SentryHdfsServiceIntegrationBase.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/SentryHdfsServiceIntegrationBase.java
@@ -21,7 +21,6 @@ package org.apache.sentry.hdfs;
import java.security.PrivilegedExceptionAction;
import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.hdfs.ServiceConstants.ClientConfig;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.After;
@@ -43,7 +42,7 @@ public class SentryHdfsServiceIntegrationBase extends
}
@After
- public void after() throws SentryUserException {
+ public void after() {
if (hdfsClient != null) {
hdfsClient.close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
index ae354d9..6b86077 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
@@ -37,11 +37,15 @@ import org.apache.sentry.core.model.search.SearchConstants;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.After;
import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
public class TestSentryGenericServiceIntegration extends SentryServiceIntegrationBase {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(SentryServiceIntegrationBase.class);
private static final String SOLR = "SOLR";
private SentryGenericServiceClient client;
@@ -65,15 +69,25 @@ public class TestSentryGenericServiceIntegration extends SentryServiceIntegratio
}
@After
- public void after() throws SentryUserException {
- Set<TSentryRole> tRoles = client.listAllRoles(ADMIN_USER, SOLR);
- for (TSentryRole tRole : tRoles) {
- client.dropRole(ADMIN_USER, tRole.getRoleName(), SOLR);
- }
- if(client != null) {
- client.close();
+ public void after() {
+ try {
+ runTestAsSubject(new TestOperation(){
+ @Override
+ public void runTestAsSubject() throws Exception {
+ Set<TSentryRole> tRoles = client.listAllRoles(ADMIN_USER, SOLR);
+ for (TSentryRole tRole : tRoles) {
+ client.dropRole(ADMIN_USER, tRole.getRoleName(), SOLR);
+ }
+ if(client != null) {
+ client.close();
+ }
+ }
+ });
+ } catch (Exception e) {
+ LOGGER.error(e.getMessage(), e);
+ } finally {
+ policyFilePath.delete();
}
- policyFilePath.delete();
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
index 2fd34bd..a453ff3 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
@@ -20,7 +20,6 @@ package org.apache.sentry.provider.db.service.thrift;
import java.security.PrivilegedActionException;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import org.junit.After;
@@ -54,7 +53,7 @@ public class TestSentryServiceFailureCase extends SentryServiceIntegrationBase {
@Override
@After
- public void after() throws SentryUserException {
+ public void after() {
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
index cfe09b5..813b30b 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
@@ -18,13 +18,18 @@
package org.apache.sentry.provider.db.service.thrift;
-import org.apache.sentry.SentryUserException;
+import java.io.File;
+import java.util.Set;
+
+import org.apache.sentry.provider.file.PolicyFile;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.After;
+import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
+import com.google.common.collect.Sets;
+
/**
* Test various kerberos related stuff on the SentryService side
*/
@@ -44,21 +49,27 @@ public class TestSentryServiceForHAWithKerberos extends SentryServiceIntegration
@Override
@Before
public void before() throws Exception {
+ policyFilePath = new File(dbDir, "local_policy_file.ini");
+ conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
+ policyFilePath.getPath());
+ policyFile = new PolicyFile();
+ connectToSentryService();
}
- @Override
- @After
- public void after() throws SentryUserException {
- }
-
- /**
- * Test that we are correctly substituting "_HOST" if/when needed.
- *
- * @throws Exception
- */
@Test
- public void testHostSubstitution() throws Exception {
- // We just need to ensure that we are able to correct connect to the server
- connectToSentryService();
+ public void testCreateRole() throws Exception {
+ runTestAsSubject(new TestOperation(){
+ @Override
+ public void runTestAsSubject() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+ String roleName = "admin_r";
+ client.dropRoleIfExists(requestorUserName, roleName);
+ client.createRole(requestorUserName, roleName);
+ client.dropRole(requestorUserName, roleName);
+ }
+ });
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
index 7b1eab1..ff73382 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
@@ -17,7 +17,6 @@
*/
package org.apache.sentry.provider.db.service.thrift;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.After;
import org.junit.Before;
@@ -42,7 +41,7 @@ public class TestSentryServiceWithKerberos extends SentryServiceIntegrationBase
@Override
@After
- public void after() throws SentryUserException {
+ public void after() {
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
index ffbb585..90ce080 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
@@ -33,7 +33,6 @@ import org.apache.commons.io.IOUtils;
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.service.thrift.KerberosConfiguration;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.After;
@@ -64,7 +63,7 @@ public class TestSentryWebServerWithKerberos extends SentryServiceIntegrationBas
@Override
@After
- public void after() throws SentryUserException {
+ public void after() {
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
index 27e518b..0d82d99 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
@@ -21,7 +21,6 @@ import java.net.HttpURLConnection;
import java.net.URL;
import org.apache.commons.io.IOUtils;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.After;
import org.junit.Assert;
@@ -45,7 +44,7 @@ public class TestSentryWebServerWithoutSecurity extends SentryServiceIntegration
@Override
@After
- public void after() throws SentryUserException {
+ public void after() {
}
@Test
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1556781c/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
index c132e13..2eea07b 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
@@ -33,7 +33,6 @@ import org.apache.curator.test.TestingServer;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.net.NetUtils;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.apache.sentry.provider.db.service.thrift.SentryMiniKdcTestcase;
import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
@@ -215,17 +214,27 @@ public abstract class SentryServiceIntegrationBase extends SentryMiniKdcTestcase
}
@After
- public void after() throws SentryUserException {
- if (client != null) {
- Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER);
- if (tRoles != null) {
- for (TSentryRole tRole : tRoles) {
- client.dropRole(ADMIN_USER, tRole.getRoleName());
+ public void after() {
+ try {
+ runTestAsSubject(new TestOperation() {
+ @Override
+ public void runTestAsSubject() throws Exception {
+ if (client != null) {
+ Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER);
+ if (tRoles != null) {
+ for (TSentryRole tRole : tRoles) {
+ client.dropRole(ADMIN_USER, tRole.getRoleName());
+ }
+ }
+ client.close();
+ }
}
- }
- client.close();
+ });
+ } catch (Exception e) {
+ LOGGER.error(e.getMessage(), e);
+ } finally {
+ policyFilePath.delete();
}
- policyFilePath.delete();
}
public void connectToSentryService() throws Exception {