You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by an...@apache.org on 2020/05/28 03:28:41 UTC
[hive] branch master updated: HIVE-23519: Read Ranger Configs from
Classpath (Aasha Medhi, reviewed by Pravin Kumar Sinha)
This is an automated email from the ASF dual-hosted git repository.
anishek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push:
new 9ec54d5 HIVE-23519: Read Ranger Configs from Classpath (Aasha Medhi, reviewed by Pravin Kumar Sinha)
9ec54d5 is described below
commit 9ec54d5f45843e675b3b5db4c73c4ac51467ccb1
Author: Anishek Agarwal <an...@gmail.com>
AuthorDate: Thu May 28 08:58:28 2020 +0530
HIVE-23519: Read Ranger Configs from Classpath (Aasha Medhi, reviewed by Pravin Kumar Sinha)
---
.../java/org/apache/hadoop/hive/conf/HiveConf.java | 7 -----
.../TestReplicationScenariosAcrossInstances.java | 25 +----------------
.../src/test/resources/ranger-hive-security.xml | 31 ++++++++++++++++++++++
.../hadoop/hive/ql/exec/repl/RangerDumpTask.java | 18 ++++++++-----
.../hadoop/hive/ql/exec/repl/RangerDumpWork.java | 6 +++++
.../hadoop/hive/ql/exec/repl/RangerLoadTask.java | 21 +++++++++------
.../hadoop/hive/ql/exec/repl/RangerLoadWork.java | 6 +++++
.../hadoop/hive/ql/exec/repl/util/ReplUtils.java | 6 +++++
.../hive/ql/exec/repl/TestRangerDumpTask.java | 28 ++++++++++++-------
.../hive/ql/exec/repl/TestRangerLoadTask.java | 29 ++++++++++++--------
10 files changed, 111 insertions(+), 66 deletions(-)
diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
index 8094d28..281c4e2 100644
--- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
+++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
@@ -535,13 +535,6 @@ public class HiveConf extends Configuration {
+ "with the hive data and metadata replication. Set the configuration "
+ "hive.repl.include.authorization.metadata to false to disable "
+ "security policies being replicated "),
- REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT("hive.repl.authorization.provider.service.endpoint",
- "",
- "This configuration will define the authorization service endpoint"),
- REPL_RANGER_SERVICE_NAME("hive.repl.ranger.service.name",
- "hive",
- "This configuration will define the service name for which the ranger authorization"
- + " policies needs to be replicated"),
REPL_RANGER_ADD_DENY_POLICY_TARGET("hive.repl.ranger.target.deny.policy",
true,
"This configuration will add a deny policy on the target database for all users except hive"
diff --git a/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java b/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java
index eeb81da..65f7303 100644
--- a/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java
+++ b/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java
@@ -1501,8 +1501,7 @@ public class TestReplicationScenariosAcrossInstances extends BaseReplicationAcro
@Test
public void testRangerReplication() throws Throwable {
List<String> clause = Arrays.asList("'hive.repl.include.authorization.metadata'='true'",
- "'hive.in.test'='true'",
- "'hive.repl.authorization.provider.service.endpoint'='http://localhost:6080/ranger'");
+ "'hive.in.test'='true'");
primary.run("use " + primaryDbName)
.run("create table acid_table (key int, value int) partitioned by (load_date date) " +
"clustered by(key) into 2 buckets stored as orc tblproperties ('transactional'='true')")
@@ -1522,28 +1521,6 @@ public class TestReplicationScenariosAcrossInstances extends BaseReplicationAcro
/*
Can't test complete replication as mini ranger is not supported
Testing just the configs and no impact on existing replication
- */
- @Test
- public void testFailureRangerReplication() throws Throwable {
- List<String> clause = Arrays.asList("'hive.repl.include.authorization.metadata'='true'",
- "'hive.in.test'='true'");
- primary.run("use " + primaryDbName)
- .run("create table acid_table (key int, value int) partitioned by (load_date date) " +
- "clustered by(key) into 2 buckets stored as orc tblproperties ('transactional'='true')")
- .run("create table table1 (i String)")
- .run("insert into table1 values (1)")
- .run("insert into table1 values (2)");
- try {
- primary.dump(primaryDbName, clause);
- } catch (Exception e) {
- assertEquals("Ranger endpoint is not valid. Please pass a valid config "
- + "hive.repl.authorization.provider.service.endpoint", e.getMessage());
- }
- }
-
- /*
- Can't test complete replication as mini ranger is not supported
- Testing just the configs and no impact on existing replication
*/
@Test
public void testFailureUnsupportedAuthorizerReplication() throws Throwable {
diff --git a/itests/hive-unit/src/test/resources/ranger-hive-security.xml b/itests/hive-unit/src/test/resources/ranger-hive-security.xml
new file mode 100644
index 0000000..0e6db83
--- /dev/null
+++ b/itests/hive-unit/src/test/resources/ranger-hive-security.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!-- Test file for TestHiveConf -->
+
+<configuration>
+ <property>
+ <name>ranger.plugin.hive.service.name</name>
+ <value>hive</value>
+ </property>
+ <property>
+ <name>ranger.plugin.hive.policy.rest.url</name>
+ <value>https://ranger.apache.org:5088</value>
+ </property>
+</configuration>
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java
index e078371..5a56a6b 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java
@@ -30,6 +30,7 @@ import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerPolicy;
import org.apache.hadoop.hive.ql.exec.repl.ranger.NoOpRangerRestClient;
import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerRestClientImpl;
import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
import org.apache.hadoop.hive.ql.parse.repl.ReplLogger;
import org.apache.hadoop.hive.ql.parse.repl.dump.log.RangerDumpLogger;
import org.apache.hadoop.hive.ql.plan.api.StageType;
@@ -37,11 +38,9 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.Serializable;
+import java.net.URL;
import java.util.List;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME;
-
/**
* RangerDumpTask.
*
@@ -81,12 +80,17 @@ public class RangerDumpTask extends Task<RangerDumpWork> implements Serializable
if (rangerRestClient == null) {
rangerRestClient = getRangerRestClient();
}
- String rangerEndpoint = conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT);
+ URL url = work.getRangerConfigResource();
+ if (url == null) {
+ throw new SemanticException("Ranger configuration is not valid "
+ + ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME);
+ }
+ conf.addResource(url);
+ String rangerHiveServiceName = conf.get(ReplUtils.RANGER_HIVE_SERVICE_NAME);
+ String rangerEndpoint = conf.get(ReplUtils.RANGER_REST_URL);
if (StringUtils.isEmpty(rangerEndpoint) || !rangerRestClient.checkConnection(rangerEndpoint)) {
- throw new Exception("Ranger endpoint is not valid. "
- + "Please pass a valid config hive.repl.authorization.provider.service.endpoint");
+ throw new SemanticException("Ranger endpoint is not valid " + rangerEndpoint);
}
- String rangerHiveServiceName = conf.getVar(REPL_RANGER_SERVICE_NAME);
replLogger = new RangerDumpLogger(work.getDbName(), work.getCurrentDumpPath().toString());
replLogger.startLog();
RangerExportPolicyList rangerExportPolicyList = rangerRestClient.exportRangerPolicies(rangerEndpoint,
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java
index 873a2ec..026402b 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java
@@ -18,9 +18,11 @@
package org.apache.hadoop.hive.ql.exec.repl;
import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils;
import org.apache.hadoop.hive.ql.plan.Explain;
import java.io.Serializable;
+import java.net.URL;
/**
* RangerDumpWork.
@@ -47,4 +49,8 @@ public class RangerDumpWork implements Serializable {
public String getDbName() {
return dbName;
}
+
+ URL getRangerConfigResource() {
+ return getClass().getClassLoader().getResource(ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME);
+ }
}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java
index 2c216ff..4e8a44f 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java
@@ -30,6 +30,7 @@ import org.apache.hadoop.hive.ql.exec.repl.ranger.NoOpRangerRestClient;
import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerPolicy;
import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerExportPolicyList;
import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils;
+import org.apache.hadoop.hive.ql.parse.SemanticException;
import org.apache.hadoop.hive.ql.parse.repl.ReplLogger;
import org.apache.hadoop.hive.ql.parse.repl.load.log.RangerLoadLogger;
import org.apache.hadoop.hive.ql.plan.api.StageType;
@@ -37,13 +38,11 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.Serializable;
+import java.net.URL;
import java.util.ArrayList;
import java.util.List;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT;
import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_ADD_DENY_POLICY_TARGET;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME;
-
/**
* RangerLoadTask.
*
@@ -83,10 +82,16 @@ public class RangerLoadTask extends Task<RangerLoadWork> implements Serializable
if (rangerRestClient == null) {
rangerRestClient = getRangerRestClient();
}
- String rangerEndpoint = conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT);
+ URL url = work.getRangerConfigResource();
+ if (url == null) {
+ throw new SemanticException("Ranger configuration is not valid "
+ + ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME);
+ }
+ conf.addResource(url);
+ String rangerHiveServiceName = conf.get(ReplUtils.RANGER_HIVE_SERVICE_NAME);
+ String rangerEndpoint = conf.get(ReplUtils.RANGER_REST_URL);
if (StringUtils.isEmpty(rangerEndpoint) || !rangerRestClient.checkConnection(rangerEndpoint)) {
- throw new Exception("Ranger endpoint is not valid. "
- + "Please pass a valid config hive.repl.authorization.provider.service.endpoint");
+ throw new SemanticException("Ranger endpoint is not valid " + rangerEndpoint);
}
if (work.getCurrentDumpPath() != null) {
LOG.info("Importing Ranger Metadata from {} ", work.getCurrentDumpPath());
@@ -108,7 +113,7 @@ public class RangerLoadTask extends Task<RangerLoadWork> implements Serializable
List<RangerPolicy> rangerPoliciesWithDenyPolicy = rangerPolicies;
if (conf.getBoolVar(REPL_RANGER_ADD_DENY_POLICY_TARGET)) {
rangerPoliciesWithDenyPolicy = rangerRestClient.addDenyPolicies(rangerPolicies,
- conf.getVar(REPL_RANGER_SERVICE_NAME), work.getSourceDbName(), work.getTargetDbName());
+ rangerHiveServiceName, work.getSourceDbName(), work.getTargetDbName());
}
List<RangerPolicy> updatedRangerPolicies = rangerRestClient.changeDataSet(rangerPoliciesWithDenyPolicy,
@@ -121,7 +126,7 @@ public class RangerLoadTask extends Task<RangerLoadWork> implements Serializable
}
rangerExportPolicyList.setPolicies(updatedRangerPolicies);
rangerRestClient.importRangerPolicies(rangerExportPolicyList, work.getTargetDbName(), rangerEndpoint,
- conf.getVar(REPL_RANGER_SERVICE_NAME));
+ rangerHiveServiceName);
LOG.info("Number of ranger policies imported {}", rangerExportPolicyList.getListSize());
importCount = rangerExportPolicyList.getListSize();
replLogger.endLog(importCount);
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java
index 64f5df0..cddca60 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java
@@ -18,11 +18,13 @@
package org.apache.hadoop.hive.ql.exec.repl;
import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils;
import org.apache.hadoop.hive.ql.plan.Explain;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.Serializable;
+import java.net.URL;
/**
* RangerLoadWork.
@@ -56,4 +58,8 @@ public class RangerLoadWork implements Serializable {
public String getSourceDbName() {
return sourceDbName;
}
+
+ URL getRangerConfigResource() {
+ return getClass().getClassLoader().getResource(ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME);
+ }
}
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java
index 377f742..543ceca 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java
@@ -107,6 +107,12 @@ public class ReplUtils {
public static final String RANGER_AUTHORIZER = "ranger";
public static final String HIVE_RANGER_POLICIES_FILE_NAME = "ranger_policies.json";
+
+ public static final String RANGER_REST_URL = "ranger.plugin.hive.policy.rest.url";
+
+ public static final String RANGER_HIVE_SERVICE_NAME = "ranger.plugin.hive.service.name";
+
+ public static final String RANGER_CONFIGURATION_RESOURCE_NAME = "ranger-hive-security.xml";
/**
* Bootstrap REPL LOAD operation type on the examined object based on ckpt state.
*/
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java
index 8ef0987..9a20564 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java
@@ -39,10 +39,11 @@ import org.powermock.reflect.Whitebox;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.net.URL;
import java.util.ArrayList;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME;
+import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_REST_URL;
+import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_HIVE_SERVICE_NAME;
/**
* Unit test class for testing Ranger Dump.
@@ -71,7 +72,13 @@ public class TestRangerDumpTask {
@Test
public void testFailureInvalidAuthProviderEndpoint() throws Exception {
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn(null);
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn(null);
+ int status = task.execute();
+ Assert.assertEquals(40000, status);
+ }
+
+ @Test
+ public void testFailureInvalidRangerConfig() throws Exception {
int status = task.execute();
Assert.assertEquals(40000, status);
}
@@ -82,10 +89,11 @@ public class TestRangerDumpTask {
rangerPolicyList.setPolicies(new ArrayList<RangerPolicy>());
Mockito.when(mockClient.exportRangerPolicies(Mockito.anyString(), Mockito.anyString(), Mockito.anyString()))
.thenReturn(rangerPolicyList);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
- Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive");
Mockito.when(work.getDbName()).thenReturn("testdb");
Mockito.when(work.getCurrentDumpPath()).thenReturn(new Path("/tmp"));
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
}
@@ -106,14 +114,15 @@ public class TestRangerDumpTask {
RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class);
Mockito.when(mockClient.exportRangerPolicies(Mockito.anyString(), Mockito.anyString(), Mockito.anyString()))
.thenReturn(rangerPolicyList);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
- Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive");
Mockito.when(work.getDbName()).thenReturn("testdb");
Path rangerDumpPath = new Path("/tmp");
Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath);
Path policyFile = new Path(rangerDumpPath, ReplUtils.HIVE_RANGER_POLICIES_FILE_NAME);
Mockito.when(mockClient.saveRangerPoliciesToFile(rangerPolicyList, rangerDumpPath,
ReplUtils.HIVE_RANGER_POLICIES_FILE_NAME, conf)).thenReturn(policyFile);
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
}
@@ -126,10 +135,11 @@ public class TestRangerDumpTask {
rangerPolicyList.setPolicies(new ArrayList<RangerPolicy>());
Mockito.when(mockClient.exportRangerPolicies(Mockito.anyString(), Mockito.anyString(), Mockito.anyString()))
.thenReturn(rangerPolicyList);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
- Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive");
Mockito.when(work.getDbName()).thenReturn("testdb");
Mockito.when(work.getCurrentDumpPath()).thenReturn(new Path("/tmp"));
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
ArgumentCaptor<String> replStateCaptor = ArgumentCaptor.forClass(String.class);
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java
index 8ff2961..0559d1b 100644
--- a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java
+++ b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java
@@ -36,9 +36,12 @@ import org.powermock.reflect.Whitebox;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT;
-import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME;
+import java.net.MalformedURLException;
+import java.net.URL;
+
import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_ADD_DENY_POLICY_TARGET;
+import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_HIVE_SERVICE_NAME;
+import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_REST_URL;
/**
* Unit test class for testing Ranger Dump.
@@ -70,16 +73,16 @@ public class TestRangerLoadTask {
@Test
public void testFailureInvalidAuthProviderEndpoint() {
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn(null);
int status = task.execute();
Assert.assertEquals(40000, status);
}
@Test
- public void testSuccessValidAuthProviderEndpoint() {
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
+ public void testSuccessValidAuthProviderEndpoint() throws MalformedURLException {
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
Mockito.when(work.getSourceDbName()).thenReturn("srcdb");
Mockito.when(work.getTargetDbName()).thenReturn("tgtdb");
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
}
@@ -98,12 +101,13 @@ public class TestRangerLoadTask {
+ "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":"
+ "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}";
RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
Mockito.when(work.getSourceDbName()).thenReturn("srcdb");
Mockito.when(work.getTargetDbName()).thenReturn("tgtdb");
Path rangerDumpPath = new Path("/tmp");
Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath);
Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList);
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
}
@@ -124,12 +128,13 @@ public class TestRangerLoadTask {
+ "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":"
+ "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}";
RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
Mockito.when(work.getSourceDbName()).thenReturn("srcdb");
Mockito.when(work.getTargetDbName()).thenReturn("tgtdb");
Path rangerDumpPath = new Path("/tmp");
Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath);
Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList);
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
ArgumentCaptor<String> replStateCaptor = ArgumentCaptor.forClass(String.class);
@@ -163,14 +168,15 @@ public class TestRangerLoadTask {
+ "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":"
+ "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}";
RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
Mockito.when(work.getSourceDbName()).thenReturn("srcdb");
Mockito.when(work.getTargetDbName()).thenReturn("tgtdb");
- Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive");
+ Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive");
Mockito.when(conf.getBoolVar(REPL_RANGER_ADD_DENY_POLICY_TARGET)).thenReturn(true);
Path rangerDumpPath = new Path("/tmp");
Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath);
Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList);
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
ArgumentCaptor<RangerExportPolicyList> rangerPolicyCapture = ArgumentCaptor.forClass(RangerExportPolicyList.class);
@@ -226,14 +232,15 @@ public class TestRangerLoadTask {
+ "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":"
+ "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}";
RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class);
- Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint");
+ Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint");
Mockito.when(work.getSourceDbName()).thenReturn("srcdb");
Mockito.when(work.getTargetDbName()).thenReturn("tgtdb");
- Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive");
+ Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive");
Mockito.when(conf.getBoolVar(REPL_RANGER_ADD_DENY_POLICY_TARGET)).thenReturn(false);
Path rangerDumpPath = new Path("/tmp");
Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath);
Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList);
+ Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml"));
int status = task.execute();
Assert.assertEquals(0, status);
ArgumentCaptor<RangerExportPolicyList> rangerPolicyCapture = ArgumentCaptor.forClass(RangerExportPolicyList.class);