Repository: incubator-hawq Updated Branches: refs/heads/master 3a9978906 -> 9775424ba
HAWQ-1443. Implement Ranger lookup for HAWQ with Kerberos enabled. Signed-off-by: xiang sheng <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq/commit/9775424b Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq/tree/9775424b Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq/diff/9775424b Branch: refs/heads/master Commit: 9775424ba11546248ac90133330ed6f1cc331545 Parents: 3a99789 Author: Hubert Zhang <[email protected]> Authored: Fri May 26 20:17:53 2017 +0800 Committer: xiang sheng <[email protected]> Committed: Fri May 26 20:17:53 2017 +0800 ---------------------------------------------------------------------- .../apache/hawq/ranger/service/HawqClient.java | 152 ++++++++++++++----- .../hawq/ranger/service/HawqResourceMgr.java | 145 +++++++++++++----- .../hawq/ranger/service/RangerServiceHawq.java | 20 ++- .../hawq/ranger/service/HawqClientTest.java | 26 +--- .../ranger/service/RangerServiceHawqTest.java | 24 ++- ranger-plugin/conf/ranger-servicedef-hawq.json | 47 +++++- 6 files changed, 308 insertions(+), 106 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/9775424b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqClient.java ---------------------------------------------------------------------- diff --git a/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqClient.java b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqClient.java index d2606be..7e05a82 100644 --- a/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqClient.java +++ b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqClient.java @@ -21,7 +21,9 @@ package org.apache.hawq.ranger.service; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hawq.ranger.model.HawqProtocols; - +import org.apache.ranger.plugin.client.BaseClient; +import java.security.PrivilegedAction; +import java.security.PrivilegedExceptionAction; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; @@ -29,9 +31,9 @@ import java.sql.SQLException; import java.sql.ResultSet; import java.util.*; -import static org.apache.ranger.plugin.client.BaseClient.generateResponseDataMap; +import javax.security.auth.Subject; -public class HawqClient { +public class HawqClient extends BaseClient { private static final Log LOG = LogFactory.getLog(HawqClient.class); @@ -63,13 +65,17 @@ public class HawqClient { public static final String PRONAME = "proname"; public static final String NSPNAME = "nspname"; public static final String WILDCARD = "*"; + public static final String KERBEROS = "kerberos"; + public static final String AUTHENTICATION = "authentication"; public static final List<String> INTERNAL_PROTOCOLS = HawqProtocols.getAllProtocols(); private static final String DEFAULT_DATABASE = "postgres"; private static final String JDBC_DRIVER_CLASS = "org.postgresql.Driver"; + private boolean isKerberosAuth; + private Connection con; private Map<String, String> connectionProperties; - + // we need to load class for the Postgres Driver directly to allow it to register with DriverManager // since DriverManager's classloader will not be able to find it by itself due to plugin's special classloaders static { @@ -81,9 +87,88 @@ public class HawqClient { } } - public HawqClient(Map<String, String> connectionProperties) throws SQLException { + public HawqClient(String serviceName, Map<String, String> connectionProperties) throws Exception { + super(serviceName,connectionProperties); this.connectionProperties = connectionProperties; + initHawq(); } + + public void initHawq() throws Exception { + isKerberosAuth = connectionProperties.get(AUTHENTICATION).equals(KERBEROS); + if (isKerberosAuth) { + LOG.info("Secured Mode: JDBC Connection done with preAuthenticated Subject"); + + // do kinit in hawqclient by principal name and password + final String userName = getConfigHolder().getUserName(); + final String password = getConfigHolder().getPassword(); + + String[] kinitcmd ={ + "/bin/sh", + "-c", + "echo '"+password+"' | kinit " + userName + }; + java.lang.Runtime rt = java.lang.Runtime.getRuntime(); + if (LOG.isDebugEnabled()) { + LOG.debug("kinit command: "+"echo '"+password+"' | kinit " + userName); + } + java.lang.Process p = rt.exec(kinitcmd); + + Subject.doAs(getLoginSubject(), new PrivilegedExceptionAction<Void>(){ + public Void run() throws Exception { + final String lookupPricipalName = getConfigHolder().getUserName(); + final String serverprincipal = connectionProperties.get("principal"); + initConnectionKerberos(serverprincipal, lookupPricipalName); + return null; + }}); + } + else { + LOG.info("Trying to use UnSecure client with username and password"); + final String userName = getConfigHolder().getUserName(); + final String password = getConfigHolder().getPassword(); + initConnection(userName, password); + } + } + + private void initConnectionKerberos(String serverPricipal, String userPrincipal) throws SQLException{ + try { + String url = String.format("jdbc:postgresql://%s:%s/%s?kerberosServerName=%s&jaasApplicationName=pgjdbc&user=%s", + connectionProperties.get("hostname"), + connectionProperties.get("port"), DEFAULT_DATABASE, + serverPricipal, userPrincipal + ); + if (LOG.isDebugEnabled()) { + LOG.debug("InitConnectionKerberos "+ url); + } + con = DriverManager.getConnection(url); + } catch (SQLException e) { + e.printStackTrace(); + LOG.error("Unable to Connect to Hawq", e); + throw e; + } catch (SecurityException se) { + se.printStackTrace(); + } + } + + + private void initConnection(String userName, String password) throws SQLException { + try { + String url = String.format("jdbc:postgresql://%s:%s/%s", connectionProperties.get("hostname"), connectionProperties.get("port"), DEFAULT_DATABASE); + if (LOG.isDebugEnabled()) { + LOG.debug("InitConnectionKerberos "+ url); + } + con = DriverManager.getConnection(url, userName, password); + } catch (SQLException e) { + e.printStackTrace(); + LOG.error("Unable to Connect to Hawq", e); + throw e; + } catch (SecurityException se) { + se.printStackTrace(); + } + } + + public void setConnection(Connection conn) { + con = conn; + } /** * Uses the connectionProperties and attempts to connect to Hawq. @@ -97,7 +182,6 @@ public class HawqClient { boolean isConnected = false; HashMap<String, Object> result = new HashMap<>(); - Connection conn = null; String description = CONNECTION_FAILURE_MESSAGE; @@ -106,8 +190,7 @@ public class HawqClient { } try { - conn = getConnection(connectionProperties); - if(conn.getCatalog() != null) { + if(con.getCatalog() != null) { isConnected = true; description = CONNECTION_SUCCESSFUL_MESSAGE; } @@ -115,7 +198,6 @@ public class HawqClient { LOG.error("<== HawqClient.checkConnection Error: Failed to connect" + e); description = e.getMessage(); } finally { - closeConnection(conn); } String message = isConnected ? CONNECTION_SUCCESSFUL_MESSAGE : CONNECTION_FAILURE_MESSAGE; @@ -183,7 +265,6 @@ public class HawqClient { List<String> databases = resources.get("database"); List<String> schemas = resources.get("schema"); - Connection conn = null; PreparedStatement preparedStatement = null; ResultSet resultSet = null; @@ -191,14 +272,16 @@ public class HawqClient { databases = getDatabaseList(WILDCARD); } + if(con == null) { + return new ArrayList<>(uniqueResults); + } for (String db: databases) { if (LOG.isDebugEnabled()) { LOG.debug("<== HawqClient.queryHawqPerDbAndSchema: Connecting to db: " + db); } try { - conn = getConnection(connectionProperties, db); - preparedStatement = handleWildcardPreparedStatement(userInput, query, conn); + preparedStatement = handleWildcardPreparedStatement(userInput, query, con); if (LOG.isDebugEnabled()) { LOG.debug("<== HawqClient.queryHawqPerDbAndSchema Starting query: " + query); @@ -221,21 +304,22 @@ public class HawqClient { } finally { closeResultSet(resultSet); closeStatement(preparedStatement); - closeConnection(conn); } } return new ArrayList<>(uniqueResults); } - private List<String> queryHawq(String userInput, String columnName, String query, String database) { + private List<String> queryHawq(String userInput, String columnName, String query, String database) throws SQLException{ List<String> result = new ArrayList<>(); - Connection conn = null; PreparedStatement preparedStatement = null; ResultSet resultSet = null; try { - conn = getConnection(connectionProperties, database); - preparedStatement = handleWildcardPreparedStatement(userInput, query, conn); + if(con == null) { + return result; + } + + preparedStatement = handleWildcardPreparedStatement(userInput, query, con); if (LOG.isDebugEnabled()) { LOG.debug("<== HawqClient.queryHawq Starting query: " + query); @@ -253,34 +337,15 @@ public class HawqClient { } catch (SQLException e) { LOG.error("<== HawqClient.queryHawq Error: Failed to get result from query: " + query + ", Error: " + e); + throw e; } finally { closeResultSet(resultSet); closeStatement(preparedStatement); - closeConnection(conn); } return result; } - private Connection getConnection(Map<String, String> connectionProperties) throws SQLException { - return getConnection(connectionProperties, null); - } - - private Connection getConnection(Map<String, String> connectionProperties, String database) throws SQLException { - - String db = database != null ? database : DEFAULT_DATABASE; - String url = String.format("jdbc:postgresql://%s:%s/%s", connectionProperties.get("hostname"), connectionProperties.get("port"), db); - - if (LOG.isDebugEnabled()) { - LOG.debug("<== HawqClient.checkConnection Connecting to: (" + url + ") with user: " + connectionProperties.get("username") ); - } - - Properties props = new Properties(); - props.setProperty("user", connectionProperties.get("username")); - props.setProperty("password", connectionProperties.get("password")); - return DriverManager.getConnection(url, props); - } - private PreparedStatement handleWildcardPreparedStatement(String userInput, String query, Connection conn) throws SQLException { PreparedStatement preparedStatement = conn.prepareStatement(query); preparedStatement.setString(1, userInput.equals(WILDCARD) ? "%" : (userInput + "%")); @@ -305,10 +370,21 @@ public class HawqClient { private void closeConnection(Connection conn) { try { - if (conn != null) conn.close(); + if (conn != null) { + conn.close(); + } } catch (Exception e) { // ignore } } + + public void close() { + Subject.doAs(getLoginSubject(), new PrivilegedAction<Void>(){ + public Void run() { + closeConnection(con); + return null; + } + }); + } } http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/9775424b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqResourceMgr.java ---------------------------------------------------------------------- diff --git a/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqResourceMgr.java b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqResourceMgr.java index 214ebdb..d9f68d7 100644 --- a/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqResourceMgr.java +++ b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/HawqResourceMgr.java @@ -19,53 +19,124 @@ package org.apache.hawq.ranger.service; import org.apache.hawq.ranger.model.HawqResource; import org.apache.ranger.plugin.service.ResourceLookupContext; +import org.apache.ranger.plugin.util.TimedEventUtil; +import org.apache.log4j.Logger; + import java.sql.SQLException; import java.util.List; import java.util.Map; +import java.util.concurrent.Callable; +import java.util.concurrent.TimeUnit; import java.util.Collections; public abstract class HawqResourceMgr { - public static List<String> getHawqResources(Map<String, String> configs, - ResourceLookupContext context) throws SQLException { - String userInput = context.getUserInput(); + private static final Logger LOG = Logger.getLogger(HawqResourceMgr.class); + + public static List<String> getHawqResources(String serviceName, String serviceType, Map<String, String> configs, + ResourceLookupContext context) throws Exception { + final String userInput = context.getUserInput(); HawqResource hawqResource = HawqResource.valueOf(context.getResourceName().toUpperCase()); - Map<String, List<String>> resources = context.getResources(); - - List<String> result; - HawqClient hawqClient = new HawqClient(configs); - - switch (hawqResource) { - case DATABASE: - result = hawqClient.getDatabaseList(userInput); - break; - case TABLESPACE: - result = hawqClient.getTablespaceList(userInput); - break; - case PROTOCOL: - result = hawqClient.getProtocolList(userInput); - break; - case SCHEMA: - result = hawqClient.getSchemaList(userInput, resources); - break; - case LANGUAGE: - result = hawqClient.getLanguageList(userInput, resources); - break; - case TABLE: - result = hawqClient.getTableList(userInput, resources); - break; - case SEQUENCE: - result = hawqClient.getSequenceList(userInput, resources); - break; - case FUNCTION: - result = hawqClient.getFunctionList(userInput, resources); - break; - default: - throw new IllegalArgumentException("Resource requested does not exist."); + final Map<String, List<String>> resources = context.getResources(); + + List<String> result = null; + if (serviceName != null && userInput != null) { + try { + + if(LOG.isDebugEnabled()) { + LOG.debug("==> HawqResourceMgr.getHawqResources() UserInput: "+ userInput + " configs: " + configs); + } + final HawqClient hawqClient =new HawqClient(serviceName, configs); + Callable<List<String>> callableObj = null; + + if(hawqClient != null) { + switch (hawqResource) { + case DATABASE: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getDatabaseList(userInput); + } + }; + break; + case TABLESPACE: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getTablespaceList(userInput); + } + }; + break; + case PROTOCOL: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getProtocolList(userInput); + } + }; + break; + case SCHEMA: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getSchemaList(userInput, resources); + } + }; + break; + case LANGUAGE: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getLanguageList(userInput, resources); + } + }; + break; + case TABLE: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getTableList(userInput, resources); + } + }; + break; + case SEQUENCE: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException { + return hawqClient.getSequenceList(userInput, resources); + } + }; + break; + case FUNCTION: + callableObj = new Callable<List<String>>() { + @Override + public List<String> call() throws SQLException{ + return hawqClient.getFunctionList(userInput, resources); + } + }; + break; + default: + throw new IllegalArgumentException("Resource requested does not exist."); + } + } + + if (callableObj != null) { + synchronized (hawqClient) { + result = TimedEventUtil.timedTask(callableObj, 5, + TimeUnit.SECONDS); + } + } else { + LOG.error("Could not initiate at timedTask"); + } + + + Collections.sort(result); + } catch (Exception e) { + LOG.error("Unable to get hive resources.", e); + throw e; + } } - - Collections.sort(result); return result; } } http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/9775424b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/RangerServiceHawq.java ---------------------------------------------------------------------- diff --git a/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/RangerServiceHawq.java b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/RangerServiceHawq.java index 0f12191..24a76ca 100644 --- a/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/RangerServiceHawq.java +++ b/ranger-plugin/admin-plugin/src/main/java/org/apache/hawq/ranger/service/RangerServiceHawq.java @@ -19,6 +19,8 @@ package org.apache.hawq.ranger.service; import org.apache.ranger.plugin.client.HadoopException; +import org.apache.ranger.plugin.model.RangerService; +import org.apache.ranger.plugin.model.RangerServiceDef; import org.apache.ranger.plugin.service.RangerBaseService; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -30,6 +32,15 @@ public class RangerServiceHawq extends RangerBaseService { private static final Log LOG = LogFactory.getLog(RangerServiceHawq.class); + public RangerServiceHawq() { + super(); + } + + @Override + public void init(RangerServiceDef serviceDef, RangerService service) { + super.init(serviceDef, service); + } + @Override public HashMap<String, Object> validateConfig() throws Exception { boolean isDebugEnabled = LOG.isDebugEnabled(); @@ -39,10 +50,10 @@ public class RangerServiceHawq extends RangerBaseService { } HashMap<String, Object> result = new HashMap<>(); - + String serviceName = getServiceName(); if (configs != null) { try { - HawqClient hawqClient = new HawqClient(configs); + HawqClient hawqClient = new HawqClient(serviceName, configs); result = hawqClient.checkConnection(configs); } catch (HadoopException e) { LOG.error("<== RangerServiceHawq.validateConfig Error:" + e); @@ -58,7 +69,10 @@ public class RangerServiceHawq extends RangerBaseService { @Override public List<String> lookupResource(ResourceLookupContext context) throws Exception { - List<String> resources = HawqResourceMgr.getHawqResources(getConfigs(), context); + String serviceName = getServiceName(); + String serviceType = getServiceType(); + + List<String> resources = HawqResourceMgr.getHawqResources(serviceName, serviceType, getConfigs(), context); return resources; } http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/9775424b/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/HawqClientTest.java ---------------------------------------------------------------------- diff --git a/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/HawqClientTest.java b/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/HawqClientTest.java index 7d624d8..64bf874 100644 --- a/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/HawqClientTest.java +++ b/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/HawqClientTest.java @@ -27,23 +27,20 @@ import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; import java.sql.Connection; -import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.PreparedStatement; import java.sql.SQLException; import java.util.HashMap; import java.util.Map; -import java.util.Properties; import java.util.List; import java.util.Arrays; import java.util.Collections; import static org.apache.hawq.ranger.service.HawqClient.*; import static org.junit.Assert.*; -import static org.mockito.Matchers.any; -import static org.mockito.Matchers.anyMap; -import static org.mockito.Matchers.anyString; import static org.powermock.api.mockito.PowerMockito.*; +import static org.powermock.api.support.membermodification.MemberMatcher.method; +import static org.powermock.api.support.membermodification.MemberModifier.suppress; @RunWith(PowerMockRunner.class) @PrepareForTest(HawqClient.class) @@ -63,7 +60,7 @@ public class HawqClientTest { private Map<String, List<String>> resources; @Before - public void setUp() throws SQLException { + public void setUp() throws Exception { connectionProperties = new HashMap<>(); connectionProperties.put("hostname", "hostname"); connectionProperties.put("port", "5432"); @@ -71,10 +68,10 @@ public class HawqClientTest { connectionProperties.put("username", "username"); connectionProperties.put("password", "password"); - mockStatic(DriverManager.class); suppress(constructor(BaseClient.class, String.class, Map.class)); - hawqClient = new HawqClient(connectionProperties); - + suppress(method(HawqClient.class, "initHawq")); + hawqClient = new HawqClient("hawq", connectionProperties); + hawqClient.setConnection(conn); hawqClientSpy = PowerMockito.spy(hawqClient); resources = new HashMap<>(); @@ -86,7 +83,6 @@ public class HawqClientTest { @Test public void testCheckConnection_Failure() throws Exception { - when(DriverManager.getConnection(anyString(), any(Properties.class))).thenReturn(conn); when(conn.getCatalog()).thenReturn(null); Map<String, Object> response = hawqClient.checkConnection(connectionProperties); assertEquals(CONNECTION_FAILURE_MESSAGE, response.get("message")); @@ -95,7 +91,6 @@ public class HawqClientTest { @Test public void testCheckConnection_Success() throws Exception { - when(DriverManager.getConnection(anyString(), any(Properties.class))).thenReturn(conn); when(conn.getCatalog()).thenReturn("catalog"); Map<String, Object> response = hawqClient.checkConnection(connectionProperties); assertEquals(CONNECTION_SUCCESSFUL_MESSAGE, response.get("message")); @@ -104,8 +99,8 @@ public class HawqClientTest { @Test public void testCheckConnection_ThrowsSQLException_Failure() throws Exception { - when(DriverManager.getConnection(anyString(), any(Properties.class))).thenThrow(new SQLException("Failed to connect")); - Map<String, Object> response = hawqClient.checkConnection(connectionProperties); + when(conn.getCatalog()).thenThrow(new SQLException("Failed to connect")); + Map<String, Object> response = hawqClient.checkConnection(connectionProperties); assertEquals(CONNECTION_FAILURE_MESSAGE, response.get("message")); assertEquals("Failed to connect", response.get("description")); assertFalse((Boolean) response.get("connectivityStatus")); @@ -117,7 +112,6 @@ public class HawqClientTest { when(preparedStatement.executeQuery()).thenReturn(resultSet); when(resultSet.next()).thenReturn(true).thenReturn(true).thenReturn(false); when(resultSet.getString(DATNAME)).thenReturn("db1").thenReturn("db2"); - PowerMockito.doReturn(conn).when(hawqClientSpy, "getConnection", anyMap(), anyString()); assertEquals(Arrays.asList("db1", "db2"), hawqClientSpy.getDatabaseList("d")); } @@ -168,7 +162,6 @@ public class HawqClientTest { @Test public void testTableList_Success() throws Exception { - PowerMockito.doReturn(conn).when(hawqClientSpy, "getConnection", anyMap(), anyString()); when(conn.prepareStatement(TABLE_LIST_QUERY)).thenReturn(preparedStatement); when(preparedStatement.executeQuery()).thenReturn(resultSet); when(resultSet.next()).thenReturn(true).thenReturn(true).thenReturn(false); @@ -181,7 +174,6 @@ public class HawqClientTest { @Test public void testSequenceList_Success() throws Exception { - PowerMockito.doReturn(conn).when(hawqClientSpy, "getConnection", anyMap(), anyString()); when(conn.prepareStatement(SEQUENCE_LIST_QUERY)).thenReturn(preparedStatement); when(preparedStatement.executeQuery()).thenReturn(resultSet); when(resultSet.next()).thenReturn(true).thenReturn(true).thenReturn(false); @@ -194,7 +186,6 @@ public class HawqClientTest { @Test public void testSequenceList_SchemaFiltered_Success() throws Exception { - PowerMockito.doReturn(conn).when(hawqClientSpy, "getConnection", anyMap(), anyString()); when(conn.prepareStatement(SEQUENCE_LIST_QUERY)).thenReturn(preparedStatement); when(preparedStatement.executeQuery()).thenReturn(resultSet); when(resultSet.next()).thenReturn(true).thenReturn(true).thenReturn(false); @@ -205,7 +196,6 @@ public class HawqClientTest { @Test public void testFunctionList_Success() throws Exception { - PowerMockito.doReturn(conn).when(hawqClientSpy, "getConnection", anyMap(), anyString()); when(conn.prepareStatement(FUNCTION_LIST_QUERY)).thenReturn(preparedStatement); when(preparedStatement.executeQuery()).thenReturn(resultSet); when(resultSet.next()).thenReturn(true).thenReturn(true).thenReturn(false); http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/9775424b/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/RangerServiceHawqTest.java ---------------------------------------------------------------------- diff --git a/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/RangerServiceHawqTest.java b/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/RangerServiceHawqTest.java index 5264929..7ef3096 100644 --- a/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/RangerServiceHawqTest.java +++ b/ranger-plugin/admin-plugin/src/test/java/org/apache/hawq/ranger/service/RangerServiceHawqTest.java @@ -18,6 +18,7 @@ package org.apache.hawq.ranger.service; import org.apache.ranger.plugin.client.BaseClient; +import org.apache.hawq.ranger.service.HawqClient; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -25,25 +26,25 @@ import org.mockito.Mock; import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; - +import static org.powermock.api.mockito.PowerMockito.*; import java.sql.Connection; import java.sql.DriverManager; import java.util.HashMap; import java.util.Map; -import java.util.Properties; +import static org.mockito.Matchers.*; +import static org.powermock.api.support.membermodification.MemberMatcher.method; import static org.apache.hawq.ranger.service.HawqClient.CONNECTION_SUCCESSFUL_MESSAGE; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; -import static org.mockito.Matchers.any; -import static org.mockito.Matchers.anyString; import static org.powermock.api.mockito.PowerMockito.mockStatic; import static org.powermock.api.mockito.PowerMockito.when; import static org.powermock.api.support.membermodification.MemberMatcher.constructor; import static org.powermock.api.support.membermodification.MemberModifier.suppress; + @RunWith(PowerMockRunner.class) -@PrepareForTest(HawqClient.class) +@PrepareForTest({HawqClient.class, RangerServiceHawq.class}) public class RangerServiceHawqTest { private RangerServiceHawq service; @@ -53,6 +54,8 @@ public class RangerServiceHawqTest { HawqClient mockHawqClient; @Mock Connection conn; + + private Map<String, String> connectionProperties; @Before public void setup() { @@ -73,13 +76,18 @@ public class RangerServiceHawqTest { @Test public void testValidateConfigSuccess() throws Exception { + suppress(constructor(BaseClient.class, String.class, Map.class)); + suppress(method(HawqClient.class, "initHawq")); + HashMap<String, Object> result = new HashMap<>(); result.put("message", "ConnectionTest Successful"); result.put("description", "ConnectionTest Successful"); result.put("connectivityStatus", true); - - suppress(constructor(BaseClient.class, String.class, Map.class)); - PowerMockito.when(DriverManager.getConnection(anyString(), any(Properties.class))).thenReturn(conn); + + mockHawqClient = new HawqClient("hawq", connectionProperties); + mockHawqClient.setConnection(conn); + PowerMockito.whenNew(HawqClient.class).withArguments(anyObject(),anyObject()).thenReturn(mockHawqClient); + when(conn.getCatalog()).thenReturn("catalog"); HashMap<String, Object> response = service.validateConfig(); http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/9775424b/ranger-plugin/conf/ranger-servicedef-hawq.json ---------------------------------------------------------------------- diff --git a/ranger-plugin/conf/ranger-servicedef-hawq.json b/ranger-plugin/conf/ranger-servicedef-hawq.json index 38f88ea..172eb3a 100644 --- a/ranger-plugin/conf/ranger-servicedef-hawq.json +++ b/ranger-plugin/conf/ranger-servicedef-hawq.json @@ -241,6 +241,29 @@ }, { "itemId": 3, + "name": "authentication", + "type": "enum", + "subType": "authType", + "mandatory": false, + "validationRegEx": "", + "validationMessage": "", + "uiHint": "", + "label": "HAWQ Authentication Type", + "defaultValue": "simple" + }, + { + "itemId": 4, + "name": "principal", + "type": "string", + "mandatory": false, + "validationRegEx": "", + "validationMessage": "", + "uiHint": "", + "label": "HAWQ Kerberos Service Name", + "defaultValue": "" + }, + { + "itemId": 5, "name": "hostname", "type": "string", "mandatory": true, @@ -250,7 +273,7 @@ "label": "HAWQ Master Hostname" }, { - "itemId": 4, + "itemId": 6, "name": "port", "type": "int", "mandatory": true, @@ -261,7 +284,27 @@ "defaultValue": 5432 } ], - "enums": [], + "enums": + [ + { + "itemId": 1, + "name": "authType", + "elements": + [ + { + "itemId": 1, + "name": "simple", + "label": "Simple" + }, + { + "itemId": 2, + "name": "kerberos", + "label": "Kerberos" + } + ], + "defaultIndex": 0 + } + ], "contextEnrichers": [], "policyConditions": [], "dataMaskDef": {},
