SENTRY-950: add column level test cases for select ... group by, order by and where (Ke Jia, reviewed by Colin Ma, Anne Yu)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/79204bc2 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/79204bc2 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/79204bc2 Branch: refs/heads/SENTRY-1205 Commit: 79204bc2cc886dafc30818dd1bf4b3727c5d09fc Parents: 26fbeba Author: Sun Dapeng <[email protected]> Authored: Mon Jun 6 10:32:49 2016 +0800 Committer: Sun Dapeng <[email protected]> Committed: Mon Jun 6 10:32:49 2016 +0800 ---------------------------------------------------------------------- .../TestPrivilegeWithGrantOption.java | 66 ++++++++++++++++++++ 1 file changed, 66 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/79204bc2/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java index c67910a..cfbef4a 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestPrivilegeWithGrantOption.java @@ -65,6 +65,72 @@ public class TestPrivilegeWithGrantOption extends AbstractTestWithStaticConfigur super.setup(); } + @Test + public void testOnGrantSelectColumnPrivilege() throws Exception { + // setup db objects needed by the test + Connection connection = context.createConnection(ADMIN1); + Statement statement = context.createStatement(connection); + statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE"); + statement.execute("CREATE DATABASE db_1"); + statement.execute("CREATE ROLE group1_role"); + statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role WITH GRANT OPTION"); + statement.execute("GRANT ROLE group1_role TO GROUP " + USERGROUP1); + statement.execute("CREATE ROLE group2_role"); + statement.execute("GRANT ROLE group2_role TO GROUP " + USERGROUP2); + + connection = context.createConnection(USER1_1); + statement = context.createStatement(connection); + + statement.execute("USE db_1"); + statement.execute("CREATE TABLE test_tb(s STRING, i INT)"); + statement.execute("INSERT INTO TABLE test_tb VALUES('Test', 1)"); + statement.execute("GRANT SELECT(s) ON TABLE test_tb TO ROLE group2_role"); + + connection = context.createConnection(USER2_1); + statement = context.createStatement(connection); + statement.execute("USE db_1"); + //positive test for order by + statement.execute("SELECT s FROM test_tb ORDER BY s"); + //negative test for order by + try { + statement.execute("SELECT s FROM test_tb ORDER BY i"); + Assert.fail("Expected SQL exception"); + } catch (SQLException e) { + context.verifyAuthzException(e); + } + try { + statement.execute("SELECT s FROM test_tb SORT BY i"); + Assert.fail("Expected SQL exception"); + } catch (SQLException e) { + context.verifyAuthzException(e); + } + //positive test for group by + statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY s "); + //negative test for group by + try { + statement.execute("SELECT COUNT(s) FROM test_tb GROUP BY i"); + Assert.fail("Expected SQL exception"); + } catch (SQLException e) { + context.verifyAuthzException(e); + } + try { + statement.execute("SELECT s FROM test_tb GROUP BY s HAVING SUM(i) > 1"); + Assert.fail("Expected SQL exception"); + } catch (SQLException e) { + context.verifyAuthzException(e); + } + //positive test for where clause + statement.execute("SELECT s FROM test_tb WHERE s = 'Test' "); + //negative test fot where clause + try { + statement.execute("SELECT s FROM test_tb WHERE i = 1 "); + Assert.fail("Expected SQL exception"); + } catch (SQLException e) { + context.verifyAuthzException(e); + } + + } + /* * Admin grant DB_1 user1 without grant option, grant user3 with grant option, * user1 tries to grant it to user2, but failed.
