http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java deleted file mode 100644 index 36fa4b5..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java +++ /dev/null @@ -1,57 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import org.apache.hadoop.minikdc.MiniKdc; -import org.apache.sentry.service.thrift.ServiceConstants; -import org.junit.BeforeClass; -import org.junit.Ignore; -import org.junit.Test; - -@Ignore("SENTRY-515: Not part of automated unit testing, as it takes too long. Fails until we move to a hadoop 2.6.1. See HADOOP-10786") -public class TestConnectionWithTicketTimeout extends - org.apache.sentry.service.thrift.SentryServiceIntegrationBase { - - @BeforeClass - public static void setup() throws Exception { - kerberos = true; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - - public static void beforeSetup() throws Exception { - kdcConfOverlay.setProperty(MiniKdc.MAX_TICKET_LIFETIME, "360001"); - //Only UGI based client connections renew their TGT, this is not a problem in the real world - // as this is not configurable and always true - conf.set(ServiceConstants.ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true"); - } - - /*** - * Test is run only when sentry.hive.test.ticket.timeout is set to "true" - * @throws Exception - */ - @Test - public void testConnectionAfterTicketTimeout() throws Exception { - Thread.sleep(400000); - connectToSentryService(); - } - -}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java deleted file mode 100644 index 6a2f48f..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java +++ /dev/null @@ -1,112 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import java.util.UUID; - -import org.apache.hadoop.conf.Configuration; -import org.apache.sentry.provider.db.service.persistent.CommitContext; -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mockito; - -import com.google.common.collect.Lists; - -public class TestNotificationHandlerInvoker { - - private Configuration conf; - private CommitContext commitContext; - private NotificationHandler handler; - private NotificationHandlerInvoker invoker; - - @Before - public void setup() throws Exception { - conf = new Configuration(false); - commitContext = new CommitContext(UUID.randomUUID(), 1L); - handler = Mockito.spy(new NotificationHandler(conf) {}); - invoker = new NotificationHandlerInvoker(conf, - Lists.newArrayList(new ThrowingNotificationHandler(conf), handler)); - } - - @Test - public void testCreateSentryRole() throws Exception { - TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); - TCreateSentryRoleResponse response = new TCreateSentryRoleResponse(); - invoker.create_sentry_role(commitContext, request, response); - Mockito.verify(handler).create_sentry_role(commitContext, - request, response); - } - - @Test - public void testDropSentryRole() throws Exception { - TDropSentryRoleRequest request = new TDropSentryRoleRequest(); - TDropSentryRoleResponse response = new TDropSentryRoleResponse(); - invoker.drop_sentry_role(commitContext, request, response); - Mockito.verify(handler).drop_sentry_role(commitContext, - request, response); - } - - - - @Test - public void testAlterSentryRoleAddGroups() throws Exception { - TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest(); - TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse(); - invoker.alter_sentry_role_add_groups(commitContext, request, response); - Mockito.verify(handler).alter_sentry_role_add_groups(commitContext, - request, response); - } - - @Test - public void testAlterSentryRoleDeleteGroups() throws Exception { - TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(); - TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse(); - invoker.alter_sentry_role_delete_groups(commitContext, request, response); - Mockito.verify(handler).alter_sentry_role_delete_groups(commitContext, - request, response); - } - - public static class ThrowingNotificationHandler extends NotificationHandler { - public ThrowingNotificationHandler(Configuration config) throws Exception { - super(config); - } - @Override - public void create_sentry_role(CommitContext args, - TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { - throw new RuntimeException(); - } - public void drop_sentry_role(CommitContext context, - TDropSentryRoleRequest request, - TDropSentryRoleResponse response) { - throw new RuntimeException(); - } - @Override - public void alter_sentry_role_add_groups(CommitContext args, - TAlterSentryRoleAddGroupsRequest request, - TAlterSentryRoleAddGroupsResponse response) { - throw new RuntimeException(); - } - @Override - public void alter_sentry_role_delete_groups( - CommitContext args, TAlterSentryRoleDeleteGroupsRequest request, - TAlterSentryRoleDeleteGroupsResponse response) { - throw new RuntimeException(); - } - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java deleted file mode 100644 index 04d92dd..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java +++ /dev/null @@ -1,81 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.provider.db.service.thrift; - -import org.apache.sentry.core.common.exception.SentrySiteConfigurationException; -import org.junit.Assert; - -import org.apache.hadoop.conf.Configuration; -import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException; -import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig; -import org.apache.sentry.service.thrift.ServiceConstants; -import org.junit.Before; -import org.junit.Test; - -public class TestSentryPolicyStoreProcessor { - - private Configuration conf; - - @Before - public void setup() { - conf = new Configuration(false); - } - @Test(expected=SentrySiteConfigurationException.class) - public void testConfigNotNotificationHandler() throws Exception { - conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, Object.class.getName()); - SentryPolicyStoreProcessor.createHandlers(conf); - } - @Test(expected=SentrySiteConfigurationException.class) - public void testConfigCannotCreateNotificationHandler() throws Exception { - conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, - ExceptionInConstructorNotificationHandler.class.getName()); - SentryPolicyStoreProcessor.createHandlers(conf); - } - @Test(expected=SentrySiteConfigurationException.class) - public void testConfigNotAClassNotificationHandler() throws Exception { - conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, "junk"); - SentryPolicyStoreProcessor.createHandlers(conf); - } - @Test - public void testConfigMultipleNotificationHandlers() throws Exception { - conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, - NoopNotificationHandler.class.getName() + "," + - NoopNotificationHandler.class.getName() + " " + - NoopNotificationHandler.class.getName()); - Assert.assertEquals(3, SentryPolicyStoreProcessor.createHandlers(conf).size()); - } - public static class ExceptionInConstructorNotificationHandler extends NotificationHandler { - public ExceptionInConstructorNotificationHandler(Configuration config) throws Exception { - super(config); - throw new Exception(); - } - } - public static class NoopNotificationHandler extends NotificationHandler { - public NoopNotificationHandler(Configuration config) throws Exception { - super(config); - } - } - @Test(expected=SentryThriftAPIMismatchException.class) - public void testSentryThriftAPIMismatch() throws Exception { - SentryPolicyStoreProcessor.validateClientVersion(ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT -1); - } - @Test - public void testSentryThriftAPIMatchVersion() throws Exception { - SentryPolicyStoreProcessor.validateClientVersion(ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java deleted file mode 100644 index 6c78942..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java +++ /dev/null @@ -1,219 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless createRequired by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; -import static org.junit.Assert.assertEquals; - -import java.util.HashSet; -import java.util.Set; - -import org.apache.sentry.core.common.ActiveRoleSet; -import org.apache.sentry.core.model.db.AccessConstants; -import org.apache.sentry.core.model.db.Database; -import org.apache.sentry.core.model.db.Server; -import org.apache.sentry.core.model.db.Table; -import org.apache.sentry.service.thrift.SentryServiceIntegrationBase; -import org.junit.BeforeClass; -import org.junit.Test; - -import com.google.common.collect.Lists; -import com.google.common.collect.Sets; - -public class TestSentryServerForHaWithoutKerberos extends SentryServiceIntegrationBase { - - @BeforeClass - public static void setup() throws Exception { - kerberos = false; - haEnabled = true; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - - @Test - public void testCreateRole() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.dropRole(requestorUserName, roleName); - } - - @Test - public void testQueryPushDown() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - - String roleName1 = "admin_r1"; - String roleName2 = "admin_r2"; - - String group1 = "g1"; - String group2 = "g2"; - - client.dropRoleIfExists(requestorUserName, roleName1); - client.createRole(requestorUserName, roleName1); - client.grantRoleToGroup(requestorUserName, group1, roleName1); - - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL"); - - - client.dropRoleIfExists(requestorUserName, roleName2); - client.createRole(requestorUserName, roleName2); - client.grantRoleToGroup(requestorUserName, group1, roleName2); - client.grantRoleToGroup(requestorUserName, group2, roleName2); - - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL"); - - Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"))); - assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1"))); - assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1"))); - assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3"))); - assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size()); - - Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2")); - assertEquals("Privilege not correctly assigned to roles !!", - Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"), - listPrivilegesForProvider); - - listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3")); - assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider); - - listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3")); - assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider); - - listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1")); - assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider); - } - - - - /** - * Create role, add privileges and grant it to a group drop the role and - * verify the privileges are no longer visible recreate the role with same - * name and verify the privileges again. - * @throws Exception - */ - @Test - public void testDropRole() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - - // create role and add privileges - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); - assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - - // drop role and verify privileges - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - - // recreate the role - client.createRole(requestorUserName, roleName); - client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - - // grant different privileges and verify - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - } - - @Test - public void testDropRoleOnUser() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - - // create role and add privileges - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName); - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); - assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - - // drop role and verify privileges - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - - // recreate the role - client.createRole(requestorUserName, roleName); - client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - - // grant different privileges and verify - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - } - - /** - * Test that we are correctly substituting "_HOST" if/when needed. - * - * @throws Exception - */ - @Test - public void testHostSubstitution() throws Exception { - // We just need to ensure that we are able to correct connect to the server - connectToSentryService(); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java deleted file mode 100644 index 9ba7d23..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless createRequired by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import org.junit.BeforeClass; - -public class TestSentryServerForPoolHAWithoutKerberos extends TestSentryServerForHaWithoutKerberos { - - @BeforeClass - public static void setup() throws Exception { - kerberos = false; - haEnabled = true; - pooled = true; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java deleted file mode 100644 index 62fbb2f..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless createRequired by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import org.junit.BeforeClass; - -public class TestSentryServerForPoolWithoutKerberos extends TestSentryServerWithoutKerberos { - - @BeforeClass - public static void setup() throws Exception { - kerberos = false; - haEnabled = false; - pooled = true; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java deleted file mode 100644 index b37f057..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java +++ /dev/null @@ -1,214 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless createRequired by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; -import static org.junit.Assert.assertEquals; - -import java.util.ArrayList; -import java.util.HashSet; -import java.util.Set; - -import org.apache.sentry.core.common.ActiveRoleSet; -import org.apache.sentry.core.common.Authorizable; -import org.apache.sentry.core.model.db.AccessConstants; -import org.apache.sentry.core.model.db.Database; -import org.apache.sentry.core.model.db.Server; -import org.apache.sentry.core.model.db.Table; -import org.apache.sentry.service.thrift.SentryServiceIntegrationBase; -import org.junit.BeforeClass; -import org.junit.Test; - -import com.google.common.collect.Lists; -import com.google.common.collect.Sets; - -public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBase { - - @BeforeClass - public static void setup() throws Exception { - kerberos = false; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - - @Test - public void testCreateRole() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.dropRole(requestorUserName, roleName); - } - - @Test - public void testQueryPushDown() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - - String roleName1 = "admin_r1"; - String roleName2 = "admin_r2"; - - String group1 = "g1"; - String group2 = "g2"; - - client.dropRoleIfExists(requestorUserName, roleName1); - client.createRole(requestorUserName, roleName1); - client.grantRoleToGroup(requestorUserName, group1, roleName1); - - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL"); - - client.dropRoleIfExists(requestorUserName, roleName2); - client.createRole(requestorUserName, roleName2); - client.grantRoleToGroup(requestorUserName, group1, roleName2); - client.grantRoleToGroup(requestorUserName, group2, roleName2); - - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL"); - client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL"); - - Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, null); - assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, new ArrayList<Authorizable>()); - assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"))); - assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1"))); - assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1"))); - assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size()); - - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3"))); - assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size()); - - Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2")); - assertEquals("Privilege not correctly assigned to roles !!", - Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"), - listPrivilegesForProvider); - - listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3")); - assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider); - - listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3")); - assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider); - - listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1")); - assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider); - } - - - - /** - * Create role, add privileges and grant it to a group drop the role and - * verify the privileges are no longer visible recreate the role with same - * name and verify the privileges again. - * @throws Exception - */ - @Test - public void testDropRole() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - - // create role and add privileges - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); - assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - - // drop role and verify privileges - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - - // recreate the role - client.createRole(requestorUserName, roleName); - client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - - // grant different privileges and verify - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null, - ActiveRoleSet.ALL).size()); - } - - @Test - public void testDropRoleOnUser() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - - // create role and add privileges - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName); - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); - assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - - // drop role and verify privileges - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - - // recreate the role - client.createRole(requestorUserName, roleName); - client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - - // grant different privileges and verify - client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); - assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - client.dropRole(requestorUserName, roleName); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames, - ActiveRoleSet.ALL).size()); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java deleted file mode 100644 index fe4164d..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java +++ /dev/null @@ -1,111 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import static org.junit.Assert.assertTrue; - -import java.security.PrivilegedExceptionAction; -import java.util.ArrayList; -import java.util.List; -import java.util.Set; -import java.util.concurrent.Callable; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; -import java.util.concurrent.Future; -import java.util.concurrent.FutureTask; - -import org.apache.sentry.core.common.exception.SentryUserException; -import org.apache.sentry.service.thrift.SentryServiceFactory; -import org.apache.sentry.service.thrift.SentryServiceIntegrationBase; -import org.junit.Test; - -import com.google.common.collect.Sets; - -public class TestSentryServiceClientPool extends SentryServiceIntegrationBase { - - @Test - public void testConnectionWhenReconnect() throws Exception { - runTestAsSubject(new TestOperation() { - @Override - public void runTestAsSubject() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - String roleName = "admin_r"; - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.listRoles(requestorUserName); - stopSentryService(); - server = new SentryServiceFactory().create(conf); - startSentryService(); - client.listRoles(requestorUserName); - client.dropRole(requestorUserName, roleName); - } - }); - } - - @Test - public void testConnectionWithMultipleRetries() throws Exception { - runTestAsSubject(new TestOperation() { - @Override - public void runTestAsSubject() throws Exception { - List<Future<Boolean>> tasks = new ArrayList<Future<Boolean>>(); - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - String roleName = "admin_r"; - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - - ExecutorService executorService = Executors.newFixedThreadPool(20); - - Callable<Boolean> func = new Callable<Boolean>() { - public Boolean call() throws Exception { - return clientUgi.doAs(new PrivilegedExceptionAction<Boolean>() { - @Override - public Boolean run() throws Exception { - try { - client.listRoles(ADMIN_USER); - return true; - } catch (SentryUserException sue) { - return false; - } - } - }); - } - }; - - for (int i = 0; i < 30; i++) { - FutureTask<Boolean> task = new FutureTask<Boolean>(func); - tasks.add(task); - executorService.submit(task); - } - - for (Future<Boolean> task : tasks) { - Boolean result = task.get(); - assertTrue("Some tasks are failed.", result); - } - } - }); - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java deleted file mode 100644 index 51bba31..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import org.apache.sentry.service.thrift.SentryServiceIntegrationBase; -import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; -import org.junit.After; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.base.Strings; - -public class TestSentryServiceFailureCase extends SentryServiceIntegrationBase { - private static final Logger LOGGER = LoggerFactory.getLogger(TestSentryServiceFailureCase.class); - private static final String PEER_CALLBACK_FAILURE = "Peer indicated failure: Problem with callback handler"; - - @BeforeClass - public static void setup() throws Exception { - kerberos = true; - beforeSetup(); - setupConf(); - conf.set(ServerConfig.ALLOW_CONNECT, ""); - startSentryService(); - afterSetup(); - } - - @Override - @Before - public void before() throws Exception { - } - - @Override - @After - public void after() { - } - - @Test - public void testClientServerConnectionFailure() throws Exception { - try { - connectToSentryService(); - Assert.fail("Failed to receive Exception"); - } catch(Exception e) { - LOGGER.info("Excepted exception", e); - Throwable cause = e.getCause(); - if (cause == null) { - throw e; - } - String msg = "Exception message: " + cause.getMessage() + " to contain " + - PEER_CALLBACK_FAILURE; - Assert.assertTrue(msg, Strings.nullToEmpty(cause.getMessage()) - .contains(PEER_CALLBACK_FAILURE)); - } - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java deleted file mode 100644 index 813b30b..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java +++ /dev/null @@ -1,75 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.provider.db.service.thrift; - - -import java.io.File; -import java.util.Set; - -import org.apache.sentry.provider.file.PolicyFile; -import org.apache.sentry.service.thrift.SentryServiceIntegrationBase; -import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; - -import com.google.common.collect.Sets; - -/** - * Test various kerberos related stuff on the SentryService side - */ -public class TestSentryServiceForHAWithKerberos extends SentryServiceIntegrationBase { - - @BeforeClass - public static void setup() throws Exception { - kerberos = true; - haEnabled = true; - SERVER_KERBEROS_NAME = "sentry/_HOST@" + REALM; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - - @Override - @Before - public void before() throws Exception { - policyFilePath = new File(dbDir, "local_policy_file.ini"); - conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE, - policyFilePath.getPath()); - policyFile = new PolicyFile(); - connectToSentryService(); - } - - @Test - public void testCreateRole() throws Exception { - runTestAsSubject(new TestOperation(){ - @Override - public void runTestAsSubject() throws Exception { - String requestorUserName = ADMIN_USER; - Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); - setLocalGroupMapping(requestorUserName, requestorUserGroupNames); - writePolicyFile(); - String roleName = "admin_r"; - client.dropRoleIfExists(requestorUserName, roleName); - client.createRole(requestorUserName, roleName); - client.dropRole(requestorUserName, roleName); - } - }); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java deleted file mode 100644 index acb906f..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless createRequired by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import org.junit.BeforeClass; - -public class TestSentryServiceForPoolHAWithKerberos extends TestSentryServiceWithKerberos { - - @BeforeClass - public static void setup() throws Exception { - kerberos = true; - haEnabled = true; - pooled = true; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java deleted file mode 100644 index bd3c1cc..0000000 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless createRequired by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import org.junit.BeforeClass; - -public class TestSentryServiceForPoolWithKerberos extends TestSentryServiceWithKerberos { - - @BeforeClass - public static void setup() throws Exception { - kerberos = true; - haEnabled = false; - pooled = true; - beforeSetup(); - setupConf(); - startSentryService(); - afterSetup(); - } - -} \ No newline at end of file
