Repository: sentry Updated Branches: refs/heads/master cf93a3a3e -> a5ed6d912
SENTRY-1464: fix Sentry e2e test failure in org.apache.sentry.tests.e2e.dbprovider.TestDbUriPermissions.testAlterPartitionLocationPrivileges; and print out key queries for triaging test failures on jenkins job's outputs. (Anne Yu, reviewed by Hao Hao). Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/a5ed6d91 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/a5ed6d91 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/a5ed6d91 Branch: refs/heads/master Commit: a5ed6d912d1cac5f2239a629a34ce063ac97e6a4 Parents: cf93a3a Author: Anne Yu <[email protected]> Authored: Thu Sep 8 14:44:25 2016 -0700 Committer: Anne Yu <[email protected]> Committed: Fri Sep 9 23:12:45 2016 -0700 ---------------------------------------------------------------------- .../tests/e2e/hive/TestMetadataPermissions.java | 10 +- .../e2e/dbprovider/TestDbCrossOperations.java | 32 ++--- .../AbstractTestWithStaticConfiguration.java | 50 +++---- .../apache/sentry/tests/e2e/hive/Context.java | 1 + .../e2e/hive/TestExportImportPrivileges.java | 25 ++-- .../tests/e2e/hive/TestOperationsPart2.java | 136 +++++++++---------- .../sentry/tests/e2e/hive/TestSandboxOps.java | 34 ++--- .../tests/e2e/hive/TestUriPermissions.java | 80 +++++------ .../e2e/hive/fs/TestHiveWarehouseOnExtFs.java | 2 +- .../hive/hiveserver/UnmanagedHiveServer.java | 8 +- 10 files changed, 193 insertions(+), 185 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java index 524fa1c..c1c6f48 100644 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java +++ b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java @@ -38,12 +38,12 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); for (String dbName : new String[] { "" + DB1, DB2 }) { - adminStmt.execute("USE default"); - adminStmt.execute("DROP DATABASE IF EXISTS " + dbName + " CASCADE"); - adminStmt.execute("CREATE DATABASE " + dbName); - adminStmt.execute("USE " + dbName); + exec(adminStmt, "USE default"); + exec(adminStmt, "DROP DATABASE IF EXISTS " + dbName + " CASCADE"); + exec(adminStmt, "CREATE DATABASE " + dbName); + exec(adminStmt, "USE " + dbName); for (String tabName : new String[] { "tab1", "tab2" }) { - adminStmt.execute("CREATE TABLE " + tabName + " (id int)"); + exec(adminStmt, "CREATE TABLE " + tabName + " (id int)"); } } http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossOperations.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossOperations.java index 62c0f58..60812cf 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossOperations.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossOperations.java @@ -40,12 +40,9 @@ public class TestDbCrossOperations extends AbstractTestWithStaticConfiguration { private static final Logger LOGGER = LoggerFactory. getLogger(TestDbCrossOperations.class); - private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat"; - private File dataFile; - @BeforeClass public static void setupTestStaticConfiguration() throws Exception{ - LOGGER.info("TestColumnView setupTestStaticConfiguration"); + LOGGER.info("TestDbCrossOperations setupTestStaticConfiguration"); useSentryService = true; AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); } @@ -56,10 +53,6 @@ public class TestDbCrossOperations extends AbstractTestWithStaticConfiguration { super.setupAdmin(); super.setup(); super.setupPolicy(); - dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME); - FileOutputStream to = new FileOutputStream(dataFile); - Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to); - to.close(); } private void createTestData() throws Exception { @@ -77,7 +70,7 @@ public class TestDbCrossOperations extends AbstractTestWithStaticConfiguration { exec(statement, "GRANT SELECT ON TABLE tb1 TO ROLE user_role2"); exec(statement, "GRANT ROLE user_role1 TO GROUP " + USERGROUP1); exec(statement, "GRANT ROLE user_role2 TO GROUP " + USERGROUP2); - exec(statement, "load data local inpath '" + dataFile.getPath() + "' into table db_1.tb1" ); + exec(statement, "INSERT INTO TABLE db_1.tb1 VALUES (1, 'tb1')"); exec(statement, "use " + DB2); exec(statement, "CREATE TABLE tb2 (id int, num String)"); exec(statement, "CREATE TABLE tb3 (id int, val String)"); @@ -87,8 +80,8 @@ public class TestDbCrossOperations extends AbstractTestWithStaticConfiguration { exec(statement, "GRANT SELECT ON TABLE tb3 TO ROLE user_role2"); exec(statement, "GRANT ROLE user_role1 TO GROUP " + USERGROUP1); exec(statement, "GRANT ROLE user_role2 TO GROUP " + USERGROUP2); - exec(statement, "load data local inpath '" + dataFile.getPath() + "' into table db_2.tb2" ); - exec(statement, "load data local inpath '" + dataFile.getPath() + "' into table db_2.tb3" ); + exec(statement, "INSERT INTO TABLE db_2.tb2 VALUES (2, 'tb2')"); + exec(statement, "INSERT INTO TABLE db_2.tb3 VALUES (3, 'tb3')" ); } } } @@ -96,26 +89,31 @@ public class TestDbCrossOperations extends AbstractTestWithStaticConfiguration { @Test public void testCrossDbTableOperations() throws Exception { //The privilege of user_role1 is used to test create table as select. - //The privilege of user_role2 is used to test create view as select. createTestData(); //Test create table as select from cross db table try (Connection connection =context.createConnection(USER1_1)) { try (Statement statement = context.createStatement(connection)) { - statement.execute("use " + DB1); - statement.execute("CREATE table db_1.t1 as select tb1.id, tb3.val, tb2.num from db_1.tb1,db_2.tb3,db_2.tb2"); + exec(statement, "use " + DB1); + exec(statement, "CREATE table db_1.t1 as select tb1.id, tb3.val, tb2.num from db_1.tb1,db_2.tb3,db_2.tb2"); + exec(statement, "SELECT * FROM db_1.t1 LIMIT 1"); } } + } + + @Test + public void testsCrossDbView() throws Exception { + //The privilege of user_role2 is used to test create view as select. + createTestData(); //Test create view as select from cross db tables try (Connection connection =context.createConnection(USER2_1)) { try (Statement statement = context.createStatement(connection)) { //The db_1.tb1 and db_2.tb3 is same with db_2.tb2. - ResultSet res = statement.executeQuery("select * from db_2.tb2 limit 2"); + ResultSet res = execQuery(statement, "select * from db_2.tb2 limit 1"); List<String> expectedResult = new ArrayList<String>(); List<String> returnedResult = new ArrayList<String>(); - expectedResult.add("238"); - expectedResult.add("86"); + expectedResult.add("2"); while(res.next()){ returnedResult.add(res.getString(1).trim()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java index ba29ca3..62da025 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java @@ -98,8 +98,12 @@ public abstract class AbstractTestWithStaticConfiguration { @Override protected void failed(Throwable e, Description description) { LOGGER.error("Time out = " + e); - if (e.getMessage().contains("test timed out after")) { - LOGGER.error("Test class time out, but caught by rule, description = " + description + "ex = " + e); + if (e != null) { + if (e.getMessage().contains("test timed out after")) { + LOGGER.error("Test class time out, but caught by rule, description = " + description + "ex = " + e); + } else {{ + LOGGER.error("Unexpected error: " + e + ", " + e.getStackTrace() + ", " + e.getMessage()); + }} } } }) @@ -225,7 +229,7 @@ public abstract class AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(user); Statement statement = connection.createStatement(); for(String db : dbs) { - statement.execute("DROP DATABASE IF EXISTS " + db + " CASCADE"); + exec(statement, "DROP DATABASE IF EXISTS " + db + " CASCADE"); } statement.close(); connection.close(); @@ -236,7 +240,7 @@ public abstract class AbstractTestWithStaticConfiguration { ArrayList<String> allowedDBs = new ArrayList<String>(Arrays.asList(DB1, DB2, DB3)); for(String db : dbs) { Assert.assertTrue(db + " is not part of known test dbs which will be cleaned up after the test", allowedDBs.contains(db)); - statement.execute("CREATE DATABASE " + db); + exec(statement, "CREATE DATABASE " + db); } statement.close(); connection.close(); @@ -246,13 +250,13 @@ public abstract class AbstractTestWithStaticConfiguration { throws Exception { Connection connection = context.createConnection(user); Statement statement = connection.createStatement(); - statement.execute("USE " + db); + exec(statement, "USE " + db); for(String table : tables) { - statement.execute("DROP TABLE IF EXISTS " + table); - statement.execute("create table " + table + exec(statement, "DROP TABLE IF EXISTS " + table); + exec(statement, "create table " + table + " (under_col int comment 'the under column', value string)"); if(dataFile != null) { - statement.execute("load data local inpath '" + dataFile.getPath() + exec(statement, "load data local inpath '" + dataFile.getPath() + "' into table " + table); ResultSet res = statement.executeQuery("select * from " + table); Assert.assertTrue("Table should have data after load", res.next()); @@ -384,7 +388,7 @@ public abstract class AbstractTestWithStaticConfiguration { String roleName = roleEntry.getKey(); if(!roleEntry.getKey().equalsIgnoreCase("admin_role")){ LOGGER.info("Creating role : " + roleName); - statement.execute("CREATE ROLE " + roleName); + exec(statement, "CREATE ROLE " + roleName); for (String privilege : roleEntry.getValue()) { addPrivilege(roleEntry.getKey(), privilege, statement); } @@ -397,14 +401,14 @@ public abstract class AbstractTestWithStaticConfiguration { for (String roleName : roleNames.split(",")) { String sql = "GRANT ROLE " + roleName + " TO GROUP " + groupEntry.getKey(); LOGGER.info("Granting role to group: " + sql); - statement.execute(sql); + exec(statement, sql); } } } } private static void addPrivilege(String roleName, String privileges, Statement statement) - throws IOException, SQLException{ + throws Exception { String serverName = null, dbName = null, tableName = null, uriPath = null, columnName = null; String action = "ALL";//AccessConstants.ALL; for (String privilege : ROLE_SPLITTER.split(privileges)) { @@ -439,29 +443,29 @@ public abstract class AbstractTestWithStaticConfiguration { LOGGER.info("addPrivilege"); if (columnName != null) { - statement.execute("CREATE DATABASE IF NOT EXISTS " + dbName); - statement.execute("USE " + dbName); + exec(statement, "CREATE DATABASE IF NOT EXISTS " + dbName); + exec(statement, "USE " + dbName); String sql = "GRANT " + action + " ( " + columnName + " ) ON TABLE " + tableName + " TO ROLE " + roleName; LOGGER.info("Granting column level privilege: database = " + dbName + ", sql = " + sql); - statement.execute(sql); + exec(statement, sql); } else if (tableName != null) { - statement.execute("CREATE DATABASE IF NOT EXISTS " + dbName); - statement.execute("USE " + dbName); + exec(statement, "CREATE DATABASE IF NOT EXISTS " + dbName); + exec(statement, "USE " + dbName); String sql = "GRANT " + action + " ON TABLE " + tableName + " TO ROLE " + roleName; LOGGER.info("Granting table level privilege: database = " + dbName + ", sql = " + sql); - statement.execute(sql); + exec(statement, sql); } else if (dbName != null) { String sql = "GRANT " + action + " ON DATABASE " + dbName + " TO ROLE " + roleName; LOGGER.info("Granting db level privilege: " + sql); - statement.execute(sql); + exec(statement, sql); } else if (uriPath != null) { String sql = "GRANT " + action + " ON URI '" + uriPath + "' TO ROLE " + roleName; LOGGER.info("Granting uri level privilege: " + sql); - statement.execute(sql);//ALL? + exec(statement, sql);//ALL? } else if (serverName != null) { String sql = "GRANT ALL ON SERVER " + serverName + " TO ROLE " + roleName; LOGGER.info("Granting server level privilege: " + sql); - statement.execute(sql); + exec(statement, sql); } } } @@ -653,13 +657,13 @@ public abstract class AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(ADMIN1); Statement statement = connection.createStatement(); try { - statement.execute("CREATE ROLE admin_role"); + exec(statement, "CREATE ROLE admin_role"); } catch ( Exception e) { //It is ok if admin_role already exists } - statement.execute("GRANT ALL ON SERVER " + exec(statement, "GRANT ALL ON SERVER " + HiveServerFactory.DEFAULT_AUTHZ_SERVER_NAME + " TO ROLE admin_role"); - statement.execute("GRANT ROLE admin_role TO GROUP " + ADMINGROUP); + exec(statement, "GRANT ROLE admin_role TO GROUP " + ADMINGROUP); statement.close(); connection.close(); } http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/Context.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/Context.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/Context.java index a92d8c9..bd5025d 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/Context.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/Context.java @@ -199,6 +199,7 @@ public class Context { public void assertSentrySemanticException(Statement statement, String query, String exceptionType) throws SQLException { try { + LOGGER.info("Running [" + query + "]"); statement.execute(query); Assert.fail("Expected SQLException for '" + query + "'"); } catch (SQLException e) { http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java index a02a156..e06c6ad 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java @@ -76,7 +76,7 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat // Negative test, user2 doesn't have access to write to dir connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); context.assertAuthzException(statement, "INSERT OVERWRITE DIRECTORY '" + dumpDir + "' SELECT * FROM " + TBL1); statement.close(); connection.close(); @@ -86,7 +86,7 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat dfs.assertCreateDir(scratchLikeDir); connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); context.assertAuthzException(statement, "INSERT OVERWRITE DIRECTORY '" + scratchLikeDir + "/bar' SELECT * FROM " + TBL1); statement.close(); connection.close(); @@ -94,9 +94,9 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat // positive test, user1 has access to write to dir connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); assertTrue(statement.executeQuery("SELECT * FROM " + TBL1).next()); - statement.execute("INSERT OVERWRITE DIRECTORY '" + dumpDir + "' SELECT * FROM " + TBL1); + exec(statement, "INSERT OVERWRITE DIRECTORY '" + dumpDir + "' SELECT * FROM " + TBL1); } @Test @@ -104,6 +104,7 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat Connection connection = null; Statement statement = null; String exportDir = dfs.getBaseDir() + "/hive_export1"; + LOGGER.info("exportDir = " + exportDir); createDb(ADMIN1, DB1); createTable(ADMIN1, DB1, dataFile, TBL1); @@ -122,7 +123,7 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat // Negative test, user2 doesn't have access to the file being loaded connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); context.assertAuthzException(statement, "EXPORT TABLE " + TBL1 + " TO '" + exportDir + "'"); statement.close(); connection.close(); @@ -130,17 +131,17 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat // Positive test, user1 have access to the target directory connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); // Import/Export works with s3 storage system only when this is turned on. exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); - statement.execute("EXPORT TABLE " + TBL1 + " TO '" + exportDir + "'"); + exec(statement, "EXPORT TABLE " + TBL1 + " TO '" + exportDir + "'"); statement.close(); connection.close(); // Negative test, user2 doesn't have access to the directory loading from connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); context.assertAuthzException(statement, "IMPORT TABLE " + TBL2 + " FROM '" + exportDir + "'"); statement.close(); @@ -149,17 +150,17 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat // Positive test, user1 have access to the target directory connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); + exec(statement, "use " + DB1); exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); - statement.execute("IMPORT TABLE " + TBL2 + " FROM '" + exportDir + "'"); + exec(statement, "IMPORT TABLE " + TBL2 + " FROM '" + exportDir + "'"); statement.close(); connection.close(); // Positive test, user3 have access to the target directory connection = context.createConnection(USER3_1); statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("SELECT under_col FROM " + TBL1); + exec(statement, "use " + DB1); + exec(statement, "SELECT under_col FROM " + TBL1); statement.close(); connection.close(); } http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart2.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart2.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart2.java index e11a817..6a2a6b3 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart2.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestOperationsPart2.java @@ -91,13 +91,13 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { private void adminCreate(String db, String table, boolean partitioned) throws Exception{ Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("DROP DATABASE IF EXISTS " + db + " CASCADE"); - statement.execute("CREATE DATABASE " + db); + exec(statement, "DROP DATABASE IF EXISTS " + db + " CASCADE"); + exec(statement, "CREATE DATABASE " + db); if(table !=null) { if (partitioned) { - statement.execute("CREATE table " + db + "." + table + " (a string) PARTITIONED BY (b string)"); + exec(statement, "CREATE table " + db + "." + table + " (a string) PARTITIONED BY (b string)"); } else{ - statement.execute("CREATE table " + db + "." + table + " (a string)"); + exec(statement, "CREATE table " + db + "." + table + " (a string)"); } } @@ -125,16 +125,16 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Positive cases connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("CREATE INDEX table01_index ON TABLE tb1 (a) AS 'COMPACT' WITH DEFERRED REBUILD"); - statement.execute("ALTER INDEX table01_index ON tb1 REBUILD"); + exec(statement, "Use " + DB1); + exec(statement, "CREATE INDEX table01_index ON TABLE tb1 (a) AS 'COMPACT' WITH DEFERRED REBUILD"); + exec(statement, "ALTER INDEX table01_index ON tb1 REBUILD"); statement.close(); connection.close(); //Negative case connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); assertSemanticException(statement, "CREATE INDEX table02_index ON TABLE tb1 (a) AS 'COMPACT' WITH DEFERRED REBUILD"); assertSemanticException(statement, "ALTER INDEX table01_index ON tb1 REBUILD"); assertSemanticException(statement, "DROP INDEX table01_index ON tb1"); @@ -144,8 +144,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Positive cases connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("DROP INDEX table01_index ON tb1"); + exec(statement, "Use " + DB1); + exec(statement, "DROP INDEX table01_index ON tb1"); statement.close(); connection.close(); } @@ -169,7 +169,7 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Negative case connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); assertSemanticException(statement, "drop table " + tableName); statement.close(); @@ -178,8 +178,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Positive cases connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("drop table " + tableName); + exec(statement, "Use " + DB1); + exec(statement, "drop table " + tableName); statement.close(); connection.close(); @@ -210,20 +210,20 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Setup connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '10') "); + exec(statement, "Use " + DB1); + exec(statement, "ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '10') "); //Negative case connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("USE " + DB1); + exec(statement, "USE " + DB1); assertSemanticException(statement, "ALTER TABLE tb1 DROP PARTITION (b = 10)"); //Positive case connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("ALTER TABLE tb1 DROP PARTITION (b = 10)"); + exec(statement, "Use " + DB1); + exec(statement, "ALTER TABLE tb1 DROP PARTITION (b = 10)"); statement.close(); connection.close(); } @@ -238,7 +238,7 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { adminCreate(DB3, null); Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("CREATE table " + DB1 + ".TAB_2 (a string)"); + exec(statement, "CREATE table " + DB1 + ".TAB_2 (a string)"); statement.close(); connection.close(); @@ -255,50 +255,50 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // user1 haven't create permission with db_2, can't move table to db_2 - statement.execute("use " + DB1); + exec(statement, "use " + DB1); try { - statement.execute("alter table TAB_1 rename to " + DB2 + ".TAB_1"); + exec(statement, "alter table TAB_1 rename to " + DB2 + ".TAB_1"); fail("the exception should be thrown"); } catch (Exception e) { // ignore the exception } try { // test with the format of table name: db.table - statement.execute("alter table " + DB1 + ".TAB_1 rename to " + DB2 + ".TAB_1"); + exec(statement, "alter table " + DB1 + ".TAB_1 rename to " + DB2 + ".TAB_1"); fail("the exception should be thrown"); } catch (Exception e) { // ignore the exception } // user1 haven't create permission with db_2, can't move table from db_2 - statement.execute("use " + DB2); + exec(statement, "use " + DB2); try { - statement.execute("alter table TAB_3 rename to " + DB2 + ".TAB_1"); + exec(statement, "alter table TAB_3 rename to " + DB2 + ".TAB_1"); fail("the exception should be thrown"); } catch (Exception e) { // ignore the exception } try { // test with the format of table name: db.table - statement.execute("alter table " + DB2 + ".TAB_3 rename to " + DB2 + ".TAB_1"); + exec(statement, "alter table " + DB2 + ".TAB_3 rename to " + DB2 + ".TAB_1"); fail("the exception should be thrown"); } catch (Exception e) { // ignore the exception } // user1 have all permission with db_1 and create permission with db_3, alter_table_rename pass - statement.execute("use " + DB1); - statement.execute("alter table TAB_1 rename to " + DB3 + ".TAB_1"); - statement.execute("alter table " + DB1 + ".TAB_2 rename to " + DB3 + ".TAB_2"); + exec(statement, "use " + DB1); + exec(statement, "alter table TAB_1 rename to " + DB3 + ".TAB_1"); + exec(statement, "alter table " + DB1 + ".TAB_2 rename to " + DB3 + ".TAB_2"); // user1 have drop permission with db_2 and create permission with db_3, alter_table_rename pass - statement.execute("use " + DB2); - statement.execute("alter table TAB_3 rename to " + DB3 + ".TAB_3"); + exec(statement, "use " + DB2); + exec(statement, "alter table TAB_3 rename to " + DB3 + ".TAB_3"); // user1 haven't drop permission with db_3, can't move table to db_3 - statement.execute("use " + DB3); + exec(statement, "use " + DB3); try { - statement.execute("alter table TAB_3 rename to TAB_4"); + exec(statement, "alter table TAB_3 rename to TAB_4"); fail("the exception should be thrown"); } catch (Exception e) { // ignore the exception @@ -326,24 +326,24 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Case with out uri Connection connection = context.createConnection(USER2_1); Statement statement = context.createStatement(connection); - statement.execute("USE " + DB1); + exec(statement, "USE " + DB1); assertSemanticException(statement, "ALTER TABLE tb1 SET LOCATION '" + tabLocation + "'"); assertSemanticException(statement, "ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '3') LOCATION '" + tabLocation + "/part'"); - statement.execute("ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '1') "); + exec(statement, "ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '1') "); connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("ALTER TABLE tb1 SET LOCATION '" + tabLocation + "'"); - statement.execute("ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '3') LOCATION '" + tabLocation + "/part'"); - statement.execute("ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '10') "); + exec(statement, "Use " + DB1); + exec(statement, "ALTER TABLE tb1 SET LOCATION '" + tabLocation + "'"); + exec(statement, "ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '3') LOCATION '" + tabLocation + "/part'"); + exec(statement, "ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '10') "); statement.close(); connection.close(); //Negative case: User2_1 has privileges on table but on on uri connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); context.assertSentrySemanticException(statement, "ALTER TABLE tb1 SET LOCATION '" + tabLocation + "'", semanticException); context.assertSentrySemanticException(statement, @@ -360,7 +360,7 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER3_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); assertSemanticException(statement, "ALTER TABLE tb1 ADD IF NOT EXISTS PARTITION (b = '2') "); assertSemanticException(statement, "ALTER TABLE tb1 SET LOCATION '" + tabLocation + "'"); @@ -387,8 +387,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); - statement.execute("use " + DB2); - statement.execute("create view view1 as select a from " + DB1 + ".tb1"); + exec(statement, "use " + DB2); + exec(statement, "create view view1 as select a from " + DB1 + ".tb1"); statement.close(); connection.close(); @@ -400,7 +400,7 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER3_1); statement = context.createStatement(connection); - statement.execute("Use " + DB2); + exec(statement, "Use " + DB2); context.assertSentrySemanticException(statement, "create view view1 as select a from " + DB1 + ".tb1", semanticException); statement.close(); @@ -441,7 +441,7 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Negative case connection = context.createConnection(USER3_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); // Import/Export works with s3 storage system only when this is turned on. exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); context.assertSentrySemanticException(statement, "export table tb1 to '" + location + "'", @@ -452,16 +452,16 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Positive connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); - statement.execute("export table tb1 to '" + location + "'" ); + exec(statement, "export table tb1 to '" + location + "'" ); statement.close(); connection.close(); //Negative connection = context.createConnection(USER3_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); context.assertSentrySemanticException(statement, "import table tb2 from '" + location + "'", semanticException); @@ -471,9 +471,9 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { //Positive connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("Use " + DB1); + exec(statement, "Use " + DB1); exec(statement, "set hive.exim.uri.scheme.whitelist=hdfs,pfile,s3a;"); - statement.execute("import table tb2 from '" + location + "'"); + exec(statement, "import table tb2 from '" + location + "'"); statement.close(); connection.close(); @@ -500,8 +500,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("load data local inpath '" + dataFile.getPath() + "' into table tb1" ); + exec(statement, "Use " + DB1); + exec(statement, "load data local inpath '" + dataFile.getPath() + "' into table tb1" ); statement.close(); connection.close(); } @@ -518,8 +518,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("Use " + DB1); - statement.execute("create view view1 as select a from " + DB1 + ".tb1"); + exec(statement, "Use " + DB1); + exec(statement, "create view view1 as select a from " + DB1 + ".tb1"); statement.close(); connection.close(); @@ -535,8 +535,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("Use " + DB2); - statement.execute("create table tb2 as select a from " + DB1 + ".tb1"); + exec(statement, "Use " + DB2); + exec(statement, "create table tb2 as select a from " + DB1 + ".tb1"); //Ensure CTAS fails without URI context.assertSentrySemanticException(statement, "create table tb3 location '" + location + "' as select a from " + DB1 + ".tb1", @@ -550,8 +550,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("Use " + DB2); - statement.execute("create table tb3 as select a from " + DB1 + ".view1" ); + exec(statement, "Use " + DB2); + exec(statement, "create table tb3 as select a from " + DB1 + ".view1" ); context.assertSentrySemanticException(statement, "create table tb4 as select a from " + DB1 + ".tb1", semanticException); @@ -561,8 +561,8 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER3_1); statement = context.createStatement(connection); //CTAS is valid with URI - statement.execute("Use " + DB2); - statement.execute("create table tb4 location '" + location + + exec(statement, "Use " + DB2); + exec(statement, "create table tb4 location '" + location + "' as select a from " + DB1 + ".tb1"); statement.close(); @@ -601,13 +601,13 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); assertSemanticException(statement, "insert overwrite directory '" + location + "' select * from " + DB1 + ".tb1"); - statement.execute("insert overwrite table " + DB2 + ".tb2 select * from " + DB1 + ".tb1"); + exec(statement, "insert overwrite table " + DB2 + ".tb2 select * from " + DB1 + ".tb1"); statement.close(); connection.close(); connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("insert overwrite directory '" + location + "' select * from " + DB1 + ".tb1" ); + exec(statement, "insert overwrite directory '" + location + "' select * from " + DB1 + ".tb1" ); assertSemanticException(statement, "insert overwrite table " + DB2 + ".tb2 select * from " + DB1 + ".tb1"); statement.close(); connection.close(); @@ -619,12 +619,12 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { Statement statement; connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("create database " + DB1); - statement.execute("create table " + DB1 + ".tb1(a int)"); - statement.execute("DROP table " + DB1 + ".tb1"); - statement.execute("create table " + DB1 + ".tb1(a int)"); - statement.execute("use " + DB1); - statement.execute("drop table tb1"); + exec(statement, "create database " + DB1); + exec(statement, "create table " + DB1 + ".tb1(a int)"); + exec(statement, "DROP table " + DB1 + ".tb1"); + exec(statement, "create table " + DB1 + ".tb1(a int)"); + exec(statement, "use " + DB1); + exec(statement, "drop table tb1"); } @Test @@ -651,7 +651,7 @@ public class TestOperationsPart2 extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("create external table " + DB1 + ".tb1(a int) stored as " + + exec(statement, "create external table " + DB1 + ".tb1(a int) stored as " + "textfile location 'file:" + externalTblDir.getAbsolutePath() + "'"); statement.close(); connection.close(); http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java index 202173c..915b6cc 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestSandboxOps.java @@ -435,11 +435,11 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); - statement.execute("USE " + DB1); - statement.execute("INSERT OVERWRITE LOCAL DIRECTORY 'file://" + allowedDir.getPath() + "' SELECT * FROM " + TBL1); - statement.execute("INSERT OVERWRITE DIRECTORY '" + allowedDfsDir + "' SELECT * FROM " + TBL1); - statement.execute("LOAD DATA LOCAL INPATH 'file://" + allowedDir.getPath() + "' INTO TABLE " + TBL1); - statement.execute("LOAD DATA INPATH '" + allowedDfsDir + "' INTO TABLE " + TBL1); + exec(statement, "USE " + DB1); + exec(statement, "INSERT OVERWRITE LOCAL DIRECTORY 'file://" + allowedDir.getPath() + "' SELECT * FROM " + TBL1); + exec(statement, "INSERT OVERWRITE DIRECTORY '" + allowedDfsDir + "' SELECT * FROM " + TBL1); + exec(statement, "LOAD DATA LOCAL INPATH 'file://" + allowedDir.getPath() + "' INTO TABLE " + TBL1); + exec(statement, "LOAD DATA INPATH '" + allowedDfsDir + "' INTO TABLE " + TBL1); context.assertAuthzException(statement, "INSERT OVERWRITE LOCAL DIRECTORY 'file://" + restrictedDir.getPath() + "' SELECT * FROM " + TBL1); context.assertAuthzException(statement, "INSERT OVERWRITE DIRECTORY '" + restrictedDfsDir + "' SELECT * FROM " + TBL1); context.assertAuthzException(statement, "LOAD DATA INPATH 'file://" + restrictedDir.getPath() + "' INTO TABLE " + TBL1); @@ -469,8 +469,8 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration { // a Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); - statement.execute("USE " + DB1); - statement.execute("CREATE TABLE " + rTab1 + " AS SELECT * FROM " + DB2 + "." + TBL2); + exec(statement, "USE " + DB1); + exec(statement, "CREATE TABLE " + rTab1 + " AS SELECT * FROM " + DB2 + "." + TBL2); // user1 doesn't have access to db2, so following create table as should fail context.assertAuthzException(statement, "CREATE TABLE " + rTab2 + " AS SELECT * FROM " + DB2 + "." + TBL3); @@ -494,16 +494,16 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration { Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("CREATE DATABASE " + DB1); - statement.execute("USE " + DB1); - statement.execute("CREATE TABLE tbl1(B INT, A STRING) " + + exec(statement, "CREATE DATABASE " + DB1); + exec(statement, "USE " + DB1); + exec(statement, "CREATE TABLE tbl1(B INT, A STRING) " + " row format delimited fields terminated by '|' stored as textfile"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE tbl1"); - statement.execute("CREATE DATABASE " + DB2); - statement.execute("USE " + DB2); - statement.execute("CREATE TABLE tbl2(B INT, A STRING) " + + exec(statement, "LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE tbl1"); + exec(statement, "CREATE DATABASE " + DB2); + exec(statement, "USE " + DB2); + exec(statement, "CREATE TABLE tbl2(B INT, A STRING) " + " row format delimited fields terminated by '|' stored as textfile"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE tbl2"); + exec(statement, "LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE tbl2"); statement.close(); connection.close(); @@ -519,8 +519,8 @@ public class TestSandboxOps extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER2_1); statement = context.createStatement(connection); // test user2 can use db2 - statement.execute("USE " + DB2); - statement.execute("select * from tbl2"); + exec(statement, "USE " + DB2); + exec(statement, "select * from tbl2"); statement.close(); connection.close(); http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java index a2850b9..60e5319 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java @@ -63,10 +63,10 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // create dbs Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - adminStmt.execute("use default"); - adminStmt.execute("CREATE DATABASE " + DB1); - adminStmt.execute("use " + DB1); - adminStmt.execute("CREATE TABLE " + tabName + "(id int)"); + exec(adminStmt, "use default"); + exec(adminStmt, "CREATE DATABASE " + DB1); + exec(adminStmt, "use " + DB1); + exec(adminStmt, "CREATE TABLE " + tabName + "(id int)"); context.close(); policyFile @@ -80,10 +80,10 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // positive test, user1 has access to file being loaded userConn = context.createConnection(USER1_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); - userStmt.execute("load data local inpath 'file://" + dataFile.getPath() + + exec(userStmt, "use " + DB1); + exec(userStmt, "load data local inpath 'file://" + dataFile.getPath() + "' into table " + tabName); - userStmt.execute("select * from " + tabName + " limit 1"); + exec(userStmt, "select * from " + tabName + " limit 1"); ResultSet res = userStmt.getResultSet(); Assert.assertTrue("Table should have data after load", res.next()); res.close(); @@ -92,7 +92,7 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // Negative test, user2 doesn't have access to the file being loaded userConn = context.createConnection(USER2_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); + exec(userStmt, "use " + DB1); context.assertAuthzException(userStmt, "load data local inpath 'file://" + dataFile.getPath() + "' into table " + tabName); userStmt.close(); @@ -112,10 +112,10 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // create dbs Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - adminStmt.execute("use default"); - adminStmt.execute("CREATE DATABASE " + DB1); - adminStmt.execute("use " + DB1); - adminStmt.execute("CREATE TABLE " + tabName + " (id int) PARTITIONED BY (dt string)"); + exec(adminStmt, "use default"); + exec(adminStmt, "CREATE DATABASE " + DB1); + exec(adminStmt, "use " + DB1); + exec(adminStmt, "CREATE TABLE " + tabName + " (id int) PARTITIONED BY (dt string)"); adminCon.close(); policyFile @@ -131,38 +131,38 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // positive test: user1 has privilege to alter table add partition but not set location userConn = context.createConnection(USER1_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); - userStmt.execute("ALTER TABLE " + tabName + " ADD IF NOT EXISTS PARTITION (dt = '21-Dec-2012') " + + exec(userStmt, "use " + DB1); + exec(userStmt, "ALTER TABLE " + tabName + " ADD IF NOT EXISTS PARTITION (dt = '21-Dec-2012') " + " LOCATION '" + tabDir + "'"); - userStmt.execute("ALTER TABLE " + tabName + " DROP PARTITION (dt = '21-Dec-2012')"); - userStmt.execute("ALTER TABLE " + tabName + " ADD PARTITION (dt = '21-Dec-2012') " + + exec(userStmt, "ALTER TABLE " + tabName + " DROP PARTITION (dt = '21-Dec-2012')"); + exec(userStmt, "ALTER TABLE " + tabName + " ADD PARTITION (dt = '21-Dec-2012') " + " LOCATION '" + tabDir + "'"); - userStmt.execute( + exec(userStmt, "ALTER TABLE " + tabName + " PARTITION (dt = '21-Dec-2012') " + " SET LOCATION '" + tabDir + "'"); userConn.close(); // negative test: user2 doesn't have privilege to alter table add partition userConn = context.createConnection(USER2_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); + exec(userStmt, "use " + DB1); context.assertAuthzException(userStmt, "ALTER TABLE " + tabName + " ADD PARTITION (dt = '22-Dec-2012') " + " LOCATION '" + tabDir + "/foo'"); // positive test, user2 can alter managed partitions - userStmt.execute("ALTER TABLE " + tabName + " ADD PARTITION (dt = '22-Dec-2012')"); - userStmt.execute("ALTER TABLE " + tabName + " DROP PARTITION (dt = '22-Dec-2012')"); - userStmt.execute("ALTER TABLE " + tabName + " ADD IF NOT EXISTS PARTITION (dt = '22-Dec-2012')"); - userStmt.execute("ALTER TABLE " + tabName + " DROP PARTITION (dt = '22-Dec-2012')"); + exec(userStmt, "ALTER TABLE " + tabName + " ADD PARTITION (dt = '22-Dec-2012')"); + exec(userStmt, "ALTER TABLE " + tabName + " DROP PARTITION (dt = '22-Dec-2012')"); + exec(userStmt, "ALTER TABLE " + tabName + " ADD IF NOT EXISTS PARTITION (dt = '22-Dec-2012')"); + exec(userStmt, "ALTER TABLE " + tabName + " DROP PARTITION (dt = '22-Dec-2012')"); userConn.close(); // positive test: user3 has privilege to add/drop partitions userConn = context.createConnection(USER3_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); - userStmt.execute( + exec(userStmt, "use " + DB1); + exec(userStmt, "ALTER TABLE " + tabName + " ADD PARTITION (dt = '22-Dec-2012') " + " LOCATION '" + tabDir + "/foo'"); - userStmt.execute( + exec(userStmt, "ALTER TABLE " + tabName + " DROP PARTITION (dt = '21-Dec-2012')"); userStmt.close(); @@ -180,10 +180,10 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // create dbs Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - adminStmt.execute("use default"); - adminStmt.execute("CREATE DATABASE " + DB1); - adminStmt.execute("use " + DB1); - adminStmt.execute("CREATE TABLE " + tabName + " (id int) PARTITIONED BY (dt string)"); + exec(adminStmt, "use default"); + exec(adminStmt, "CREATE DATABASE " + DB1); + exec(adminStmt, "use " + DB1); + exec(adminStmt, "CREATE TABLE " + tabName + " (id int) PARTITIONED BY (dt string)"); adminCon.close(); policyFile @@ -197,16 +197,16 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // positive test: user2 has privilege to alter table set partition userConn = context.createConnection(USER2_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); - userStmt.execute( + exec(userStmt, "use " + DB1); + exec(userStmt, "ALTER TABLE " + tabName + " SET LOCATION '" + tabDir + "'"); userConn.close(); // positive test: user1 has privilege to alter table set partition userConn = context.createConnection(USER1_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); - userStmt.execute("ALTER TABLE " + tabName + " SET LOCATION '" + tabDir + "'"); + exec(userStmt, "use " + DB1); + exec(userStmt, "ALTER TABLE " + tabName + " SET LOCATION '" + tabDir + "'"); userConn.close(); } @@ -226,8 +226,8 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // create dbs Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - adminStmt.execute("use default"); - adminStmt.execute("CREATE DATABASE " + DB1); + exec(adminStmt, "use default"); + exec(adminStmt, "CREATE DATABASE " + DB1); adminStmt.close(); adminCon.close(); @@ -241,7 +241,7 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // negative test: user2 doesn't have privilege to create external table in given path userConn = context.createConnection(USER2_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); + exec(userStmt, "use " + DB1); context.assertAuthzException(userStmt, "CREATE EXTERNAL TABLE extab1(id INT) LOCATION '" + tableDir + "'"); context.assertAuthzException(userStmt, "CREATE TABLE extab1(id INT) LOCATION '" + tableDir + "'"); @@ -251,10 +251,10 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration { // positive test: user1 has privilege to create external table in given path userConn = context.createConnection(USER1_1); userStmt = context.createStatement(userConn); - userStmt.execute("use " + DB1); - userStmt.execute("CREATE EXTERNAL TABLE extab1(id INT) LOCATION '" + tableDir + "'"); - userStmt.execute("DROP TABLE extab1"); - userStmt.execute("CREATE TABLE extab1(id INT) LOCATION '" + tableDir + "'"); + exec(userStmt, "use " + DB1); + exec(userStmt, "CREATE EXTERNAL TABLE extab1(id INT) LOCATION '" + tableDir + "'"); + exec(userStmt, "DROP TABLE extab1"); + exec(userStmt, "CREATE TABLE extab1(id INT) LOCATION '" + tableDir + "'"); userStmt.close(); userConn.close(); } http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/fs/TestHiveWarehouseOnExtFs.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/fs/TestHiveWarehouseOnExtFs.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/fs/TestHiveWarehouseOnExtFs.java index ed965c1..31000d4 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/fs/TestHiveWarehouseOnExtFs.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/fs/TestHiveWarehouseOnExtFs.java @@ -40,7 +40,7 @@ import static org.junit.Assume.assumeTrue; * <value>s3a://sentry-s3/user/hive/warehouse</value> * </property> * Test basic db and tbl permissions - * Ensure export HIVE_CONF_DIR=/etc/hive/conf/hite-site.xml + * Ensure export HIVE_CONF_DIR=/etc/hive/conf, in the dir, can find hive-site.xml */ public class TestHiveWarehouseOnExtFs extends TestFSBase { private static final Logger LOGGER = LoggerFactory http://git-wip-us.apache.org/repos/asf/sentry/blob/a5ed6d91/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/UnmanagedHiveServer.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/UnmanagedHiveServer.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/UnmanagedHiveServer.java index d5c5db4..90713b1 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/UnmanagedHiveServer.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/UnmanagedHiveServer.java @@ -86,9 +86,13 @@ public class UnmanagedHiveServer implements HiveServer { @Override public String getProperty(String key) { if(key.equalsIgnoreCase(HiveConf.ConfVars.METASTOREWAREHOUSE.varname)) { - return "hdfs://" + getSystemAndConfigProperties(key, null); //UnManagedHiveServer returns the warehouse directory without hdfs:// + String originalHiveWarehouseUri = getSystemAndConfigProperties(key, null); + if (originalHiveWarehouseUri != null && originalHiveWarehouseUri.isEmpty() == false + && originalHiveWarehouseUri.startsWith("hdfs") == false && originalHiveWarehouseUri.startsWith("s3a") == false) { + return "hdfs://" + getSystemAndConfigProperties(key, null); //UnManagedHiveServer returns the warehouse directory with hdfs:// + } } - return getSystemAndConfigProperties(key, null); + return getSystemAndConfigProperties(key, null); } @Override
