Repository: sentry Updated Branches: refs/heads/sentry-ha-redesign 63352d834 -> 7868f80c2
SENTRY-1327: Enable show grant role roleName on all command (Ke Jia via Dapeng Sun) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/7868f80c Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/7868f80c Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/7868f80c Branch: refs/heads/sentry-ha-redesign Commit: 7868f80c2b07ad7eae62d58de24cfa0246b28744 Parents: 63352d8 Author: Alexander Kolbasov <[email protected]> Authored: Fri Mar 10 18:07:38 2017 -0800 Committer: Alexander Kolbasov <[email protected]> Committed: Fri Mar 10 18:07:38 2017 -0800 ---------------------------------------------------------------------- .../SentryHiveAuthorizationTaskFactoryImpl.java | 3 +++ .../e2e/dbprovider/TestDatabaseProvider.java | 22 ++++++++++++++++++++ 2 files changed, 25 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/7868f80c/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java index ca6bb17..ceb3b17 100644 --- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java +++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java @@ -214,6 +214,9 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization ASTNode child = (ASTNode) ast.getChild(1); if (child.getToken().getType() == HiveParser.TOK_PRIV_OBJECT_COL) { privHiveObj = analyzePrivilegeObject(child); + } else if(child.getToken().getType() == HiveParser.TOK_RESOURCE_ALL) { + //if privHiveObj is null, it will return all priveleges. + privHiveObj = null; } else { throw new SemanticException("Unrecognized Token: " + child.getToken().getType()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/7868f80c/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java index 255e266..eff0b6c 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java @@ -2214,4 +2214,26 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection.close(); } + @Test + public void testShowGrantOnALL() throws Exception { + + // setup db objects needed by the test + Connection connection = context.createConnection(ADMIN1); + Statement statement = context.createStatement(connection); + statement.execute("DROP DATABASE IF EXISTS db_1 CASCADE"); + statement.execute("DROP DATABASE IF EXISTS db_2 CASCADE"); + statement.execute("CREATE DATABASE db_1"); + statement.execute("CREATE ROLE group1_role"); + statement.execute("GRANT ALL ON DATABASE db_1 TO ROLE group1_role"); + statement.execute("grant select on database db_1 to role group1_role"); + ResultSet res = statement.executeQuery("show grant role group1_role on all"); + List<String> returnedResult = new ArrayList<String>(); + List<String> expectedResult = new ArrayList<String>(); + expectedResult.add("db_1"); + while (res.next()) { + returnedResult.add(res.getString(1).trim()); + } + validateReturnedResult(expectedResult, returnedResult); + connection.close(); + } }
