Repository: sentry Updated Branches: refs/for/cdh5-1.5.1_ha [created] 78aa15974
http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java deleted file mode 100644 index fca8e81..0000000 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java +++ /dev/null @@ -1,123 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.thrift; - -import com.google.common.net.HostAndPort; -import org.apache.thrift.protocol.TProtocol; -import org.apache.thrift.transport.TSaslClientTransport; -import org.apache.thrift.transport.TSaslServerTransport; -import org.apache.thrift.transport.TSocket; -import org.apache.thrift.transport.TTransport; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.base.Preconditions; - -public class ThriftUtil { - - private static final Logger LOGGER = LoggerFactory.getLogger(ThriftUtil.class); - - public static void setImpersonator(final TProtocol in) { - try { - TTransport transport = in.getTransport(); - if (transport instanceof TSaslServerTransport) { - String impersonator = ((TSaslServerTransport) transport).getSaslServer() - .getAuthorizationID(); - setImpersonator(impersonator); - } - } catch (Exception e) { - // If there has exception when get impersonator info, log the error information. - LOGGER.warn("There is an error when get the impersonator:" + e.getMessage()); - } - } - - public static void setIpAddress(final TProtocol in) { - try { - TTransport transport = in.getTransport(); - TSocket tSocket = getUnderlyingSocketFromTransport(transport); - if (tSocket != null) { - setIpAddress(tSocket.getSocket().getInetAddress().toString()); - } else { - LOGGER.warn("Unknown Transport, cannot determine ipAddress"); - } - } catch (Exception e) { - // If there has exception when get impersonator info, log the error information. - LOGGER.warn("There is an error when get the client's ip address:" + e.getMessage()); - } - } - - /** - * Returns the underlying TSocket from the transport, or null of the transport type is unknown. - */ - private static TSocket getUnderlyingSocketFromTransport(TTransport transport) { - Preconditions.checkNotNull(transport); - if (transport instanceof TSaslServerTransport) { - return (TSocket) ((TSaslServerTransport) transport).getUnderlyingTransport(); - } else if (transport instanceof TSaslClientTransport) { - return (TSocket) ((TSaslClientTransport) transport).getUnderlyingTransport(); - } else if (transport instanceof TSocket) { - return (TSocket) transport; - } - return null; - } - - private static ThreadLocal<String> threadLocalIpAddress = new ThreadLocal<String>() { - @Override - protected synchronized String initialValue() { - return ""; - } - }; - - public static void setIpAddress(String ipAddress) { - threadLocalIpAddress.set(ipAddress); - } - - public static String getIpAddress() { - return threadLocalIpAddress.get(); - } - - private static ThreadLocal<String> threadLocalImpersonator = new ThreadLocal<String>() { - @Override - protected synchronized String initialValue() { - return ""; - } - }; - - public static void setImpersonator(String impersonator) { - threadLocalImpersonator.set(impersonator); - } - - public static String getImpersonator() { - return threadLocalImpersonator.get(); - } - - /** - * Utility function for parsing host and port strings. Expected form should be - * (host:port). The hostname could be in ipv6 style. If port is not specified, - * defaultPort will be used. - */ - public static HostAndPort[] parseHostPortStrings(String[] hostsAndPortsArr, int defaultPort) { - HostAndPort[] hostsAndPorts = new HostAndPort[hostsAndPortsArr.length]; - for (int i = 0; i < hostsAndPorts.length; i++) { - hostsAndPorts[i] = - HostAndPort.fromString(hostsAndPortsArr[i]).withDefaultPort(defaultPort); - } - return hostsAndPorts; - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java index b289338..cf47df9 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java @@ -28,8 +28,9 @@ import org.apache.commons.pool2.impl.GenericObjectPool; import org.apache.commons.pool2.impl.GenericObjectPoolConfig; import org.apache.hadoop.conf.Configuration; import org.apache.sentry.core.common.exception.SentryUserException; +import org.apache.sentry.core.common.transport.SentryClientInvocationHandler; import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient; -import org.apache.sentry.provider.db.service.thrift.ThriftUtil; +import org.apache.sentry.core.common.utils.ThriftUtil; import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig; import org.apache.thrift.transport.TTransportException; import org.slf4j.Logger; http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java deleted file mode 100644 index 2f38198..0000000 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java +++ /dev/null @@ -1,146 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.service.thrift; - -import com.google.common.base.Preconditions; -import org.apache.hadoop.conf.Configuration; -import org.apache.sentry.core.common.exception.SentryUserException; -import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl; -import org.apache.thrift.transport.TTransportException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.IOException; -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; - -/** - * The RetryClientInvocationHandler is a proxy class for handling thrift calls for non-pool - * model. Currently only one client connection is allowed, and it's using lazy connection. - * The client is not connected to the sentry server until there is any rpc call. - * <p> - * For every rpc call, if the client is not connected, it will first connect to a sentry - * server, and then do the thrift call to the connected sentry server, which will execute - * the requested method and return back the response. If it is failed with connection - * problem, it will close the current connection and retry (reconnect and resend the - * thrift call) no more than rpcRetryTotal times. If the client is already connected, it - * will reuse the existing connection, and do the thrift call. - * <p> - * During reconnection, it will first cycle through all the available sentry servers, and - * then retry the whole server list no more than connectionFullRetryTotal times. In this - * case, it won't introduce more latency when some server fails. Also to prevent all - * clients connecting to the same server, it will reorder the endpoints randomly after a - * full retry. - * <p> - * TODO: allow multiple client connections - */ -class RetryClientInvocationHandler extends SentryClientInvocationHandler{ - private static final Logger LOGGER = - LoggerFactory.getLogger(RetryClientInvocationHandler.class); - private final Configuration conf; - private SentryPolicyServiceClientDefaultImpl client = null; - private final int rpcRetryTotal; - - /** - * Initialize the sentry configurations, including rpc retry count and client connection - * configs for SentryPolicyServiceClientDefaultImpl - */ - RetryClientInvocationHandler(Configuration conf) throws Exception { - this.conf = conf; - Preconditions.checkNotNull(this.conf, "Configuration object cannot be null"); - this.rpcRetryTotal = conf.getInt(ServiceConstants.ClientConfig.SENTRY_RPC_RETRY_TOTAL, - ServiceConstants.ClientConfig.SENTRY_RPC_RETRY_TOTAL_DEFAULT); - client = new SentryPolicyServiceClientDefaultImpl(conf); - } - - /** - * For every rpc call, if the client is not connected, it will first connect to a sentry - * server, and then do the thrift call to the connected sentry server, which will - * execute the requested method and return back the response. If it is failed with - * connection problem, it will close the current connection, and retry (reconnect and - * resend the thrift call) no more than rpcRetryTotal times. Throw SentryUserException - * if failed retry after rpcRetryTotal times. - * if it is failed with other exception, method would just re-throw the exception. - * Synchronized it for thread safety. - */ - @Override - synchronized Object invokeImpl(Object proxy, Method method, Object[] args) throws Exception { - int retryCount = 0; - Exception lastExc = null; - - while (retryCount < rpcRetryTotal) { - // Connect to a sentry server if not connected yet. - try { - client.connectWithRetry(); - } catch (IOException e) { - // Increase the retry num - // Retry when the exception is caused by connection problem. - retryCount++; - lastExc = e; - close(); - continue; - } catch (Exception e) { - close(); - throw e; - } - - // do the thrift call - try { - return method.invoke(client, args); - } catch (InvocationTargetException e) { - // Get the target exception, check if SentryUserException or TTransportException is wrapped. - // TTransportException means there has connection problem with the pool. - Throwable targetException = e.getCause(); - if (targetException instanceof SentryUserException) { - Throwable sentryTargetException = targetException.getCause(); - // If there has connection problem, eg, invalid connection if the service restarted, - // sentryTargetException instanceof TTransportException = true. - if (sentryTargetException instanceof TTransportException) { - // Retry when the exception is caused by connection problem. - lastExc = new TTransportException(sentryTargetException); - LOGGER.debug("Got TTransportException when do the thrift call ", lastExc); - } else { - // The exception is thrown by thrift call, eg, SentryAccessDeniedException. - // Do not need to reconnect to the sentry server. - throw (SentryUserException) targetException; - } - } else { - throw e; - } - } - - // Increase the retry num - retryCount++; - - // For connection problem, it will close the current connection, and reconnect to - // an available sentry server and redo the thrift call. - close(); - } - // Throw the exception as reaching the max rpc retry num. - LOGGER.error(String.format("failed after %d retries ", rpcRetryTotal), lastExc); - throw new SentryUserException( - String.format("failed after %d retries ", rpcRetryTotal), lastExc); - } - - @Override - public void close() { - client.close(); - LOGGER.debug("Close the current client connection"); - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java deleted file mode 100644 index b8c7f23..0000000 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java +++ /dev/null @@ -1,54 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.service.thrift; - -import java.lang.reflect.InvocationHandler; -import java.lang.reflect.Method; - -/** - * SentryClientInvocationHandler is the base interface for all the InvocationHandler in SENTRY - */ -public abstract class SentryClientInvocationHandler implements InvocationHandler { - - /** - * Close the InvocationHandler: An InvocationHandler may create some contexts, - * these contexts should be close when the method "close()" of client be called. - */ - @Override - public final Object invoke(Object proxy, Method method, Object[] args) throws Exception { - // close() doesn't throw exception we supress that in case of connection - // loss. Changing SentryPolicyServiceClient#close() to throw an - // exception would be a backward incompatible change for Sentry clients. - if ("close".equals(method.getName()) && null == args) { - close(); - return null; - } - return invokeImpl(proxy, method, args); - } - - /** - * Subclass should implement this method for special function - */ - abstract Object invokeImpl(Object proxy, Method method, Object[] args) throws Exception; - - /** - * An abstract method "close", an invocationHandler should close its contexts at here. - */ - public abstract void close(); - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java index bcbaba1..0e4b684 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -22,28 +22,32 @@ import java.lang.reflect.Proxy; import org.apache.hadoop.conf.Configuration; +import org.apache.sentry.core.common.transport.RetryClientInvocationHandler; +import org.apache.sentry.core.common.transport.SentryPolicyClientTransportConfig; import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient; import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl; import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig; -public class SentryServiceClientFactory { - +public final class SentryServiceClientFactory { + private static final SentryPolicyClientTransportConfig transportConfig = + new SentryPolicyClientTransportConfig(); private SentryServiceClientFactory() { } public static SentryPolicyServiceClient create(Configuration conf) throws Exception { boolean pooled = conf.getBoolean( - ClientConfig.SENTRY_POOL_ENABLED, ClientConfig.SENTRY_POOL_ENABLED_DEFAULT); + ClientConfig.SENTRY_POOL_ENABLED, ClientConfig.SENTRY_POOL_ENABLED_DEFAULT); if (pooled) { return (SentryPolicyServiceClient) Proxy - .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(), - SentryPolicyServiceClientDefaultImpl.class.getInterfaces(), - new PoolClientInvocationHandler(conf)); + .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(), + SentryPolicyServiceClientDefaultImpl.class.getInterfaces(), + new PoolClientInvocationHandler(conf)); } else { return (SentryPolicyServiceClient) Proxy - .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(), - SentryPolicyServiceClientDefaultImpl.class.getInterfaces(), - new RetryClientInvocationHandler(conf)); + .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(), + SentryPolicyServiceClientDefaultImpl.class.getInterfaces(), + new RetryClientInvocationHandler(conf, + new SentryPolicyServiceClientDefaultImpl(conf,transportConfig), transportConfig)); } } } http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java index fff5854..29fb421 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java @@ -25,7 +25,6 @@ import javax.security.sasl.Sasl; import com.google.common.base.Splitter; import com.google.common.collect.ImmutableMap; import org.apache.sentry.provider.db.service.thrift.SentryMetrics; -import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl; public class ServiceConstants { @@ -119,6 +118,8 @@ public class ServiceConstants { public static final String SENTRY_STORE_LOCAL_GROUP_MAPPING = "org.apache.sentry.provider.file.LocalGroupMappingService"; public static final String SENTRY_STORE_GROUP_MAPPING_DEFAULT = SENTRY_STORE_HADOOP_GROUP_MAPPING; + public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL = "sentry.store.orphaned.privilege.removal"; + public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL_DEFAULT = "false"; public static final String SENTRY_STORE_CLEAN_PERIOD_SECONDS = "sentry.store.clean.period.seconds"; public static final long SENTRY_STORE_CLEAN_PERIOD_SECONDS_DEFAULT = 43200; // 12 hours. @@ -225,12 +226,10 @@ public class ServiceConstants { } public static class ClientConfig { - public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES; public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port"; public static final int SERVER_RPC_PORT_DEFAULT = ServerConfig.RPC_PORT_DEFAULT; public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-address"; public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout"; - public static final int SERVER_RPC_CONN_TIMEOUT_DEFAULT = 200000; // HA configuration public static final String SENTRY_HA_ENABLED = "sentry.ha.enabled"; @@ -254,20 +253,6 @@ public class ServiceConstants { public static final String SENTRY_POOL_RETRY_TOTAL = "sentry.service.client.connection.pool.retry-total"; public static final int SENTRY_POOL_RETRY_TOTAL_DEFAULT = 3; - /** - * full retry num for getting the connection in non-pool model - * In a full retry, it will cycle through all available sentry servers - * {@link SentryPolicyServiceClientDefaultImpl#connectWithRetry()} - */ - public static final String SENTRY_FULL_RETRY_TOTAL = "sentry.service.client.connection.full.retry-total"; - public static final int SENTRY_FULL_RETRY_TOTAL_DEFAULT = 2; - /** - * max retry num for client rpc - * {@link RetryClientInvocationHandler#invokeImpl(Object, Method, Object[])} - */ - public static final String SENTRY_RPC_RETRY_TOTAL = "sentry.service.client.rpc.retry-total"; - public static final int SENTRY_RPC_RETRY_TOTAL_DEFAULT = 3; - // max message size for thrift messages public static String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size"; public static long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024; http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java index 356e48c..4411bdd 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java @@ -43,8 +43,8 @@ import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder; import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege; import org.apache.sentry.provider.db.service.model.MSentryRole; -import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants; import org.apache.sentry.provider.db.service.thrift.SentryConfigurationException; +import org.apache.sentry.core.common.utils.PolicyStoreConstants; import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; import org.apache.sentry.service.thrift.Status; import org.apache.sentry.service.thrift.TSentryResponseStatus; http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java new file mode 100644 index 0000000..8959ad8 --- /dev/null +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java @@ -0,0 +1,61 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * <p> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p> + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sentry.provider.db.generic.service.thrift; + +import java.util.Set; + +import org.apache.sentry.service.thrift.SentryServiceFactory; +import org.junit.BeforeClass; +import org.junit.Test; + +import com.google.common.collect.Sets; + +public class TestSentryGenericServiceClient extends SentryGenericServiceIntegrationBase { + + @BeforeClass + public static void setup() throws Exception { + beforeSetup(); + setupConf(); + startSentryService(); + afterSetup(); + kerberos = false; + } + + @Test + public void testConnectionWhenReconnect() throws Exception { + runTestAsSubject(new TestOperation() { + @Override + public void runTestAsSubject() throws Exception { + String requestorUserName = ADMIN_USER; + Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); + String roleName = "admin_r"; + setLocalGroupMapping(requestorUserName, requestorUserGroupNames); + writePolicyFile(); + + client.dropRoleIfExists(requestorUserName, roleName, "solr"); + client.createRole(requestorUserName, roleName, "solr"); + stopSentryService(); + server = new SentryServiceFactory().create(conf); + startSentryService(); + client.dropRole(requestorUserName, roleName, "solr"); + } + }); + } + +} http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java index 4e40038..ec066f0 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java @@ -40,7 +40,7 @@ import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest; import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleResponse; import org.apache.sentry.provider.db.service.thrift.TSentryGroup; import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege; -import org.apache.sentry.provider.db.service.thrift.ThriftUtil; +import org.apache.sentry.core.common.utils.ThriftUtil; import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope; import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; import org.apache.sentry.service.thrift.Status; http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java index a5aff35..8e882ad 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java @@ -43,7 +43,7 @@ import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleReque import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse; import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege; import org.apache.sentry.provider.db.log.util.Constants; -import org.apache.sentry.provider.db.service.thrift.ThriftUtil; +import org.apache.sentry.core.common.utils.ThriftUtil; import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; import org.apache.sentry.service.thrift.Status; import org.junit.BeforeClass; http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java new file mode 100644 index 0000000..3b3b30e --- /dev/null +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java @@ -0,0 +1,64 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * <p> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p> + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sentry.provider.db.service.thrift; + +import java.util.Set; + +import org.apache.sentry.service.thrift.SentryServiceFactory; +import org.apache.sentry.service.thrift.SentryServiceIntegrationBase; +import org.junit.BeforeClass; +import org.junit.Test; + +import com.google.common.collect.Sets; + +public class TestSentryPolicyServiceClient extends SentryServiceIntegrationBase { + + @BeforeClass + public static void setup() throws Exception { + beforeSetup(); + setupConf(); + startSentryService(); + afterSetup(); + kerberos = false; + } + + @Test + public void testConnectionWhenReconnect() throws Exception { + runTestAsSubject(new TestOperation() { + @Override + public void runTestAsSubject() throws Exception { + String requestorUserName = ADMIN_USER; + Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); + String roleName = "admin_r"; + setLocalGroupMapping(requestorUserName, requestorUserGroupNames); + writePolicyFile(); + + client.dropRoleIfExists(requestorUserName, roleName); + client.createRole(requestorUserName, roleName); + client.listRoles(requestorUserName); + stopSentryService(); + server = new SentryServiceFactory().create(conf); + startSentryService(); + client.listRoles(requestorUserName); + client.dropRole(requestorUserName, roleName); + } + }); + } + +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java index 9ae6cb0..ae2d476 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java @@ -21,7 +21,7 @@ import junit.framework.Assert; import org.apache.hadoop.conf.Configuration; import org.apache.sentry.provider.db.SentryThriftAPIMismatchException; -import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig; +import org.apache.sentry.core.common.utils.PolicyStoreConstants.PolicyStoreServerConfig; import org.apache.sentry.service.thrift.ServiceConstants; import org.junit.Before; import org.junit.Test; http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java index 7292387..a202775 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java @@ -19,7 +19,7 @@ package org.apache.sentry.service.thrift; import com.google.common.net.HostAndPort; -import org.apache.sentry.provider.db.service.thrift.ThriftUtil; +import org.apache.sentry.core.common.utils.ThriftUtil; import org.junit.Assert; import org.junit.Test; import org.slf4j.Logger;
