SENTRY-2013 - Align the SentryGenericServiceClient and SentryPolicyServiceClient a bit more closely - Signed off by Kalyan.
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/cfa8abb0 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/cfa8abb0 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/cfa8abb0 Branch: refs/heads/akolb-cli Commit: cfa8abb07f460a9021b70694c1d63a0892db01d9 Parents: 6d44cfd Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Oct 25 12:11:13 2017 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Oct 25 12:11:13 2017 +0100 ---------------------------------------------------------------------- .../DefaultSentryAccessController.java | 2 +- .../hive/ql/exec/SentryGrantRevokeTask.java | 2 +- .../authz/DefaultSentryAccessController.java | 2 +- .../sentry/kafka/binding/KafkaAuthBinding.java | 6 +-- .../sentry/sqoop/binding/SqoopAuthBinding.java | 8 ++-- .../provider/db/generic/UpdatableCache.java | 2 +- .../thrift/SentryGenericServiceClient.java | 14 +++--- .../SentryGenericServiceClientDefaultImpl.java | 12 ++--- .../db/generic/tools/SentryConfigToolSolr.java | 2 +- .../tools/command/GenericShellCommand.java | 6 +-- .../thrift/SentryPolicyServiceClient.java | 2 +- .../SentryPolicyServiceClientDefaultImpl.java | 2 +- .../db/tools/command/hive/HiveShellCommand.java | 2 +- .../TestAuditLogForSentryGenericService.java | 8 ++-- .../TestSentryGenericServiceIntegration.java | 48 ++++++++++---------- .../generic/tools/TestSentryConfigToolSolr.java | 4 +- .../db/generic/tools/TestSentryShellKafka.java | 2 +- .../db/generic/tools/TestSentryShellSolr.java | 2 +- .../db/generic/tools/TestSentryShellSqoop.java | 2 +- .../thrift/TestSentryPolicyServiceClient.java | 4 +- .../thrift/TestSentryServiceClientPool.java | 6 +-- .../thrift/TestSentryServiceFailureCase.java | 2 +- .../thrift/TestSentryServiceIntegration.java | 8 ++-- .../TestSentryServiceWithInvalidMsgSize.java | 10 ++-- .../provider/db/tools/TestSentryShellHive.java | 2 +- .../thrift/SentryServiceIntegrationBase.java | 2 +- .../e2e/dbprovider/TestConcurrentClients.java | 2 +- .../metastore/SentryPolicyProviderForDb.java | 2 +- .../e2e/dbprovider/TestConcurrentClients.java | 2 +- .../metastore/SentryPolicyProviderForDb.java | 2 +- .../e2e/kafka/AbstractKafkaSentryTestBase.java | 2 +- .../sentry/tests/e2e/kafka/TestAuthorize.java | 2 +- .../AbstractSolrSentryTestWithDbProvider.java | 4 +- .../e2e/sqoop/AbstractSqoopSentryTestBase.java | 2 +- 34 files changed, 90 insertions(+), 90 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java index 456c8d6..fed483f 100644 --- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java +++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java @@ -156,7 +156,7 @@ public class DefaultSentryAccessController extends SentryHiveAccessController { List<String> roles = new ArrayList<String>(); try { sentryClient = getSentryClient(); - roles = convert2RoleList(sentryClient.listRoles(authenticator.getUserName())); + roles = convert2RoleList(sentryClient.listAllRoles(authenticator.getUserName())); } catch (SentryAccessDeniedException e) { HiveOperation hiveOp = HiveOperation.SHOW_ROLES; executeOnFailureHooks(hiveOp, e); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java index 96e57f1..61052cf 100644 --- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java +++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java @@ -242,7 +242,7 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable writeToFile(writeRoleGrantsInfo(roles), desc.getResFile()); return RETURN_CODE_SUCCESS; } else if(operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLES)) { - Set<TSentryRole> roles = sentryClient.listRoles(subject); + Set<TSentryRole> roles = sentryClient.listAllRoles(subject); writeToFile(writeRolesInfo(roles), desc.getResFile()); return RETURN_CODE_SUCCESS; } else if(operation.equals(RoleDDLDesc.RoleOperation.SHOW_CURRENT_ROLE)) { http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java index 0bfa52b..0f93b42 100644 --- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java +++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java @@ -153,7 +153,7 @@ public class DefaultSentryAccessController extends SentryHiveAccessController { List<String> roles = new ArrayList<String>(); try { sentryClient = getSentryClient(); - roles = convert2RoleList(sentryClient.listRoles(authenticator.getUserName())); + roles = convert2RoleList(sentryClient.listAllRoles(authenticator.getUserName())); } catch (SentryAccessDeniedException e) { HiveOperation hiveOp = HiveOperation.SHOW_ROLES; executeOnFailureHooks(hiveOp, e); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java index 660e66f..908c80f 100644 --- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java +++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java @@ -291,7 +291,7 @@ public class KafkaAuthBinding { execute(new Command<Void>() { @Override public Void run(SentryGenericServiceClient client) throws Exception { - client.addRoleToGroups( + client.grantRoleToGroups( requestorName, role, COMPONENT_NAME, groups); return null; } @@ -432,7 +432,7 @@ public class KafkaAuthBinding { @Override public Void run(SentryGenericServiceClient client) throws Exception { for (String role : roles) { - tSentryPrivileges.addAll(client.listPrivilegesByRoleName( + tSentryPrivileges.addAll(client.listAllPrivilegesByRoleName( requestorName, role, COMPONENT_NAME, instanceName)); } return null; @@ -501,7 +501,7 @@ public class KafkaAuthBinding { @Override public Void run(SentryGenericServiceClient client) throws Exception { for (String role : roles) { - final Set<TSentryPrivilege> rolePrivileges = client.listPrivilegesByRoleName( + final Set<TSentryPrivilege> rolePrivileges = client.listAllPrivilegesByRoleName( requestorName, role, COMPONENT_NAME, instanceName); final scala.collection.immutable.Set<TSentryPrivilege> rolePrivilegesScala = scala.collection.JavaConverters.asScalaSetConverter(rolePrivileges).asScala().toSet(); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java index 79ec477..b7cbd32 100644 --- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java +++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java @@ -241,9 +241,9 @@ public class SqoopAuthBinding { public Set<TSentryPrivilege> run(SentryGenericServiceClient client) throws Exception { if (resource == null) { - return client.listPrivilegesByRoleName(subject.getName(), role, COMPONENT_TYPE, sqoopServer.getName()); + return client.listAllPrivilegesByRoleName(subject.getName(), role, COMPONENT_TYPE, sqoopServer.getName()); } else if (resource.getType().equalsIgnoreCase(MResource.TYPE.SERVER.name())) { - return client.listPrivilegesByRoleName(subject.getName(), role, COMPONENT_TYPE, resource.getName()); + return client.listAllPrivilegesByRoleName(subject.getName(), role, COMPONENT_TYPE, resource.getName()); } else { return client.listPrivilegesByRoleName(subject.getName(), role, COMPONENT_TYPE, sqoopServer.getName(), toAuthorizable(resource)); } @@ -281,7 +281,7 @@ public class SqoopAuthBinding { execute(new Command<Void>() { @Override public Void run(SentryGenericServiceClient client) throws Exception { - client.addRoleToGroups(subject.getName(), role.getName(), COMPONENT_TYPE, Sets.newHashSet(group)); + client.grantRoleToGroups(subject.getName(), role.getName(), COMPONENT_TYPE, Sets.newHashSet(group)); return null; } }); @@ -291,7 +291,7 @@ public class SqoopAuthBinding { execute(new Command<Void>() { @Override public Void run(SentryGenericServiceClient client) throws Exception { - client.deleteRoleToGroups(subject.getName(), role.getName(), COMPONENT_TYPE, Sets.newHashSet(group)); + client.revokeRoleFromGroups(subject.getName(), role.getName(), COMPONENT_TYPE, Sets.newHashSet(group)); return null; } }); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/UpdatableCache.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/UpdatableCache.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/UpdatableCache.java index d20710f..edf0934 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/UpdatableCache.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/UpdatableCache.java @@ -106,7 +106,7 @@ public final class UpdatableCache implements TableCache, AutoCloseable { for (TSentryRole tSentryRole : tSentryRoles) { final String roleName = tSentryRole.getRoleName(); final Set<TSentryPrivilege> tSentryPrivileges = - client.listPrivilegesByRoleName(requestor, roleName, componentType, serviceName); + client.listAllPrivilegesByRoleName(requestor, roleName, componentType, serviceName); for (String group : tSentryRole.getGroups()) { Set<String> currentPrivileges = tempCache.get(group, roleName); if (currentPrivileges == null) { http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java index 246d0b4..dd49952 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java @@ -54,25 +54,25 @@ public interface SentryGenericServiceClient extends AutoCloseable { String component) throws SentryUserException; /** - * add a sentry role to groups. + * Grant a sentry role to groups. * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param groups: The name of groups * @throws SentryUserException */ - void addRoleToGroups(String requestorUserName, String roleName, + void grantRoleToGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException; /** - * delete a sentry role from groups. + * revoke a sentry role from groups. * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param groups: The name of groups * @throws SentryUserException */ - void deleteRoleToGroups(String requestorUserName, String roleName, + void revokeRoleFromGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException; /** @@ -104,7 +104,7 @@ public interface SentryGenericServiceClient extends AutoCloseable { * @param privilege * @throws SentryUserException */ - void dropPrivilege(String requestorUserName,String component, + void dropPrivilege(String requestorUserName, String component, TSentryPrivilege privilege) throws SentryUserException; /** @@ -155,7 +155,7 @@ public interface SentryGenericServiceClient extends AutoCloseable { String serviceName, List<? extends Authorizable> authorizables) throws SentryUserException; - Set<TSentryPrivilege> listPrivilegesByRoleName( + Set<TSentryPrivilege> listAllPrivilegesByRoleName( String requestorUserName, String roleName, String component, String serviceName) throws SentryUserException; @@ -188,7 +188,7 @@ public interface SentryGenericServiceClient extends AutoCloseable { * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>). * @throws SentryUserException */ - Map<String, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(String component, + Map<String, TSentryPrivilegeMap> listPrivilegesbyAuthorizable(String component, String serviceName, String requestorUserName, Set<String> authorizablesSet, Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException; } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java index 6301a6b..4cd8fd6 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java @@ -182,7 +182,7 @@ public class SentryGenericServiceClientDefaultImpl } /** - * add a sentry role to groups. + * Grant a sentry role to groups. * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role @@ -191,7 +191,7 @@ public class SentryGenericServiceClientDefaultImpl * @throws SentryUserException */ @Override - public void addRoleToGroups(String requestorUserName, String roleName, + public void grantRoleToGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException { TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); @@ -209,7 +209,7 @@ public class SentryGenericServiceClientDefaultImpl } /** - * delete a sentry role from groups. + * revoke a sentry role from groups. * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role @@ -218,7 +218,7 @@ public class SentryGenericServiceClientDefaultImpl * @throws SentryUserException */ @Override - public void deleteRoleToGroups(String requestorUserName, String roleName, + public void revokeRoleFromGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException { TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); @@ -441,7 +441,7 @@ public class SentryGenericServiceClientDefaultImpl } @Override - public Set<TSentryPrivilege> listPrivilegesByRoleName( + public Set<TSentryPrivilege> listAllPrivilegesByRoleName( String requestorUserName, String roleName, String component, String serviceName) throws SentryUserException { return listPrivilegesByRoleName(requestorUserName, roleName, component, serviceName, null); @@ -505,7 +505,7 @@ public class SentryGenericServiceClientDefaultImpl * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>). */ @Override - public Map<String, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(String component, + public Map<String, TSentryPrivilegeMap> listPrivilegesbyAuthorizable(String component, String serviceName, String requestorUserName, Set<String> authorizablesSet, Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException { http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java index b2664de..77d3919 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java @@ -124,7 +124,7 @@ public class SentryConfigToolSolr extends SentryConfigToolCommon { } LOGGER.info(dryRunMessage(importPolicy) + "Adding role: " + roleName.toLowerCase(Locale.US) + " to group: " + groupName); if (importPolicy) { - client.addRoleToGroups(requestorName, roleName, component, Sets.newHashSet(groupName)); + client.grantRoleToGroups(requestorName, roleName, component, Sets.newHashSet(groupName)); } for (String permission : privileges) { http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GenericShellCommand.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GenericShellCommand.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GenericShellCommand.java index 5a3baad..11615ff 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GenericShellCommand.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GenericShellCommand.java @@ -64,7 +64,7 @@ public class GenericShellCommand implements ShellCommand { public void grantRoleToGroups(String requestorName, String roleName, String groups) throws SentryUserException { Set<String> groupSet = Sets.newHashSet(groups.split(SentryShellCommon.GROUP_SPLIT_CHAR)); - client.addRoleToGroups(requestorName, roleName, component, groupSet); + client.grantRoleToGroups(requestorName, roleName, component, groupSet); } public void revokePrivilegeFromRole(String requestorName, String roleName, String privilege) throws SentryUserException { @@ -74,7 +74,7 @@ public class GenericShellCommand implements ShellCommand { public void revokeRoleFromGroups(String requestorName, String roleName, String groups) throws SentryUserException { Set<String> groupSet = Sets.newHashSet(groups.split(SentryShellCommon.GROUP_SPLIT_CHAR)); - client.deleteRoleToGroups(requestorName, roleName, component, groupSet); + client.revokeRoleFromGroups(requestorName, roleName, component, groupSet); } public List<String> listRoles(String requestorName, String roleName, String group) throws SentryUserException { @@ -97,7 +97,7 @@ public class GenericShellCommand implements ShellCommand { public List<String> listPrivileges(String requestorName, String roleName) throws SentryUserException { Set<TSentryPrivilege> privileges = client - .listPrivilegesByRoleName(requestorName, roleName, component, serviceName); + .listAllPrivilegesByRoleName(requestorName, roleName, component, serviceName); List<String> result = new ArrayList<>(); if (privileges != null) { http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java index fb8036f..61833fc 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java @@ -56,7 +56,7 @@ public interface SentryPolicyServiceClient extends AutoCloseable { Set<TSentryPrivilege> listPrivilegesByRoleName(String requestorUserName, String roleName, List<? extends Authorizable> authorizable) throws SentryUserException; - Set<TSentryRole> listRoles(String requestorUserName) throws SentryUserException; + Set<TSentryRole> listAllRoles(String requestorUserName) throws SentryUserException; Set<TSentryRole> listUserRoles(String requestorUserName) throws SentryUserException; http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java index b5b8f82..7ada138 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java @@ -238,7 +238,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService } @Override - public Set<TSentryRole> listRoles(String requestorUserName) + public Set<TSentryRole> listAllRoles(String requestorUserName) throws SentryUserException { return listRolesByGroupName(requestorUserName, null); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/HiveShellCommand.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/HiveShellCommand.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/HiveShellCommand.java index 8451d8b..1e0692b 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/HiveShellCommand.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/HiveShellCommand.java @@ -76,7 +76,7 @@ public class HiveShellCommand implements ShellCommand { public List<String> listRoles(String requestorName, String roleName, String group) throws SentryUserException { Set<TSentryRole> roles; if (StringUtils.isEmpty(group)) { - roles = client.listRoles(requestorName); + roles = client.listAllRoles(requestorName); } else { roles = client.listRolesByGroupName(requestorName, group); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java index 6c7d22d..fbf8af3 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java @@ -139,7 +139,7 @@ public class TestAuditLogForSentryGenericService extends SentryServiceIntegratio } // test the audit log for add role to group, success - client.addRoleToGroups(requestorUserName, roleName, COMPONENT, + client.grantRoleToGroups(requestorUserName, roleName, COMPONENT, Sets.newHashSet(testGroupName)); fieldValueMap.clear(); fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE); @@ -152,7 +152,7 @@ public class TestAuditLogForSentryGenericService extends SentryServiceIntegratio // test the audit log for add role to group, failed try { - client.addRoleToGroups(requestorUserName, "invalidRole", COMPONENT, + client.grantRoleToGroups(requestorUserName, "invalidRole", COMPONENT, Sets.newHashSet(testGroupName)); fail("Exception should have been thrown"); } catch (Exception e) { @@ -228,7 +228,7 @@ public class TestAuditLogForSentryGenericService extends SentryServiceIntegratio } // test the audit log for delete role from group, success - client.deleteRoleToGroups(requestorUserName, roleName, COMPONENT, + client.revokeRoleFromGroups(requestorUserName, roleName, COMPONENT, Sets.newHashSet(testGroupName)); fieldValueMap.clear(); fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE); @@ -240,7 +240,7 @@ public class TestAuditLogForSentryGenericService extends SentryServiceIntegratio assertAuditLog(fieldValueMap); // test the audit log for delete role from group, failed try { - client.deleteRoleToGroups(requestorUserName, "invalidRole", COMPONENT, + client.revokeRoleFromGroups(requestorUserName, "invalidRole", COMPONENT, Sets.newHashSet(testGroupName)); fail("Exception should have been thrown"); } catch (Exception e) { http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java index b59d172..ac8b2a7 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java @@ -54,7 +54,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.createRole(requestorUserName, roleName, SOLR); - client.addRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(requestorUserGroupNames)); + client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(requestorUserGroupNames)); Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 1, roles.size()); @@ -82,7 +82,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.createRole(requestorUserName, roleName, SOLR); - client.addRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); + client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 1, roles.size()); @@ -94,7 +94,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt } } - client.deleteRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); + client.revokeRoleFromGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 0, roles.size()); @@ -159,11 +159,11 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt SearchConstants.QUERY); client.grantPrivilege(requestorUserName, roleName1, SOLR, queryPrivilege); - Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName1, SOLR, "service1"); + Set<TSentryPrivilege> listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1, SOLR, "service1"); assertTrue("Privilege not assigned to role1 !!", listPrivilegesByRoleName.size() == 1); client.grantPrivilege(requestorUserName, roleName2, SOLR, queryPrivilege); - listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, SOLR, "service1"); + listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2, SOLR, "service1"); assertTrue("Privilege not assigned to role2 !!", listPrivilegesByRoleName.size() == 1); }}); } @@ -183,7 +183,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.dropRoleIfExists(requestorUserName, roleName, SOLR); client.createRole(requestorUserName, roleName, SOLR); - client.addRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(groupName)); + client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(groupName)); Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName,SOLR); assertTrue(groupRoles.size() == 1); @@ -223,11 +223,11 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.grantPrivilege(requestorUserName, roleName, SOLR, updatePrivilege); client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege); - Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1"); + Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1"); assertTrue(privileges.size() == 2); client.revokePrivilege(requestorUserName, roleName, SOLR, updatePrivilege); - privileges = client.listPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1"); + privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1"); assertTrue(privileges.size() == 1); }}); } @@ -250,7 +250,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt SearchConstants.QUERY); client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege); - assertEquals(1, client.listPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1").size()); + assertEquals(1, client.listAllPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1").size()); }}); } @@ -297,8 +297,8 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.grantPrivilege(adminUser, grantRole, SOLR, grantPrivilege); client.grantPrivilege(adminUser, noGrantRole, SOLR, noGrantPrivilege); - client.addRoleToGroups(adminUser, grantRole, SOLR, grantOptionGroup); - client.addRoleToGroups(adminUser, noGrantRole, SOLR, noGrantOptionGroup); + client.grantRoleToGroups(adminUser, grantRole, SOLR, grantOptionGroup); + client.grantRoleToGroups(adminUser, noGrantRole, SOLR, noGrantOptionGroup); try { client.grantPrivilege(grantOptionUser,testRole,SOLR, testPrivilege); @@ -342,7 +342,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.createRole(adminUser, testRole, SOLR); - client.addRoleToGroups(adminUser, testRole, SOLR, testGroup); + client.grantRoleToGroups(adminUser, testRole, SOLR, testGroup); TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1", fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), @@ -355,7 +355,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.grantPrivilege(adminUser, testRole, SOLR, queryPrivilege); client.grantPrivilege(adminUser, testRole, SOLR, updatePrivilege); - assertEquals(2, client.listPrivilegesByRoleName(testUser, testRole, SOLR, "service1").size()); + assertEquals(2, client.listAllPrivilegesByRoleName(testUser, testRole, SOLR, "service1").size()); assertEquals(1, client.listPrivilegesByRoleName(testUser, testRole, SOLR, "service1", Arrays.asList(new Collection("c1"))).size()); @@ -401,7 +401,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt writePolicyFile(); client.createRole(adminUser, testRole, SOLR); - client.addRoleToGroups(adminUser, testRole, SOLR, adminGroup); + client.grantRoleToGroups(adminUser, testRole, SOLR, adminGroup); TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1", fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))), @@ -414,34 +414,34 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt client.grantPrivilege(adminUser, testRole, SOLR, queryPrivilege); client.grantPrivilege(adminUser, testRole, SOLR, updatePrivilege); - //test listPrivilegsbyAuthorizable without requested group and active role set. - assertEquals(1, client.listPrivilegsbyAuthorizable(SOLR, "service1", adminUser, + //test listPrivilegesbyAuthorizable without requested group and active role set. + assertEquals(1, client.listPrivilegesbyAuthorizable(SOLR, "service1", adminUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), null, null).size()); - //test listPrivilegsbyAuthorizable with requested group (testGroup) - Map<String, TSentryPrivilegeMap> privilegeMap = client.listPrivilegsbyAuthorizable(SOLR, + //test listPrivilegesbyAuthorizable with requested group (testGroup) + Map<String, TSentryPrivilegeMap> privilegeMap = client.listPrivilegesbyAuthorizable(SOLR, "service1", adminUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), testGroup, null); TSentryPrivilegeMap actualMap = privilegeMap.get(new String("Collection=c1->Field=f1")); assertEquals(0, actualMap.getPrivilegeMap().size()); - //test listPrivilegsbyAuthorizable with active role set. + //test listPrivilegesbyAuthorizable with active role set. ActiveRoleSet roleSet = ActiveRoleSet.ALL; - assertEquals(1, client.listPrivilegsbyAuthorizable(SOLR, "service1", adminUser, + assertEquals(1, client.listPrivilegesbyAuthorizable(SOLR, "service1", adminUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), null, roleSet).size()); - privilegeMap = client.listPrivilegsbyAuthorizable(SOLR, + privilegeMap = client.listPrivilegesbyAuthorizable(SOLR, "service1", adminUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), null, roleSet); actualMap = privilegeMap.get(new String("Collection=c1->Field=f1")); assertEquals(1, actualMap.getPrivilegeMap().size()); - privilegeMap = client.listPrivilegsbyAuthorizable(SOLR, + privilegeMap = client.listPrivilegesbyAuthorizable(SOLR, "service1", testUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), null, roleSet); actualMap = privilegeMap.get(new String("Collection=c1->Field=f1")); assertEquals(0, actualMap.getPrivilegeMap().size()); // grant tesRole to testGroup. - client.addRoleToGroups(adminUser, testRole, SOLR, testGroup); + client.grantRoleToGroups(adminUser, testRole, SOLR, testGroup); - privilegeMap = client.listPrivilegsbyAuthorizable(SOLR, + privilegeMap = client.listPrivilegesbyAuthorizable(SOLR, "service1", testUser, Sets.newHashSet(new String("Collection=c1")), null, roleSet); actualMap = privilegeMap.get(new String("Collection=c1")); assertEquals(1, actualMap.getPrivilegeMap().size()); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java index 4b274fd..3685073 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java @@ -77,7 +77,7 @@ public class TestSentryConfigToolSolr extends SentryGenericServiceIntegrationBas Set<TSentryRole> tRoles = client.listAllRoles(requestorName, SOLR); for (TSentryRole tRole : tRoles) { String role = tRole.getRoleName(); - Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName( + Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName( requestorName, role, SOLR, service); for (TSentryPrivilege privilege : privileges) { client.revokePrivilege(requestorName, role, SOLR, privilege); @@ -135,7 +135,7 @@ public class TestSentryConfigToolSolr extends SentryGenericServiceIntegrationBas // check privileges GenericPrivilegeConverter convert = new GenericPrivilegeConverter(SOLR, service); for (String role : roles) { - Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName( + Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName( requestorName, role, SOLR, service); Set<String> expectedPrivileges = privilegeMapping.get(role); assertEquals("Privilege set size doesn't match for role: " + role, http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java index c744ee3..80bbcf1 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java @@ -265,7 +265,7 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase { privs[ i ], "-conf", confPath.getAbsolutePath(), "-t", "kafka" }; SentryShellGeneric.main(args); - Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorName, + Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1, KAFKA, service); assertEquals("Incorrect number of privileges. Received privileges: " + Arrays.toString(privileges.toArray()), privs.length - (i + 1), privileges.size()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java index d857107..55831a4 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java @@ -263,7 +263,7 @@ public class TestSentryShellSolr extends SentryGenericServiceIntegrationBase { privs[ i ], "-conf", confPath.getAbsolutePath(), "-t", "solr" }; SentryShellGeneric.main(args); - Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorName, + Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1, SOLR, service); assertEquals("Incorrect number of privileges", privs.length - (i + 1), privileges.size()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSqoop.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSqoop.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSqoop.java index 1f49cce..7bafd8c 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSqoop.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSqoop.java @@ -262,7 +262,7 @@ public class TestSentryShellSqoop extends SentryGenericServiceIntegrationBase { privs[ i ], "-conf", confPath.getAbsolutePath(), "-t", "sqoop" }; SentryShellGeneric.main(args); - Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorName, + Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1, AuthorizationComponent.SQOOP, service); assertEquals("Incorrect number of privileges. Received privileges: " + Arrays.toString(privileges.toArray()), privs.length - (i + 1), privileges.size()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java index e464ef1..6b1e5df 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java @@ -51,11 +51,11 @@ public class TestSentryPolicyServiceClient extends SentryServiceIntegrationBase client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); - client.listRoles(requestorUserName); + client.listAllRoles(requestorUserName); stopSentryService(); server = SentryServiceFactory.create(conf); startSentryService(); - client.listRoles(requestorUserName); + client.listAllRoles(requestorUserName); client.dropRole(requestorUserName, roleName); } }); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java index dff7e1a..3e9e2cd 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java @@ -52,11 +52,11 @@ public class TestSentryServiceClientPool extends SentryServiceIntegrationBase { client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); - client.listRoles(requestorUserName); + client.listAllRoles(requestorUserName); stopSentryService(); server = SentryServiceFactory.create(conf); startSentryService(); - client.listRoles(requestorUserName); + client.listAllRoles(requestorUserName); client.dropRole(requestorUserName, roleName); } }); @@ -85,7 +85,7 @@ public class TestSentryServiceClientPool extends SentryServiceIntegrationBase { @Override public Boolean run() throws Exception { try { - client.listRoles(ADMIN_USER); + client.listAllRoles(ADMIN_USER); return true; } catch (SentryUserException sue) { return false; http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java index 2f4e8f6..fc65382 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java @@ -59,7 +59,7 @@ public class TestSentryServiceFailureCase extends SentryServiceIntegrationBase { try { connectToSentryService(); String requestorUserName = ADMIN_USER; - client.listRoles(requestorUserName); + client.listAllRoles(requestorUserName); Assert.fail("Failed to receive Exception"); } catch(Exception e) { LOGGER.info("Excepted exception", e); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java index a05521f..27bbc93 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java @@ -62,7 +62,7 @@ public class TestSentryServiceIntegration extends SentryServiceIntegrationBase { client.createRole(requestorUserName, roleName); - Set<TSentryRole> roles = client.listRoles(requestorUserName); + Set<TSentryRole> roles = client.listAllRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); for (TSentryRole role:roles) { @@ -403,7 +403,7 @@ public class TestSentryServiceIntegration extends SentryServiceIntegrationBase { client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); - Set<TSentryRole> roles = client.listRoles(requestorUserName); + Set<TSentryRole> roles = client.listAllRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantRoleToGroup(requestorUserName, groupName, roleName); @@ -437,7 +437,7 @@ public class TestSentryServiceIntegration extends SentryServiceIntegrationBase { client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); - Set<TSentryRole> roles = client.listRoles(requestorUserName); + Set<TSentryRole> roles = client.listAllRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantDatabasePrivilege(requestorUserName, roleName, server, db, AccessConstants.ALL); @@ -466,7 +466,7 @@ public class TestSentryServiceIntegration extends SentryServiceIntegrationBase { // Creating associated role client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); - Set<TSentryRole> roles = client.listRoles(requestorUserName); + Set<TSentryRole> roles = client.listAllRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantURIPrivilege(requestorUserName, roleName, server, uri); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java index 072d294..1896586 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java @@ -56,7 +56,7 @@ public class TestSentryServiceWithInvalidMsgSize extends SentryServiceIntegratio boolean exceptionThrown = false; try { // client throws exception when message size is larger than the client's thrift max message size. - clientWithSmallMaxMsgSize.listRoles(ADMIN_USER); + clientWithSmallMaxMsgSize.listAllRoles(ADMIN_USER); } catch (SentryUserException e) { exceptionThrown = true; Assert.assertTrue(e.getMessage().contains("Thrift exception occurred")); @@ -69,9 +69,9 @@ public class TestSentryServiceWithInvalidMsgSize extends SentryServiceIntegratio // client can still talk with sentry server when message size is smaller. client.dropRoleIfExists(ADMIN_USER, ROLE_NAME); - client.listRoles(ADMIN_USER); + client.listAllRoles(ADMIN_USER); client.createRole(ADMIN_USER, ROLE_NAME); - client.listRoles(ADMIN_USER); + client.listAllRoles(ADMIN_USER); } }); } @@ -97,7 +97,7 @@ public class TestSentryServiceWithInvalidMsgSize extends SentryServiceIntegratio writePolicyFile(); // client can talk with server when message size is smaller. - client.listRoles(ADMIN_USER); + client.listAllRoles(ADMIN_USER); client.createRole(ADMIN_USER, ROLE_NAME); boolean exceptionThrown = false; @@ -112,7 +112,7 @@ public class TestSentryServiceWithInvalidMsgSize extends SentryServiceIntegratio } // client can still talk with sentry server when message size is smaller. - Set<TSentryRole> roles = client.listRoles(ADMIN_USER); + Set<TSentryRole> roles = client.listAllRoles(ADMIN_USER); Assert.assertTrue(roles.size() == 1); Assert.assertEquals(ROLE_NAME, roles.iterator().next().getRoleName()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java index 8335bcc..adfd102 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java @@ -106,7 +106,7 @@ public class TestSentryShellHive extends SentryServiceIntegrationBase { SentryShellHive.main(args); // validate the result - Set<TSentryRole> roles = client.listRoles(requestorName); + Set<TSentryRole> roles = client.listAllRoles(requestorName); assertEquals("Incorrect number of roles", 0, roles.size()); } }); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java index 7ed303c..7d9b3ba 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java @@ -201,7 +201,7 @@ public abstract class SentryServiceIntegrationBase extends SentryMiniKdcTestcase @Override public void runTestAsSubject() throws Exception { if (client != null) { - Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER); + Set<TSentryRole> tRoles = client.listAllRoles(ADMIN_USER); if (tRoles != null) { for (TSentryRole tRole : tRoles) { client.dropRole(ADMIN_USER, tRole.getRoleName()); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java index bf871f0..798ad96 100644 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java +++ b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java @@ -318,7 +318,7 @@ public class TestConcurrentClients extends AbstractTestWithStaticConfiguration { while (Long.compare(elapsedTime, SENTRY_CLIENT_TEST_DURATION_MS) <= 0) { LOGGER.info("Test role " + test_role + " runs " + elapsedTime + " ms."); client.createRole(ADMIN1, test_role); - client.listRoles(ADMIN1); + client.listAllRoles(ADMIN1); client.grantServerPrivilege(ADMIN1, test_role, "server1", false); client.listAllPrivilegesByRoleName(ADMIN1, test_role); client.dropRole(ADMIN1, test_role); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java index b13165c..6739dd6 100644 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java +++ b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java @@ -73,7 +73,7 @@ public class SentryPolicyProviderForDb extends PolicyFile { } // remove existing metadata - for (TSentryRole tRole : sentryClient.listRoles(StaticUserGroup.ADMIN1)) { + for (TSentryRole tRole : sentryClient.listAllRoles(StaticUserGroup.ADMIN1)) { sentryClient.dropRole(StaticUserGroup.ADMIN1, tRole.getRoleName()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java index 13b6e62..f8b6a15 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java @@ -340,7 +340,7 @@ public class TestConcurrentClients extends AbstractTestWithStaticConfiguration { client.grantRoleToGroup(ADMIN1, ADMINGROUP, test_role); // validate role - Set<TSentryRole> sentryRoles = client.listRoles(ADMIN1); + Set<TSentryRole> sentryRoles = client.listAllRoles(ADMIN1); String results = ""; for (TSentryRole role : sentryRoles) { results += role.toString() + "|"; http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java index b13165c..6739dd6 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java @@ -73,7 +73,7 @@ public class SentryPolicyProviderForDb extends PolicyFile { } // remove existing metadata - for (TSentryRole tRole : sentryClient.listRoles(StaticUserGroup.ADMIN1)) { + for (TSentryRole tRole : sentryClient.listAllRoles(StaticUserGroup.ADMIN1)) { sentryClient.dropRole(StaticUserGroup.ADMIN1, tRole.getRoleName()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/AbstractKafkaSentryTestBase.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/AbstractKafkaSentryTestBase.java b/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/AbstractKafkaSentryTestBase.java index 100d885..868d198 100644 --- a/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/AbstractKafkaSentryTestBase.java +++ b/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/AbstractKafkaSentryTestBase.java @@ -180,7 +180,7 @@ public class AbstractKafkaSentryTestBase { try (SentryGenericServiceClient sentryClient = getSentryClient()){ // grant all privilege to admin user sentryClient.createRoleIfNotExist(ADMIN_USER, ADMIN_ROLE, COMPONENT); - sentryClient.addRoleToGroups(ADMIN_USER, ADMIN_ROLE, COMPONENT, Sets.newHashSet(ADMIN_GROUP)); + sentryClient.grantRoleToGroups(ADMIN_USER, ADMIN_ROLE, COMPONENT, Sets.newHashSet(ADMIN_GROUP)); final ArrayList<TAuthorizable> authorizables = new ArrayList<TAuthorizable>(); Host host = new Host(InetAddress.getLocalHost().getHostName()); authorizables.add(new TAuthorizable(host.getTypeName(), host.getName())); http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/TestAuthorize.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/TestAuthorize.java b/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/TestAuthorize.java index 53f1f47..d6dfd7a 100644 --- a/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/TestAuthorize.java +++ b/sentry-tests/sentry-tests-kafka/src/test/java/org/apache/sentry/tests/e2e/kafka/TestAuthorize.java @@ -311,7 +311,7 @@ public class TestAuthorize extends AbstractKafkaSentryTestBase { SentryGenericServiceClient sentryClient = getSentryClient(); try { sentryClient.createRoleIfNotExist(ADMIN_USER, role, COMPONENT); - sentryClient.addRoleToGroups(ADMIN_USER, role, COMPONENT, Sets.newHashSet(group)); + sentryClient.grantRoleToGroups(ADMIN_USER, role, COMPONENT, Sets.newHashSet(group)); sentryClient.grantPrivilege(ADMIN_USER, role, COMPONENT, new TSentryPrivilege(COMPONENT, "kafka", authorizables, http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/db/integration/AbstractSolrSentryTestWithDbProvider.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/db/integration/AbstractSolrSentryTestWithDbProvider.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/db/integration/AbstractSolrSentryTestWithDbProvider.java index b2aa9f4..71c3cb6 100644 --- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/db/integration/AbstractSolrSentryTestWithDbProvider.java +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/db/integration/AbstractSolrSentryTestWithDbProvider.java @@ -279,7 +279,7 @@ public class AbstractSolrSentryTestWithDbProvider extends AbstractSolrSentryTest for (int i = 0; i < roles.length; i++) { client.createRole(ADMIN_USER, roles[i], COMPONENT_SOLR); - client.addRoleToGroups(ADMIN_USER, roles[i], COMPONENT_SOLR, Sets.newHashSet(groups[i])); + client.grantRoleToGroups(ADMIN_USER, roles[i], COMPONENT_SOLR, Sets.newHashSet(groups[i])); } /** @@ -287,7 +287,7 @@ public class AbstractSolrSentryTestWithDbProvider extends AbstractSolrSentryTest * grant ALL privilege on collection ALL to role admin */ client.createRole(ADMIN_USER, ADMIN_ROLE, COMPONENT_SOLR); - client.addRoleToGroups(ADMIN_USER, ADMIN_ROLE, COMPONENT_SOLR, Sets.newHashSet(ADMIN_GROUP)); + client.grantRoleToGroups(ADMIN_USER, ADMIN_ROLE, COMPONENT_SOLR, Sets.newHashSet(ADMIN_GROUP)); grantCollectionPrivilege(SearchConstants.ALL, ADMIN_USER, ADMIN_ROLE, SearchConstants.ALL); } http://git-wip-us.apache.org/repos/asf/sentry/blob/cfa8abb0/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java index b27dbc2..2971bf8 100644 --- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java +++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java @@ -201,7 +201,7 @@ public class AbstractSqoopSentryTestBase { SentryGenericServiceClientFactory.create(getClientConfig())){ // grant all privilege to admin user sentryClient.createRoleIfNotExist(ADMIN_USER, ADMIN_ROLE, COMPONENT); - sentryClient.addRoleToGroups(ADMIN_USER, ADMIN_ROLE, COMPONENT, Sets.newHashSet(ADMIN_GROUP)); + sentryClient.grantRoleToGroups(ADMIN_USER, ADMIN_ROLE, COMPONENT, Sets.newHashSet(ADMIN_GROUP)); sentryClient.grantPrivilege(ADMIN_USER, ADMIN_ROLE, COMPONENT, new TSentryPrivilege(COMPONENT, SQOOP_SERVER_NAME, new ArrayList<TAuthorizable>(), SqoopActionConstant.ALL));
