http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java deleted file mode 100644 index 35870c3..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbColumnLevelMetaDataOps.java +++ /dev/null @@ -1,374 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import java.sql.Connection; -import java.sql.ResultSet; -import java.sql.Statement; - -import org.apache.hive.service.cli.HiveSQLException; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.PrivilegeResultSet; - -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Ignore; -import org.junit.Test; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Contains tests for meta data operations with column level privileges - */ -public class TestDbColumnLevelMetaDataOps extends AbstractTestWithStaticConfiguration { - private static final Logger LOGGER = LoggerFactory. - getLogger(TestDbColumnLevelMetaDataOps.class); - - private static final String TEST_COL_METADATA_OPS_DB = "test_col_metadata_ops_db"; - private static final String TEST_COL_METADATA_OPS_TB = "test_col_metadata_ops_tb"; - private static final String TEST_COL_METADATA_OPS_ROLE = "test_col_metadata_ops_role"; - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception{ - LOGGER.info("TestColumnEndToEnd setupTestStaticConfiguration"); - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - createTestData(); - } - private static Statement statement = null; - private static Connection connection = null; - - private static void establishSession(String user) throws Exception{ - if (statement != null) { - statement.close(); - } - if (connection != null) { - connection.close(); - } - connection = context.createConnection(user); - statement = context.createStatement(connection); - } - - /** - * Create test database, table and role - * and grant column level privilege - * @throws Exception - */ - private void createTestData() throws Exception { - establishSession(ADMIN1); - statement.execute("CREATE DATABASE " + TEST_COL_METADATA_OPS_DB); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - statement.execute("CREATE TABLE " + TEST_COL_METADATA_OPS_TB - + " (privileged STRING, unprivileged INT) partitioned by (privileged_par STRING, unprivileged_par INT)"); - statement.execute("INSERT INTO TABLE " + TEST_COL_METADATA_OPS_TB - + " PARTITION(privileged_par = 'privileged_par', unprivileged_par = 1) VALUES ('test1', 1)"); - - statement.execute("CREATE ROLE " + TEST_COL_METADATA_OPS_ROLE); - statement.execute("GRANT SELECT(privileged) ON TABLE " + TEST_COL_METADATA_OPS_TB + " TO ROLE " + TEST_COL_METADATA_OPS_ROLE); - statement.execute("GRANT ROLE " + TEST_COL_METADATA_OPS_ROLE + " TO GROUP " + USERGROUP1); - - PrivilegeResultSet prset = new PrivilegeResultSet(statement, "SHOW GRANT ROLE " - + TEST_COL_METADATA_OPS_ROLE + " ON DATABASE " + TEST_COL_METADATA_OPS_DB); - LOGGER.info("SHOW GRANT : " + prset.toString()); - prset.verifyResultSetColumn("table", TEST_COL_METADATA_OPS_TB); - prset.verifyResultSetColumn("column", "privileged"); - prset.verifyResultSetColumn("privilege", "select"); - } - - private ResultSet executeQueryWithLog(String query) throws Exception { - ResultSet rs; - try { - LOGGER.info("Running " + query); - rs = statement.executeQuery(query); - return rs; - } catch (HiveSQLException ex) { - LOGGER.error("Privilege exception occurs when running : " + query); - throw ex; - } - } - - private void validateFiltersInaccessibleColumns(String query, String colMetaField, String user, - String privileged) throws Exception { - establishSession(user); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - ResultSet rs = executeQueryWithLog(query); - int numColumns = 0; - while (rs.next()) { - String val = rs.getString(colMetaField); - numColumns++; - // Relax validation for now: - // user with any select privilege can perform metadata operations, - // even though it might show some columns which he doesn't have privileges - assertTrue("Can access non privileged column", val.equalsIgnoreCase(privileged)); - } - rs.close(); - assertTrue("Looks like we accessed more columns than needed", numColumns == 1); - } - - private void validateShowsAllColumns(String query, String colMetaField, String user, - String privileged, String unprivileged) throws Exception { - establishSession(user); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - ResultSet rs = executeQueryWithLog(query); - boolean found = false; - while (rs.next()) { - String val = rs.getString(colMetaField); - // Relax validation for now: - // user with any select privilege can perform metadata operations, - // even though it might show some columns which he doesn't have privileges - //assertFalse("column unprivileged shouldn't be shown in result", - // val.equalsIgnoreCase("unprivileged")); - if (val.equalsIgnoreCase("unprivileged")) { - LOGGER.warn("column unprivileged related metadata info is not disabled from result"); - } - if (val.toLowerCase().contains(privileged)) { - LOGGER.info("detected privileged column information: " + privileged); - found = true; - } else if (val.toLowerCase().contains(unprivileged)) { - LOGGER.warn("detected unexpected column information: " + unprivileged); - } - } - rs.close(); - assertTrue("failed to detect column privileged from result", found); - } - - private void validateShowsAllColumns(String query, String colMetaField, String user) throws Exception { - validateShowsAllColumns(query, colMetaField, user, "privileged", "unprivileged"); - } - - - private void validateSemanticException(String query, String user) throws Exception { - establishSession(user); - try { - LOGGER.info("Running " + query); - statement.execute(query); - fail("failed to throw SemanticException"); - } catch (Exception ex) { - String err = "Exception No valid privileges"; - assertTrue("failed to detect " + err + "\n" + ex.getMessage(), - ex.getMessage().contains("Exception No valid privileges")); - } - } - - /** - * Test with column level privilege - * user can NOT "show table extended" - */ - @Test - public void testShowExtended() throws Exception { - String query = "SHOW TABLE EXTENDED IN " + TEST_COL_METADATA_OPS_DB - + " like '" + TEST_COL_METADATA_OPS_TB + "'"; - // with column level privileges, user can not do show extended - validateSemanticException(query, USER1_1); - // negative test, without any privileges, user can not do it also - validateSemanticException(query, USER2_1); - } - - /** - * Test with column level privileges, - * user can list all columns for now - */ - @Test - public void testShowColumns() throws Exception { - String query = "SHOW COLUMNS IN " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - // with column level privileges, user can show columns - validateFiltersInaccessibleColumns(query, "field", USER1_1, "privileged"); - // without column/table level privileges, any user can NOT show columns - validateSemanticException(query, USER2_1); - } - - /** - * Test SHOW TBLPROPERTIES requires table level privileges - * @throws Exception - */ - @Test - public void testShowProperties() throws Exception { - String query = "SHOW TBLPROPERTIES " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - } - - /** - * Test with column level select privilege, - * user can do "describe table" - */ - @Test - public void testDescribeTable() throws Exception { - String query = "DESCRIBE " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - // with column level privilege, user can describe table, but columns are not filtered for now - validateShowsAllColumns(query, "col_name", USER1_1); - // without column/table level privileges, any user can NOT describe table - validateSemanticException(query, USER2_1); - - // only with table level privileges user can describe extended/formatted - query = "DESCRIBE EXTENDED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - - query = "DESCRIBE EXTENDED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + " s"; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - - query = "DESCRIBE FORMATTED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - - query = "DESCRIBE FORMATTED " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + " s"; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - } - - /** - * Test with column level select privilege, - * user can only do "explain select column"; - * any other select requires table level privileges - * @throws Exception - */ - @Ignore("After fix SENTRY-849, should enable this test") - @Test - public void testExplainSelect() throws Exception { - String query = "EXPLAIN SELECT privileged FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - // With column level privilege, user can explain select column - validateShowsAllColumns(query, "Explain", USER1_1); - // Without column/table level privilege, user can NOT explain select column - validateSemanticException(query, USER2_1); - - // user can NOT explain select unprivileged column - query = "EXPLAIN SELECT unprivileged FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - - query = "EXPLAIN SELECT * FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - - query = "EXPLAIN SELECT count(*) FROM " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - - query = "EXPLAIN SELECT * FROM (SELECT privileged AS c FROM " + - TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + " union all select unprivileged as c from " - + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB + ") subq1 order by c"; - validateSemanticException(query, USER1_1); - validateSemanticException(query, USER2_1); - } - - /** - * Test if add a new column and grant privilege, - * user1 needs explicit grant on new column to access this column - */ - @Test - public void testShowNewColumn() throws Exception { - String colName = "newcol"; - establishSession(ADMIN1); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - statement.execute("ALTER TABLE " + TEST_COL_METADATA_OPS_TB + " ADD COLUMNS (" + colName + " STRING)"); - - String query = "SHOW COLUMNS IN " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - establishSession(USER1_1); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - ResultSet rs = executeQueryWithLog(query); - boolean found = false; - while (rs.next() && !found) { - String val = rs.getString("field"); - LOGGER.info("found " + val); - if (val.equalsIgnoreCase(colName)) { - found = true; - } - } - assertTrue("Should not have implicit access to new column " + colName, !found); - rs.close(); - - establishSession(ADMIN1); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - statement.execute("GRANT SELECT(" + colName + ") ON TABLE " + TEST_COL_METADATA_OPS_TB + " TO ROLE " + TEST_COL_METADATA_OPS_ROLE); - - establishSession(USER1_1); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - rs = executeQueryWithLog(query); - found = false; - while (rs.next() && !found) { - String val = rs.getString("field"); - LOGGER.info("found " + val); - if (val.equalsIgnoreCase(colName)) { - found = true; - } - } - assertTrue("Should have implicit access to new column " + colName, found); - rs.close(); - validateSemanticException(query, USER2_1); - } - - /** - * Grant user column level privileges, show partitions - * should list user's granted columns - * @throws Exception - */ - @Ignore("After fix SENTRY-898, turn on this test") - @Test - public void testShowPartitions() throws Exception { - final String PAR_ROLE_NAME = TEST_COL_METADATA_OPS_ROLE + "_2"; - - establishSession(ADMIN1); - statement.execute("USE " + TEST_COL_METADATA_OPS_DB); - statement.execute("CREATE ROLE " + PAR_ROLE_NAME); - statement.execute("GRANT SELECT(privileged_par) ON TABLE " + TEST_COL_METADATA_OPS_TB + " TO ROLE " + PAR_ROLE_NAME); - statement.execute("GRANT ROLE " + PAR_ROLE_NAME + " TO GROUP " + USERGROUP1); - - String query = "SHOW PARTITIONS " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateFiltersInaccessibleColumns(query, "partition", USER1_1, "privileged_par"); - } - - /** - * Requires table level privileges - */ - @Test - public void testShowTblProperties() throws Exception { - String query = "SHOW TBLPROPERTIES " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - } - - /** - * Requires table level privileges - */ - @Test - public void testShowCreateTable() throws Exception { - String query = "SHOW CREATE TABLE " + TEST_COL_METADATA_OPS_DB + "." + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - } - - /** - * Requires table level privileges - */ - @Test - public void testTableExtendLike() throws Exception { - String query = "SHOW TABLE EXTENDED IN " + TEST_COL_METADATA_OPS_DB + " LIKE " + TEST_COL_METADATA_OPS_TB; - validateSemanticException(query, USER1_1); - } -}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java deleted file mode 100644 index 8ee93cc..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbComplexView.java +++ /dev/null @@ -1,314 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import java.sql.Connection; -import java.sql.ResultSet; -import java.sql.SQLException; -import java.sql.Statement; - -import java.util.ArrayList; -import java.util.List; - -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertFalse; - -import org.apache.sentry.provider.file.PolicyFile; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; - -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Ignore; -import org.junit.Test; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class TestDbComplexView extends AbstractTestWithStaticConfiguration { - - private static final Logger LOGGER = LoggerFactory - .getLogger(TestDbComplexView.class); - - private static final String TEST_VIEW_DB = "test_complex_view_database"; - private static final String TEST_VIEW_TB = "test_complex_view_table"; - private static final String TEST_VIEW_TB2 = "test_complex_view_table_2"; - private static final String TEST_VIEW = "test_complex_view"; - private static final String TEST_VIEW_ROLE = "test_complex_view_role"; - - /** - * Run query and validate one column with given column name - * @param user - * @param sql - * @param db - * @param colName - * @param colVal - * @return - * @throws Exception - */ - private static boolean execValidate(String user, String sql, String db, - String colName, String colVal) throws Exception { - boolean status = false; - Connection conn = null; - Statement stmt = null; - try { - conn = context.createConnection(user); - stmt = context.createStatement(conn); - LOGGER.info("Running [USE " + db + ";" + sql + "] to validate column " + colName + " = " + colVal); - stmt.execute("USE " + db); - ResultSet rset = stmt.executeQuery(sql); - while (rset.next()) { - String val = rset.getString(colName); - if (val.equalsIgnoreCase(colVal)) { - LOGGER.info("found [" + colName + "] = " + colVal); - status = true; - break; - } else { - LOGGER.warn("[" + colName + "] = " + val + " not equal to " + colVal); - } - } - rset.close(); - } catch (SQLException ex) { - LOGGER.error("SQLException: ", ex); - } catch (Exception ex) { - LOGGER.error("Exception: ", ex); - } finally { - try { - if (stmt != null) { - stmt.close(); - } - if (conn != null) { - conn.close(); - } - } catch (Exception ex) { - LOGGER.error("failed to close connection and statement: " + ex); - } - } - return status; - } - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - PolicyFile.setAdminOnServer1(ADMINGROUP); - - // prepare test db and base table - List<String> sqls = new ArrayList<String>(); - sqls.add("USE DEFAULT"); - sqls.add("DROP DATABASE IF EXISTS " + TEST_VIEW_DB + " CASCADE"); - sqls.add("CREATE DATABASE IF NOT EXISTS " + TEST_VIEW_DB); - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("CREATE TABLE " + TEST_VIEW_TB + " (userid VARCHAR(64), link STRING, source STRING) " - + "PARTITIONED BY (datestamp STRING) CLUSTERED BY (userid) INTO 256 BUCKETS STORED AS ORC"); - sqls.add("INSERT INTO TABLE " + TEST_VIEW_TB + " PARTITION (datestamp = '2014-09-23') VALUES " - + "('tlee', " + "'mail.com', 'sports.com'), ('jdoe', 'mail.com', null)"); - sqls.add("SELECT userid FROM " + TEST_VIEW_TB); - sqls.add("CREATE TABLE " + TEST_VIEW_TB2 + " (userid VARCHAR(64), name VARCHAR(64), age INT, " - + "gpa DECIMAL(3, 2)) CLUSTERED BY (age) INTO 2 BUCKETS STORED AS ORC"); - sqls.add("INSERT INTO TABLE " + TEST_VIEW_TB2 + " VALUES ('rgates', 'Robert Gates', 35, 1.28), " - + "('tlee', 'Tod Lee', 32, 2.32)"); - sqls.add("SELECT * FROM " + TEST_VIEW_TB2); - execBatch(ADMIN1, sqls); - } - - private void createTestRole(String user, String roleName) throws Exception { - Connection conn = context.createConnection(user); - Statement stmt = conn.createStatement(); - try { - exec(stmt, "DROP ROLE " + roleName); - } catch (Exception ex) { - LOGGER.info("test role doesn't exist, but it's ok"); - } finally { - exec(stmt, "CREATE ROLE " + roleName); - } - if (stmt != null) { - stmt.close(); - } - if (conn != null) { - conn.close(); - } - } - - private void grantAndValidatePrivilege(String testView, String testRole, String testGroup, - String user, boolean revoke) throws Exception { - createTestRole(ADMIN1, testRole); - List<String> sqls = new ArrayList<String>(); - - // grant privilege - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("GRANT SELECT ON TABLE " + testView + " TO ROLE " + testRole); - sqls.add("GRANT ROLE " + testRole + " TO GROUP " + testGroup); - execBatch(ADMIN1, sqls); - - // show grant should pass and could list view - assertTrue("can not find select privilege from " + testRole, - execValidate(ADMIN1, "SHOW GRANT ROLE " + testRole + " ON TABLE " + testView, - TEST_VIEW_DB, "privilege", "select")); - assertTrue("can not find " + testView, - execValidate(user, "SHOW TABLES", TEST_VIEW_DB, "tab_name", testView)); - - // select from view should pass - sqls.clear(); - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("SELECT * FROM " + testView); - execBatch(user, sqls); - - if (revoke) { - // revoke privilege - sqls.clear(); - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("REVOKE SELECT ON TABLE " + testView + " FROM ROLE " + testRole); - execBatch(ADMIN1, sqls); - - // shouldn't be able to show grant - assertFalse("should not find select from " + testRole, - execValidate(ADMIN1, "SHOW GRANT ROLE " + testRole + " ON TABLE " + testView, - TEST_VIEW_DB, "privilege", "select")); - - // select from view should fail - sqls.clear(); - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("SELECT * FROM " + testView); - try { - execBatch(user, sqls); - } catch (SQLException ex) { - LOGGER.info("Expected SQLException here", ex); - } - } - } - - private void grantAndValidatePrivilege(String testView, String testRole, - String testGroup, String user) throws Exception { - grantAndValidatePrivilege(testView, testRole, testGroup, user, true); - } - /** - * Create view1 and view2 from view1 - * Grant and validate select privileges to both views - * @throws Exception - */ - @Test - public void testDbViewFromView() throws Exception { - List<String> sqls = new ArrayList<String>(); - // create a simple view - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("CREATE VIEW " + TEST_VIEW + - "(userid,link) AS SELECT userid,link from " + TEST_VIEW_TB); - - // create another view from the previous view - String testView2 = "view1_from_" + TEST_VIEW; - //String testRole2 = testView2 + "_test_role"; - sqls.add(String.format("CREATE VIEW %s AS SELECT userid,link from %s", - testView2, TEST_VIEW)); - - String testView3 = "view2_from_" + TEST_VIEW; - sqls.add(String.format("CREATE VIEW %s(userid,link) AS SELECT userid,link from %s", - testView3, TEST_VIEW)); - - execBatch(ADMIN1, sqls); - - // validate privileges - grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1); - //grantAndValidatePrivilege(testView2, testRole2, USERGROUP2, USER2_1); - - // Disabled because of SENTRY-745, also need to backport HIVE-10875 - //grantAndValidatePrivilege(testView3, testRole3, USERGROUP3, USER3_1); - } - - /** - * Create a view by join two tables - * Grant and verify select privilege - * @throws Exception - */ - @Test - public void TestDbViewWithJoin() throws Exception { - List<String> sqls = new ArrayList<String>(); - // create a joint view - sqls.add("USE " + TEST_VIEW_DB); - sqls.add(String.format("create view %s as select name,age,gpa from %s join %s on " - + "(%s.userid=%s.userid) where name='Tod Lee'", TEST_VIEW, TEST_VIEW_TB2, - TEST_VIEW_TB, TEST_VIEW_TB2, TEST_VIEW_TB)); - execBatch(ADMIN1, sqls); - - // validate privileges - grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1); - } - - /** - * Create a view with nested query - * Grant and verify select privilege - * @throws Exception - * SENTRY-716: Hive plugin does not correctly enforce - * privileges for new in case of nested queries - * Once backport HIVE-10875 to Sentry repo, will enable this test. - */ - @Ignore ("After SENTRY-716 is fixed, turn on this test") - @Test - public void TestDbViewWithNestedQuery() throws Exception { - List<String> sqls = new ArrayList<String>(); - // create a joint view - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("CREATE VIEW " + TEST_VIEW + " AS SELECT * FROM " + TEST_VIEW_TB); - execBatch(ADMIN1, sqls); - grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1, false); - - sqls.clear(); - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("SELECT * FROM (SELECT * FROM " + TEST_VIEW + ") v2"); - execBatch(USER1_1, sqls); - } - - /** - * Create a view with union two tables - * Grant and verify select privilege - * @throws Exception - * SENTRY-747: Create a view by union tables, grant select - * then select from view encounter errors - * Once backport HIVE-10875 to Sentry repo, will enable this test. - */ - @Ignore ("After SENTRY-747 is fixed, turn on this test") - @Test - public void TestDbViewWithUnion() throws Exception { - List<String> sqls = new ArrayList<String>(); - String testTable = "test_user_info"; - sqls.add("USE " + TEST_VIEW_DB); - sqls.add("DROP TABLE IF EXISTS " + testTable); - sqls.add("CREATE TABLE " + testTable + " (userid VARCHAR(64), name STRING, address STRING, tel STRING) "); - sqls.add("INSERT INTO TABLE " + testTable + " VALUES " - + "('tlee', " + "'Tod Lee', '1234 23nd Ave SFO, CA', '123-456-7890')"); - sqls.add("SELECT * FROM " + testTable); - sqls.add(String.format("CREATE VIEW " + TEST_VIEW + " AS " - + "SELECT u.userid, u.name, u.address, res.uid " - + "FROM (" - + "SELECT t1.userid AS uid " - + "FROM %s t1 " - + "UNION ALL " - + "SELECT t2.userid AS uid " - + "FROM %s t2 " - + ") res JOIN %s u ON (u.userid = res.uid)", - TEST_VIEW_TB, TEST_VIEW_TB2, testTable)); - execBatch(ADMIN1, sqls); - grantAndValidatePrivilege(TEST_VIEW, TEST_VIEW_ROLE, USERGROUP1, USER1_1); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java deleted file mode 100644 index 867b84c..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbConnections.java +++ /dev/null @@ -1,150 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.tests.e2e.dbprovider; - -import static org.junit.Assert.*; - -import java.sql.Connection; -import java.sql.Statement; - -import org.apache.sentry.core.common.exception.SentryAccessDeniedException; -import org.apache.sentry.core.common.exception.SentryAlreadyExistsException; -import org.apache.sentry.provider.file.PolicyFile; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; - -public class TestDbConnections extends AbstractTestWithStaticConfiguration { - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - PolicyFile.setAdminOnServer1(ADMINGROUP); - } - - /** - * Currently the hive binding opens a new server connection for each - * statement. This test verifies that the client connection is closed properly - * at the end. Test Queries, DDLs, Auth DDLs and metadata filtering (eg show - * tables/databases) - * @throws Exception - */ - @Test - public void testClientConnections() throws Exception { - String roleName = "connectionTest"; - long preConnectionClientId; - // Connect through user admin1. - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - - assertEquals(0, getSentrySrv().getNumActiveClients()); - - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.execute("DROP DATABASE IF EXISTS DB_1 CASCADE"); - statement.execute("CREATE DATABASE DB_1"); - statement.execute("USE DB_1"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client connection is closed after DDLs. - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.execute("CREATE TABLE t1 (c1 string)"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client connection is closed after queries. - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.execute("SELECT * FROM t1"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify client invocation via metastore filter. - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.executeQuery("show tables"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client connection is closed after drop table. - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.execute("DROP TABLE t1"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client connection is closed after auth DDL. - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.execute("CREATE ROLE " + roleName); - assertEquals(0, getSentrySrv().getNumActiveClients()); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - - context.assertSentryException(statement, "CREATE ROLE " + roleName, - SentryAlreadyExistsException.class.getSimpleName()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - statement.execute("DROP ROLE " + roleName); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify client invocation via metastore filter - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.executeQuery("show tables"); - // There are no tables, so auth check does not happen - // sentry will create connection to get privileges for cache - assertTrue(preConnectionClientId <= getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - statement.close(); - connection.close(); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Connect through user user1_1. - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client connection is closed after statement auth error. - preConnectionClientId = getSentrySrv().getTotalClients(); - context.assertAuthzException(statement, "USE DB_1"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client connection is closed after auth DDL error. - preConnectionClientId = getSentrySrv().getTotalClients(); - context.assertSentryException(statement, "CREATE ROLE " + roleName, - SentryAccessDeniedException.class.getSimpleName()); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - // Verify that client invocation via metastore filter. - preConnectionClientId = getSentrySrv().getTotalClients(); - statement.executeQuery("show databases"); - assertTrue(preConnectionClientId < getSentrySrv().getTotalClients()); - assertEquals(0, getSentrySrv().getNumActiveClients()); - - statement.close(); - connection.close(); - assertEquals(0, getSentrySrv().getNumActiveClients()); - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java deleted file mode 100644 index 0aa166c..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbCrossDbOps.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestCrossDbOps; -import org.junit.Before; -import org.junit.BeforeClass; - -/* Tests privileges at table scope with cross database access */ - -public class TestDbCrossDbOps extends TestCrossDbOps { - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception{ - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java deleted file mode 100644 index ffc37c4..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbDDLAuditLog.java +++ /dev/null @@ -1,293 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import static org.hamcrest.core.Is.is; -import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - -import java.sql.Connection; -import java.sql.Statement; -import java.util.HashMap; -import java.util.Map; - -import org.apache.log4j.Level; -import org.apache.log4j.Logger; -import org.apache.sentry.provider.db.log.appender.AuditLoggerTestAppender; -import org.apache.sentry.provider.db.log.util.CommandUtil; -import org.apache.sentry.provider.db.log.util.Constants; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.codehaus.jettison.json.JSONObject; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Ignore; -import org.junit.Test; - -public class TestDbDDLAuditLog extends AbstractTestWithStaticConfiguration { - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - Logger logger = Logger.getLogger("sentry.hive.authorization.ddl.logger"); - AuditLoggerTestAppender testAppender = new AuditLoggerTestAppender(); - logger.addAppender(testAppender); - logger.setLevel(Level.INFO); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - } - - @Test - @Ignore - public void testBasic() throws Exception { - String roleName = "testRole"; - String groupName = "testGroup"; - String dbName = "dbTest"; - String tableName = "tableTest"; - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - Map<String, String> fieldValueMap = new HashMap<String, String>(); - - // for success audit log - statement.execute("CREATE ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - statement.execute("GRANT ROLE " + roleName + " TO GROUP " + groupName); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE " + roleName + " TO GROUP " - + groupName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - statement.execute("create database " + dbName); - statement.execute("use " + dbName); - statement.execute("CREATE TABLE " + tableName + " (c1 string)"); - statement.execute("GRANT ALL ON DATABASE " + dbName + " TO ROLE " + roleName); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ALL ON DATABASE " + dbName - + " TO ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_DATABASE_NAME, dbName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - statement.execute("GRANT SELECT ON TABLE " + tableName + " TO ROLE " + roleName - + " WITH GRANT OPTION"); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON TABLE " + tableName - + " TO ROLE " + roleName + " WITH GRANT OPTION"); - fieldValueMap.put(Constants.LOG_FIELD_TABLE_NAME, tableName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - // for error audit log - try { - statement.execute("CREATE ROLE " + roleName); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - try { - statement.execute("GRANT ROLE errorROLE TO GROUP " + groupName); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE errorROLE TO GROUP " - + groupName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - try { - statement.execute("GRANT ALL ON DATABASE " + dbName + " TO ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ALL ON DATABASE " + dbName - + " TO ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - try { - statement.execute("GRANT INSERT ON DATABASE " + dbName + " TO ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT INSERT ON DATABASE " + dbName - + " TO ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - try { - statement.execute("GRANT SELECT ON DATABASE " + dbName + " TO ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON DATABASE " + dbName - + " TO ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - try { - statement.execute("GRANT SELECT ON TABLE " + tableName + " TO ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON TABLE " + tableName - + " TO ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - - statement.execute("REVOKE SELECT ON TABLE " + tableName + " FROM ROLE " + roleName); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE SELECT ON TABLE " + tableName - + " FROM ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_TABLE_NAME, tableName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - statement.execute("REVOKE ALL ON DATABASE " + dbName + " FROM ROLE " + roleName); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ALL ON DATABASE " + dbName - + " FROM ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_DATABASE_NAME, dbName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - statement.execute("REVOKE ROLE " + roleName + " FROM GROUP " + groupName); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE " + roleName - + " FROM GROUP " + groupName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - statement.execute("DROP ROLE " + roleName); - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE " + roleName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - - // for error audit log - try { - statement.execute("REVOKE SELECT ON TABLE " + tableName + " FROM ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE SELECT ON TABLE " + tableName - + " FROM ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - - try { - statement.execute("REVOKE ALL ON DATABASE " + dbName + " FROM ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ALL ON DATABASE " + dbName - + " FROM ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - - try { - statement.execute("REVOKE ROLE errorRole FROM GROUP " + groupName); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE errorRole FROM GROUP " - + groupName); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - - try { - statement.execute("DROP ROLE errorRole"); - fail("Exception should have been thrown"); - } catch (Exception e) { - fieldValueMap.clear(); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE); - fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE errorRole"); - fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE); - fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null); - assertAuditLog(fieldValueMap); - } - - statement.close(); - connection.close(); - } - - private void assertAuditLog(Map<String, String> fieldValueMap) throws Exception { - assertThat(AuditLoggerTestAppender.getLastLogLevel(), is(Level.INFO)); - JSONObject jsonObject = new JSONObject(AuditLoggerTestAppender.getLastLogEvent()); - if (fieldValueMap != null) { - for (Map.Entry<String, String> entry : fieldValueMap.entrySet()) { - String entryKey = entry.getKey(); - if (Constants.LOG_FIELD_IP_ADDRESS.equals(entryKey)) { - assertTrue(CommandUtil.assertIPInAuditLog(jsonObject.get(entryKey).toString())); - } else { - assertTrue(entry.getValue().equalsIgnoreCase(jsonObject.get(entryKey).toString())); - } - } - } - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java deleted file mode 100644 index a0450af..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java +++ /dev/null @@ -1,251 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; - -import java.io.File; -import java.io.FileOutputStream; -import java.sql.Connection; -import java.sql.ResultSet; -import java.sql.Statement; - -import org.apache.sentry.core.common.exception.SentryAccessDeniedException; -import org.apache.sentry.provider.file.PolicyFile; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; - -import com.google.common.io.Resources; - -public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { - private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat"; - private File dataFile; - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception{ - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME); - FileOutputStream to = new FileOutputStream(dataFile); - Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to); - to.close(); - PolicyFile.setAdminOnServer1(ADMINGROUP); - } - - @Test - public void testBasic() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("DROP TABLE IF EXISTS t1"); - statement.execute("CREATE TABLE t1 (c1 string)"); - statement.execute("CREATE ROLE user_role"); - statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); - statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1); - statement.close(); - connection.close(); - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - context.assertSentryException(statement, "CREATE ROLE r2", - SentryAccessDeniedException.class.getSimpleName()); - // test default of ALL - statement.execute("SELECT * FROM t1"); - // test a specific role - statement.execute("SET ROLE user_role"); - statement.execute("SELECT * FROM t1"); - - /** Dissabling test : see https://issues.apache.org/jira/browse/HIVE-6629 - // test NONE - statement.execute("SET ROLE NONE"); - context.assertAuthzException(statement, "SELECT * FROM t1"); - */ - - // test ALL - statement.execute("SET ROLE ALL"); - statement.execute("SELECT * FROM t1"); - statement.close(); - connection.close(); - } - - @Test - public void testNonDefault() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); - statement.execute("CREATE database " + DB1); - statement.execute("USE " + DB1); - statement.execute("CREATE TABLE t1 (c1 string)"); - statement.execute("CREATE ROLE user_role"); - statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); - statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1); - statement.close(); - connection.close(); - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - - statement.execute("SELECT * FROM " + DB1 + ".t1"); - statement.close(); - connection.close(); - } - - @Test - public void testUPrivileges() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("DROP TABLE IF EXISTS t1"); - statement.execute("CREATE TABLE t1 (c1 string)"); - statement.execute("CREATE ROLE user_role"); - statement.execute("CREATE ROLE uri_role"); - statement.execute("GRANT SELECT ON URI 'file://" + dataDir.getPath() - + "' TO ROLE uri_role"); - statement.execute("GRANT INSERT ON TABLE t1 TO ROLE user_role"); - - statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1); - statement.execute("GRANT ROLE uri_role TO GROUP " + USERGROUP1); - - ResultSet resultSet = statement.executeQuery("SHOW GRANT ROLE uri_role"); - assertTrue(resultSet.next()); - assertEquals("file://" + dataDir.getPath(), resultSet.getString(1)); - resultSet.close(); - - resultSet = statement.executeQuery("SHOW GRANT ROLE user_role"); - assertTrue(resultSet.next()); - assertEquals("default", resultSet.getString(1)); - assertEquals("t1", resultSet.getString(2)); - resultSet.close(); - - statement.close(); - connection.close(); - - } - - - -/** - * Steps: - * 1. admin create a new experimental database - * 2. admin create a new production database, create table, load data - * 3. admin grant privilege all@'experimental database' to usergroup1 - * 4. user create table, load data in experimental DB - * 5. user create view based on table in experimental DB - * 6. admin create table (same name) in production DB - * 7. admin grant [email protected] to group - * admin grant [email protected] to group - * 8. user load data from experimental table to production table - */ - @Test - public void testEndToEnd1() throws Exception { - - String tableName1 = "tb_1"; - String tableName2 = "tb_2"; - String viewName1 = "view_1"; - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - // 1 - statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); - statement.execute("CREATE DATABASE " + DB1); - // 2 - statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE"); - statement.execute("CREATE DATABASE " + DB2); - statement.execute("USE " + DB2); - statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName1); - statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName2); - statement.execute("create table " + DB2 + "." + tableName1 - + " (under_col int comment 'the under column', value string)"); - statement.execute("create table " + DB2 + "." + tableName2 - + " (under_col int comment 'the under column', value string)"); - statement.execute("load data local inpath '" + dataFile.getPath() - + "' into table " + tableName2); - - // 3 - statement.execute("CREATE ROLE all_db1"); - statement.execute("GRANT ALL ON DATABASE " + DB1 + " TO ROLE all_db1"); - - statement.execute("CREATE ROLE select_tb1"); - statement.execute("CREATE ROLE insert_tb1"); - statement.execute("CREATE ROLE insert_tb2"); - statement.execute("CREATE ROLE data_uri"); - - statement.execute("USE " + DB2); - statement.execute("GRANT INSERT ON TABLE " + tableName1 - + " TO ROLE insert_tb1"); - statement.execute("GRANT INSERT ON TABLE " + tableName2 - + " TO ROLE insert_tb2"); - statement.execute("GRANT ALL ON URI 'file://" + dataDir.getPath() - + "' TO ROLE data_uri"); - - statement.execute("USE " + DB1); - statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); - statement.execute("create table " + DB1 + "." + tableName1 - + " (under_col int comment 'the under column', value string)"); - statement.execute("GRANT SELECT ON TABLE " + tableName1 - + " TO ROLE select_tb1"); - - statement - .execute("GRANT ROLE all_db1, select_tb1, insert_tb1, insert_tb2, data_uri TO GROUP " - + USERGROUP1); - - statement.close(); - connection.close(); - - // 4 - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - statement.execute("USE " + DB1); - statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); - statement.execute("create table " + DB1 + "." + tableName1 - + " (under_col int comment 'the under column', value string)"); - statement.execute("load data local inpath '" + dataFile.getPath() - + "' into table " + tableName1); - - // 5 - statement.execute("CREATE VIEW " + viewName1 + " (value) AS SELECT value from " + tableName1 + " LIMIT 10"); - statement.close(); - connection.close(); - - // 7 - connection = context.createConnection(ADMIN1); - statement = context.createStatement(connection); - statement.execute("USE " + DB1); - statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); - statement.execute("create table " + DB1 + "." + tableName1 - + " (under_col int comment 'the under column', value string)"); - statement.close(); - connection.close(); - - // 8 - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - statement.execute("USE " + DB2); - - statement.execute("INSERT OVERWRITE TABLE " + - DB2 + "." + tableName2 + " SELECT * FROM " + DB1 - + "." + tableName1); - statement.close(); - connection.close(); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java deleted file mode 100644 index 43064ee..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbExportImportPrivileges.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestExportImportPrivileges; -import org.junit.Before; -import org.junit.BeforeClass; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class TestDbExportImportPrivileges extends TestExportImportPrivileges { - private static final Logger LOGGER = LoggerFactory. - getLogger(TestDbExportImportPrivileges.class); - @Override - @Before - public void setup() throws Exception { - LOGGER.info("TestDbExportImportPrivileges setup"); - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - LOGGER.info("TestDbExportImportPrivileges setupTestStaticConfiguration"); - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java deleted file mode 100644 index a26e90a..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbJDBCInterface.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestJDBCInterface; -import org.junit.Before; -import org.junit.BeforeClass; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class TestDbJDBCInterface extends TestJDBCInterface { - private static final Logger LOGGER = LoggerFactory. - getLogger(TestDbJDBCInterface.class); - @Override - @Before - public void setup() throws Exception { - LOGGER.info("TestDbJDBCInterface setup"); - super.setupAdmin(); - super.setup(); - } - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - LOGGER.info("TestDbJDBCInterface setupTestStaticConfiguration"); - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java deleted file mode 100644 index ec99b30..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataObjectRetrieval.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestMetadataObjectRetrieval; -import org.junit.Before; -import org.junit.BeforeClass; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class TestDbMetadataObjectRetrieval extends TestMetadataObjectRetrieval { - private static final Logger LOGGER = LoggerFactory - .getLogger(TestDbMetadataObjectRetrieval.class); - @Override - @Before - public void setup() throws Exception { - LOGGER.info("TestDbMetadataObjectRetrieval setup"); - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - LOGGER.info("TestDbMetadataObjectRetrieval setupTestStaticConfiguration"); - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java deleted file mode 100644 index 97b0e06..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMetadataPermissions.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestMetadataPermissions; -import org.junit.Before; -import org.junit.BeforeClass; - -public class TestDbMetadataPermissions extends TestMetadataPermissions { - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - - } - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java deleted file mode 100644 index cd27a4f..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbMovingToProduction.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestMovingToProduction; -import org.junit.Before; -import org.junit.BeforeClass; - -public class TestDbMovingToProduction extends TestMovingToProduction { - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java deleted file mode 100644 index 3fab344..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbOperations.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestOperations; -import org.junit.Before; -import org.junit.BeforeClass; - -public class TestDbOperations extends TestOperations{ - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java deleted file mode 100644 index 1bb82ed..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeAtTransform.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.apache.sentry.tests.e2e.hive.TestPrivilegeAtTransform; -import org.junit.Before; -import org.junit.BeforeClass; - -public class TestDbPrivilegeAtTransform extends TestPrivilegeAtTransform { - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - } - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - - } -}
