http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java b/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java deleted file mode 100644 index 9335c37..0000000 --- a/sentry-binding/sentry-binding-hive-v2/src/test/java/org/apache/sentry/binding/hive/v2/DummyHiveAuthenticationProvider.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more contributor license - * agreements. See the NOTICE file distributed with this work for additional information regarding - * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance with the License. You may obtain a - * copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software distributed under the License - * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the License for the specific language governing permissions and limitations under - * the License. - */ -package org.apache.sentry.binding.hive.v2; - -import java.util.List; - -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.hive.ql.metadata.HiveException; -import org.apache.hadoop.hive.ql.security.HiveAuthenticationProvider; -import org.apache.hadoop.hive.ql.session.SessionState; - -public class DummyHiveAuthenticationProvider implements HiveAuthenticationProvider { - - private String userName; - private Configuration conf; - - @Override - public void setConf(Configuration conf) { - this.conf = conf; - } - - @Override - public Configuration getConf() { - return conf; - } - - @Override - public String getUserName() { - return userName; - } - - @Override - public List<String> getGroupNames() { - return null; - } - - @Override - public void destroy() throws HiveException { - - } - - @Override - public void setSessionState(SessionState ss) { - - } - - public void setUserName(String user) { - this.userName = user; - } - -}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/pom.xml b/sentry-tests/sentry-tests-hive-v2/pom.xml deleted file mode 100644 index b129ed6..0000000 --- a/sentry-tests/sentry-tests-hive-v2/pom.xml +++ /dev/null @@ -1,530 +0,0 @@ -<?xml version="1.0"?> -<!-- -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-tests</artifactId> - <version>2.1.0-SNAPSHOT</version> - </parent> - <artifactId>sentry-tests-hive-v2</artifactId> - <name>Sentry Hive Tests v2</name> - <description>end to end tests for sentry-hive-v2 integration</description> - <properties> - <!-- - <hadoop-dist>.</hadoop-dist> - <hive-dist>${hadoop-dist}</hive-dist> - --> - <HADOOP_CONF_DIR>${env.HADOOP_CONF_DIR}</HADOOP_CONF_DIR> - <HIVE_CONF_DIR>${env.HIVE_CONF_DIR}</HIVE_CONF_DIR> - </properties> - <dependencies> - <dependency> - <groupId>org.apache.thrift</groupId> - <artifactId>libthrift</artifactId> - <exclusions> - <exclusion> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - </exclusion> - <exclusion> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpcore</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.apache.derby</groupId> - <artifactId>derby</artifactId> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-service</artifactId> - <version>${hive.version}</version> - <exclusions> - <exclusion> - <groupId>ant</groupId> - <artifactId>ant</artifactId> - </exclusion> - </exclusions> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-shims</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-serde</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-metastore</artifactId> - <exclusions> - <exclusion> - <groupId>org.datanucleus</groupId> - <artifactId>datanucleus-core</artifactId> - </exclusion> - <exclusion> - <groupId>org.datanucleus</groupId> - <artifactId>datanucleus-rdbms</artifactId> - </exclusion> - </exclusions> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-jdbc</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-hbase-handler</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-exec</artifactId> - <exclusions> - <exclusion> - <groupId>org.datanucleus</groupId> - <artifactId>datanucleus-core</artifactId> - </exclusion> - <exclusion> - <groupId>org.datanucleus</groupId> - <artifactId>datanucleus-rdbms</artifactId> - </exclusion> - </exclusions> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-contrib</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-common</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-cli</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive.hcatalog</groupId> - <artifactId>hive-hcatalog-core</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive.hcatalog</groupId> - <artifactId>hive-hcatalog-pig-adapter</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-beeline</artifactId> - <version>${hive.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-common</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-annotations</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-auth</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-hdfs</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-mapreduce-client-common</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-mapreduce-client-core</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-mapreduce-client-jobclient</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-mapreduce-client-shuffle</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-yarn-api</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-yarn-common</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-yarn-server-common</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-yarn-server-nodemanager</artifactId> - <version>${hadoop.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.pig</groupId> - <artifactId>pig</artifactId> - <version>${pig.version}</version> - <classifier>h2</classifier> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> - <dependency> - <groupId>org.easytesting</groupId> - <artifactId>fest-reflect</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-binding-hive-v2</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-db</artifactId> - <exclusions> - <exclusion> - <groupId>org.apache.hive</groupId> - <artifactId>hive-beeline</artifactId> - </exclusion> - </exclusions> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-file</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-hdfs-common</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-hdfs-service</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-hdfs-namenode-plugin</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-engine</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-minicluster</artifactId> - <scope>test</scope> -<!-- - <exclusions> - <exclusion> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-mapreduce-client-jobclient</artifactId> - </exclusion> - </exclusions> ---> - </dependency> - <dependency> - <groupId>org.hamcrest</groupId> - <artifactId>hamcrest-all</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.curator</groupId> - <artifactId>curator-framework</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.zookeeper</groupId> - <artifactId>zookeeper</artifactId> - <exclusions> - <exclusion> - <groupId>org.jboss.netty</groupId> - <artifactId>netty</artifactId> - </exclusion> - </exclusions> - <scope>test</scope> - </dependency> - <dependency> - <groupId>joda-time</groupId> - <artifactId>joda-time</artifactId> - <version>${joda-time.version}</version> - <scope>test</scope> - </dependency> - </dependencies> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <reuseForks>false</reuseForks> - <systemPropertyVariables> - <buildDirectory>${project.build.directory}</buildDirectory> - </systemPropertyVariables> - </configuration> - </plugin> - </plugins> - <pluginManagement> - <plugins> - <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.--> - <plugin> - <groupId>org.eclipse.m2e</groupId> - <artifactId>lifecycle-mapping</artifactId> - <version>1.0.0</version> - <configuration> - <lifecycleMappingMetadata> - <pluginExecutions> - <pluginExecution> - <pluginExecutionFilter> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-antrun-plugin</artifactId> - <versionRange>[1.7,)</versionRange> - <goals> - <goal>run</goal> - </goals> - </pluginExecutionFilter> - <action> - <ignore></ignore> - </action> - </pluginExecution> - </pluginExecutions> - </lifecycleMappingMetadata> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - <profiles> - <profile> - <id>link-hadoop</id> - <activation> - <activeByDefault>false</activeByDefault> - <property><name>!skipTests</name></property> - </activation> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <environmentVariables> - <SENTRY_HADOOP_TEST_CLASSPATH>${maven.test.classpath}</SENTRY_HADOOP_TEST_CLASSPATH> - </environmentVariables> - </configuration> - </plugin> - </plugins> - </build> - </profile> - <profile> - <id>cluster-hadoop</id> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <version>1.0</version> - <executions> - <execution> - <id>enforce-property</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireProperty> - <property>HADOOP_CONF_DIR</property> - <message>HADOOP_CONF_DIR env. variable has to be set</message> - </requireProperty> - <requireProperty> - <property>HIVE_CONF_DIR</property> - <message>HIVE_CONF_DIR env. variable has to be set</message> - </requireProperty> - </rules> - <fail>true</fail> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <systemPropertyVariables> - <buildDirectory>${project.build.directory}</buildDirectory> - </systemPropertyVariables> - <additionalClasspathElements> - <additionalClasspathElement>${HIVE_CONF_DIR}</additionalClasspathElement> - <additionalClasspathElement>${HADOOP_CONF_DIR}</additionalClasspathElement> - </additionalClasspathElements> - <includes> - <include>**/TestCrossDbOps.java</include> - <include>**/TestEndToEnd.java</include> - <include>**/TestMetadataObjectRetrieval.java</include> - <include>**/TestMetadataPermissions.java</include> - <include>**/TestMovingToProduction.java</include> - <include>**/TestPerDatabasePolicyFile.java</include> - <include>**/TestPrivilegeAtTransform.java</include> - <include>**/TestPrivilegesAtDatabaseScope.java</include> - <include>**/TestPrivilegesAtTableScope.java</include> - <include>**/TestSandboxOps.java</include> - <include>**/TestExportImportPrivileges.java</include> - <include>**/TestUriPermissions.java</include> - <include>**/TestRuntimeMetadataRetrieval.java</include> - <include>**/TestOperations.java</include> - <include>**/TestPrivilegesAtColumnScope.java</include> - </includes> - <argLine>-Dsentry.e2etest.hiveServer2Type=UnmanagedHiveServer2 -Dsentry.e2etest.DFSType=ClusterDFS</argLine> - </configuration> - </plugin> - </plugins> - </build> - </profile> - <profile> - <id>cluster-hadoop-provider-db</id> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <version>1.0</version> - <executions> - <execution> - <id>enforce-property</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireProperty> - <property>HADOOP_CONF_DIR</property> - <message>HADOOP_CONF_DIR env. variable has to be set</message> - </requireProperty> - <requireProperty> - <property>HIVE_CONF_DIR</property> - <message>HIVE_CONF_DIR env. variable has to be set</message> - </requireProperty> - </rules> - <fail>true</fail> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <systemPropertyVariables> - <buildDirectory>${project.build.directory}</buildDirectory> - </systemPropertyVariables> - <additionalClasspathElements> - <additionalClasspathElement>${HIVE_CONF_DIR}</additionalClasspathElement> - <additionalClasspathElement>${HADOOP_CONF_DIR}</additionalClasspathElement> - </additionalClasspathElements> - <includes> - <include>**/TestDbCrossDbOps.java</include> - <include>**/TestDbEndToEnd.java</include> - <include>**/TestDbMetadataObjectRetrieval.java</include> - <include>**/TestDbMetadataPermissions.java</include> - <include>**/TestDbMovingToProduction.java</include> - <include>**/TestDbPerDatabasePolicyFile.java</include> - <include>**/TestDbPrivilegeAtTransform.java</include> - <include>**/TestDbPrivilegesAtDatabaseScope.java</include> - <include>**/TestDbPrivilegesAtTableScope.java</include> - <include>**/TestDbSandboxOps.java</include> - <include>**/TestDbExportImportPrivileges.java</include> - <include>**/TestDbUriPermissions.java</include> - <include>**/TestDbRuntimeMetadataRetrieval.java</include> - <include>**/TestDatabaseProvider.java</include> - <include>**/TestDbOperations.java</include> - <include>**/TestPrivilegeWithGrantOption.java</include> - <include>**/TestDbPrivilegesAtColumnScope.java</include> - <include>**/TestColumnEndToEnd.java</include> - <include>**/TestDbComplexView.java</include> - <include>**/TestConcurrentClients</include> - </includes> - <argLine>-Dsentry.e2etest.hiveServer2Type=UnmanagedHiveServer2 -Dsentry.e2etest.DFSType=ClusterDFS -Dsentry.e2etest.external.sentry=true</argLine> - </configuration> - </plugin> - </plugins> - </build> - </profile> - </profiles> -</project> http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java deleted file mode 100644 index 4c416f7..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import java.io.File; -import java.sql.Connection; -import java.sql.Statement; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import java.util.concurrent.TimeoutException; - -import org.apache.commons.io.FileUtils; -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.hive.conf.HiveConf; -import org.apache.hadoop.hive.conf.HiveConf.ConfVars; -import org.apache.sentry.binding.hive.v2.SentryHiveAuthorizationTaskFactoryImplV2; -import org.apache.sentry.provider.db.SimpleDBProviderBackend; -import org.apache.sentry.provider.file.PolicyFile; -import org.apache.sentry.service.thrift.SentryService; -import org.apache.sentry.service.thrift.SentryServiceFactory; -import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig; -import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithHiveServer; -import org.apache.sentry.tests.e2e.hive.Context; -import org.apache.sentry.tests.e2e.hive.StaticUserGroup; -import org.apache.sentry.tests.e2e.hive.hiveserver.HiveServerFactory; -import org.junit.AfterClass; -import org.junit.BeforeClass; - -import com.google.common.base.Preconditions; -import com.google.common.collect.Maps; -import com.google.common.io.Files; - -public abstract class AbstractTestWithDbProvider extends AbstractTestWithHiveServer { - - protected static final String SERVER_HOST = "localhost"; - - protected static Map<String, String> properties = Maps.newHashMap(); - private static File dbDir; - private static int sentryServerCount = 1; - private static List<SentryService> servers = new ArrayList<SentryService>(sentryServerCount); - private static Configuration conf; - private static PolicyFile policyFile; - private static File policyFilePath; - protected static Context context; - - @BeforeClass - public static void setupTest() throws Exception { - } - - public static void createContext() throws Exception { - conf = new Configuration(false); - policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP); - properties.put(HiveServerFactory.AUTHZ_PROVIDER_BACKEND, SimpleDBProviderBackend.class.getName()); - properties.put(ConfVars.HIVE_AUTHORIZATION_TASK_FACTORY.varname, - SentryHiveAuthorizationTaskFactoryImplV2.class.getName()); - properties.put(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE); - properties.put(ServerConfig.ADMIN_GROUPS, ADMINGROUP); - properties.put(ServerConfig.RPC_ADDRESS, SERVER_HOST); - properties.put(ServerConfig.RPC_PORT, String.valueOf(0)); - dbDir = new File(Files.createTempDir(), "sentry_policy_db"); - properties.put(ServerConfig.SENTRY_STORE_JDBC_URL, - "jdbc:derby:;databaseName=" + dbDir.getPath() + ";create=true"); - properties.put(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy"); - properties.put(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false"); - properties.put(ServerConfig.SENTRY_STORE_GROUP_MAPPING, - ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING); - policyFilePath = new File(Files.createTempDir(), "sentry-policy-file.ini"); - properties.put(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE, - policyFilePath.getPath()); - - for (Map.Entry<String, String> entry : properties.entrySet()) { - conf.set(entry.getKey(), entry.getValue()); - } - for (int i = 0; i < sentryServerCount; i++) { - SentryService server = new SentryServiceFactory().create(new Configuration(conf)); - servers.add(server); - properties.put(ClientConfig.SERVER_RPC_ADDRESS, server.getAddress() - .getHostName()); - properties.put(ClientConfig.SERVER_RPC_PORT, - String.valueOf(server.getAddress().getPort())); - } - properties.put(HiveConf.ConfVars.METASTORE_AUTO_CREATE_ALL.varname, "true"); - context = AbstractTestWithHiveServer.createContext(properties); - policyFile - .setUserGroupMapping(StaticUserGroup.getStaticMapping()) - .write(context.getPolicyFile(), policyFilePath); - - startSentryService(); - } - - @AfterClass - public static void tearDown() throws Exception { - for (SentryService server : servers) { - if (server != null) { - server.stop(); - } - } - if (context != null) { - context.close(); - } - if (dbDir != null) { - FileUtils.deleteQuietly(dbDir); - } - } - - protected void setupAdmin(Context context) throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = connection.createStatement(); - statement.execute("CREATE ROLE admin_role"); - statement.execute("GRANT ALL ON SERVER " - + HiveServerFactory.DEFAULT_AUTHZ_SERVER_NAME + " TO ROLE admin_role"); - statement.execute("GRANT ROLE admin_role TO GROUP " + ADMINGROUP); - statement.close(); - connection.close(); - } - - private static void startSentryService() throws Exception { - for (SentryService server : servers) { - server.start(); - final long start = System.currentTimeMillis(); - while(!server.isRunning()) { - Thread.sleep(1000); - if(System.currentTimeMillis() - start > 60000L) { - throw new TimeoutException("Server did not start after 60 seconds"); - } - } - } - } - - protected void shutdownAllSentryService() throws Exception { - for (SentryService server : servers) { - if (server != null) { - server.stop(); - } - } - servers = null; - } - - protected void startSentryService(int serverCount) throws Exception { - Preconditions.checkArgument((serverCount > 0), "Server count should > 0."); - servers = new ArrayList<SentryService>(serverCount); - for (int i = 0; i < sentryServerCount; i++) { - SentryService server = new SentryServiceFactory().create(new Configuration(conf)); - servers.add(server); - } - startSentryService(); - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java deleted file mode 100644 index 22d4cf8..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestColumnEndToEnd.java +++ /dev/null @@ -1,417 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.tests.e2e.dbprovider; - -import static org.junit.Assert.*; - -import java.io.File; -import java.io.FileOutputStream; -import java.sql.Connection; -import java.sql.ResultSet; -import java.sql.SQLException; -import java.sql.Statement; -import java.util.ArrayList; -import java.util.List; - -import org.apache.sentry.core.common.exception.SentryAccessDeniedException; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; - -import com.google.common.io.Resources; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class TestColumnEndToEnd extends AbstractTestWithStaticConfiguration { - private static final Logger LOGGER = LoggerFactory. - getLogger(TestColumnEndToEnd.class); - - private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat"; - private File dataFile; - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception{ - LOGGER.info("TestColumnEndToEnd setupTestStaticConfiguration"); - useSentryService = true; - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - super.setup(); - super.setupPolicy(); - dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME); - FileOutputStream to = new FileOutputStream(dataFile); - Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to); - to.close(); - } - - @Test - public void testBasic() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("CREATE database " + DB1); - statement.execute("USE " + DB1); - statement.execute("CREATE TABLE t1 (c1 string)"); - statement.execute("CREATE ROLE user_role"); - statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); - statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1); - statement.close(); - connection.close(); - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - context.assertSentryException(statement, "CREATE ROLE r2", - SentryAccessDeniedException.class.getSimpleName()); - - statement.execute("SELECT * FROM " + DB1 + ".t1"); - statement.close(); - connection.close(); - } - - @Test - public void testDescribeTbl() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("CREATE TABLE IF NOT EXISTS t1 (c1 string, c2 string)"); - statement.execute("CREATE TABLE t2 (c1 string, c2 string)"); - statement.execute("CREATE ROLE user_role1"); - statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1"); - statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1); - statement.close(); - connection.close(); - - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - - // Expect that DESCRIBE table works with only column-level privileges, but other - // DESCRIBE variants like DESCRIBE FORMATTED fail. Note that if a user has privileges - // on any column they can describe all columns. - ResultSet rs = statement.executeQuery("DESCRIBE t1"); - assertTrue(rs.next()); - assertEquals("c1", rs.getString(1)); - assertEquals("string", rs.getString(2)); - assertTrue(rs.next()); - assertEquals("c2", rs.getString(1)); - assertEquals("string", rs.getString(2)); - - statement.executeQuery("DESCRIBE t1 c1"); - statement.executeQuery("DESCRIBE t1 c2"); - - try { - statement.executeQuery("DESCRIBE t2"); - fail("Expected DESCRIBE to fail on t2"); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - - try { - statement.executeQuery("DESCRIBE FORMATTED t1"); - fail("Expected DESCRIBE FORMATTED to fail"); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - - try { - statement.executeQuery("DESCRIBE EXTENDED t1"); - fail("Expected DESCRIBE EXTENDED to fail"); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - statement.close(); - connection.close(); - - // Cleanup - connection = context.createConnection(ADMIN1); - statement = context.createStatement(connection); - statement.execute("DROP TABLE t1"); - statement.execute("DROP TABLE t2"); - statement.execute("DROP ROLE user_role1"); - statement.close(); - connection.close(); - } - - @Test - public void testNegative() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("CREATE TABLE t1 (c1 string, c2 string)"); - statement.execute("CREATE ROLE user_role1"); - statement.execute("CREATE ROLE user_role2"); - statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1"); - statement.execute("GRANT SELECT (c1,c2) ON TABLE t1 TO ROLE user_role2"); - - //Make sure insert/all are not supported - try { - statement.execute("GRANT INSERT (c2) ON TABLE t1 TO ROLE user_role2"); - assertTrue("Sentry should not support privilege: Insert on Column", false); - } catch (Exception e) { - assertTrue("The error should be 'Sentry does not support privilege: Insert on Column'", - e.getMessage().toUpperCase().contains("SENTRY DOES NOT SUPPORT PRIVILEGE: INSERT ON COLUMN")); - } - try { - statement.execute("GRANT ALL (c2) ON TABLE t1 TO ROLE user_role2"); - assertTrue("Sentry should not support privilege: ALL on Column", false); - } catch (Exception e) { - assertTrue("The error should be 'Sentry does not support privilege: All on Column'", - e.getMessage().toUpperCase().contains("SENTRY DOES NOT SUPPORT PRIVILEGE: ALL ON COLUMN")); - } - statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1); - statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2); - statement.close(); - connection.close(); - - /* - Behavior of select col, select count(col), select *, and select count(*), count(1) - */ - // 1.1 user_role1 select c1,c2 from t1, will throw exception - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - try { - statement.execute("SELECT c1,c2 FROM t1"); - assertTrue("User with privilege on one column is able to access other column!!", false); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - - // 1.2 user_role1 count(col) works, *, count(*) and count(1) fails - statement.execute("SELECT count(c1) FROM t1"); - try { - statement.execute("SELECT * FROM t1"); - assertTrue("Select * should fail - only SELECT allowed on t1.c1!!", false); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - try { - statement.execute("SELECT count(*) FROM t1"); - assertTrue("Select count(*) should fail - only SELECT allowed on t1.c1!!", false); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - try { - statement.execute("SELECT count(1) FROM t1"); - assertTrue("Select count(1) should fail - only SELECT allowed on t1.c1!!", false); - } catch (SQLException e) { - context.verifyAuthzException(e); - } - - statement.close(); - connection.close(); - - - // 2.1 user_role2 can do *, count(col), but count(*) and count(1) fails - connection = context.createConnection(USER2_1); - statement = context.createStatement(connection); - statement.execute("SELECT count(c1) FROM t1"); - statement.execute("SELECT * FROM t1"); - - //SENTRY-838 - try { - statement.execute("SELECT count(*) FROM t1"); - assertTrue("Select count(*) works only with table level privileges - User has select on all columns!!", false); - } catch (Exception e) { - // Ignore - } - try { - statement.execute("SELECT count(1) FROM t1"); - assertTrue("Select count(1) works only with table level privileges - User has select on all columns!!", false); - } catch (Exception e) { - // Ignore - } - statement.close(); - connection.close(); - } - - @Test - public void testPositive() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("CREATE database " + DB1); - statement.execute("use " + DB1); - statement.execute("CREATE TABLE t1 (c1 string, c2 string)"); - statement.execute("CREATE ROLE user_role1"); - statement.execute("CREATE ROLE user_role2"); - statement.execute("CREATE ROLE user_role3"); - statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1"); - statement.execute("GRANT SELECT (c1, c2) ON TABLE t1 TO ROLE user_role2"); - statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role3"); - statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1); - statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2); - statement.execute("GRANT ROLE user_role3 TO GROUP " + USERGROUP3); - statement.close(); - connection.close(); - - // 1 user_role1 select c1 on t1 - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("SELECT c1 FROM t1"); - statement.execute("DESCRIBE t1"); - - // 2.1 user_role2 select c1,c2 on t1 - connection = context.createConnection(USER2_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("SELECT c1,c2 FROM t1"); - // 2.2 user_role2 select * on t1 - statement.execute("SELECT * FROM t1"); - - // 3.1 user_role3 select * on t1 - connection = context.createConnection(USER3_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("SELECT * FROM t1"); - // 3.2 user_role3 select c1,c2 on t1 - statement.execute("SELECT c1,c2 FROM t1"); - - statement.close(); - connection.close(); - } - - @Test - public void testCreateTableAsSelect() throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("CREATE database " + DB1); - statement.execute("use " + DB1); - statement.execute("CREATE TABLE t1 (c1 string, c2 string)"); - statement.execute("CREATE ROLE user_role1"); - statement.execute("CREATE ROLE user_role2"); - statement.execute("CREATE ROLE user_role3"); - statement.execute("GRANT SELECT (c1) ON TABLE t1 TO ROLE user_role1"); - statement.execute("GRANT SELECT (c1, c2) ON TABLE t1 TO ROLE user_role2"); - statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role3"); - statement.execute("GRANT CREATE ON DATABASE " + DB1 + " TO ROLE user_role1"); - statement.execute("GRANT CREATE ON DATABASE " + DB1 + " TO ROLE user_role2"); - statement.execute("GRANT CREATE ON DATABASE " + DB1 + " TO ROLE user_role3"); - statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1); - statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2); - statement.execute("GRANT ROLE user_role3 TO GROUP " + USERGROUP3); - statement.close(); - connection.close(); - - // 1 user_role1 create table as select - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("CREATE TABLE t1_1 AS SELECT c1 FROM t1"); - try { - statement.execute("CREATE TABLE t1_2 AS SELECT * FROM t1"); - assertTrue("no permission on table t1!!", false); - } catch (Exception e) { - // Ignore - } - - // 2 user_role2 create table as select - connection = context.createConnection(USER2_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("CREATE TABLE t2_1 AS SELECT c1 FROM t1"); - statement.execute("CREATE TABLE t2_2 AS SELECT * FROM t1"); - - // 3 user_role3 create table as select - connection = context.createConnection(USER3_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("CREATE TABLE t3_1 AS SELECT c1 FROM t1"); - statement.execute("CREATE TABLE t3_2 AS SELECT * FROM t1"); - - statement.close(); - connection.close(); - } - - @Test - public void testShowColumns() throws Exception { - // grant select on test_tb(s) to USER1_1 - Connection connection = context.createConnection(ADMIN1); - Statement statement = context.createStatement(connection); - statement.execute("CREATE database " + DB1); - statement.execute("use " + DB1); - statement.execute("CREATE TABLE test_tb (s string, i string)"); - statement.execute("CREATE ROLE user_role1"); - statement.execute("GRANT SELECT (s) ON TABLE test_tb TO ROLE user_role1"); - statement.execute("GRANT ROLE user_role1 TO GROUP " + USERGROUP1); - statement.close(); - connection.close(); - - // USER1_1 executes "show columns in test_tb" and gets the s column information - connection = context.createConnection(USER1_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - ResultSet res = statement.executeQuery("show columns in test_tb"); - - List<String> expectedResult = new ArrayList<String>(); - List<String> returnedResult = new ArrayList<String>(); - expectedResult.add("s"); - while (res.next()) { - returnedResult.add(res.getString(1).trim()); - } - validateReturnedResult(expectedResult, returnedResult); - returnedResult.clear(); - expectedResult.clear(); - res.close(); - - statement.close(); - connection.close(); - - // grant select on test_tb(s, i) to USER2_1 - connection = context.createConnection(ADMIN1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - statement.execute("CREATE ROLE user_role2"); - statement.execute("GRANT SELECT(s, i) ON TABLE test_tb TO ROLE user_role2"); - statement.execute("GRANT ROLE user_role2 TO GROUP " + USERGROUP2); - statement.close(); - connection.close(); - - // USER2_1 executes "show columns in test_tb" and gets the s,i columns information - connection = context.createConnection(USER2_1); - statement = context.createStatement(connection); - statement.execute("use " + DB1); - res = statement.executeQuery("show columns in test_tb"); - - expectedResult.add("s"); - expectedResult.add("i"); - while (res.next()) { - returnedResult.add(res.getString(1).trim()); - } - validateReturnedResult(expectedResult, returnedResult); - returnedResult.clear(); - expectedResult.clear(); - res.close(); - - statement.close(); - connection.close(); - - // USER3_1 executes "show columns in test_tb" and the exception will be thrown - connection = context.createConnection(USER3_1); - statement = context.createStatement(connection); - try { - // USER3_1 has no privilege on any column, so "show columns in test_tb" will throw an exception - statement.execute("show columns in db_1.test_tb"); - fail("No valid privileges exception should have been thrown"); - } catch (Exception e) { - } - - statement.close(); - connection.close(); - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/e358fde7/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java b/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java deleted file mode 100644 index f7f60c7..0000000 --- a/sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestConcurrentClients.java +++ /dev/null @@ -1,343 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.tests.e2e.dbprovider; - -import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient; -import org.apache.sentry.provider.file.PolicyFile; -import org.apache.sentry.tests.e2e.hive.AbstractTestWithStaticConfiguration; - -import org.apache.sentry.tests.e2e.hive.StaticUserGroup; -import static org.junit.Assume.assumeTrue; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.sql.Connection; -import java.sql.ResultSet; -import java.sql.Statement; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang.RandomStringUtils; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertEquals; - -/** - * The test class implements concurrency tests to test: - * Sentry client, HS2 jdbc client etc. - */ -public class TestConcurrentClients extends AbstractTestWithStaticConfiguration { - private static final Logger LOGGER = LoggerFactory - .getLogger(TestConcurrentClients.class); - - private PolicyFile policyFile; - - // define scale for tests - private final int NUM_OF_TABLES = Integer.parseInt(System.getProperty( - "sentry.e2e.concurrency.test.tables-per-db", "1")); - private final int NUM_OF_PAR = Integer.parseInt(System.getProperty( - "sentry.e2e.concurrency.test.partitions-per-tb", "3")); - private final int NUM_OF_THREADS = Integer.parseInt(System.getProperty( - "sentry.e2e.concurrency.test.threads", "30")); - private final int NUM_OF_TASKS = Integer.parseInt(System.getProperty( - "sentry.e2e.concurrency.test.tasks", "100")); - private final Long HS2_CLIENT_TEST_DURATION_MS = Long.parseLong(System.getProperty( - "sentry.e2e.concurrency.test.hs2client.test.time.ms", "10000")); //millis - private final Long SENTRY_CLIENT_TEST_DURATION_MS = Long.parseLong(System.getProperty( - "sentry.e2e.concurrency.test.sentryclient.test.time.ms", "10000")); //millis - - private static Map<String, String> privileges = new HashMap<String, String>(); - static { - privileges.put("all_db1", "server=server1->db=" + DB1 + "->action=all"); - } - - @Override - @Before - public void setup() throws Exception { - super.setupAdmin(); - policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP) - .setUserGroupMapping(StaticUserGroup.getStaticMapping()); - writePolicyFile(policyFile); - } - - @BeforeClass - public static void setupTestStaticConfiguration() throws Exception { - assumeTrue(Boolean.parseBoolean(System.getProperty("sentry.scaletest.oncluster", "false"))); - useSentryService = true; // configure sentry client - clientKerberos = true; // need to get client configuration from testing environments - AbstractTestWithStaticConfiguration.setupTestStaticConfiguration(); - } - - static String randomString( int len ){ - return RandomStringUtils.random(len, true, false); - } - - private void execStmt(Statement stmt, String sql) throws Exception { - LOGGER.info("Running [" + sql + "]"); - stmt.execute(sql); - } - - private void createDbTb(String user, String db, String tb) throws Exception{ - Connection connection = context.createConnection(user); - Statement statement = context.createStatement(connection); - try { - execStmt(statement, "DROP DATABASE IF EXISTS " + db + " CASCADE"); - execStmt(statement, "CREATE DATABASE " + db); - execStmt(statement, "USE " + db); - for (int i = 0; i < NUM_OF_TABLES; i++) { - String tbName = tb + "_" + Integer.toString(i); - execStmt(statement, "CREATE TABLE " + tbName + " (a string) PARTITIONED BY (b string)"); - } - } catch (Exception ex) { - LOGGER.error("caught exception: " + ex); - } finally { - statement.close(); - connection.close(); - } - } - - private void createPartition(String user, String db, String tb) throws Exception{ - Connection connection = context.createConnection(user); - Statement statement = context.createStatement(connection); - try { - execStmt(statement, "USE " + db); - for (int j = 0; j < NUM_OF_TABLES; j++) { - String tbName = tb + "_" + Integer.toString(j); - for (int i = 0; i < NUM_OF_PAR; i++) { - String randStr = randomString(4); - String sql = "ALTER TABLE " + tbName + " ADD IF NOT EXISTS PARTITION (b = '" + randStr + "') "; - LOGGER.info("[" + i + "] " + sql); - execStmt(statement, sql); - } - } - } catch (Exception ex) { - LOGGER.error("caught exception: " + ex); - } finally { - statement.close(); - connection.close(); - } - } - - private void adminCreateRole(String roleName) throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement stmt = context.createStatement(connection); - try { - execStmt(stmt, "DROP ROLE " + roleName); - } catch (Exception ex) { - LOGGER.warn("Role does not exist " + roleName); - } finally { - try { - execStmt(stmt, "CREATE ROLE " + roleName); - } catch (Exception ex) { - LOGGER.error("caught exception when create new role: " + ex); - } finally { - stmt.close(); - connection.close(); - } - } - } - - private void adminCleanUp(String db, String roleName) throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement stmt = context.createStatement(connection); - try { - execStmt(stmt, "DROP DATABASE IF EXISTS " + db + " CASCADE"); - execStmt(stmt, "DROP ROLE " + roleName); - } catch (Exception ex) { - LOGGER.warn("Failed to clean up ", ex); - } finally { - stmt.close(); - connection.close(); - } - } - - private void adminShowRole(String roleName) throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement stmt = context.createStatement(connection); - boolean found = false; - try { - ResultSet rs = stmt.executeQuery("SHOW ROLES "); - while (rs.next()) { - if (rs.getString("role").equalsIgnoreCase(roleName)) { - LOGGER.info("Found role " + roleName); - found = true; - } - } - } catch (Exception ex) { - LOGGER.error("caught exception when show roles: " + ex); - } finally { - stmt.close(); - connection.close(); - } - assertTrue("failed to detect " + roleName, found); - } - - private void adminGrant(String test_db, String test_tb, - String roleName, String group) throws Exception { - Connection connection = context.createConnection(ADMIN1); - Statement stmt = context.createStatement(connection); - try { - execStmt(stmt, "USE " + test_db); - for (int i = 0; i < NUM_OF_TABLES; i++) { - String tbName = test_tb + "_" + Integer.toString(i); - execStmt(stmt, "GRANT ALL ON TABLE " + tbName + " TO ROLE " + roleName); - } - execStmt(stmt, "GRANT ROLE " + roleName + " TO GROUP " + group); - } catch (Exception ex) { - LOGGER.error("caught exception when grant permission and role: " + ex); - } finally { - stmt.close(); - connection.close(); - } - } - - /** - * A synchronized state class to track concurrency test status from each thread - */ - private final static class TestRuntimeState { - private int numSuccess = 0; - private boolean failed = false; - private Throwable firstException = null; - - public synchronized void setFirstException(Throwable e) { - failed = true; - if (firstException == null) { - firstException = e; - } - } - public synchronized void setNumSuccess() { - numSuccess += 1; - } - public synchronized int getNumSuccess() { - return numSuccess; - } - public synchronized Throwable getFirstException() { - return firstException; - } - } - - /** - * Test when concurrent HS2 clients talking to server, - * Privileges are correctly created and updated. - * @throws Exception - */ - @Test - public void testConccurentHS2Client() throws Exception { - ExecutorService executor = Executors.newFixedThreadPool(NUM_OF_THREADS); - final TestRuntimeState state = new TestRuntimeState(); - - for (int i = 0; i < NUM_OF_TASKS; i ++) { - executor.execute(new Runnable() { - @Override - public void run() { - LOGGER.info("Starting tests: create role, show role, create db and tbl, and create partitions"); - if (state.failed) { - return; - } - try { - Long startTime = System.currentTimeMillis(); - Long elapsedTime = 0L; - while (Long.compare(elapsedTime, HS2_CLIENT_TEST_DURATION_MS) <= 0) { - String randStr = randomString(5); - String test_role = "test_role_" + randStr; - String test_db = "test_db_" + randStr; - String test_tb = "test_tb_" + randStr; - LOGGER.info("Start to test sentry with hs2 client with role " + test_role); - adminCreateRole(test_role); - adminShowRole(test_role); - createDbTb(ADMIN1, test_db, test_tb); - adminGrant(test_db, test_tb, test_role, USERGROUP1); - createPartition(USER1_1, test_db, test_tb); - adminCleanUp(test_db, test_role); - elapsedTime = System.currentTimeMillis() - startTime; - LOGGER.info("elapsedTime = " + elapsedTime); - } - state.setNumSuccess(); - } catch (Exception e) { - LOGGER.error("Exception: " + e); - state.setFirstException(e); - } - } - }); - } - executor.shutdown(); - while (!executor.isTerminated()) { - Thread.sleep(1000); //millisecond - } - Throwable ex = state.getFirstException(); - assertFalse( ex == null ? "Test failed" : ex.toString(), state.failed); - assertEquals(NUM_OF_TASKS, state.getNumSuccess()); - } - - /** - * Test when concurrent sentry clients talking to sentry server, threads data are synchronized - * @throws Exception - */ - @Test - public void testConcurrentSentryClient() throws Exception { - final String HIVE_KEYTAB_PATH = - System.getProperty("sentry.e2etest.hive.policyOwnerKeytab"); - final SentryPolicyServiceClient client = getSentryClient("hive", HIVE_KEYTAB_PATH); - ExecutorService executor = Executors.newFixedThreadPool(NUM_OF_THREADS); - - final TestRuntimeState state = new TestRuntimeState(); - for (int i = 0; i < NUM_OF_TASKS; i ++) { - LOGGER.info("Start to test sentry client with task id [" + i + "]"); - executor.execute(new Runnable() { - @Override - public void run() { - if (state.failed) { - LOGGER.error("found one failed state, abort test from here."); - return; - } - try { - String randStr = randomString(5); - String test_role = "test_role_" + randStr; - LOGGER.info("Start to test role: " + test_role); - Long startTime = System.currentTimeMillis(); - Long elapsedTime = 0L; - while (Long.compare(elapsedTime, SENTRY_CLIENT_TEST_DURATION_MS) <= 0) { - LOGGER.info("Test role " + test_role + " runs " + elapsedTime + " ms."); - client.createRole(ADMIN1, test_role); - client.listAllRoles(ADMIN1); - client.grantServerPrivilege(ADMIN1, test_role, "server1", false); - client.listAllPrivilegesByRoleName(ADMIN1, test_role); - client.dropRole(ADMIN1, test_role); - elapsedTime = System.currentTimeMillis() - startTime; - } - state.setNumSuccess(); - } catch (Exception e) { - LOGGER.error("Sentry Client Testing Exception: ", e); - state.setFirstException(e); - } - } - }); - } - executor.shutdown(); - while (!executor.isTerminated()) { - Thread.sleep(1000); //millisecond - } - Throwable ex = state.getFirstException(); - assertFalse( ex == null ? "Test failed" : ex.toString(), state.failed); - assertEquals(NUM_OF_TASKS, state.getNumSuccess()); - } -}
