Updated Branches: refs/heads/master 07b8010c3 -> a93fb4161
SENTRY-88: Solr Collection Admin tests (CREATE,DELETE,RELOAD) (Vamsee Yarlagadda via Gregory Chanan) Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/a93fb416 Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/a93fb416 Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/a93fb416 Branch: refs/heads/master Commit: a93fb4161972a7ab75cb9b36de6f043c177f2461 Parents: 07b8010 Author: Gregory Chanan <[email protected]> Authored: Wed Jan 15 22:34:27 2014 -0800 Committer: Gregory Chanan <[email protected]> Committed: Wed Jan 15 22:34:27 2014 -0800 ---------------------------------------------------------------------- .../e2e/solr/AbstractSolrSentryTestBase.java | 151 +++++++++++++++++-- .../e2e/solr/TestCollAdminCoreOperations.java | 145 ++++++++++++++++++ .../tests/e2e/solr/TestQueryOperations.java | 4 + .../tests/e2e/solr/TestUpdateOperations.java | 4 + .../solr/sentry/test-authz-provider.ini | 109 ++++++++++--- 5 files changed, 381 insertions(+), 32 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a93fb416/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java index fcbc67c..05c5263 100644 --- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/AbstractSolrSentryTestBase.java @@ -19,6 +19,7 @@ package org.apache.sentry.tests.e2e.solr; import java.io.File; import java.io.IOException; import java.net.MalformedURLException; +import java.util.Collections; import java.util.Comparator; import java.util.Random; import java.util.SortedMap; @@ -30,7 +31,10 @@ import org.apache.hadoop.fs.Path; import org.apache.hadoop.hdfs.MiniDFSCluster; import org.apache.solr.SolrTestCaseJ4; import org.apache.solr.client.solrj.SolrQuery; +import org.apache.solr.client.solrj.SolrServer; import org.apache.solr.client.solrj.impl.CloudSolrServer; +import org.apache.solr.client.solrj.impl.HttpSolrServer; +import org.apache.solr.client.solrj.request.QueryRequest; import org.apache.solr.client.solrj.response.QueryResponse; import org.apache.solr.client.solrj.util.ClientUtils; import org.apache.solr.cloud.AbstractFullDistribZkTestBase; @@ -38,6 +42,10 @@ import org.apache.solr.cloud.ZkController; import org.apache.solr.common.SolrDocument; import org.apache.solr.common.SolrDocumentList; import org.apache.solr.common.SolrInputDocument; +import org.apache.solr.common.params.CollectionParams.CollectionAction; +import org.apache.solr.common.params.CoreAdminParams; +import org.apache.solr.common.params.ModifiableSolrParams; +import org.apache.solr.common.util.NamedList; import org.apache.solr.servlet.SolrDispatchFilter; import org.junit.After; @@ -390,6 +398,122 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe } /** + * Method to validate collection Admin operation pass + * @param solrUserName - User authenticated into Solr + * @param adminOp - Admin operation to be performed + * @param collectionName - Name of the collection to be queried + * @param ignoreError - boolean to specify whether to ignore the error if any occurred. + * (We may need this attribute for running DELETE command on a collection which doesn't exist) + * @throws Exception + */ + protected void verifyCollectionAdminOpPass(String solrUserName, + CollectionAction adminOp, + String collectionName) throws Exception { + String originalUser = getAuthenticatedUser(); + try { + setAuthenticationUser(solrUserName); + QueryRequest request = populateCollectionAdminParams(adminOp, collectionName); + SolrServer solrServer = createNewSolrServer("", getBaseUrl((HttpSolrServer) clients.get(0))); + try { + NamedList<Object> result = solrServer.request(request); + if (adminOp.compareTo(CollectionAction.CREATE) == 0) { + // Wait for collection creation to complete. + waitForRecoveriesToFinish(collectionName, false); + } + } finally { + solrServer.shutdown(); + } + } finally { + setAuthenticationUser(originalUser); + } + } + + /** + * Method to validate collection Admin operation fail + * @param solrUserName - User authenticated into Solr + * @param adminOp - Admin operation to be performed + * @param collectionName - Name of the collection to be queried + * @throws Exception + */ + protected void verifyCollectionAdminOpFail(String solrUserName, + CollectionAction adminOp, + String collectionName) throws Exception { + + String originalUser = getAuthenticatedUser(); + try { + setAuthenticationUser(solrUserName); + try { + QueryRequest request = populateCollectionAdminParams(adminOp, collectionName); + SolrServer solrServer = createNewSolrServer("", getBaseUrl((HttpSolrServer) clients.get(0))); + try { + NamedList<Object> result = solrServer.request(request); + if (adminOp.compareTo(CollectionAction.CREATE) == 0) { + // Wait for collection creation to complete. + waitForRecoveriesToFinish(collectionName, false); + } + } finally { + solrServer.shutdown(); + } + + fail("The specified user: " + solrUserName + " shouldn't get admin access for " + adminOp); + } catch (Exception exception) { + assertTrue("Expected " + SENTRY_ERROR_MSG + " in " + exception.toString(), + exception.toString().contains(SENTRY_ERROR_MSG)); + } + } finally { + setAuthenticationUser(originalUser); + } + } + + /** + * Method to populate the Solr params based on the collection admin being performed. + * @param adminOp - Collection admin operation + * @param collectionName - Name of the collection + * @return - instance of QueryRequest. + */ + public QueryRequest populateCollectionAdminParams(CollectionAction adminOp, + String collectionName) { + ModifiableSolrParams modParams = new ModifiableSolrParams(); + modParams.set(CoreAdminParams.ACTION, adminOp.name()); + switch (adminOp) { + case CREATE: + modParams.set("name", collectionName); + modParams.set("numShards", 2); + modParams.set("shards", "shard1,shard2"); + modParams.set("replicationFactor", 1); + break; + case DELETE: + modParams.set("name", collectionName); + break; + case RELOAD: + modParams.set("name", collectionName); + break; + case SPLITSHARD: + modParams.set("collection", collectionName); + modParams.set("shard", "shard1"); + break; + case DELETESHARD: + modParams.set("collection", collectionName); + modParams.set("shard", "shard1"); + break; + case CREATEALIAS: + modParams.set("name", collectionName); + modParams.set("collections", collectionName + "_underlying1" + + "," + collectionName + "_underlying2"); + break; + case DELETEALIAS: + modParams.set("name", collectionName); + break; + default: + throw new IllegalArgumentException("Admin operation: " + adminOp + " is not supported!"); + } + + QueryRequest request = new QueryRequest(modParams); + request.setPath("/admin/collections"); + return request; + } + + /** * Function to validate the count and content of two SolrDocumentList's. * @param solrOriginalDocs - Instance of initial set of solr docs before processing * @param solrResponseDocs - Instance of response solr docs after processing @@ -499,16 +623,25 @@ public abstract class AbstractSolrSentryTestBase extends AbstractFullDistribZkTe * @throws Exception */ protected void setupCollection(String collectionName) throws Exception { - // Authenticate as user "admin" - String originalUser = getAuthenticatedUser(); + verifyCollectionAdminOpPass(ADMIN_USER, + CollectionAction.CREATE, + collectionName); + } + + /** + * Function to delete a solr collection with the name passed as parameter + * (Runs commands as ADMIN user) + * @param collectionName - Name of the collection + * This function will simply ignore the errors raised in deleting the collections. + * e.g: As part of the clean up job, the tests can issue a DELETE command on the collection which doesn't exist. + */ + protected void deleteCollection(String collectionName) { try { - setAuthenticationUser(ADMIN_USER); - uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION - + File.separator + "conf"); - createCollection(collectionName, 1, 1, 1); - waitForRecoveriesToFinish(collectionName, false); - } finally { - setAuthenticationUser(originalUser); + verifyCollectionAdminOpPass(ADMIN_USER, + CollectionAction.DELETE, + collectionName); + } catch (Exception e) { + LOG.warn("Ignoring errors raised while deleting the collection : " + e.toString()); } } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a93fb416/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java new file mode 100644 index 0000000..865fd10 --- /dev/null +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java @@ -0,0 +1,145 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.tests.e2e.solr; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; + +import java.io.File; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashSet; +import java.util.List; +import java.util.Properties; +import java.util.Random; + +import org.apache.solr.common.params.CollectionParams.CollectionAction; + +@ThreadLeakScope(Scope.NONE) // hdfs client currently leaks thread(s) +public class TestCollAdminCoreOperations extends AbstractSolrSentryTestBase { + private static final Logger LOG = LoggerFactory + .getLogger(TestCollAdminCoreOperations.class); + private static final String ADMIN_COLLECTION_NAME = "admin"; + private static final String TEST_COLLECTION_NAME = "sentryCollection"; + private static final List<Boolean> BOOLEAN_VALUES = Arrays.asList(new Boolean[]{true, false}); + + /** + * Maximum number of combinations that will be tested by this class. + */ + private static final int MAX_TEST_RUNS = 64; + + /** + * Default number of combinations to be tested:15. + */ + private static int NUM_TESTS_TO_RUN = 15; + + @Override + public void doTest() throws Exception { + String maxTestsToRun = System.getProperty("sentry.solr.e2e.maxTestsToRun"); + if (maxTestsToRun != null) { + if (maxTestsToRun.compareToIgnoreCase("all") == 0) { + NUM_TESTS_TO_RUN = MAX_TEST_RUNS; + } else { + NUM_TESTS_TO_RUN = Integer.parseInt(maxTestsToRun); + if (NUM_TESTS_TO_RUN > MAX_TEST_RUNS) { + NUM_TESTS_TO_RUN = MAX_TEST_RUNS; + } + } + } + + Random randomNum = new Random(); + HashSet<Integer> iterationSet = new HashSet<Integer>(); + while (iterationSet.size() < NUM_TESTS_TO_RUN) { + iterationSet.add(randomNum.nextInt(MAX_TEST_RUNS)); + } + int testCounter = 0; + + ArrayList<String> testFailures = new ArrayList<String>(); + // Upload configs to ZK + uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION + + File.separator + "conf"); + for (boolean admin_query : BOOLEAN_VALUES) { + for (boolean admin_update : BOOLEAN_VALUES) { + for (boolean admin_all : BOOLEAN_VALUES) { + String admin_test_user = getUsernameForPermissions(ADMIN_COLLECTION_NAME, admin_query, admin_update, admin_all); + + for (boolean coll_query : BOOLEAN_VALUES) { + for (boolean coll_update : BOOLEAN_VALUES) { + for (boolean coll_all : BOOLEAN_VALUES) { + if (!iterationSet.contains(testCounter)) { + testCounter = testCounter + 1; + continue; + } + testCounter = testCounter + 1; + + String coll_test_user = null; + try { + coll_test_user = admin_test_user + .concat("__") + .concat(getUsernameForPermissions(TEST_COLLECTION_NAME, coll_query, coll_update, coll_all)); + LOG.info("TEST_USER: " + coll_test_user); + + // Setup the environment + deleteCollection(TEST_COLLECTION_NAME); + + if ((admin_all || admin_update) && (coll_all || coll_update)) { + verifyCollectionAdminOpPass(coll_test_user, + CollectionAction.CREATE, + TEST_COLLECTION_NAME); + verifyCollectionAdminOpPass(coll_test_user, + CollectionAction.RELOAD, + TEST_COLLECTION_NAME); + verifyCollectionAdminOpPass(coll_test_user, + CollectionAction.DELETE, + TEST_COLLECTION_NAME); + } else { + verifyCollectionAdminOpFail(coll_test_user, + CollectionAction.CREATE, + TEST_COLLECTION_NAME); + // In-order to test RELOAD, DELETE for the current user, + // we need to setup a collection. + setupCollection(TEST_COLLECTION_NAME); + verifyCollectionAdminOpFail(coll_test_user, + CollectionAction.RELOAD, + TEST_COLLECTION_NAME); + verifyCollectionAdminOpFail(coll_test_user, + CollectionAction.DELETE, + TEST_COLLECTION_NAME); + } + } catch (Throwable testException) { + StringWriter stringWriter = new StringWriter(); + PrintWriter printWriter = new PrintWriter(stringWriter); + testException.printStackTrace(printWriter); + testFailures.add("\n\nTestFailure: User -> " + coll_test_user + "\n" + + stringWriter.toString()); + } + } + } + } + } + } + } + + assertEquals("Total test failures: " + testFailures.size() + " \n\n" + + testFailures.toString() + "\n\n\n", 0, testFailures.size()); + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a93fb416/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java index a9b9f28..ace0d0f 100644 --- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java @@ -22,6 +22,7 @@ import org.slf4j.LoggerFactory; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; +import java.io.File; import java.io.PrintWriter; import java.io.StringWriter; import java.util.ArrayList; @@ -39,6 +40,9 @@ public class TestQueryOperations extends AbstractSolrSentryTestBase { @Override public void doTest() throws Exception { + // Upload configs to ZK + uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION + + File.separator + "conf"); setupCollection(COLLECTION_NAME); ArrayList<String> testFailures = new ArrayList<String>(); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a93fb416/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java index b57e6c6..aaca7b4 100644 --- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java @@ -22,6 +22,7 @@ import org.slf4j.LoggerFactory; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; +import java.io.File; import java.io.PrintWriter; import java.io.StringWriter; import java.util.ArrayList; @@ -39,6 +40,9 @@ public class TestUpdateOperations extends AbstractSolrSentryTestBase { @Override public void doTest() throws Exception { + // Upload configs to ZK + uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION + + File.separator + "conf"); setupCollection(COLLECTION_NAME); ArrayList<String> testFailures = new ArrayList<String>(); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a93fb416/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini b/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini index f988eae..3e02699 100644 --- a/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini +++ b/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini @@ -18,10 +18,10 @@ [groups] junit = junit_role admin = admin_role -sentry_collection_query_group = sentry_collection_query_role -sentry_collection_update_group = sentry_collection_update_role -sentry_collection_query_update_group = sentry_collection_query_update_role -sentry_collection_all_group = sentry_collection_all_role +sentryCollection_query_group = sentryCollection_query_role +sentryCollection_update_group = sentryCollection_update_role +sentryCollection_query_update_group = sentryCollection_query_update_role +sentryCollection_all_group = sentryCollection_all_role admin_query_group = admin_query_role admin_update_group = admin_update_role admin_query_update_group = admin_query_update_role @@ -29,11 +29,11 @@ admin_all_group = admin_all_role [roles] junit_role = collection=admin, collection=collection1 -admin_role = collection=admin, collection=collection1, collection=sentryCollection -sentry_collection_query_role = collection=sentryCollection->action=query -sentry_collection_update_role = collection=sentryCollection->action=update -sentry_collection_query_update_role = collection=sentryCollection->action=query, collection=sentryCollection->action=update -sentry_collection_all_role = collection=sentryCollection->action=* +admin_role = collection=admin, collection=collection1, collection=sentryCollection, collection=sentryCollection_underlying1, collection=sentryCollection_underlying2 +sentryCollection_query_role = collection=sentryCollection->action=query +sentryCollection_update_role = collection=sentryCollection->action=update +sentryCollection_query_update_role = collection=sentryCollection->action=query, collection=sentryCollection->action=update +sentryCollection_all_role = collection=sentryCollection->action=* admin_query_role = collection=admin->action=query admin_update_role = collection=admin->action=update admin_query_update_role = collection=admin->action=query, collection=admin->action=update @@ -42,17 +42,80 @@ admin_all_role = collection=admin->action=* [users] junit = junit admin = admin -sentryCollection_q = sentry_collection_query_group -sentryCollection_u = sentry_collection_update_group -sentryCollection_a = sentry_collection_all_group -sentryCollection_qu = sentry_collection_query_update_group -sentryCollection_ua = sentry_collection_update_group, sentry_collection_all_group -sentryCollection_qa = sentry_collection_query_group, sentry_collection_all_group -sentryCollection_qua = sentry_collection_query_group, sentry_collection_update_group, sentry_collection_all_group -admin_q = admin_query_group -admin_u = admin_update_group -admin_a = admin_all_group -admin_qu = admin_query_update_group -admin_ua = admin_update_group, admin_all_group -admin_qa = admin_query_group, admin_all_group -admin_qua = admin_query_group, admin_update_group, admin_all_group \ No newline at end of file +admin_qua = admin_query_group, admin_update_group, admin_all_group, +admin_qu = admin_query_group, admin_update_group, +admin_qa = admin_query_group, admin_all_group, +admin_q = admin_query_group, +admin_ua = admin_update_group, admin_all_group, +admin_u = admin_update_group, +admin_a = admin_all_group, +admin_qua__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_all_group, +admin___sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, +admin_qua__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, +admin_ua__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_update_group, +admin_a__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_all_group, +admin___sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, +admin_qua__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_all_group, +admin___sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, +admin_qua__sentryCollection_q = sentryCollection_query_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_q = sentryCollection_query_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_q = sentryCollection_query_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_q = sentryCollection_query_group, admin_query_group, +admin_ua__sentryCollection_q = sentryCollection_query_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_q = sentryCollection_query_group, admin_update_group, +admin_a__sentryCollection_q = sentryCollection_query_group, admin_all_group, +admin___sentryCollection_q = sentryCollection_query_group, +admin_qua__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_all_group, +admin___sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, +admin_qua__sentryCollection_u = sentryCollection_update_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_u = sentryCollection_update_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_u = sentryCollection_update_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_u = sentryCollection_update_group, admin_query_group, +admin_ua__sentryCollection_u = sentryCollection_update_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_u = sentryCollection_update_group, admin_update_group, +admin_a__sentryCollection_u = sentryCollection_update_group, admin_all_group, +admin___sentryCollection_u = sentryCollection_update_group, +admin_qua__sentryCollection_a = sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_a = sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_a = sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_a = sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_a = sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_a = sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_a = sentryCollection_all_group, admin_all_group, +admin___sentryCollection_a = sentryCollection_all_group, +admin_qua__sentryCollection_ = admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_ = admin_query_group, admin_update_group, +admin_qa__sentryCollection_ = admin_query_group, admin_all_group, +admin_q__sentryCollection_ = admin_query_group, +admin_ua__sentryCollection_ = admin_update_group, admin_all_group, +admin_u__sentryCollection_ = admin_update_group, +admin_a__sentryCollection_ = admin_all_group, +sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, +sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, +sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, +sentryCollection_q = sentryCollection_query_group, +sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, +sentryCollection_u = sentryCollection_update_group, +sentryCollection_a = sentryCollection_all_group, \ No newline at end of file
