Repository: incubator-sentry Updated Branches: refs/heads/db_policy_store 822f4bf4c -> 22b6a3480
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java new file mode 100644 index 0000000..b7081ba --- /dev/null +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/ModifiableUserAuthenticationFilter.java @@ -0,0 +1,79 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.tests.e2e.solr; + +import java.io.IOException; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; + +import org.apache.solr.servlet.SolrHadoopAuthenticationFilter; +import org.apache.solr.servlet.SolrRequestParsers; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Authentication Filter that authenticates any request as user "junit" + */ +public class ModifiableUserAuthenticationFilter implements Filter { + private static final Logger LOG = LoggerFactory + .getLogger(ModifiableUserAuthenticationFilter.class); + + /** + * String that saves the user to be authenticated into Solr + */ + private static String userName = "admin"; + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + SolrRequestParsers.DEFAULT.setAddRequestHeadersToContext(true); + } + + @Override + public void destroy() { + } + + @Override + public void doFilter(ServletRequest request, ServletResponse response, + FilterChain chain) throws IOException, ServletException { + HttpServletRequest httpRequest = (HttpServletRequest) request; + httpRequest.setAttribute(SolrHadoopAuthenticationFilter.USER_NAME, userName); + chain.doFilter(request, response); + } + + /** + * Function to set the userName with the corresponding user passed as parameter + * @param solrUser + */ + public static void setUser(String solrUser) { + userName = solrUser; + } + + /** + * Function to return the authenticated user name defined. + * @param solrUser + */ + public static String getUser() { + return userName; + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java new file mode 100644 index 0000000..865fd10 --- /dev/null +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestCollAdminCoreOperations.java @@ -0,0 +1,145 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.tests.e2e.solr; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; + +import java.io.File; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashSet; +import java.util.List; +import java.util.Properties; +import java.util.Random; + +import org.apache.solr.common.params.CollectionParams.CollectionAction; + +@ThreadLeakScope(Scope.NONE) // hdfs client currently leaks thread(s) +public class TestCollAdminCoreOperations extends AbstractSolrSentryTestBase { + private static final Logger LOG = LoggerFactory + .getLogger(TestCollAdminCoreOperations.class); + private static final String ADMIN_COLLECTION_NAME = "admin"; + private static final String TEST_COLLECTION_NAME = "sentryCollection"; + private static final List<Boolean> BOOLEAN_VALUES = Arrays.asList(new Boolean[]{true, false}); + + /** + * Maximum number of combinations that will be tested by this class. + */ + private static final int MAX_TEST_RUNS = 64; + + /** + * Default number of combinations to be tested:15. + */ + private static int NUM_TESTS_TO_RUN = 15; + + @Override + public void doTest() throws Exception { + String maxTestsToRun = System.getProperty("sentry.solr.e2e.maxTestsToRun"); + if (maxTestsToRun != null) { + if (maxTestsToRun.compareToIgnoreCase("all") == 0) { + NUM_TESTS_TO_RUN = MAX_TEST_RUNS; + } else { + NUM_TESTS_TO_RUN = Integer.parseInt(maxTestsToRun); + if (NUM_TESTS_TO_RUN > MAX_TEST_RUNS) { + NUM_TESTS_TO_RUN = MAX_TEST_RUNS; + } + } + } + + Random randomNum = new Random(); + HashSet<Integer> iterationSet = new HashSet<Integer>(); + while (iterationSet.size() < NUM_TESTS_TO_RUN) { + iterationSet.add(randomNum.nextInt(MAX_TEST_RUNS)); + } + int testCounter = 0; + + ArrayList<String> testFailures = new ArrayList<String>(); + // Upload configs to ZK + uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION + + File.separator + "conf"); + for (boolean admin_query : BOOLEAN_VALUES) { + for (boolean admin_update : BOOLEAN_VALUES) { + for (boolean admin_all : BOOLEAN_VALUES) { + String admin_test_user = getUsernameForPermissions(ADMIN_COLLECTION_NAME, admin_query, admin_update, admin_all); + + for (boolean coll_query : BOOLEAN_VALUES) { + for (boolean coll_update : BOOLEAN_VALUES) { + for (boolean coll_all : BOOLEAN_VALUES) { + if (!iterationSet.contains(testCounter)) { + testCounter = testCounter + 1; + continue; + } + testCounter = testCounter + 1; + + String coll_test_user = null; + try { + coll_test_user = admin_test_user + .concat("__") + .concat(getUsernameForPermissions(TEST_COLLECTION_NAME, coll_query, coll_update, coll_all)); + LOG.info("TEST_USER: " + coll_test_user); + + // Setup the environment + deleteCollection(TEST_COLLECTION_NAME); + + if ((admin_all || admin_update) && (coll_all || coll_update)) { + verifyCollectionAdminOpPass(coll_test_user, + CollectionAction.CREATE, + TEST_COLLECTION_NAME); + verifyCollectionAdminOpPass(coll_test_user, + CollectionAction.RELOAD, + TEST_COLLECTION_NAME); + verifyCollectionAdminOpPass(coll_test_user, + CollectionAction.DELETE, + TEST_COLLECTION_NAME); + } else { + verifyCollectionAdminOpFail(coll_test_user, + CollectionAction.CREATE, + TEST_COLLECTION_NAME); + // In-order to test RELOAD, DELETE for the current user, + // we need to setup a collection. + setupCollection(TEST_COLLECTION_NAME); + verifyCollectionAdminOpFail(coll_test_user, + CollectionAction.RELOAD, + TEST_COLLECTION_NAME); + verifyCollectionAdminOpFail(coll_test_user, + CollectionAction.DELETE, + TEST_COLLECTION_NAME); + } + } catch (Throwable testException) { + StringWriter stringWriter = new StringWriter(); + PrintWriter printWriter = new PrintWriter(stringWriter); + testException.printStackTrace(printWriter); + testFailures.add("\n\nTestFailure: User -> " + coll_test_user + "\n" + + stringWriter.toString()); + } + } + } + } + } + } + } + + assertEquals("Total test failures: " + testFailures.size() + " \n\n" + + testFailures.toString() + "\n\n\n", 0, testFailures.size()); + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java new file mode 100644 index 0000000..ace0d0f --- /dev/null +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestQueryOperations.java @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.tests.e2e.solr; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; + +import java.io.File; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import org.apache.solr.common.SolrInputDocument; + +@ThreadLeakScope(Scope.NONE) // hdfs client currently leaks thread(s) +public class TestQueryOperations extends AbstractSolrSentryTestBase { + private static final Logger LOG = LoggerFactory + .getLogger(TestQueryOperations.class); + private static final String COLLECTION_NAME = "sentryCollection"; + private static final List<Boolean> BOOLEAN_VALUES = Arrays.asList(new Boolean[]{true, false}); + + @Override + public void doTest() throws Exception { + // Upload configs to ZK + uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION + + File.separator + "conf"); + setupCollection(COLLECTION_NAME); + ArrayList<String> testFailures = new ArrayList<String>(); + + for (boolean query : BOOLEAN_VALUES) { + for (boolean update : BOOLEAN_VALUES) { + for (boolean all : BOOLEAN_VALUES) { + String test_user = getUsernameForPermissions(COLLECTION_NAME, query, update, all); + LOG.info("TEST_USER: " + test_user); + + try { + cleanSolrCollection(COLLECTION_NAME); + SolrInputDocument solrInputDoc = createSolrTestDoc(); + uploadSolrDoc(COLLECTION_NAME, solrInputDoc); + if (all || query) { + verifyQueryPass(test_user, COLLECTION_NAME, ALL_DOCS); + } else { + verifyQueryFail(test_user, COLLECTION_NAME, ALL_DOCS); + } + } catch (Throwable testException) { + StringWriter stringWriter = new StringWriter(); + PrintWriter printWriter = new PrintWriter(stringWriter); + testException.printStackTrace(printWriter); + testFailures.add("\n\nTestFailure: User -> " + test_user + "\n" + + stringWriter.toString()); + } + } + } + } + + assertEquals("Total test failures: " + testFailures.size() + " \n\n" + + testFailures.toString() + "\n\n\n", 0, testFailures.size()); + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestSimpleUpdatePositiveTest.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestSimpleUpdatePositiveTest.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestSimpleUpdatePositiveTest.java deleted file mode 100644 index c5174b6..0000000 --- a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestSimpleUpdatePositiveTest.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.tests.e2e.solr; - -import java.io.File; -import org.apache.solr.client.solrj.impl.CloudSolrServer; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; -import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; - -@ThreadLeakScope(Scope.NONE) // hdfs client currently leaks thread(s) -public class TestSimpleUpdatePositiveTest extends AbstractSolrSentryTestBase { - private static final Logger LOG = LoggerFactory.getLogger(TestSimpleUpdatePositiveTest.class); - - /** - * Solr-sentry positive test on updates - */ - @Override - public void doTest() throws Exception { - uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION - + File.separator + "conf"); - createCollection(DEFAULT_COLLECTION, 1, 1, 1); - waitForRecoveriesToFinish(DEFAULT_COLLECTION, false); - CloudSolrServer cloudServer = getCommonCloudSolrServer(); - cloudServer.deleteByQuery("*:*"); - } -} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java new file mode 100644 index 0000000..aaca7b4 --- /dev/null +++ b/sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestUpdateOperations.java @@ -0,0 +1,87 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.tests.e2e.solr; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; + +import java.io.File; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import org.apache.solr.common.SolrInputDocument; + +@ThreadLeakScope(Scope.NONE) // hdfs client currently leaks thread(s) +public class TestUpdateOperations extends AbstractSolrSentryTestBase { + private static final Logger LOG = LoggerFactory + .getLogger(TestUpdateOperations.class); + private static final String COLLECTION_NAME = "sentryCollection"; + private static final List<Boolean> BOOLEAN_VALUES = Arrays.asList(new Boolean[]{true, false}); + + @Override + public void doTest() throws Exception { + // Upload configs to ZK + uploadConfigDirToZk(getSolrHome() + File.separator + DEFAULT_COLLECTION + + File.separator + "conf"); + setupCollection(COLLECTION_NAME); + ArrayList<String> testFailures = new ArrayList<String>(); + + for (boolean query : BOOLEAN_VALUES) { + for (boolean update : BOOLEAN_VALUES) { + for (boolean all : BOOLEAN_VALUES) { + String test_user = getUsernameForPermissions(COLLECTION_NAME, query, update, all); + LOG.info("TEST_USER: " + test_user); + + try { + if (all || update) { + cleanSolrCollection(COLLECTION_NAME); + SolrInputDocument solrInputDoc = createSolrTestDoc(); + verifyUpdatePass(test_user, COLLECTION_NAME, solrInputDoc); + + cleanSolrCollection(COLLECTION_NAME); + uploadSolrDoc(COLLECTION_NAME, null); + verifyDeletedocsPass(test_user, COLLECTION_NAME, false); + } else { + cleanSolrCollection(COLLECTION_NAME); + SolrInputDocument solrInputDoc = createSolrTestDoc(); + verifyUpdateFail(test_user, COLLECTION_NAME, solrInputDoc); + + cleanSolrCollection(COLLECTION_NAME); + uploadSolrDoc(COLLECTION_NAME, null); + verifyDeletedocsFail(test_user, COLLECTION_NAME, false); + } + } catch (Throwable testException) { + StringWriter stringWriter = new StringWriter(); + PrintWriter printWriter = new PrintWriter(stringWriter); + testException.printStackTrace(printWriter); + testFailures.add("\n\nTestFailure: User -> " + test_user + "\n" + + stringWriter.toString()); + } + } + } + } + + assertEquals("Total test failures: " + testFailures.size() + " \n\n" + + testFailures.toString() + "\n\n\n", 0, testFailures.size()); + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/solrconfig.xml ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/solrconfig.xml b/sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/solrconfig.xml index 91f1a61..4276cda 100644 --- a/sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/solrconfig.xml +++ b/sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/solrconfig.xml @@ -1122,7 +1122,7 @@ RequestHandlers. --> <requestHandler name="/admin/" - class="solr.admin.AdminHandlers" /> + class="solr.admin.SecureAdminHandlers" /> <!-- This single handler is equivalent to the following... --> <!-- <requestHandler name="/admin/luke" class="solr.admin.LukeRequestHandler" /> http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/22b6a348/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini b/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini index 34926ae..3e02699 100644 --- a/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini +++ b/sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini @@ -17,9 +17,105 @@ [groups] junit = junit_role +admin = admin_role +sentryCollection_query_group = sentryCollection_query_role +sentryCollection_update_group = sentryCollection_update_role +sentryCollection_query_update_group = sentryCollection_query_update_role +sentryCollection_all_group = sentryCollection_all_role +admin_query_group = admin_query_role +admin_update_group = admin_update_role +admin_query_update_group = admin_query_update_role +admin_all_group = admin_all_role [roles] junit_role = collection=admin, collection=collection1 +admin_role = collection=admin, collection=collection1, collection=sentryCollection, collection=sentryCollection_underlying1, collection=sentryCollection_underlying2 +sentryCollection_query_role = collection=sentryCollection->action=query +sentryCollection_update_role = collection=sentryCollection->action=update +sentryCollection_query_update_role = collection=sentryCollection->action=query, collection=sentryCollection->action=update +sentryCollection_all_role = collection=sentryCollection->action=* +admin_query_role = collection=admin->action=query +admin_update_role = collection=admin->action=update +admin_query_update_role = collection=admin->action=query, collection=admin->action=update +admin_all_role = collection=admin->action=* [users] -junit=junit +junit = junit +admin = admin +admin_qua = admin_query_group, admin_update_group, admin_all_group, +admin_qu = admin_query_group, admin_update_group, +admin_qa = admin_query_group, admin_all_group, +admin_q = admin_query_group, +admin_ua = admin_update_group, admin_all_group, +admin_u = admin_update_group, +admin_a = admin_all_group, +admin_qua__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, admin_all_group, +admin___sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, +admin_qua__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_query_group, +admin_ua__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_update_group, +admin_a__sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, admin_all_group, +admin___sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, +admin_qua__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, admin_all_group, +admin___sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, +admin_qua__sentryCollection_q = sentryCollection_query_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_q = sentryCollection_query_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_q = sentryCollection_query_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_q = sentryCollection_query_group, admin_query_group, +admin_ua__sentryCollection_q = sentryCollection_query_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_q = sentryCollection_query_group, admin_update_group, +admin_a__sentryCollection_q = sentryCollection_query_group, admin_all_group, +admin___sentryCollection_q = sentryCollection_query_group, +admin_qua__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, admin_all_group, +admin___sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, +admin_qua__sentryCollection_u = sentryCollection_update_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_u = sentryCollection_update_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_u = sentryCollection_update_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_u = sentryCollection_update_group, admin_query_group, +admin_ua__sentryCollection_u = sentryCollection_update_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_u = sentryCollection_update_group, admin_update_group, +admin_a__sentryCollection_u = sentryCollection_update_group, admin_all_group, +admin___sentryCollection_u = sentryCollection_update_group, +admin_qua__sentryCollection_a = sentryCollection_all_group, admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_a = sentryCollection_all_group, admin_query_group, admin_update_group, +admin_qa__sentryCollection_a = sentryCollection_all_group, admin_query_group, admin_all_group, +admin_q__sentryCollection_a = sentryCollection_all_group, admin_query_group, +admin_ua__sentryCollection_a = sentryCollection_all_group, admin_update_group, admin_all_group, +admin_u__sentryCollection_a = sentryCollection_all_group, admin_update_group, +admin_a__sentryCollection_a = sentryCollection_all_group, admin_all_group, +admin___sentryCollection_a = sentryCollection_all_group, +admin_qua__sentryCollection_ = admin_query_group, admin_update_group, admin_all_group, +admin_qu__sentryCollection_ = admin_query_group, admin_update_group, +admin_qa__sentryCollection_ = admin_query_group, admin_all_group, +admin_q__sentryCollection_ = admin_query_group, +admin_ua__sentryCollection_ = admin_update_group, admin_all_group, +admin_u__sentryCollection_ = admin_update_group, +admin_a__sentryCollection_ = admin_all_group, +sentryCollection_qua = sentryCollection_query_group, sentryCollection_update_group, sentryCollection_all_group, +sentryCollection_qu = sentryCollection_query_group, sentryCollection_update_group, +sentryCollection_qa = sentryCollection_query_group, sentryCollection_all_group, +sentryCollection_q = sentryCollection_query_group, +sentryCollection_ua = sentryCollection_update_group, sentryCollection_all_group, +sentryCollection_u = sentryCollection_update_group, +sentryCollection_a = sentryCollection_all_group, \ No newline at end of file
