SENTRY-47: Tests need to clean up the databases and tables it creates (Sravya Tirukkovalur via Prasad Mujumdar)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/b6c62f79 Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/b6c62f79 Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/b6c62f79 Branch: refs/heads/master Commit: b6c62f791de852608c4d292a0a13269fef097280 Parents: 49e682f Author: Prasad Mujumdar <[email protected]> Authored: Thu Aug 21 17:59:45 2014 -0700 Committer: Prasad Mujumdar <[email protected]> Committed: Thu Aug 21 17:59:45 2014 -0700 ---------------------------------------------------------------------- .../dbprovider/AbstractTestWithDbProvider.java | 25 --- .../e2e/dbprovider/TestDatabaseProvider.java | 158 +++++++++--------- .../tests/e2e/dbprovider/TestDbEndToEnd.java | 48 +++--- .../TestDbPrivilegeCleanupOnDrop.java | 46 +++--- .../AbstractTestWithStaticConfiguration.java | 16 +- .../sentry/tests/e2e/hive/TestCrossDbOps.java | 116 +++++++------ .../sentry/tests/e2e/hive/TestEndToEnd.java | 40 +++-- .../tests/e2e/hive/TestMetadataPermissions.java | 22 ++- .../tests/e2e/hive/TestMovingToProduction.java | 76 +++++---- .../sentry/tests/e2e/hive/TestOperations.java | 161 +++++++++---------- .../tests/e2e/hive/TestPerDBConfiguration.java | 140 ++++++++-------- .../e2e/hive/TestPerDatabasePolicyFile.java | 12 +- .../e2e/hive/TestPrivilegeAtTransform.java | 19 ++- .../e2e/hive/TestPrivilegesAtDatabaseScope.java | 96 +++++------ .../e2e/hive/TestPrivilegesAtFunctionScope.java | 36 ++--- .../e2e/hive/TestPrivilegesAtTableScope.java | 36 ++--- .../e2e/hive/TestRuntimeMetadataRetrieval.java | 145 +++++++---------- .../sentry/tests/e2e/hive/TestSandboxOps.java | 80 +++++---- .../tests/e2e/hive/TestUriPermissions.java | 56 +++---- 19 files changed, 625 insertions(+), 703 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java index 5d7428a..47e01a7 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/AbstractTestWithDbProvider.java @@ -130,31 +130,6 @@ public abstract class AbstractTestWithDbProvider extends AbstractTestWithHiveSer connection.close(); } - protected void createDb(Connection connection, String...dbs) throws Exception { - Statement statement = connection.createStatement(); - for(String db : dbs) { - statement.execute("CREATE DATABASE " + db); - } - statement.close(); - } - - protected void createTable(Connection connection , String db, File dataFile, String...tables) - throws Exception { - Statement statement = connection.createStatement(); - statement.execute("USE " + db); - for(String table : tables) { - statement.execute("DROP TABLE IF EXISTS " + table); - statement.execute("create table " + table - + " (under_col int comment 'the under column', value string)"); - statement.execute("load data local inpath '" + dataFile.getPath() - + "' into table " + table); - ResultSet res = statement.executeQuery("select * from " + table); - Assert.assertTrue("Table should have data after load", res.next()); - res.close(); - } - statement.close(); - } - private void startSentryService() throws Exception { server.start(); final long start = System.currentTimeMillis(); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java index e2c39ea..8b83859 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDatabaseProvider.java @@ -131,7 +131,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); // Grant only SELECT on Database - statement.execute("GRANT SELECT ON DATABASE db1 TO ROLE user_role"); + statement.execute("GRANT SELECT ON DATABASE " + DB1 + " TO ROLE user_role"); statement.execute("GRANT ALL ON URI 'file://" + dataFile.getPath() + "' TO ROLE user_role"); statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1); statement.close(); @@ -140,18 +140,18 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // SELECT is allowed - statement.execute("SELECT * FROM db1.t1"); - statement.execute("SELECT * FROM db1.t2"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); + statement.execute("SELECT * FROM " + DB1 + ".t2"); try { // INSERT is not allowed - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("only SELECT allowed on t1!!", false); } catch (Exception e) { // Ignore } try { // INSERT is not allowed - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t2"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t2"); assertTrue("only SELECT allowed on t2!!", false); } catch (Exception e) { // Ignore @@ -168,7 +168,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); // Grant only INSERT on Database - statement.execute("GRANT INSERT ON DATABASE db1 TO ROLE user_role"); + statement.execute("GRANT INSERT ON DATABASE " + DB1 + " TO ROLE user_role"); statement.execute("GRANT ALL ON URI 'file://" + dataFile.getPath() + "' TO ROLE user_role"); statement.execute("GRANT ROLE user_role TO GROUP " + USERGROUP1); statement.close(); @@ -177,18 +177,18 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // INSERT is allowed - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t2"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t2"); try { // SELECT is not allowed - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); assertTrue("only SELECT allowed on t1!!", false); } catch (Exception e) { // Ignore } try { // SELECT is not allowed - statement.execute("SELECT * FROM db1.t2"); + statement.execute("SELECT * FROM " + DB1 + ".t2"); assertTrue("only INSERT allowed on t2!!", false); } catch (Exception e) { // Ignore @@ -219,9 +219,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { } catch (Exception e) { // Ignore } - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); statement.execute("DROP TABLE IF EXISTS t2"); @@ -239,7 +239,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { // Revoke ALL on Db Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("REVOKE ALL ON DATABASE db1 from ROLE user_role"); + statement.execute("REVOKE ALL ON DATABASE " + DB1 + " from ROLE user_role"); statement.close(); connection.close(); @@ -247,7 +247,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement = context.createStatement(connection); statement.execute("SELECT * FROM t1"); try { - statement.execute("SELECT * FROM db1.t2"); + statement.execute("SELECT * FROM " + DB1 + ".t2"); assertTrue("SELECT should not be allowed after revoke on parent!!", false); } catch (Exception e) { // Ignore @@ -290,7 +290,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { // Ignore } try { - statement.execute("SELECT * FROM db1.t2"); + statement.execute("SELECT * FROM " + DB1 + ".t2"); assertTrue("SELECT should not be allowed after revoke on parent!!", false); } catch (Exception e) { // Ignore @@ -325,9 +325,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement.execute("CREATE ROLE user_role"); statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t2"); statement.execute("CREATE TABLE t2 (c1 string)"); statement.execute("GRANT ALL ON TABLE t2 TO ROLE user_role"); @@ -338,7 +338,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); statement.execute("SELECT * FROM t1"); - statement.execute("SELECT * FROM db1.t2"); + statement.execute("SELECT * FROM " + DB1 + ".t2"); statement.close(); connection.close(); @@ -375,9 +375,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement.execute("CREATE ROLE user_role"); statement.execute("CREATE ROLE user_role2"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); statement.execute("GRANT ALL ON TABLE t1 TO ROLE user_role"); @@ -393,7 +393,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); statement.close(); connection.close(); @@ -407,7 +407,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { // Revoke ALL on Db connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); + statement.execute("USE " + DB1); statement.execute("REVOKE INSERT ON TABLE t1 from ROLE user_role"); statement.close(); connection.close(); @@ -415,10 +415,10 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // This Should pass - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); try { - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("INSERT Should Not be allowed since we Revoked INSERT privileges on the table !!", false); } catch (Exception e) { @@ -430,7 +430,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { // user_role2 can still insert into table connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); statement.close(); connection.close(); @@ -475,9 +475,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); statement.execute("CREATE ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); statement.execute("GRANT ALL ON TABLE t1 TO ROLE user_role"); @@ -489,7 +489,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); statement.close(); connection.close(); @@ -502,7 +502,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { // Revoke INSERT on Db connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); + statement.execute("USE " + DB1); statement.execute("REVOKE INSERT ON TABLE t1 from ROLE user_role"); statement.close(); connection.close(); @@ -510,10 +510,10 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // This Should pass - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); try { - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("INSERT Should Not be allowed since we Revoked INSERT privileges on the table !!", false); } catch (Exception e) { @@ -557,14 +557,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); statement.execute("CREATE ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); - statement.execute("GRANT ALL ON DATABASE db1 TO ROLE user_role"); + statement.execute("GRANT ALL ON DATABASE " + DB1 + " TO ROLE user_role"); statement.execute("GRANT ALL ON TABLE t1 TO ROLE user_role"); statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); statement.execute("GRANT INSERT ON TABLE t1 TO ROLE user_role"); @@ -578,8 +578,8 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // Ensure everything works - statement.execute("SELECT * FROM db1.t1"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); @@ -589,7 +589,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); + statement.execute("USE " + DB1); statement.execute("REVOKE ALL ON SERVER server1 from ROLE user_role"); statement.close(); connection.close(); @@ -598,14 +598,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement = context.createStatement(connection); // Ensure nothing works try { - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); assertTrue("SELECT should not be allowed !!", false); } catch (SQLException se) { // Ignore } try { - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("INSERT should not be allowed !!", false); } catch (SQLException se) { // Ignore @@ -643,14 +643,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); statement.execute("CREATE ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); - statement.execute("GRANT ALL ON DATABASE db1 TO ROLE user_role"); + statement.execute("GRANT ALL ON DATABASE " + DB1 + " TO ROLE user_role"); statement.execute("GRANT ALL ON TABLE t1 TO ROLE user_role"); statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); statement.execute("GRANT INSERT ON TABLE t1 TO ROLE user_role"); @@ -668,13 +668,13 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // Ensure everything works - statement.execute("SELECT * FROM db1.t1"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); - statement.execute("REVOKE ALL ON DATABASE db1 from ROLE user_role"); + statement.execute("USE " + DB1); + statement.execute("REVOKE ALL ON DATABASE " + DB1 + " from ROLE user_role"); statement.close(); connection.close(); @@ -682,14 +682,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement = context.createStatement(connection); // Ensure nothing works try { - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); assertTrue("SELECT should not be allowed !!", false); } catch (SQLException se) { // Ignore } try { - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("INSERT should not be allowed !!", false); } catch (SQLException se) { // Ignore @@ -725,9 +725,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); statement.execute("CREATE ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); @@ -743,8 +743,8 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // Ensure everything works - statement.execute("SELECT * FROM db1.t1"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); @@ -754,7 +754,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); + statement.execute("USE " + DB1); statement.execute("REVOKE ALL ON TABLE t1 from ROLE user_role"); statement.close(); connection.close(); @@ -763,14 +763,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement = context.createStatement(connection); // Ensure nothing works try { - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); assertTrue("SELECT should not be allowed !!", false); } catch (SQLException se) { // Ignore } try { - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("INSERT should not be allowed !!", false); } catch (SQLException se) { // Ignore @@ -806,9 +806,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); statement.execute("CREATE ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); @@ -824,8 +824,8 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // Ensure everything works - statement.execute("SELECT * FROM db1.t1"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); @@ -835,7 +835,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); + statement.execute("USE " + DB1); statement.execute("REVOKE SELECT ON TABLE t1 from ROLE user_role"); statement.close(); connection.close(); @@ -844,14 +844,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement = context.createStatement(connection); // Ensure select not allowed try { - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); assertTrue("SELECT should not be allowed !!", false); } catch (SQLException se) { // Ignore } // Ensure insert allowed - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); statement.close(); connection.close(); @@ -886,9 +886,9 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { Statement statement = context.createStatement(connection); statement.execute("CREATE ROLE user_role"); - statement.execute("DROP DATABASE IF EXISTS db1 CASCADE"); - statement.execute("CREATE DATABASE db1"); - statement.execute("USE db1"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS t1"); statement.execute("CREATE TABLE t1 (c1 string)"); @@ -904,8 +904,8 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); // Ensure everything works - statement.execute("SELECT * FROM db1.t1"); - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); @@ -915,7 +915,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE db1"); + statement.execute("USE " + DB1); statement.execute("REVOKE INSERT ON TABLE t1 from ROLE user_role"); statement.close(); connection.close(); @@ -924,14 +924,14 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { statement = context.createStatement(connection); // Ensure insert not allowed try { - statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE db1.t1"); + statement.execute("LOAD DATA LOCAL INPATH '" + dataFile.getPath() + "' INTO TABLE " + DB1 + ".t1"); assertTrue("INSERT should not be allowed !!", false); } catch (SQLException se) { // Ignore } // Ensure select allowed - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); statement.close(); connection.close(); @@ -1512,7 +1512,7 @@ public class TestDatabaseProvider extends AbstractTestWithStaticConfiguration { } //On Database - negative - resultSet = statement.executeQuery("SHOW GRANT ROLE role1 ON DATABASE db1"); + resultSet = statement.executeQuery("SHOW GRANT ROLE role1 ON DATABASE " + DB1); rowCount = 0 ; while (resultSet.next()) { rowCount++; http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java index 9e97b21..acb789f 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbEndToEnd.java @@ -96,8 +96,8 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { public void testNonDefault() throws Exception { Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("CREATE database db1"); - statement.execute("USE db1"); + statement.execute("CREATE database " + DB1); + statement.execute("USE " + DB1); statement.execute("CREATE TABLE t1 (c1 string)"); statement.execute("CREATE ROLE user_role"); statement.execute("GRANT SELECT ON TABLE t1 TO ROLE user_role"); @@ -107,7 +107,7 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("SELECT * FROM db1.t1"); + statement.execute("SELECT * FROM " + DB1 + ".t1"); statement.close(); connection.close(); } @@ -152,43 +152,41 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { * 4. user create table, load data in experimental DB * 5. user create view based on table in experimental DB * 6. admin create table (same name) in production DB - * 7. admin grant [email protected] to group - * admin grant [email protected] to group + * 7. admin grant [email protected] to group + * admin grant [email protected] to group * 8. user load data from experimental table to production table */ @Test public void testEndToEnd1() throws Exception { - String dbName1 = "db_1"; - String dbName2 = "productionDB"; String tableName1 = "tb_1"; String tableName2 = "tb_2"; String viewName1 = "view_1"; Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); // 1 - statement.execute("DROP DATABASE IF EXISTS " + dbName1 + " CASCADE"); - statement.execute("CREATE DATABASE " + dbName1); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); // 2 - statement.execute("DROP DATABASE IF EXISTS " + dbName2 + " CASCADE"); - statement.execute("CREATE DATABASE " + dbName2); - statement.execute("USE " + dbName2); - statement.execute("DROP TABLE IF EXISTS " + dbName2 + "." + tableName2); - statement.execute("create table " + dbName2 + "." + tableName2 + statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("USE " + DB2); + statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName2); + statement.execute("create table " + DB2 + "." + tableName2 + " (under_col int comment 'the under column', value string)"); statement.execute("load data local inpath '" + dataFile.getPath() + "' into table " + tableName2); // 3 statement.execute("CREATE ROLE all_db1"); - statement.execute("GRANT ALL ON DATABASE " + dbName1 + " TO ROLE all_db1"); + statement.execute("GRANT ALL ON DATABASE " + DB1 + " TO ROLE all_db1"); statement.execute("CREATE ROLE select_tb1"); statement.execute("CREATE ROLE insert_tb1"); statement.execute("CREATE ROLE insert_tb2"); statement.execute("CREATE ROLE data_uri"); - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); statement.execute("GRANT INSERT ON TABLE " + tableName1 + " TO ROLE insert_tb1"); statement.execute("GRANT INSERT ON TABLE " + tableName2 @@ -196,7 +194,7 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { statement.execute("GRANT ALL ON URI 'file://" + dataDir.getPath() + "' TO ROLE data_uri"); - statement.execute("USE " + dbName1); + statement.execute("USE " + DB1); statement.execute("GRANT SELECT ON TABLE " + tableName1 + " TO ROLE select_tb1"); @@ -210,9 +208,9 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { // 4 connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName1); - statement.execute("DROP TABLE IF EXISTS " + dbName1 + "." + tableName1); - statement.execute("create table " + dbName1 + "." + tableName1 + statement.execute("USE " + DB1); + statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); + statement.execute("create table " + DB1 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.execute("load data local inpath '" + dataFile.getPath() + "' into table " + tableName1); @@ -225,9 +223,9 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { // 7 connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE " + dbName2); - statement.execute("DROP TABLE IF EXISTS " + dbName1 + "." + tableName1); - statement.execute("create table " + dbName1 + "." + tableName1 + statement.execute("USE " + DB2); + statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); + statement.execute("create table " + DB1 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.close(); connection.close(); @@ -235,10 +233,10 @@ public class TestDbEndToEnd extends AbstractTestWithStaticConfiguration { // 8 connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); statement.execute("INSERT OVERWRITE TABLE " + - dbName2 + "." + tableName2 + " SELECT * FROM " + dbName1 + DB2 + "." + tableName2 + " SELECT * FROM " + DB1 + "." + tableName1); statement.close(); connection.close(); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java index a885b8f..0959d2e 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegeCleanupOnDrop.java @@ -45,8 +45,6 @@ public class TestDbPrivilegeCleanupOnDrop extends private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat"; - private final static String dbName1 = "db_1"; - private final static String dbName2 = "prod"; private final static String tableName1 = "tb_1"; private final static String tableName2 = "tb_2"; private final static String tableName3 = "tb_3"; @@ -135,7 +133,7 @@ public class TestDbPrivilegeCleanupOnDrop extends setupPrivileges(statement); // setup privileges for USER1 // verify privileges on the created tables - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); verifyTablePrivilegeExist(statement, Lists.newArrayList("select_tbl1", "insert_tbl1", "all_tbl1"), tableName1); @@ -148,7 +146,7 @@ public class TestDbPrivilegeCleanupOnDrop extends verifyTablePrivilegesDropped(statement); // verify privileges created for new tables - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); verifyTablePrivilegeExist(statement, Lists.newArrayList("select_tbl1", "insert_tbl1", "all_tbl1"), tableName1 + renameTag); @@ -172,31 +170,31 @@ public class TestDbPrivilegeCleanupOnDrop extends statement.execute("GRANT ROLE all_db1, read_db1, select_tbl1, insert_tbl1," + " all_tbl1, all_tbl2, all_prod to GROUP " + USERGROUP1); - statement.execute("DROP DATABASE IF EXISTS " + dbName1 + " CASCADE"); - statement.execute("DROP DATABASE IF EXISTS " + dbName2 + " CASCADE"); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE"); } // create test DBs and Tables private void setupDbObjects(Statement statement) throws Exception { - statement.execute("CREATE DATABASE " + dbName1); - statement.execute("CREATE DATABASE " + dbName2); - statement.execute("create table " + dbName2 + "." + tableName1 + statement.execute("CREATE DATABASE " + DB1); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("create table " + DB2 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); - statement.execute("create table " + dbName2 + "." + tableName2 + statement.execute("create table " + DB2 + "." + tableName2 + " (under_col int comment 'the under column', value string)"); - statement.execute("create table " + dbName1 + "." + tableName3 + statement.execute("create table " + DB1 + "." + tableName3 + " (under_col int comment 'the under column', value string)"); - statement.execute("create table " + dbName1 + "." + tableName4 + statement.execute("create table " + DB1 + "." + tableName4 + " (under_col int comment 'the under column', value string)"); } // Create privileges on DB and Tables private void setupPrivileges(Statement statement) throws Exception { - statement.execute("GRANT ALL ON DATABASE " + dbName1 + " TO ROLE all_db1"); - statement.execute("GRANT SELECT ON DATABASE " + dbName1 + statement.execute("GRANT ALL ON DATABASE " + DB1 + " TO ROLE all_db1"); + statement.execute("GRANT SELECT ON DATABASE " + DB1 + " TO ROLE read_db1"); - statement.execute("GRANT ALL ON DATABASE " + dbName2 + " TO ROLE all_prod"); - statement.execute("USE " + dbName2); + statement.execute("GRANT ALL ON DATABASE " + DB2 + " TO ROLE all_prod"); + statement.execute("USE " + DB2); statement.execute("GRANT SELECT ON TABLE " + tableName1 + " TO ROLE select_tbl1"); statement.execute("GRANT INSERT ON TABLE " + tableName1 @@ -207,20 +205,20 @@ public class TestDbPrivilegeCleanupOnDrop extends // Drop test DBs and Tables private void dropDbObjects(Statement statement) throws Exception { - statement.execute("DROP TABLE " + dbName2 + "." + tableName1); - statement.execute("DROP TABLE " + dbName2 + "." + tableName2); - statement.execute("DROP DATABASE " + dbName2); - statement.execute("DROP DATABASE " + dbName1 + " CASCADE"); + statement.execute("DROP TABLE " + DB2 + "." + tableName1); + statement.execute("DROP TABLE " + DB2 + "." + tableName2); + statement.execute("DROP DATABASE " + DB2); + statement.execute("DROP DATABASE " + DB1 + " CASCADE"); } // rename tables private void renameTables(Statement statement) throws Exception { - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); statement.execute("ALTER TABLE " + tableName1 + " RENAME TO " + tableName1 + renameTag); statement.execute("ALTER TABLE " + tableName2 + " RENAME TO " + tableName2 + renameTag); - statement.execute("USE " + dbName1); + statement.execute("USE " + DB1); statement.execute("ALTER TABLE " + tableName3 + " RENAME TO " + tableName3 + renameTag); statement.execute("ALTER TABLE " + tableName4 + " RENAME TO " + tableName4 @@ -252,8 +250,8 @@ public class TestDbPrivilegeCleanupOnDrop extends // verify all the test privileges are dropped as we drop the objects private void verifyDbPrivilegesDropped(Statement statement) throws Exception { List<String> roles = getRoles(statement); - verifyPrivilegeDropped(statement, roles, dbName2, SHOW_GRANT_DB_POSITION); - verifyPrivilegeDropped(statement, roles, dbName1, SHOW_GRANT_DB_POSITION); + verifyPrivilegeDropped(statement, roles, DB2, SHOW_GRANT_DB_POSITION); + verifyPrivilegeDropped(statement, roles, DB1, SHOW_GRANT_DB_POSITION); } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java index 31d8172..3a7aa41 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java @@ -27,6 +27,7 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.List; import java.util.Map; @@ -59,6 +60,7 @@ import org.apache.sentry.tests.e2e.hive.hiveserver.HiveServerFactory; import org.apache.tools.ant.util.StringUtils; import org.junit.After; import org.junit.AfterClass; +import static org.junit.Assert.assertTrue; import org.junit.Before; import org.junit.BeforeClass; import org.slf4j.Logger; @@ -143,12 +145,15 @@ public abstract class AbstractTestWithStaticConfiguration { protected void createDb(String user, String...dbs) throws Exception { Connection connection = context.createConnection(user); Statement statement = connection.createStatement(); + ArrayList<String> allowedDBs = new ArrayList<String>(Arrays.asList(DB1, DB2, DB3)); for(String db : dbs) { + assertTrue(db + " is not part of known test dbs which will be cleaned up after the test", allowedDBs.contains(db)); statement.execute("CREATE DATABASE " + db); } statement.close(); connection.close(); } + protected void createTable(String user, String db, File dataFile, String...tables) throws Exception { Connection connection = context.createConnection(user); @@ -399,15 +404,12 @@ public abstract class AbstractTestWithStaticConfiguration { Statement statement; connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - ResultSet resultSet; - resultSet = statement.executeQuery("SHOW DATABASES"); - while (resultSet.next()) { - if(! resultSet.getString(1).equalsIgnoreCase("default")) { - Statement statement2 = connection.createStatement(); - statement2.execute("DROP DATABASE " + resultSet.getString(1) + " CASCADE"); - } + String [] dbs = { DB1, DB2, DB3}; + for (String db: dbs) { + statement.execute("DROP DATABASE if exists " + db + " CASCADE"); } + ResultSet resultSet; statement.execute("USE default"); resultSet = statement.executeQuery("SHOW tables"); while(resultSet.next()) { http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java index 447f4d9..2fd0cd9 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java @@ -77,9 +77,9 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { policyFile .addRolesToGroup(USERGROUP1, "select_tab1", "insert_tab2") .addRolesToGroup(USERGROUP2, "select_tab3") - .addPermissionsToRole("select_tab1", "server=server1->db=db1->table=tab1->action=select") - .addPermissionsToRole("select_tab3", "server=server1->db=db2->table=tab3->action=select") - .addPermissionsToRole("insert_tab2", "server=server1->db=db2->table=tab2->action=insert") + .addPermissionsToRole("select_tab1", "server=server1->db=" + DB1 + "->table=tab1->action=select") + .addPermissionsToRole("select_tab3", "server=server1->db=" + DB2 + "->table=tab3->action=select") + .addPermissionsToRole("insert_tab2", "server=server1->db=" + DB2 + "->table=tab2->action=insert") .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); @@ -91,12 +91,12 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { statement.execute("DROP DATABASE IF EXISTS DB1 CASCADE"); statement.execute("DROP DATABASE IF EXISTS DB2 CASCADE"); - statement.execute("CREATE DATABASE DB1"); - statement.execute("CREATE DATABASE DB2"); - statement.execute("USE DB1"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("USE " + DB1); statement.execute("CREATE TABLE TAB1(id int)"); statement.executeQuery("SHOW TABLES"); - statement.execute("USE DB2"); + statement.execute("USE " + DB2); statement.execute("CREATE TABLE TAB2(id int)"); statement.execute("CREATE TABLE TAB3(id int)"); @@ -106,8 +106,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { Statement stmt = context.createStatement(conn); ResultSet res = stmt.executeQuery("SHOW DATABASES"); List<String> result = new ArrayList<String>(); - result.add("db1"); - result.add("db2"); + result.add(DB1); + result.add(DB2); result.add("default"); while (res.next()) { @@ -118,7 +118,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { res.close(); // test show tables - stmt.execute("USE DB1"); + stmt.execute("USE " + DB1); res = stmt.executeQuery("SHOW TABLES"); result.clear(); result.add("tab1"); @@ -130,7 +130,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { assertTrue(result.toString(), result.isEmpty()); res.close(); - stmt.execute("USE DB2"); + stmt.execute("USE " + DB2); res = stmt.executeQuery("SHOW TABLES"); result.clear(); result.add("tab2"); @@ -150,7 +150,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { stmt = context.createStatement(conn); res = stmt.executeQuery("SHOW DATABASES"); result.clear(); - result.add("db2"); + result.add(DB2); result.add("default"); while (res.next()) { @@ -161,7 +161,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { res.close(); // test show tables - stmt.execute("USE DB2"); + stmt.execute("USE " + DB2); res = stmt.executeQuery("SHOW TABLES"); result.clear(); result.add("tab3"); @@ -174,7 +174,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { res.close(); try { - stmt.execute("USE DB1"); + stmt.execute("USE " + DB1); Assert.fail("Expected SQL exception"); } catch (SQLException e) { context.verifyAuthzException(e); @@ -193,9 +193,9 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { // edit policy file policyFile.addRolesToGroup(USERGROUP1, "select_tab1", "insert_tab2") .addRolesToGroup(USERGROUP2, "select_tab3") - .addPermissionsToRole("select_tab1", "server=server1->db=db1->table=tab1->action=select") - .addPermissionsToRole("select_tab3", "server=server1->db=db2->table=tab3->action=select") - .addPermissionsToRole("insert_tab2", "server=server1->db=db2->table=tab2->action=insert") + .addPermissionsToRole("select_tab1", "server=server1->db=" + DB1 + "->table=tab1->action=select") + .addPermissionsToRole("select_tab3", "server=server1->db=" + DB2 + "->table=tab3->action=select") + .addPermissionsToRole("insert_tab2", "server=server1->db=" + DB2 + "->table=tab2->action=insert") .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); @@ -208,12 +208,12 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { statement.execute("DROP DATABASE IF EXISTS DB1 CASCADE"); statement.execute("DROP DATABASE IF EXISTS DB2 CASCADE"); - statement.execute("CREATE DATABASE DB1"); - statement.execute("CREATE DATABASE DB2"); - statement.execute("USE DB1"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("USE " + DB1); statement.execute("CREATE TABLE TAB1(id int)"); statement.executeQuery("SHOW TABLES"); - statement.execute("USE DB2"); + statement.execute("USE " + DB2); statement.execute("CREATE TABLE TAB2(id int)"); statement.execute("CREATE TABLE TAB3(id int)"); @@ -229,8 +229,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { assertEquals("TABLE_SCHEM", resMeta.getColumnName(1)); assertEquals("TABLE_CATALOG", resMeta.getColumnName(2)); - result.add("db1"); - result.add("db2"); + result.add(DB1); + result.add(DB2); result.add("default"); while (res.next()) { @@ -241,7 +241,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { res.close(); // test direct JDBC metadata API - res = conn.getMetaData().getTables(null, "DB1", "tab%", null); + res = conn.getMetaData().getTables(null, DB1, "tab%", null); result.add("tab1"); while (res.next()) { @@ -252,7 +252,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { res.close(); // test direct JDBC metadata API - res = conn.getMetaData().getTables(null, "DB2", "tab%", null); + res = conn.getMetaData().getTables(null, DB2, "tab%", null); result.add("tab2"); while (res.next()) { @@ -297,7 +297,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { assertEquals("TABLE_SCHEM", resMeta.getColumnName(1)); assertEquals("TABLE_CATALOG", resMeta.getColumnName(2)); - result.add("db2"); + result.add(DB2); result.add("default"); while (res.next()) { @@ -330,7 +330,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { res.close(); //test show columns - res = conn.getMetaData().getColumns(null, "DB1", "tab%","i%" ); + res = conn.getMetaData().getColumns(null, DB1, "tab%","i%" ); while (res.next()) { String columnName = res.getString(4); @@ -414,23 +414,22 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { public void testNegativeUserPrivileges() throws Exception { // edit policy file policyFile.addRolesToGroup(USERGROUP1, "db1_tab1_insert", "db1_tab2_all") - .addPermissionsToRole("db1_tab2_all", "server=server1->db=db1->table=table_2") - .addPermissionsToRole("db1_tab1_insert", "server=server1->db=db1->table=table_1->action=insert") + .addPermissionsToRole("db1_tab2_all", "server=server1->db=" + DB1 + "->table=table_2") + .addPermissionsToRole("db1_tab1_insert", "server=server1->db=" + DB1 + "->table=table_1->action=insert") .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - String dbName = "db1"; adminStmt.execute("use default"); - adminStmt.execute("DROP DATABASE IF EXISTS " + dbName + " CASCADE"); - adminStmt.execute("CREATE DATABASE " + dbName); - adminStmt.execute("create table " + dbName + ".table_1 (id int)"); + adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + adminStmt.execute("CREATE DATABASE " + DB1); + adminStmt.execute("create table " + DB1 + ".table_1 (id int)"); adminStmt.close(); adminCon.close(); Connection userConn = context.createConnection(USER1_1); Statement userStmt = context.createStatement(userConn); - context.assertAuthzException(userStmt, "select * from " + dbName + ".table_1"); + context.assertAuthzException(userStmt, "select * from " + DB1 + ".table_1"); userConn.close(); userStmt.close(); } @@ -444,7 +443,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { @Test public void testNegativeUserDMLPrivileges() throws Exception { policyFile - .addPermissionsToRole("db1_tab2_all", "server=server1->db=db1->table=table_2") + .addPermissionsToRole("db1_tab2_all", "server=server1->db=" + DB1 + "->table=table_2") .addRolesToGroup(USERGROUP1, "db1_tab2_all") .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); @@ -490,24 +489,23 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { policyFile .addRolesToGroup(USERGROUP1, "db1_all") .addRolesToGroup(USERGROUP2, "db1_tab1_select") - .addPermissionsToRole("db1_all", "server=server1->db=db1") - .addPermissionsToRole("db1_tab1_select", "server=server1->db=db1->table=table_1->action=select") + .addPermissionsToRole("db1_all", "server=server1->db=" + DB1) + .addPermissionsToRole("db1_tab1_select", "server=server1->db=" + DB1 + "->table=table_1->action=select") .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); // create dbs Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - String dbName = "db1"; adminStmt.execute("use default"); adminStmt.execute("drop table if exists table_def"); adminStmt.execute("create table table_def (name string)"); adminStmt .execute("load data local inpath '" + dataFile.getPath() + "' into table table_def"); - adminStmt.execute("DROP DATABASE IF EXISTS " + dbName + " CASCADE"); - adminStmt.execute("CREATE DATABASE " + dbName); - adminStmt.execute("use " + dbName); + adminStmt.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + adminStmt.execute("CREATE DATABASE " + DB1); + adminStmt.execute("use " + DB1); adminStmt.execute("create table table_1 (name string)"); adminStmt @@ -526,28 +524,28 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { Connection userConn = context.createConnection(USER2_1); Statement userStmt = context.createStatement(userConn); - context.assertAuthzException(userStmt, "drop database " + dbName); + context.assertAuthzException(userStmt, "drop database " + DB1); // Hive currently doesn't support cross db index DDL context.assertAuthzException(userStmt, "CREATE TEMPORARY FUNCTION strip AS 'org.apache.hadoop.hive.ql.udf.generic.GenericUDFPrintf'"); - context.assertAuthzException(userStmt, "create table " + dbName - + ".c_tab_2 as select * from " + dbName + ".table_2"); - context.assertAuthzException(userStmt, "select * from " + dbName + ".table_2"); - context.assertAuthzException(userStmt, "ALTER DATABASE " + dbName + context.assertAuthzException(userStmt, "create table " + DB1 + + ".c_tab_2 as select * from " + DB1 + ".table_2"); + context.assertAuthzException(userStmt, "select * from " + DB1 + ".table_2"); + context.assertAuthzException(userStmt, "ALTER DATABASE " + DB1 + " SET DBPROPERTIES ('foo' = 'bar')"); - context.assertAuthzException(userStmt, "drop table " + dbName + ".table_1"); - context.assertAuthzException(userStmt, "DROP VIEW IF EXISTS " + dbName + ".v1"); - context.assertAuthzException(userStmt, "create table " + dbName + ".table_5 (name string)"); - context.assertAuthzException(userStmt, "ALTER TABLE " + dbName + ".table_1 RENAME TO " - + dbName + ".table_99"); - context.assertAuthzException(userStmt, "insert overwrite table " + dbName - + ".table_2 select * from " + dbName + ".table_1"); - context.assertAuthzException(userStmt, "insert overwrite table " + dbName + context.assertAuthzException(userStmt, "drop table " + DB1 + ".table_1"); + context.assertAuthzException(userStmt, "DROP VIEW IF EXISTS " + DB1 + ".v1"); + context.assertAuthzException(userStmt, "create table " + DB1 + ".table_5 (name string)"); + context.assertAuthzException(userStmt, "ALTER TABLE " + DB1 + ".table_1 RENAME TO " + + DB1 + ".table_99"); + context.assertAuthzException(userStmt, "insert overwrite table " + DB1 + + ".table_2 select * from " + DB1 + ".table_1"); + context.assertAuthzException(userStmt, "insert overwrite table " + DB1 + ".table_2 select * from " + "table_def"); - context.assertAuthzException(userStmt, "ALTER TABLE " + dbName + context.assertAuthzException(userStmt, "ALTER TABLE " + DB1 + ".table_part_1 ADD IF NOT EXISTS PARTITION (year = 2012)"); - context.assertAuthzException(userStmt, "ALTER TABLE " + dbName + context.assertAuthzException(userStmt, "ALTER TABLE " + DB1 + ".table_part_1 PARTITION (year = 2012) SET LOCATION '/etc'"); userStmt.close(); userConn.close(); @@ -638,9 +636,9 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration { // edit policy file policyFile .addRolesToGroup(USERGROUP1, "all_db1", "load_data", "select_tb2") - .addPermissionsToRole("all_db1", "server=server1->db=db_1") - .addPermissionsToRole("all_db2", "server=server1->db=db_2") - .addPermissionsToRole("select_tb2", "server=server1->db=db_2->table=tb_1->action=select") + .addPermissionsToRole("all_db1", "server=server1->db=" + DB1) + .addPermissionsToRole("all_db2", "server=server1->db=" + DB2) + .addPermissionsToRole("select_tb2", "server=server1->db=" + DB2 + "->table=tb_1->action=select") .addPermissionsToRole("load_data", "server=server1->URI=file://" + dataFile.getPath()) .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java index 0901b67..23577c2 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java @@ -61,22 +61,20 @@ public class TestEndToEnd extends AbstractTestWithStaticConfiguration { policyFile .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); - String dbName1 = "db_1"; - String dbName2 = "productionDB"; String tableName1 = "tb_1"; String tableName2 = "tb_2"; String viewName1 = "view_1"; Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); // 1 - statement.execute("DROP DATABASE IF EXISTS " + dbName1 + " CASCADE"); - statement.execute("CREATE DATABASE " + dbName1); + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); // 2 - statement.execute("DROP DATABASE IF EXISTS " + dbName2 + " CASCADE"); - statement.execute("CREATE DATABASE " + dbName2); - statement.execute("USE " + dbName2); - statement.execute("DROP TABLE IF EXISTS " + dbName2 + "." + tableName2); - statement.execute("create table " + dbName2 + "." + tableName2 + statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("USE " + DB2); + statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName2); + statement.execute("create table " + DB2 + "." + tableName2 + " (under_col int comment 'the under column', value string)"); statement.execute("load data local inpath '" + dataFile.getPath() + "' into table " + tableName2); @@ -86,19 +84,19 @@ public class TestEndToEnd extends AbstractTestWithStaticConfiguration { // 3 policyFile .addRolesToGroup(USERGROUP1, "all_db1", "data_uri", "select_tb1", "insert_tb1") - .addPermissionsToRole("all_db1", "server=server1->db=db_1") - .addPermissionsToRole("select_tb1", "server=server1->db=productionDB->table=tb_1->action=select") - .addPermissionsToRole("insert_tb2", "server=server1->db=productionDB->table=tb_2->action=insert") - .addPermissionsToRole("insert_tb1", "server=server1->db=productionDB->table=tb_2->action=insert") + .addPermissionsToRole("all_db1", "server=server1->db=" + DB1) + .addPermissionsToRole("select_tb1", "server=server1->db=" + DB2 + "->table=tb_1->action=select") + .addPermissionsToRole("insert_tb2", "server=server1->db=" + DB2 + "->table=tb_2->action=insert") + .addPermissionsToRole("insert_tb1", "server=server1->db=" + DB2 + "->table=tb_2->action=insert") .addPermissionsToRole("data_uri", "server=server1->uri=file://" + dataDir.getPath()); writePolicyFile(policyFile); // 4 connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName1); - statement.execute("DROP TABLE IF EXISTS " + dbName1 + "." + tableName1); - statement.execute("create table " + dbName1 + "." + tableName1 + statement.execute("USE " + DB1); + statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); + statement.execute("create table " + DB1 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.execute("load data local inpath '" + dataFile.getPath() + "' into table " + tableName1); @@ -110,9 +108,9 @@ public class TestEndToEnd extends AbstractTestWithStaticConfiguration { // 7 connection = context.createConnection(ADMIN1); statement = context.createStatement(connection); - statement.execute("USE " + dbName2); - statement.execute("DROP TABLE IF EXISTS " + dbName1 + "." + tableName1); - statement.execute("create table " + dbName1 + "." + tableName1 + statement.execute("USE " + DB2); + statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); + statement.execute("create table " + DB1 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.close(); connection.close(); @@ -120,9 +118,9 @@ public class TestEndToEnd extends AbstractTestWithStaticConfiguration { // 8 connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); statement.execute("INSERT OVERWRITE TABLE " + - dbName2 + "." + tableName2 + " SELECT * FROM " + dbName1 + DB2 + "." + tableName2 + " SELECT * FROM " + DB1 + "." + tableName1); statement.close(); connection.close(); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java index 1e217a3..25d1f8c 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java @@ -36,14 +36,14 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration policyFile .addRolesToGroup(USERGROUP1, "db1_all", "db2_all") .addRolesToGroup(USERGROUP2, "db1_all") - .addPermissionsToRole("db1_all", "server=server1->db=db1") - .addPermissionsToRole("db2_all", "server=server1->db=db2") + .addPermissionsToRole("db1_all", "server=server1->db=" + DB1) + .addPermissionsToRole("db2_all", "server=server1->db=" + DB2) .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); Connection adminCon = context.createConnection(ADMIN1); Statement adminStmt = context.createStatement(adminCon); - for (String dbName : new String[] { "db1", "db2" }) { + for (String dbName : new String[] { "" + DB1, DB2 }) { adminStmt.execute("USE default"); adminStmt.execute("DROP DATABASE IF EXISTS " + dbName + " CASCADE"); adminStmt.execute("CREATE DATABASE " + dbName); @@ -60,14 +60,13 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration */ @Test public void testDescPrivilegesNegative() throws Exception { - String dbName = "db2"; Connection connection = context.createConnection(USER2_1); Statement statement = context.createStatement(connection); - context.assertAuthzException(statement, "USE " + dbName); + context.assertAuthzException(statement, "USE " + DB2); // TODO when DESCRIBE db.table is supported tests should be uncommented // for (String tabName : new String[] { "tab1", "tab2" }) { -// context.assertAuthzException(statement, "DESCRIBE " + dbName + "." + tabName); -// context.assertAuthzException(statement, "DESCRIBE EXTENDED " + dbName + "." + tabName); +// context.assertAuthzException(statement, "DESCRIBE " + DB1 + "." + tabName); +// context.assertAuthzException(statement, "DESCRIBE EXTENDED " + DB1 + "." + tabName); // } statement.close(); connection.close(); @@ -79,11 +78,10 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration */ @Test public void testDescDbPrivilegesNegative() throws Exception { - String dbName = "db2"; Connection connection = context.createConnection(USER2_1); Statement statement = context.createStatement(connection); - context.assertAuthzException(statement, "DESCRIBE DATABASE " + dbName); - context.assertAuthzException(statement, "DESCRIBE DATABASE EXTENDED " + dbName); + context.assertAuthzException(statement, "DESCRIBE DATABASE " + DB2); + context.assertAuthzException(statement, "DESCRIBE DATABASE EXTENDED " + DB2); statement.close(); connection.close(); } @@ -96,7 +94,7 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration public void testDescDbPrivilegesPositive() throws Exception { Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); - for (String dbName : new String[] { "db1", "db2" }) { + for (String dbName : new String[] { DB1, DB2 }) { statement.execute("USE " + dbName); Assert.assertTrue(statement.executeQuery("DESCRIBE DATABASE " + dbName).next()); Assert.assertTrue(statement.executeQuery("DESCRIBE DATABASE EXTENDED " + dbName).next()); @@ -112,7 +110,7 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration public void testDescPrivilegesPositive() throws Exception { Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); - for (String dbName : new String[] { "db1", "db2" }) { + for (String dbName : new String[] { DB1, DB2 }) { statement.execute("USE " + dbName); Assert.assertTrue(statement.executeQuery("DESCRIBE DATABASE " + dbName).next()); for (String tabName : new String[] { "tab1", "tab2" }) { http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/b6c62f79/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java index 67cbd32..c1a8d91 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java @@ -67,22 +67,20 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration policyFile .addRolesToGroup(USERGROUP1, "all_db1", "load_data") .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataDir.getPath()) - .addPermissionsToRole("all_db1", "server=server1->db=db_1") + .addPermissionsToRole("all_db1", "server=server1->db=" + DB1) .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); - String dbName1 = "db_1"; - String dbName2 = "proddb"; String tableName1 = "tb_1"; Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("DROP DATABASE IF EXISTS " + dbName1 + " CASCADE"); - statement.execute("DROP DATABASE IF EXISTS " + dbName2 + " CASCADE"); - statement.execute("CREATE DATABASE " + dbName1); - statement.execute("CREATE DATABASE " + dbName2); - statement.execute("DROP TABLE IF EXISTS " + dbName2 + "." + tableName1); - statement.execute("create table " + dbName2 + "." + tableName1 + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName1); + statement.execute("create table " + DB2 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.close(); connection.close(); @@ -90,7 +88,7 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration // a connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName1); + statement.execute("USE " + DB1); statement.execute("DROP TABLE IF EXISTS " + tableName1); statement.execute("create table " + tableName1 + " (under_col int comment 'the under column', value string)"); @@ -99,17 +97,17 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration policyFile .addRolesToGroup(USERGROUP1, "insert_proddb_tbl1") - .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=insert"); + .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=" + DB2 + "->table=tb_1->action=insert"); writePolicyFile(policyFile); - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); statement.execute("INSERT OVERWRITE TABLE " - + tableName1 + " SELECT * FROM " + dbName1 + + tableName1 + " SELECT * FROM " + DB1 + "." + tableName1); // b policyFile .addRolesToGroup(USERGROUP1, "select_proddb_tbl1") - .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=select"); + .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=" + DB2 + "->table=tb_1->action=select"); writePolicyFile(policyFile); ResultSet resultSet = statement.executeQuery("SELECT * FROM " + tableName1 + " LIMIT 10"); @@ -123,18 +121,18 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration // c connection = context.createConnection(USER2_1); statement = context.createStatement(connection); - context.assertAuthzException(statement, "USE " + dbName2); + context.assertAuthzException(statement, "USE " + DB2); context.assertAuthzException(statement, "INSERT OVERWRITE TABLE " - + dbName2 + "." + tableName1 + " SELECT * FROM " + dbName1 + + DB2 + "." + tableName1 + " SELECT * FROM " + DB1 + "." + tableName1); - context.assertAuthzException(statement, "SELECT * FROM " + dbName2 + "." + tableName1 + " LIMIT 10"); + context.assertAuthzException(statement, "SELECT * FROM " + DB2 + "." + tableName1 + " LIMIT 10"); statement.close(); connection.close(); // d connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); context.assertAuthzException(statement, "DROP TABLE " + tableName1); statement.close(); connection.close(); @@ -150,22 +148,20 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration public void testMovingTable2() throws Exception { policyFile .addRolesToGroup(USERGROUP1, "all_db1", "load_data") - .addPermissionsToRole("all_db1", "server=server1->db=db_1") + .addPermissionsToRole("all_db1", "server=server1->db=" + DB1) .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataDir.getPath()) .setUserGroupMapping(StaticUserGroup.getStaticMapping()); writePolicyFile(policyFile); - String dbName1 = "db_1"; - String dbName2 = "proddb"; String tableName1 = "tb_1"; Connection connection = context.createConnection(ADMIN1); Statement statement = context.createStatement(connection); - statement.execute("DROP DATABASE IF EXISTS " + dbName1 + " CASCADE"); - statement.execute("DROP DATABASE IF EXISTS " + dbName2 + " CASCADE"); - statement.execute("CREATE DATABASE " + dbName1); - statement.execute("CREATE DATABASE " + dbName2); - statement.execute("DROP TABLE IF EXISTS " + dbName2 + "." + tableName1); - statement.execute("create table " + dbName2 + "." + tableName1 + statement.execute("DROP DATABASE IF EXISTS " + DB1 + " CASCADE"); + statement.execute("DROP DATABASE IF EXISTS " + DB2 + " CASCADE"); + statement.execute("CREATE DATABASE " + DB1); + statement.execute("CREATE DATABASE " + DB2); + statement.execute("DROP TABLE IF EXISTS " + DB2 + "." + tableName1); + statement.execute("create table " + DB2 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.close(); connection.close(); @@ -173,50 +169,50 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration // a connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("DROP TABLE IF EXISTS " + dbName1 + "." + tableName1); - statement.execute("create table " + dbName1 + "." + tableName1 + statement.execute("DROP TABLE IF EXISTS " + DB1 + "." + tableName1); + statement.execute("create table " + DB1 + "." + tableName1 + " (under_col int comment 'the under column', value string)"); statement.execute("LOAD DATA LOCAL INPATH 'file://" + dataDir.getPath() - + "' INTO TABLE " + dbName1 + "." + tableName1); + + "' INTO TABLE " + DB1 + "." + tableName1); policyFile .addRolesToGroup(USERGROUP1, "insert_proddb_tbl1") - .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=insert"); + .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=" + DB2 + "->table=tb_1->action=insert"); writePolicyFile(policyFile); statement.execute("INSERT OVERWRITE TABLE " - + dbName2 + "." + tableName1 + " SELECT * FROM " + dbName1 + + DB2 + "." + tableName1 + " SELECT * FROM " + DB1 + "." + tableName1); // b policyFile .addRolesToGroup(USERGROUP1, "select_proddb_tbl1") - .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=select"); + .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=" + DB2 + "->table=tb_1->action=select"); writePolicyFile(policyFile); assertTrue("user1 should be able to select data from " - + dbName2 + "." + dbName2 + "." + tableName1, statement.execute("SELECT * FROM " - + dbName2 + "." + tableName1 + " LIMIT 10")); - assertTrue("user1 should be able to describe table " + dbName2 + "." + tableName1, - statement.execute("DESCRIBE " + dbName2 + "." + tableName1)); + + DB2 + "." + DB2 + "." + tableName1, statement.execute("SELECT * FROM " + + DB2 + "." + tableName1 + " LIMIT 10")); + assertTrue("user1 should be able to describe table " + DB2 + "." + tableName1, + statement.execute("DESCRIBE " + DB2 + "." + tableName1)); // c connection = context.createConnection(USER2_1); statement = context.createStatement(connection); context.assertAuthzException(statement, "INSERT OVERWRITE TABLE " - + dbName2 + "." + tableName1 + " SELECT * FROM " + dbName1 + + DB2 + "." + tableName1 + " SELECT * FROM " + DB1 + "." + tableName1); context.assertAuthzException(statement, "SELECT * FROM " - + dbName2 + "." + tableName1 + " LIMIT 10"); + + DB2 + "." + tableName1 + " LIMIT 10"); statement.close(); connection.close(); // d connection = context.createConnection(USER1_1); statement = context.createStatement(connection); - statement.execute("USE " + dbName2); + statement.execute("USE " + DB2); context.assertAuthzException(statement, "DROP TABLE " + tableName1); statement.close(); connection.close();
