Repository: incubator-sentry Updated Branches: refs/heads/master 4ef1792c0 -> c7c52424f
SENTRY-563: The interface listPrivilegesByRoleName may throw thrift exception if Authorizable is empty (Reviewed by Guoquan shen) Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/c7c52424 Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/c7c52424 Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/c7c52424 Branch: refs/heads/master Commit: c7c52424ffa3f065820d036ef5ddc92370eb3390 Parents: 4ef1792 Author: Huang Xiaomeng <[email protected]> Authored: Thu Jan 29 15:19:14 2015 +0800 Committer: Huang Xiaomeng <[email protected]> Committed: Thu Jan 29 15:19:14 2015 +0800 ---------------------------------------------------------------------- .../thrift/SentryPolicyServiceClientDefaultImpl.java | 2 +- .../db/service/thrift/TestSentryServerWithoutKerberos.java | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c7c52424/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java index d21a401..f6fc6d4 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java @@ -255,7 +255,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); - if (authorizable != null) { + if (authorizable != null && !authorizable.isEmpty()) { TSentryAuthorizable tSentryAuthorizable = setupSentryAuthorizable(authorizable); request.setAuthorizableHierarchy(tSentryAuthorizable); } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c7c52424/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java index 777c6d8..cfa3f19 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java @@ -19,12 +19,14 @@ package org.apache.sentry.provider.db.service.thrift; import static junit.framework.Assert.assertEquals; +import java.util.ArrayList; import java.util.HashSet; import java.util.Set; import junit.framework.Assert; import org.apache.sentry.core.common.ActiveRoleSet; +import org.apache.sentry.core.common.Authorizable; import org.apache.sentry.core.model.db.AccessConstants; import org.apache.sentry.core.model.db.Database; import org.apache.sentry.core.model.db.Server; @@ -87,8 +89,13 @@ public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBas client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL"); client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL"); + Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, null); + assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size()); - Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"))); + listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, new ArrayList<Authorizable>()); + assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size()); + + listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"))); assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size()); listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
