Repository: incubator-sentry
Updated Branches:
  refs/heads/SENTRY-999 51e7da951 -> fbb906099


SENTRY-1093: Refactor the constructor of PolicyEngine (Colin Ma, Reviewed by 
Dapeng Sun)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/fbb90609
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/fbb90609
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/fbb90609

Branch: refs/heads/SENTRY-999
Commit: fbb90609908fc5f5914468c5aa270d6682c500a9
Parents: 51e7da9
Author: Colin Ma <co...@apache.org>
Authored: Wed Mar 9 10:14:07 2016 +0800
Committer: Colin Ma <co...@apache.org>
Committed: Wed Mar 9 10:14:07 2016 +0800

----------------------------------------------------------------------
 .../binding/hive/authz/HiveAuthzBinding.java    | 18 +++++---
 .../binding/solr/authz/SolrAuthzBinding.java    |  8 ++++
 .../sentry/sqoop/binding/SqoopAuthBinding.java  | 12 +++++-
 .../sentry/policy/db/SimpleDBPolicyEngine.java  | 10 +----
 .../sentry/policy/db/DBPolicyFileBackend.java   | 28 -------------
 .../sentry/policy/db/DBPolicyTestUtil.java      | 44 ++++++++++++++++++++
 .../policy/db/TestPolicyParsingNegative.java    | 18 ++++----
 ...sourceAuthorizationProviderGeneralCases.java |  2 +-
 ...sourceAuthorizationProviderSpecialCases.java |  5 ++-
 .../policy/db/TestSimpleDBPolicyEngineDFS.java  |  7 ++--
 .../db/TestSimpleDBPolicyEngineLocalFS.java     |  2 +-
 .../indexer/SimpleIndexerPolicyEngine.java      |  6 ---
 .../policy/indexer/IndexPolicyTestUtil.java     | 44 ++++++++++++++++++++
 .../indexer/IndexerPolicyFileBackend.java       | 28 -------------
 ...ndexerAuthorizationProviderGeneralCases.java |  2 +-
 ...ndexerAuthorizationProviderSpecialCases.java |  3 +-
 .../indexer/TestIndexerPolicyEngineDFS.java     |  2 +-
 .../indexer/TestIndexerPolicyEngineLocalFS.java |  2 +-
 .../indexer/TestIndexerPolicyNegative.java      |  6 +--
 .../policy/search/SimpleSearchPolicyEngine.java |  6 ---
 .../policy/search/SearchPolicyFileBackend.java  | 28 -------------
 .../policy/search/SearchPolicyTestUtil.java     | 44 ++++++++++++++++++++
 ...SearchAuthorizationProviderGeneralCases.java |  2 +-
 ...SearchAuthorizationProviderSpecialCases.java |  3 +-
 .../search/TestSearchPolicyEngineDFS.java       |  2 +-
 .../search/TestSearchPolicyEngineLocalFS.java   |  2 +-
 .../policy/search/TestSearchPolicyNegative.java |  6 +--
 .../policy/sqoop/SimpleSqoopPolicyEngine.java   |  8 +---
 .../sqoop/SqoopPolicyFileProviderBackend.java   | 35 ----------------
 .../policy/sqoop/SqoopPolicyTestUtil.java       | 44 ++++++++++++++++++++
 ...tSqoopAuthorizationProviderGeneralCases.java |  3 +-
 ...tSqoopAuthorizationProviderSpecialCases.java |  3 +-
 .../policy/sqoop/TestSqoopPolicyEngineDFS.java  |  2 +-
 .../sqoop/TestSqoopPolicyEngineLocalFS.java     |  3 +-
 .../policy/sqoop/TestSqoopPolicyNegative.java   | 10 ++---
 35 files changed, 255 insertions(+), 193 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
----------------------------------------------------------------------
diff --git 
a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
 
b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
index 0a1d0e8..e093b5c 100644
--- 
a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
+++ 
b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
@@ -39,6 +39,7 @@ import org.apache.sentry.core.model.db.AccessConstants;
 import org.apache.sentry.core.model.db.DBModelAction;
 import org.apache.sentry.core.model.db.DBModelAuthorizable;
 import org.apache.sentry.core.model.db.DBModelAuthorizable.AuthorizableType;
+import org.apache.sentry.core.model.db.HivePrivilegeModel;
 import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.cache.PrivilegeCache;
@@ -216,12 +217,20 @@ public class HiveAuthzBinding {
     ProviderBackend providerBackend = (ProviderBackend) 
providerBackendConstructor.
         newInstance(new Object[] {authzConf, resourceName});
 
+    // create backendContext
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(true);
+    
context.setValidators(HivePrivilegeModel.getInstance().getPrivilegeValidators(serverName));
+    // initialize the backend with the context
+    providerBackend.initialize(context);
+
+
     // load the policy engine class
     Constructor<?> policyConstructor =
-      Class.forName(policyEngineName).getDeclaredConstructor(String.class, 
ProviderBackend.class);
+      
Class.forName(policyEngineName).getDeclaredConstructor(ProviderBackend.class);
     policyConstructor.setAccessible(true);
     PolicyEngine policyEngine = (PolicyEngine) policyConstructor.
-        newInstance(new Object[] {serverName, providerBackend});
+        newInstance(new Object[] {providerBackend});
 
 
     // load the authz provider class
@@ -251,10 +260,10 @@ public class HiveAuthzBinding {
 
     // load the policy engine class
     Constructor<?> policyConstructor =
-            
Class.forName(policyEngineName).getDeclaredConstructor(String.class, 
ProviderBackend.class);
+            
Class.forName(policyEngineName).getDeclaredConstructor(ProviderBackend.class);
     policyConstructor.setAccessible(true);
     PolicyEngine policyEngine = (PolicyEngine) policyConstructor.
-            newInstance(new Object[] {serverName, providerBackend});
+            newInstance(new Object[] {providerBackend});
 
     // load the authz provider class
     Constructor<?> constrctor =
@@ -263,7 +272,6 @@ public class HiveAuthzBinding {
     return (AuthorizationProvider) constrctor.newInstance(new Object[] 
{resourceName, policyEngine});
   }
 
-
   /**
    * Validate the privilege for the given operation for the given subject
    * @param hiveOp

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
----------------------------------------------------------------------
diff --git 
a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
 
b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
index 88148c4..ea14d44 100644
--- 
a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
+++ 
b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
@@ -39,12 +39,14 @@ import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.model.search.Collection;
 import org.apache.sentry.core.model.search.SearchModelAction;
+import org.apache.sentry.core.model.search.SearchPrivilegeModel;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationComponent;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.common.GroupMappingService;
 import 
org.apache.sentry.provider.common.HadoopGroupResourceAuthorizationProvider;
 import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
 import 
org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
 import 
org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
@@ -130,6 +132,12 @@ public class SolrAuthzBinding {
       ((SentryGenericProviderBackend) 
providerBackend).setServiceName(serviceName);
     }
 
+    // Create backend context
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(false);
+    
context.setValidators(SearchPrivilegeModel.getInstance().getPrivilegeValidators());
+    providerBackend.initialize(context);
+
     // load the policy engine class
     Constructor<?> policyConstructor =
       
Class.forName(policyEngineName).getDeclaredConstructor(ProviderBackend.class);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
----------------------------------------------------------------------
diff --git 
a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
 
b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
index 8456031..55d9eb9 100644
--- 
a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
+++ 
b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
@@ -29,10 +29,12 @@ import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.model.sqoop.Server;
 import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
 import org.apache.sentry.core.model.sqoop.SqoopActionFactory;
+import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationComponent;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
 import 
org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
 import 
org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
@@ -110,12 +112,18 @@ public class SqoopAuthBinding {
       ((SentryGenericProviderBackend) 
providerBackend).setServiceName(serviceName);
     }
 
+    // Create backend context
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(false);
+    
context.setValidators(SqoopPrivilegeModel.getInstance().getPrivilegeValidators(serviceName));
+    providerBackend.initialize(context);
+
     //Instantiate the configured policyEngine
     Constructor<?> policyConstructor =
-        Class.forName(policyEngineName).getDeclaredConstructor(String.class, 
ProviderBackend.class);
+        
Class.forName(policyEngineName).getDeclaredConstructor(ProviderBackend.class);
     policyConstructor.setAccessible(true);
     PolicyEngine policyEngine =
-        (PolicyEngine) policyConstructor.newInstance(new Object[] 
{sqoopServer.getName(), providerBackend});
+        (PolicyEngine) policyConstructor.newInstance(new Object[] 
{providerBackend});
 
     //Instantiate the configured authProvider
     Constructor<?> constrctor =

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
 
b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
index ff483c1..b1f041b 100644
--- 
a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
+++ 
b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
@@ -21,11 +21,9 @@ import java.util.Set;
 import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.core.model.db.HivePrivilegeModel;
 import org.apache.sentry.policy.common.PrivilegeFactory;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.ProviderBackend;
-import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -40,12 +38,8 @@ public class SimpleDBPolicyEngine implements PolicyEngine {
 
   private final ProviderBackend providerBackend;
 
-  public SimpleDBPolicyEngine(String serverName, ProviderBackend 
providerBackend) {
+  public SimpleDBPolicyEngine(ProviderBackend providerBackend) {
     this.providerBackend = providerBackend;
-    ProviderBackendContext context = new ProviderBackendContext();
-    context.setAllowPerDatabase(true);
-    
context.setValidators(HivePrivilegeModel.getInstance().getPrivilegeValidators(serverName));
-    this.providerBackend.initialize(context);
   }
 
   /**
@@ -56,8 +50,6 @@ public class SimpleDBPolicyEngine implements PolicyEngine {
     return new DBWildcardPrivilege.DBWildcardPrivilegeFactory();
   }
 
-
-
   @Override
   public ImmutableSet<String> getAllPrivileges(Set<String> groups,
       ActiveRoleSet roleSet) throws SentryConfigurationException {

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyFileBackend.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyFileBackend.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyFileBackend.java
deleted file mode 100644
index 9dc63e4..0000000
--- 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyFileBackend.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.policy.db;
-
-import java.io.IOException;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.file.SimpleFileProviderBackend;
-
-public class DBPolicyFileBackend extends SimpleDBPolicyEngine {
-  public DBPolicyFileBackend(String server, String resource) throws 
IOException{
-    super(server, new SimpleFileProviderBackend(new Configuration(), 
resource));
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyTestUtil.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyTestUtil.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyTestUtil.java
new file mode 100644
index 0000000..c46df8f
--- /dev/null
+++ 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyTestUtil.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.policy.db;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.model.db.HivePrivilegeModel;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
+import org.apache.sentry.provider.file.SimpleFileProviderBackend;
+
+import java.io.IOException;
+
+public class DBPolicyTestUtil {
+
+  public static PolicyEngine createPolicyEngineForTest(String server, String 
resource) throws IOException {
+
+    ProviderBackend providerBackend = new SimpleFileProviderBackend(new 
Configuration(), resource);
+
+    // create backendContext
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(true);
+    
context.setValidators(HivePrivilegeModel.getInstance().getPrivilegeValidators(server));
+    // initialize the backend with the context
+    providerBackend.initialize(context);
+
+
+    return new SimpleDBPolicyEngine(providerBackend);
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestPolicyParsingNegative.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestPolicyParsingNegative.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestPolicyParsingNegative.java
index 5f7c671..8bc511d 100644
--- 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestPolicyParsingNegative.java
+++ 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestPolicyParsingNegative.java
@@ -72,7 +72,7 @@ public class TestPolicyParsingNegative {
     append("other_group = malicious_role", otherPolicyFile);
     append("[roles]", otherPolicyFile);
     append("malicious_role = 
server=server1->db=customers->table=purchases->action=select", otherPolicyFile);
-    PolicyEngine policy = new DBPolicyFileBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("other_group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -86,21 +86,21 @@ public class TestPolicyParsingNegative {
     policyFile.addGroupsToUser("admin1", "admin");
     policyFile.write(globalPolicyFile);
     policyFile.write(otherPolicyFile);
-    policy = new DBPolicyFileBackend("server1", globalPolicyFile.getPath());
+    policy = DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     permissions = policy.getAllPrivileges(Sets.newHashSet("admin"), 
ActiveRoleSet.ALL);
     Assert.assertEquals(permissions.toString(), "[server=server1]");
     // test to ensure [users] fails parsing of per-db file
     policyFile.addDatabase("other", otherPolicyFile.getPath());
     policyFile.write(globalPolicyFile);
     policyFile.write(otherPolicyFile);
-    policy = new DBPolicyFileBackend("server1", globalPolicyFile.getPath());
+    policy = DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     permissions = policy.getAllPrivileges(Sets.newHashSet("admin"), 
ActiveRoleSet.ALL);
     Assert.assertEquals(permissions.toString(), "[server=server1]");
     // test to ensure [databases] fails parsing of per-db file
     // by removing the user mapping from the per-db policy file
     policyFile.removeGroupsFromUser("admin1", "admin")
       .write(otherPolicyFile);
-    policy = new DBPolicyFileBackend("server1", globalPolicyFile.getPath());
+    policy = DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     permissions = policy.getAllPrivileges(Sets.newHashSet("admin"), 
ActiveRoleSet.ALL);
     Assert.assertEquals(permissions.toString(), "[server=server1]");
   }
@@ -113,7 +113,7 @@ public class TestPolicyParsingNegative {
     append("other_group = malicious_role", otherPolicyFile);
     append("[roles]", otherPolicyFile);
     append("malicious_role = server=server1", otherPolicyFile);
-    PolicyEngine policy = new DBPolicyFileBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("other_group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -124,7 +124,7 @@ public class TestPolicyParsingNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = server=*", globalPolicyFile);
-    PolicyEngine policy = new DBPolicyFileBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -135,7 +135,7 @@ public class TestPolicyParsingNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = server=server2", globalPolicyFile);
-    PolicyEngine policy = new DBPolicyFileBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -146,7 +146,7 @@ public class TestPolicyParsingNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = *", globalPolicyFile);
-    PolicyEngine policy = new DBPolicyFileBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -182,7 +182,7 @@ public class TestPolicyParsingNegative {
     append("[roles]", db2PolicyFile);
     append("db2_rule = 
server=server1->db=db2->table=purchases->action=select", db2PolicyFile);
 
-    PolicyEngine policy = new DBPolicyFileBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
 
     // verify that the db1 rule is empty
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("db1_group"), ActiveRoleSet.ALL);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
index 53b83a5..2da4699 100644
--- 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
+++ 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
@@ -91,7 +91,7 @@ public class TestResourceAuthorizationProviderGeneralCases {
     baseDir = Files.createTempDir();
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini", 
"test-authz-provider-other-group.ini");
     authzProvider = new HadoopGroupResourceAuthorizationProvider(
-        new DBPolicyFileBackend("server1",
+            DBPolicyTestUtil.createPolicyEngineForTest("server1",
         new File(baseDir, "test-authz-provider.ini").getPath()),
         new MockGroupMappingServiceProvider(USER_TO_GROUP_MAP));
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderSpecialCases.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderSpecialCases.java
index 3ae901e..b166499 100644
--- 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderSpecialCases.java
+++ 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderSpecialCases.java
@@ -32,6 +32,7 @@ import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.model.db.AccessURI;
 import org.apache.sentry.core.model.db.DBModelAction;
 import org.apache.sentry.core.model.db.Server;
+import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
 import org.apache.sentry.provider.file.PolicyFile;
@@ -74,7 +75,7 @@ public class TestResourceAuthorizationProviderSpecialCases {
       .addPermissionsToRole("role1", true, "server=" + server1.getName() + 
"->uri=" + uri.getName(),
           "server=" + server1.getName() + "->uri=" + uri.getName());
     policyFile.write(iniFile);
-    DBPolicyFileBackend policy = new DBPolicyFileBackend(server1.getName(), 
initResource);
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest(server1.getName(), initResource);
     authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, 
policy);
     List<? extends Authorizable> authorizableHierarchy = 
ImmutableList.of(server1, uri);
     Assert.assertTrue(authorizableHierarchy.toString(),
@@ -90,7 +91,7 @@ public class TestResourceAuthorizationProviderSpecialCases {
       .addRolesToGroup("group1", "role1")
       .addPermissionsToRole("role1", "server=" + server1.getName() + "->uri=" 
+ uri.getName());
     policyFile.write(iniFile);
-    DBPolicyFileBackend policy = new DBPolicyFileBackend(server1.getName(), 
initResource);
+    PolicyEngine policy = 
DBPolicyTestUtil.createPolicyEngineForTest(server1.getName(), initResource);
     authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, 
policy);
     // positive test
     List<? extends Authorizable> authorizableHierarchy = 
ImmutableList.of(server1, uri);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineDFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineDFS.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineDFS.java
index f8c36e2..901e5bf 100644
--- 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineDFS.java
+++ 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineDFS.java
@@ -27,6 +27,7 @@ import org.apache.hadoop.fs.FileSystem;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.hdfs.MiniDFSCluster;
 import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.file.PolicyFile;
 import org.apache.sentry.provider.file.PolicyFiles;
 import org.junit.AfterClass;
@@ -70,7 +71,7 @@ public class TestSimpleDBPolicyEngineDFS extends 
AbstractTestSimplePolicyEngine
     fileSystem.delete(etc, true);
     fileSystem.mkdirs(etc);
     PolicyFiles.copyToDir(fileSystem, etc, "test-authz-provider.ini", 
"test-authz-provider-other-group.ini");
-    setPolicy(new DBPolicyFileBackend("server1",
+    setPolicy(DBPolicyTestUtil.createPolicyEngineForTest("server1",
         new Path(etc, "test-authz-provider.ini").toString()));
   }
   @Override
@@ -102,8 +103,8 @@ public class TestSimpleDBPolicyEngineDFS extends 
AbstractTestSimplePolicyEngine
 
     PolicyFiles.copyFilesToDir(fileSystem, etc, globalPolicyFile);
     PolicyFiles.copyFilesToDir(fileSystem, etc, dbPolicyFile);
-    DBPolicyFileBackend multiFSEngine =
-        new DBPolicyFileBackend("server1", globalPolicyFile.getPath());
+    PolicyEngine multiFSEngine =
+            DBPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
 
     Set<String> dbGroups = Sets.newHashSet();
     dbGroups.add("group1");

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineLocalFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineLocalFS.java
 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineLocalFS.java
index cb4e1a2..435e4d8 100644
--- 
a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineLocalFS.java
+++ 
b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestSimpleDBPolicyEngineLocalFS.java
@@ -32,7 +32,7 @@ public class TestSimpleDBPolicyEngineLocalFS extends 
AbstractTestSimplePolicyEng
     Assert.assertNotNull(baseDir);
     Assert.assertTrue(baseDir.isDirectory() || baseDir.mkdirs());
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini", 
"test-authz-provider-other-group.ini");
-    setPolicy(new DBPolicyFileBackend("server1",
+    setPolicy(DBPolicyTestUtil.createPolicyEngineForTest("server1",
         new File(baseDir, "test-authz-provider.ini").getPath()));
   }
   @Override

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/main/java/org/apache/sentry/policy/indexer/SimpleIndexerPolicyEngine.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/main/java/org/apache/sentry/policy/indexer/SimpleIndexerPolicyEngine.java
 
b/sentry-policy/sentry-policy-indexer/src/main/java/org/apache/sentry/policy/indexer/SimpleIndexerPolicyEngine.java
index 514b88a..2ed6a6a 100644
--- 
a/sentry-policy/sentry-policy-indexer/src/main/java/org/apache/sentry/policy/indexer/SimpleIndexerPolicyEngine.java
+++ 
b/sentry-policy/sentry-policy-indexer/src/main/java/org/apache/sentry/policy/indexer/SimpleIndexerPolicyEngine.java
@@ -21,11 +21,9 @@ import java.util.Set;
 import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.core.model.indexer.IndexerPrivilegeModel;
 import org.apache.sentry.policy.common.PrivilegeFactory;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.ProviderBackend;
-import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -43,10 +41,6 @@ public class SimpleIndexerPolicyEngine implements 
PolicyEngine {
 
   public SimpleIndexerPolicyEngine(ProviderBackend providerBackend) {
     this.providerBackend = providerBackend;
-    ProviderBackendContext context = new ProviderBackendContext();
-    context.setAllowPerDatabase(false);
-    
context.setValidators(IndexerPrivilegeModel.getInstance().getPrivilegeValidators());
-    this.providerBackend.initialize(context);
   }
 
   /**

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexPolicyTestUtil.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexPolicyTestUtil.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexPolicyTestUtil.java
new file mode 100644
index 0000000..45d3400
--- /dev/null
+++ 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexPolicyTestUtil.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.policy.indexer;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.model.indexer.IndexerPrivilegeModel;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
+import org.apache.sentry.provider.file.SimpleFileProviderBackend;
+
+import java.io.IOException;
+
+public class IndexPolicyTestUtil {
+
+  public static PolicyEngine createPolicyEngineForTest(String resource) throws 
IOException {
+
+    ProviderBackend providerBackend = new SimpleFileProviderBackend(new 
Configuration(), resource);
+
+    // create backendContext
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(false);
+    
context.setValidators(IndexerPrivilegeModel.getInstance().getPrivilegeValidators());
+    // initialize the backend with the context
+    providerBackend.initialize(context);
+
+
+    return new SimpleIndexerPolicyEngine(providerBackend);
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexerPolicyFileBackend.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexerPolicyFileBackend.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexerPolicyFileBackend.java
deleted file mode 100644
index ba1b3ed..0000000
--- 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexerPolicyFileBackend.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.policy.indexer;
-
-import java.io.IOException;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.file.SimpleFileProviderBackend;
-
-public class IndexerPolicyFileBackend extends SimpleIndexerPolicyEngine {
-  public IndexerPolicyFileBackend(String resource) throws IOException{
-    super(new SimpleFileProviderBackend(new Configuration(), resource));
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
index 00c1b6d..2781bf9 100644
--- 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
+++ 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
@@ -85,7 +85,7 @@ public class TestIndexerAuthorizationProviderGeneralCases {
     baseDir = Files.createTempDir();
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini");
     authzProvider = new HadoopGroupResourceAuthorizationProvider(
-        new IndexerPolicyFileBackend(new File(baseDir, 
"test-authz-provider.ini").getPath()),
+        IndexPolicyTestUtil.createPolicyEngineForTest(new File(baseDir, 
"test-authz-provider.ini").getPath()),
         new MockGroupMappingServiceProvider(USER_TO_GROUP_MAP));
 
   }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
index 0765b92..3af9481 100644
--- 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
+++ 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
@@ -31,6 +31,7 @@ import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.model.indexer.Indexer;
 import org.apache.sentry.core.model.indexer.IndexerModelAction;
+import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
 import org.apache.sentry.provider.file.PolicyFile;
@@ -72,7 +73,7 @@ public class TestIndexerAuthorizationProviderSpecialCases {
       .addPermissionsToRole("role1", true, "indexer=" + indexer1.getName(),
           "indexer=" + indexer1.getName());
     policyFile.write(iniFile);
-    IndexerPolicyFileBackend policy = new 
IndexerPolicyFileBackend(initResource);
+    PolicyEngine policy = 
IndexPolicyTestUtil.createPolicyEngineForTest(initResource);
     authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, 
policy);
     List<? extends Authorizable> authorizableHierarchy = 
ImmutableList.of(indexer1);
     Assert.assertTrue(authorizableHierarchy.toString(),

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineDFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineDFS.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineDFS.java
index f439430..0639082 100644
--- 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineDFS.java
+++ 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineDFS.java
@@ -63,7 +63,7 @@ public class TestIndexerPolicyEngineDFS extends 
AbstractTestIndexerPolicyEngine
     fileSystem.delete(etc, true);
     fileSystem.mkdirs(etc);
     PolicyFiles.copyToDir(fileSystem, etc, "test-authz-provider.ini");
-    setPolicy(new IndexerPolicyFileBackend(new Path(etc,
+    setPolicy(IndexPolicyTestUtil.createPolicyEngineForTest(new Path(etc,
         "test-authz-provider.ini").toString()));
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineLocalFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineLocalFS.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineLocalFS.java
index 95cf2a6..94da6f7 100644
--- 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineLocalFS.java
+++ 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyEngineLocalFS.java
@@ -32,7 +32,7 @@ public class TestIndexerPolicyEngineLocalFS extends 
AbstractTestIndexerPolicyEng
     Assert.assertNotNull(baseDir);
     Assert.assertTrue(baseDir.isDirectory() || baseDir.mkdirs());
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini");
-    setPolicy(new IndexerPolicyFileBackend(new File(baseDir, 
"test-authz-provider.ini").getPath()));
+    setPolicy(IndexPolicyTestUtil.createPolicyEngineForTest(new File(baseDir, 
"test-authz-provider.ini").getPath()));
   }
   @Override
   protected void beforeTeardown() throws IOException {

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyNegative.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyNegative.java
 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyNegative.java
index 0706560..8117616 100644
--- 
a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyNegative.java
+++ 
b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerPolicyNegative.java
@@ -72,7 +72,7 @@ public class TestIndexerPolicyNegative {
     append("other_group = some_role", otherPolicyFile);
     append("[roles]", otherPolicyFile);
     append("some_role = indexer=i1", otherPolicyFile);
-    IndexerPolicyFileBackend policy = new 
IndexerPolicyFileBackend(globalPolicyFile.getPath());
+    PolicyEngine policy = 
IndexPolicyTestUtil.createPolicyEngineForTest(globalPolicyFile.getPath());
     Assert.assertEquals(Collections.emptySet(),
         policy.getPrivileges(Sets.newHashSet("other_group"), 
ActiveRoleSet.ALL));
   }
@@ -83,7 +83,7 @@ public class TestIndexerPolicyNegative {
     append("group = some_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("some_role = action=read", globalPolicyFile);
-    PolicyEngine policy = new 
IndexerPolicyFileBackend(globalPolicyFile.getPath());
+    PolicyEngine policy = 
IndexPolicyTestUtil.createPolicyEngineForTest(globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -94,7 +94,7 @@ public class TestIndexerPolicyNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = indexer=*", globalPolicyFile);
-    PolicyEngine policy = new 
IndexerPolicyFileBackend(globalPolicyFile.getPath());
+    PolicyEngine policy = 
IndexPolicyTestUtil.createPolicyEngineForTest(globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getPrivileges(Sets.newHashSet("incorrectGroup"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
 
b/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
index 11db0e6..cde0e7a 100644
--- 
a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
+++ 
b/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
@@ -21,11 +21,9 @@ import java.util.Set;
 import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.core.model.search.SearchPrivilegeModel;
 import org.apache.sentry.policy.common.PrivilegeFactory;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.ProviderBackend;
-import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -43,10 +41,6 @@ public class SimpleSearchPolicyEngine implements 
PolicyEngine {
 
   public SimpleSearchPolicyEngine(ProviderBackend providerBackend) {
     this.providerBackend = providerBackend;
-    ProviderBackendContext context = new ProviderBackendContext();
-    context.setAllowPerDatabase(false);
-    
context.setValidators(SearchPrivilegeModel.getInstance().getPrivilegeValidators());
-    this.providerBackend.initialize(context);
   }
 
   /**

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyFileBackend.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyFileBackend.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyFileBackend.java
deleted file mode 100644
index be23e15..0000000
--- 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyFileBackend.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.policy.search;
-
-import java.io.IOException;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.file.SimpleFileProviderBackend;
-
-public class SearchPolicyFileBackend extends SimpleSearchPolicyEngine {
-  public SearchPolicyFileBackend(String resource) throws IOException{
-    super(new SimpleFileProviderBackend(new Configuration(), resource));
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyTestUtil.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyTestUtil.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyTestUtil.java
new file mode 100644
index 0000000..0f76050
--- /dev/null
+++ 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyTestUtil.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.policy.search;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.model.search.SearchPrivilegeModel;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
+import org.apache.sentry.provider.file.SimpleFileProviderBackend;
+
+import java.io.IOException;
+
+public class SearchPolicyTestUtil {
+
+  public static PolicyEngine createPolicyEngineForTest(String resource) throws 
IOException {
+
+    ProviderBackend providerBackend = new SimpleFileProviderBackend(new 
Configuration(), resource);
+
+    // create backendContext
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(false);
+    
context.setValidators(SearchPrivilegeModel.getInstance().getPrivilegeValidators());
+    // initialize the backend with the context
+    providerBackend.initialize(context);
+
+
+    return new SimpleSearchPolicyEngine(providerBackend);
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
index 52a9021..c9c8330 100644
--- 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
+++ 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
@@ -84,7 +84,7 @@ public class TestSearchAuthorizationProviderGeneralCases {
     baseDir = Files.createTempDir();
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini");
     authzProvider = new HadoopGroupResourceAuthorizationProvider(
-        new SearchPolicyFileBackend(new File(baseDir, 
"test-authz-provider.ini").getPath()),
+            SearchPolicyTestUtil.createPolicyEngineForTest(new File(baseDir, 
"test-authz-provider.ini").getPath()),
         new MockGroupMappingServiceProvider(USER_TO_GROUP_MAP));
 
   }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderSpecialCases.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderSpecialCases.java
index 801a702..b3a68a7 100644
--- 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderSpecialCases.java
+++ 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderSpecialCases.java
@@ -31,6 +31,7 @@ import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.model.search.Collection;
 import org.apache.sentry.core.model.search.SearchModelAction;
+import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
 import org.apache.sentry.provider.file.PolicyFile;
@@ -72,7 +73,7 @@ public class TestSearchAuthorizationProviderSpecialCases {
       .addPermissionsToRole("role1", true, "collection=" + 
collection1.getName(),
           "collection=" + collection1.getName());
     policyFile.write(iniFile);
-    SearchPolicyFileBackend policy = new SearchPolicyFileBackend(initResource);
+    PolicyEngine policy = 
SearchPolicyTestUtil.createPolicyEngineForTest(initResource);
     authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, 
policy);
     List<? extends Authorizable> authorizableHierarchy = 
ImmutableList.of(collection1);
     Assert.assertTrue(authorizableHierarchy.toString(),

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineDFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineDFS.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineDFS.java
index 735935e..292685b 100644
--- 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineDFS.java
+++ 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineDFS.java
@@ -63,7 +63,7 @@ public class TestSearchPolicyEngineDFS extends 
AbstractTestSearchPolicyEngine {
     fileSystem.delete(etc, true);
     fileSystem.mkdirs(etc);
     PolicyFiles.copyToDir(fileSystem, etc, "test-authz-provider.ini");
-    setPolicy(new SearchPolicyFileBackend(new Path(etc,
+    setPolicy(SearchPolicyTestUtil.createPolicyEngineForTest(new Path(etc,
         "test-authz-provider.ini").toString()));
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineLocalFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineLocalFS.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineLocalFS.java
index 77048cf..9d34460 100644
--- 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineLocalFS.java
+++ 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyEngineLocalFS.java
@@ -32,7 +32,7 @@ public class TestSearchPolicyEngineLocalFS extends 
AbstractTestSearchPolicyEngin
     Assert.assertNotNull(baseDir);
     Assert.assertTrue(baseDir.isDirectory() || baseDir.mkdirs());
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini");
-    setPolicy(new SearchPolicyFileBackend(new File(baseDir, 
"test-authz-provider.ini").getPath()));
+    setPolicy(SearchPolicyTestUtil.createPolicyEngineForTest(new File(baseDir, 
"test-authz-provider.ini").getPath()));
   }
   @Override
   protected void beforeTeardown() throws IOException {

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyNegative.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyNegative.java
 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyNegative.java
index 2abe8f2..9155dad 100644
--- 
a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyNegative.java
+++ 
b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchPolicyNegative.java
@@ -72,7 +72,7 @@ public class TestSearchPolicyNegative {
     append("other_group = some_role", otherPolicyFile);
     append("[roles]", otherPolicyFile);
     append("some_role = collection=c1", otherPolicyFile);
-    SearchPolicyFileBackend policy = new 
SearchPolicyFileBackend(globalPolicyFile.getPath());
+    PolicyEngine policy = 
SearchPolicyTestUtil.createPolicyEngineForTest(globalPolicyFile.getPath());
     Assert.assertEquals(Collections.emptySet(),
         policy.getPrivileges(Sets.newHashSet("other_group"), 
ActiveRoleSet.ALL));
   }
@@ -83,7 +83,7 @@ public class TestSearchPolicyNegative {
     append("group = some_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("some_role = action=query", globalPolicyFile);
-    PolicyEngine policy = new 
SearchPolicyFileBackend(globalPolicyFile.getPath());
+    PolicyEngine policy = 
SearchPolicyTestUtil.createPolicyEngineForTest(globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -94,7 +94,7 @@ public class TestSearchPolicyNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = collection=*", globalPolicyFile);
-    PolicyEngine policy = new 
SearchPolicyFileBackend(globalPolicyFile.getPath());
+    PolicyEngine policy = 
SearchPolicyTestUtil.createPolicyEngineForTest(globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getPrivileges(Sets.newHashSet("incorrectGroup"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java
 
b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java
index 603295c..33f6c77 100644
--- 
a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java
+++ 
b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java
@@ -21,11 +21,9 @@ import java.util.Set;
 import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
 import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.policy.common.PrivilegeFactory;
 import org.apache.sentry.provider.common.ProviderBackend;
-import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -35,12 +33,8 @@ public class SimpleSqoopPolicyEngine implements PolicyEngine 
{
   private static final Logger LOGGER = 
LoggerFactory.getLogger(SimpleSqoopPolicyEngine.class);
   private final ProviderBackend providerBackend;
 
-  public SimpleSqoopPolicyEngine(String sqoopServerName, ProviderBackend 
providerBackend) {
+  public SimpleSqoopPolicyEngine(ProviderBackend providerBackend) {
     this.providerBackend = providerBackend;
-    ProviderBackendContext context = new ProviderBackendContext();
-    context.setAllowPerDatabase(false);
-    
context.setValidators(SqoopPrivilegeModel.getInstance().getPrivilegeValidators(sqoopServerName));
-    this.providerBackend.initialize(context);
   }
   @Override
   public PrivilegeFactory getPrivilegeFactory() {

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyFileProviderBackend.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyFileProviderBackend.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyFileProviderBackend.java
deleted file mode 100644
index 5da63a3..0000000
--- 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyFileProviderBackend.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.sentry.policy.sqoop;
-
-import java.io.IOException;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.file.SimpleFileProviderBackend;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class SqoopPolicyFileProviderBackend extends SimpleSqoopPolicyEngine {
-  private static final Logger LOGGER = 
LoggerFactory.getLogger(SqoopPolicyFileProviderBackend.class);
-  public SqoopPolicyFileProviderBackend(String sqoopServerName,
-      String resource) throws IOException {
-    super(sqoopServerName, new SimpleFileProviderBackend(new Configuration(), 
resource));
-    LOGGER.warn("The DB providerbackend is the preferred option over file 
providerbackend as the sqoop policy engine");
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyTestUtil.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyTestUtil.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyTestUtil.java
new file mode 100644
index 0000000..a76554e
--- /dev/null
+++ 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/SqoopPolicyTestUtil.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.policy.sqoop;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
+import org.apache.sentry.provider.file.SimpleFileProviderBackend;
+
+import java.io.IOException;
+
+public class SqoopPolicyTestUtil {
+
+  public static PolicyEngine createPolicyEngineForTest(String server, String 
resource) throws IOException {
+
+    ProviderBackend providerBackend = new SimpleFileProviderBackend(new 
Configuration(), resource);
+
+    // create backendContext
+    ProviderBackendContext context = new ProviderBackendContext();
+    context.setAllowPerDatabase(false);
+    
context.setValidators(SqoopPrivilegeModel.getInstance().getPrivilegeValidators(server));
+    // initialize the backend with the context
+    providerBackend.initialize(context);
+
+
+    return new SimpleSqoopPolicyEngine(providerBackend);
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
index e59164d..1e97b62 100644
--- 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
+++ 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
@@ -98,7 +98,8 @@ public class TestSqoopAuthorizationProviderGeneralCases {
     baseDir = Files.createTempDir();
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini");
     authzProvider = new HadoopGroupResourceAuthorizationProvider(
-        new SqoopPolicyFileProviderBackend(server1.getName(), new 
File(baseDir, "test-authz-provider.ini").getPath()),
+        SqoopPolicyTestUtil.createPolicyEngineForTest(server1.getName(),
+        new File(baseDir, "test-authz-provider.ini").getPath()),
         new MockGroupMappingServiceProvider(USER_TO_GROUP_MAP));
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
index 2198c7b..99eaf18 100644
--- 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
+++ 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
@@ -34,6 +34,7 @@ import org.apache.sentry.core.model.sqoop.Connector;
 import org.apache.sentry.core.model.sqoop.Server;
 import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
 import org.apache.sentry.core.model.sqoop.SqoopActionFactory.SqoopAction;
+import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
 import org.apache.sentry.provider.file.PolicyFile;
@@ -77,7 +78,7 @@ public class TestSqoopAuthorizationProviderSpecialCases {
       .addPermissionsToRole("role1", true, 
"server=server1->connector=c1->action=read",
           "server=server1->connector=c1->action=read");
     policyFile.write(iniFile);
-    SqoopPolicyFileProviderBackend policy = new 
SqoopPolicyFileProviderBackend(server1.getName(), initResource);
+    PolicyEngine policy = 
SqoopPolicyTestUtil.createPolicyEngineForTest(server1.getName(), initResource);
     authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, 
policy);
     List<? extends Authorizable> authorizableHierarchy = 
ImmutableList.of(server1, connector1);
     Assert.assertTrue(authorizableHierarchy.toString(),

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineDFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineDFS.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineDFS.java
index 676262e..9611ad8 100644
--- 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineDFS.java
+++ 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineDFS.java
@@ -64,7 +64,7 @@ public class TestSqoopPolicyEngineDFS extends 
AbstractTestSqoopPolicyEngine {
     fileSystem.delete(etc, true);
     fileSystem.mkdirs(etc);
     PolicyFiles.copyToDir(fileSystem, etc, "test-authz-provider.ini");
-    setPolicy(new SqoopPolicyFileProviderBackend(sqoopServerName, new Path(etc,
+    setPolicy(SqoopPolicyTestUtil.createPolicyEngineForTest(sqoopServerName, 
new Path(etc,
         "test-authz-provider.ini").toString()));
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineLocalFS.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineLocalFS.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineLocalFS.java
index 554c580..a4a874b 100644
--- 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineLocalFS.java
+++ 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyEngineLocalFS.java
@@ -33,7 +33,8 @@ public class TestSqoopPolicyEngineLocalFS extends 
AbstractTestSqoopPolicyEngine
     Assert.assertNotNull(baseDir);
     Assert.assertTrue(baseDir.isDirectory() || baseDir.mkdirs());
     PolicyFiles.copyToDir(baseDir, "test-authz-provider.ini");
-    setPolicy(new SqoopPolicyFileProviderBackend(sqoopServerName, new 
File(baseDir, "test-authz-provider.ini").getPath()));
+    setPolicy(SqoopPolicyTestUtil.createPolicyEngineForTest(sqoopServerName,
+      new File(baseDir, "test-authz-provider.ini").getPath()));
   }
   @Override
   protected void beforeTeardown() throws IOException {

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fbb90609/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyNegative.java
----------------------------------------------------------------------
diff --git 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyNegative.java
 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyNegative.java
index 406e53f..646a3c8 100644
--- 
a/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyNegative.java
+++ 
b/sentry-policy/sentry-policy-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopPolicyNegative.java
@@ -66,7 +66,7 @@ public class TestSqoopPolicyNegative {
     append("other_group = other_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("other_role = server=server1->connector=c1->action=read, 
server=server1->link=l1->action=read", globalPolicyFile);
-    PolicyEngine policy = new SqoopPolicyFileProviderBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
SqoopPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     //malicious_group has no privilege
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("malicious_group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
@@ -81,7 +81,7 @@ public class TestSqoopPolicyNegative {
     append("other_group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = connector=c1->action=read,link=l1->action=read", 
globalPolicyFile);
-    PolicyEngine policy = new SqoopPolicyFileProviderBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
SqoopPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("other_group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -92,7 +92,7 @@ public class TestSqoopPolicyNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = server=*", globalPolicyFile);
-    PolicyEngine policy = new SqoopPolicyFileProviderBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
SqoopPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -103,7 +103,7 @@ public class TestSqoopPolicyNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = server=server2", globalPolicyFile);
-    PolicyEngine policy = new SqoopPolicyFileProviderBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
SqoopPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }
@@ -114,7 +114,7 @@ public class TestSqoopPolicyNegative {
     append("group = malicious_role", globalPolicyFile);
     append("[roles]", globalPolicyFile);
     append("malicious_role = *", globalPolicyFile);
-    PolicyEngine policy = new SqoopPolicyFileProviderBackend("server1", 
globalPolicyFile.getPath());
+    PolicyEngine policy = 
SqoopPolicyTestUtil.createPolicyEngineForTest("server1", 
globalPolicyFile.getPath());
     ImmutableSet<String> permissions = 
policy.getAllPrivileges(Sets.newHashSet("group"), ActiveRoleSet.ALL);
     Assert.assertTrue(permissions.toString(), permissions.isEmpty());
   }

Reply via email to