changes.add(new MSentryPermChange(1, update)); assertEquals("Collapsed string should match", "[1]", MSentryUtil.collapseChangeIDsToString(changes)); assertTrue("List of changes should be consecutive", MSentryUtil.isConsecutive(changes)); changes.add(new MSentryPermChange(2, update)); assertEquals("Collapsed string should match", "[1, 2]", MSentryUtil.collapseChangeIDsToString(changes)); assertTrue("List of changes should be consecutive", MSentryUtil.isConsecutive(changes)); changes.add(new MSentryPermChange(4, update)); assertEquals("Collapsed string should match", "[1, 2, 4]", MSentryUtil.collapseChangeIDsToString(changes)); assertFalse("List of changes should not be consecutive", MSentryUtil.isConsecutive(changes)); changes.add(new MSentryPermChange(5, update)); assertEquals("Collapsed string should match", "[1, 2, 4, 5]", MSentryUtil.collapseChangeIDsToString(changes)); assertFalse("List of changes should not be consecutive", MSentryUtil.isConsecutive(changes)); changes.add(new MSentryPermChange(6, update)); assertEquals("Collapsed string should match", "[1, 2, 4-6]", MSentryUtil.collapseChangeIDsToString(changes)); assertFalse("List of changes should not be consecutive", MSentryUtil.isConsecutive(changes)); changes.add(new MSentryPermChange(8, update)); assertEquals("Collapsed string should match", "[1, 2, 4-6, 8]", MSentryUtil.collapseChangeIDsToString(changes));
changeIDs.add(change.getChangeID());
long initialID = lastChangeID; MSentryPermChange addPermChange = sentryStore.getMSentryPermChangeByID(lastChangeID); assertEquals(addUpdate.JSONSerialize(), addPermChange.getPermChange()); assertEquals(delUpdate.JSONSerialize(), delPermChange.getPermChange());
assertEquals(addUpdate.JSONSerialize(), addPermChange.getPermChange()); assertEquals(delUpdate.JSONSerialize(), delPermChange.getPermChange());
pm.makePersistent(new MSentryPermChange(lastChangeID + 1, (PermissionsUpdate) update)); } else if (update instanceof UniquePathsUpdate) { long lastChangeID = SentryStore.getLastProcessedChangeIDCore(pm, MSentryPathChange.class);
@Test public void testDropObjWithPermUpdate() throws Exception { String roleName1 = "list-privs-r1", roleName2 = "list-privs-r2"; sentryStore.createSentryRole(roleName1); sentryStore.createSentryRole(roleName2); String authzObj = "db1.tbl1"; TSentryPrivilege privilege_tbl1 = new TSentryPrivilege(); privilege_tbl1.setPrivilegeScope("TABLE"); privilege_tbl1.setServerName("server1"); privilege_tbl1.setDbName("db1"); privilege_tbl1.setTableName("tbl1"); privilege_tbl1.setCreateTime(System.currentTimeMillis()); privilege_tbl1.setAction("SELECT"); sentryStore.alterSentryGrantPrivileges(SentryPrincipalType.ROLE, roleName1, Sets.newHashSet(privilege_tbl1), null); // Generate the permission drop update for dropping privilege for "db1.tbl1" PermissionsUpdate dropUpdate = new PermissionsUpdate(0, false); dropUpdate.addPrivilegeUpdate(authzObj).putToDelPrivileges(new TPrivilegePrincipal(TPrivilegePrincipalType.ROLE, PermissionsUpdate.ALL_ROLES), PermissionsUpdate.ALL_ROLES); // Drop the privilege and verify. sentryStore.dropPrivilege(toTSentryAuthorizable(privilege_tbl1), dropUpdate); assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1).size()); assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName2).size()); // Query the persisted perm change and ensure it equals to the original one long lastChangeID = sentryStore.getLastProcessedPermChangeID(); MSentryPermChange dropPermChange = sentryStore.getMSentryPermChangeByID(lastChangeID); assertEquals(dropUpdate.JSONSerialize(), dropPermChange.getPermChange()); }
assertEquals(renameUpdate.JSONSerialize(), renamePermChange.getPermChange());
@Test public void testCreateDropRoleWithPermUpdate() throws Exception { String roleName = "test-drop-role"; createRole(roleName); // Generate the permission del update for dropping role "test-drop-role" PermissionsUpdate delUpdate = new PermissionsUpdate(0, false); delUpdate.addPrivilegeUpdate(PermissionsUpdate.ALL_AUTHZ_OBJ).putToDelPrivileges( new TPrivilegePrincipal(TPrivilegePrincipalType.ROLE, roleName), PermissionsUpdate.ALL_AUTHZ_OBJ); delUpdate.addRoleUpdate(roleName).addToDelGroups(PermissionsUpdate.ALL_GROUPS); // Drop the role and verify. sentryStore.dropSentryRole(roleName, delUpdate); checkRoleDoesNotExist(roleName); // Query the persisted perm change and ensure it equals to the original one long lastChangeID = sentryStore.getLastProcessedPermChangeID(); MSentryPermChange delPermChange = sentryStore.getMSentryPermChangeByID(lastChangeID); assertEquals(delUpdate.JSONSerialize(), delPermChange.getPermChange()); }