@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_r"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName, SOLR); client.createRole(requestorUserName, roleName, SOLR); client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(requestorUserGroupNames)); Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 1, roles.size()); for (TSentryRole role:roles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); } client.dropRole(requestorUserName, roleName, SOLR); }}); }
client.grantRoleToGroups(requestorUserName, roleName, COMPONENT, Sets.newHashSet(testGroupName)); fieldValueMap.clear(); client.grantRoleToGroups(requestorUserName, "invalidRole", COMPONENT, Sets.newHashSet(testGroupName)); fail("Exception should have been thrown");
client.grantRoleToGroups(adminUser, testRole, SOLR, adminGroup); client.grantRoleToGroups(adminUser, testRole, SOLR, testGroup);
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_r1"; String groupName = "group1"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); setLocalGroupMapping(requestorUserName, Sets.newHashSet(groupName)); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName, SOLR); client.createRole(requestorUserName, roleName, SOLR); client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(groupName)); Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName,SOLR); assertTrue(groupRoles.size() == 1); for (TSentryRole role:groupRoles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); assertTrue(role.getGroups().size() == 1); for (String group :role.getGroups()) { assertEquals(groupName, group); } } client.dropRole(requestorUserName, roleName, SOLR); }}); }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String testGroupName = "g1"; String roleName = "admin_r"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); setLocalGroupMapping(requestorUserName, Sets.newHashSet(testGroupName)); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName, SOLR); client.createRole(requestorUserName, roleName, SOLR); client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 1, roles.size()); for (TSentryRole role:roles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); assertTrue(role.getGroups().size() == 1); for (String group :role.getGroups()) { assertEquals(testGroupName, group); } } client.revokeRoleFromGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 0, roles.size()); client.dropRole(requestorUserName, roleName, SOLR); }}); }
client.grantRoleToGroups(adminUser, testRole, SOLR, testGroup);
client.grantPrivilege(adminUser, noGrantRole, SOLR, noGrantPrivilege); client.grantRoleToGroups(adminUser, grantRole, SOLR, grantOptionGroup); client.grantRoleToGroups(adminUser, noGrantRole, SOLR, noGrantOptionGroup);