@Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); store.alterRoleRevokePrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); return new Response<Void>(Status.OK()); } });
@Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); CommitContext context = store.alterRoleRevokePrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } });
@Test public void testGrantAndRevokePrivilege() throws Exception { Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), anyString(), any(PrivilegeObject.class), anyString())) .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 6)); Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), anyString(),any(PrivilegeObject.class), anyString())) .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 7)); setup(); TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test"); tprivilege.setGrantOption(TSentryGrantOption.UNSET); TAlterSentryRoleGrantPrivilegeRequest grantRequest = new TAlterSentryRoleGrantPrivilegeRequest(); grantRequest.setRequestorUserName(ADMIN_USER); grantRequest.setRoleName("r1"); grantRequest.setPrivilege(tprivilege); assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus())); TAlterSentryRoleRevokePrivilegeRequest revokeRequest = new TAlterSentryRoleRevokePrivilegeRequest(); revokeRequest.setRequestorUserName(ADMIN_USER); revokeRequest.setRoleName("r1"); revokeRequest.setPrivilege(tprivilege); assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_revoke_privilege(revokeRequest).getStatus())); }
Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString())) .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString())) .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));