assertAuditLog(fieldValueMap); client.grantRoleToGroup(requestorUserName, groupName, roleName); fieldValueMap.clear(); fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE); client.grantRoleToGroup(requestorUserName, groupName, errorRoleName); fail("Exception should have been thrown"); } catch (Exception e) {
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_testdb"; String groupName = "group1"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); Set<TSentryRole> roles = client.listRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantRoleToGroup(requestorUserName, groupName, roleName); Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName); assertTrue(groupRoles.size() == 1); for (TSentryRole role:groupRoles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); assertTrue(role.getGroups().size() == 1); for (TSentryGroup group :role.getGroups()) { assertTrue(group.getGroupName(), group.getGroupName().equalsIgnoreCase(groupName)); } } client.dropRole(requestorUserName, roleName); }}); }
AccessConstants.SELECT); client.grantURIPrivilege(requestorUserName, roleName1, server, "hdfs:///fooUri"); client.grantRoleToGroup(requestorUserName, group1, roleName1); client.grantTablePrivilege(requestorUserName, roleName2, server, db2, tab, AccessConstants.ALL); client.grantRoleToGroup(requestorUserName, group2, roleName2);
client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size());
client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size());
client.grantRoleToGroup(requestorUserName, group1, roleName1); client.grantRoleToGroup(requestorUserName, group1, roleName2); client.grantRoleToGroup(requestorUserName, group2, roleName2);
client.grantRoleToGroup(requestorUserName, group1, roleName1); client.grantRoleToGroup(requestorUserName, group1, roleName2); client.grantRoleToGroup(requestorUserName, group2, roleName2);
TSentryPrivilege role1db2tab = client.grantTablePrivilege( requestorUserName, roleName1, server, db2, tab, AccessConstants.SELECT); client.grantRoleToGroup(requestorUserName, group1, roleName1);