try { policyServiceClient = SentryServiceClientFactory.create(conf); return ImmutableSet.copyOf(policyServiceClient.listPrivilegesForProvider(groups, roleSet, authorizableHierarchy)); } catch (Exception e) {
client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); client.dropRole(requestorUserName, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size());
client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL); client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL"); assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); client.dropRole(requestorUserName, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size());
assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size()); Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db2")); assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"), listPrivilegesForProvider); listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db3")); assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider); listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3")); assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider); listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1")); assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size()); Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db2")); assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"), listPrivilegesForProvider); listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db3")); assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider); listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3")); assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider); listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1")); assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);