@VisibleForTesting public static TSentryAuthorizable setupSentryAuthorizable( List<? extends Authorizable> authorizable) { TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); for (Authorizable authzble : authorizable) { if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Server.toString())) { tSentryAuthorizable.setServer(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.URI.toString())) { tSentryAuthorizable.setUri(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Db.toString())) { tSentryAuthorizable.setDb(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Table.toString())) { tSentryAuthorizable.setTable(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Column.toString())) { tSentryAuthorizable.setColumn(authzble.getName()); } } return tSentryAuthorizable; }
@Test public void testSentryTablePrivilegeSome() throws Exception { String roleName = "test-table-privilege-some"; String grantor = "g1"; String dbName = "db1"; String table = "tb1"; sentryStore.createSentryRole(roleName); TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("TABLE", "server1", "ALL"); tSentryPrivilege.setDbName(dbName); tSentryPrivilege.setTableName(table); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege); TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setDb(dbName); tSentryAuthorizable.setTable(AccessConstants.SOME); tSentryAuthorizable.setServer("server1"); Set<TSentryPrivilege> privileges = sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable); assertTrue(privileges.size() == 1); Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>(); tSentryGroups.add(new TSentryGroup("group1")); sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups); TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName))); Set<String> privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable); assertTrue(privs.size()==1); assertTrue(privs.contains("server=server1->db=" + dbName + "->table=" + table + "->action=all")); }
tSentryAuthorizable.setDb(dbName); tSentryAuthorizable.setTable(table); tSentryAuthorizable.setColumn(AccessConstants.SOME);
unsetDb(); } else { setDb((String)value);
private TSentryAuthorizable toTSentryAuthorizable( TSentryPrivilege tSentryPrivilege) { TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setServer(tSentryPrivilege.getServerName()); tSentryAuthorizable.setDb(tSentryPrivilege.getDbName()); tSentryAuthorizable.setTable(tSentryPrivilege.getTableName()); tSentryAuthorizable.setUri(tSentryPrivilege.getURI()); return tSentryAuthorizable; }