private Set<TSentryPrivilege> convertColumnPrivilege( PrivilegeScope scope, String serverName, String uri, String db, String table, String column, String action, Boolean grantOption) { ImmutableSet.Builder<TSentryPrivilege> setBuilder = ImmutableSet.builder(); TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setPrivilegeScope(scope.toString()); privilege.setServerName(serverName); privilege.setURI(uri); privilege.setDbName(db); privilege.setTableName(table); privilege.setColumnName(column); privilege.setAction(action); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(convertTSentryGrantOption(grantOption)); setBuilder.add(privilege); return setBuilder.build(); }
privilege.setColumnName(null); privilege.setAction(action); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(convertTSentryGrantOption(grantOption)); setBuilder.add(privilege); privilege.setColumnName(column); privilege.setAction(action); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(convertTSentryGrantOption(grantOption)); setBuilder.add(privilege);
@Test public void testSentryPrivilegeSize() throws Exception { String role1 = "role1"; String role2 = "role2"; sentryStore.createSentryRole(role1); sentryStore.createSentryRole(role2); TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setPrivilegeScope("TABLE"); privilege.setServerName("server1"); privilege.setDbName("db1"); privilege.setTableName("tb1"); privilege.setCreateTime(System.currentTimeMillis()); String grantor = "g1"; assertEquals(Long.valueOf(0), sentryStore.getPrivilegeCountGauge().getValue()); sentryStore.alterSentryRoleGrantPrivilege(grantor, role1, privilege); assertEquals(Long.valueOf(1), sentryStore.getPrivilegeCountGauge().getValue()); sentryStore.alterSentryRoleGrantPrivilege(grantor, role2, privilege); assertEquals(Long.valueOf(1), sentryStore.getPrivilegeCountGauge().getValue()); privilege.setTableName("tb2"); sentryStore.alterSentryRoleGrantPrivilege(grantor, role2, privilege); assertEquals(Long.valueOf(2), sentryStore.getPrivilegeCountGauge().getValue()); }
privilege_tbl1.setTableName(table1); privilege_tbl1.setAction(AccessConstants.SELECT); privilege_tbl1.setCreateTime(System.currentTimeMillis()); privilege_tbl1_c1.setCreateTime(System.currentTimeMillis()); privilege_tbl1_c2.setCreateTime(System.currentTimeMillis()); privilege_tbl1_c3.setCreateTime(System.currentTimeMillis());
private void convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege, TSentryPrivilege privilege) { privilege.setCreateTime(mSentryPrivilege.getCreateTime()); privilege.setAction(fromNULLCol(mSentryPrivilege.getAction())); privilege.setPrivilegeScope(mSentryPrivilege.getPrivilegeScope()); privilege.setServerName(fromNULLCol(mSentryPrivilege.getServerName())); privilege.setDbName(fromNULLCol(mSentryPrivilege.getDbName())); privilege.setTableName(fromNULLCol(mSentryPrivilege.getTableName())); privilege.setColumnName(fromNULLCol(mSentryPrivilege.getColumnName())); privilege.setURI(fromNULLCol(mSentryPrivilege.getURI())); if (mSentryPrivilege.getGrantOption() != null) { privilege.setGrantOption(TSentryGrantOption.valueOf(mSentryPrivilege.getGrantOption().toString().toUpperCase())); } else { privilege.setGrantOption(TSentryGrantOption.UNSET); } }
privilege_tbl1.setTableName(table1); privilege_tbl1.setAction(AccessConstants.SELECT); privilege_tbl1.setCreateTime(System.currentTimeMillis()); privilege_tbl1_c1.setCreateTime(System.currentTimeMillis()); privilege_tbl1_c2.setCreateTime(System.currentTimeMillis()); privilege_tbl1_c3.setCreateTime(System.currentTimeMillis());
privilege.setColumnName(column); privilege.setAction(AccessConstants.SELECT); privilege.setCreateTime(System.currentTimeMillis()); tPrivileges.add(privilege); privilege.setColumnName(columns[i]); privilege.setAction(AccessConstants.SELECT); privilege.setCreateTime(System.currentTimeMillis()); tPrivileges.add(privilege); privilege.setTableName(table); privilege.setAction(AccessConstants.SELECT); privilege.setCreateTime(System.currentTimeMillis()); assertEquals(seqId + 3, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege) .getSequenceId());
privilege1.setTableName(table); privilege1.setAction(AccessConstants.SELECT); privilege1.setCreateTime(System.currentTimeMillis()); privilege1.setGrantOption(TSentryGrantOption.TRUE); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege1); privilege2.setColumnName(column); privilege2.setAction(AccessConstants.SELECT); privilege2.setCreateTime(System.currentTimeMillis()); privilege2.setGrantOption(TSentryGrantOption.TRUE); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege2);
privilege.setTableName(table); privilege.setAction(AccessConstants.SELECT); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(TSentryGrantOption.TRUE); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege);
@Test public void testDropOverlappedPrivileges() throws Exception { String roleName1 = "list-privs-r1"; String grantor = "g1"; sentryStore.createSentryRole(roleName1); TSentryPrivilege privilege_tbl1 = new TSentryPrivilege(); privilege_tbl1.setPrivilegeScope("TABLE"); privilege_tbl1.setServerName("server1"); privilege_tbl1.setDbName("db1"); privilege_tbl1.setTableName("tbl1"); privilege_tbl1.setCreateTime(System.currentTimeMillis()); TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege( privilege_tbl1); privilege_tbl1_insert.setAction("INSERT"); TSentryPrivilege privilege_tbl1_all = new TSentryPrivilege(privilege_tbl1); privilege_tbl1_all.setAction("*"); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_insert); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_all); sentryStore.dropPrivilege(toTSentryAuthorizable(privilege_tbl1)); assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1) .size()); }
@Test public void testCaseInsensitiveRole() throws Exception { String roleName = "newRole"; String grantor = "g1"; Set<TSentryGroup> groups = Sets.newHashSet(); TSentryGroup group = new TSentryGroup(); group.setGroupName("test-groups-g1"); groups.add(group); TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setPrivilegeScope("TABLE"); privilege.setServerName("server1"); privilege.setDbName("default"); privilege.setTableName("table1"); privilege.setAction(AccessConstants.ALL); privilege.setCreateTime(System.currentTimeMillis()); long seqId = sentryStore.createSentryRole(roleName).getSequenceId(); assertEquals(seqId + 1, sentryStore.alterSentryRoleAddGroups(grantor, roleName, groups).getSequenceId()); assertEquals(seqId + 2, sentryStore.alterSentryRoleDeleteGroups(roleName, groups).getSequenceId()); assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege).getSequenceId()); assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege).getSequenceId()); } @Test
privilege.setTableName(table); privilege.setAction(AccessConstants.ALL); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(grantOption); assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege) privilege.setAction(AccessConstants.ALL); privilege.setGrantOption(TSentryGrantOption.TRUE); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(grantOption); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege);
priv.setServerName(server); priv.setAction(AccessConstants.ALL); priv.setCreateTime(System.currentTimeMillis()); priv.setTableName(table + i); priv.setDbName(dBase);
privilege_tbl1.setDbName("db1"); privilege_tbl1.setTableName("tbl1"); privilege_tbl1.setCreateTime(System.currentTimeMillis()); privilege_server.setPrivilegeScope("SERVER"); privilege_server.setServerName("server1"); privilege_server.setCreateTime(System.currentTimeMillis()); privilege_tbl2.setDbName("db1"); privilege_tbl2.setTableName("tbl2"); privilege_tbl2.setCreateTime(System.currentTimeMillis());
privilege.setTableName(table); privilege.setAction(AccessConstants.ALL); privilege.setCreateTime(System.currentTimeMillis()); assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege) .getSequenceId());
@Test public void testGrantDuplicatePrivilege() throws Exception { String roleName = "test-privilege"; String grantor = "g1"; String server = "server1"; String db = "db1"; String table = "tbl1"; long seqId = sentryStore.createSentryRole(roleName).getSequenceId(); TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setPrivilegeScope("TABLE"); privilege.setServerName(server); privilege.setDbName(db); privilege.setTableName(table); privilege.setAction(AccessConstants.ALL); privilege.setCreateTime(System.currentTimeMillis()); assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege) .getSequenceId()); assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege) .getSequenceId()); privilege.setServerName("Server1"); privilege.setDbName("DB1"); privilege.setTableName("TBL1"); assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege) .getSequenceId()); MSentryRole role = sentryStore.getMSentryRoleByName(roleName); Set<MSentryPrivilege> privileges = role.getPrivileges(); assertEquals(privileges.toString(), 1, privileges.size()); }
priv.setServerName(server); priv.setAction(AccessConstants.ALL); priv.setCreateTime(System.currentTimeMillis()); priv.setTableName(table + i); priv.setDbName(dBase);
privilege_tbl1.setDbName("db1"); privilege_tbl1.setTableName(table1); privilege_tbl1.setCreateTime(System.currentTimeMillis());
privilege_tbl1.setDbName("db1"); privilege_tbl1.setTableName("tbl1"); privilege_tbl1.setCreateTime(System.currentTimeMillis());
privilege_tbl1.setDbName("db1"); privilege_tbl1.setTableName(table1); privilege_tbl1.setCreateTime(System.currentTimeMillis());