public Object getFieldValue(_Fields field) { switch (field) { case ROLE_NAME: return getRoleName(); case GROUPS: return getGroups(); } throw new IllegalStateException(); }
/** * Build cache replica with latest values * * @return cache replica with latest values */ private Table<String, String, Set<String>> loadFromRemote() throws Exception { Table<String, String, Set<String>> tempCache = HashBasedTable.create(); String requestor; requestor = UserGroupInformation.getLoginUser().getShortUserName(); try(SentryGenericServiceClient client = getClient()) { Set<TSentryRole> tSentryRoles = client.listAllRoles(requestor, componentType); for (TSentryRole tSentryRole : tSentryRoles) { final String roleName = tSentryRole.getRoleName(); final Set<TSentryPrivilege> tSentryPrivileges = client.listAllPrivilegesByRoleName(requestor, roleName, componentType, serviceName); for (String group : tSentryRole.getGroups()) { Set<String> currentPrivileges = tempCache.get(group, roleName); if (currentPrivileges == null) { currentPrivileges = new HashSet<>(); tempCache.put(group, roleName, currentPrivileges); } for (TSentryPrivilege tSentryPrivilege : tSentryPrivileges) { currentPrivileges.add(tSentryPrivilegeConverter.toString(tSentryPrivilege)); } } } return tempCache; } }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_r1"; String groupName = "group1"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); setLocalGroupMapping(requestorUserName, Sets.newHashSet(groupName)); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName, SOLR); client.createRole(requestorUserName, roleName, SOLR); client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(groupName)); Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName,SOLR); assertTrue(groupRoles.size() == 1); for (TSentryRole role:groupRoles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); assertTrue(role.getGroups().size() == 1); for (String group :role.getGroups()) { assertEquals(groupName, group); } } client.dropRole(requestorUserName, roleName, SOLR); }}); }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String testGroupName = "g1"; String roleName = "admin_r"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); setLocalGroupMapping(requestorUserName, Sets.newHashSet(testGroupName)); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName, SOLR); client.createRole(requestorUserName, roleName, SOLR); client.grantRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 1, roles.size()); for (TSentryRole role:roles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); assertTrue(role.getGroups().size() == 1); for (String group :role.getGroups()) { assertEquals(testGroupName, group); } } client.revokeRoleFromGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName)); roles = client.listUserRoles(requestorUserName,SOLR); assertEquals("Incorrect number of roles", 0, roles.size()); client.dropRole(requestorUserName, roleName, SOLR); }}); }
for(TSentryRole tRole:tRoles) { if(tRole.getRoleName().equals(role1)) { assertEquals(groups1, tRole.getGroups()); } else if(tRole.getRoleName().equals(role2)) { assertEquals(groups2, tRole.getGroups()); for(TSentryRole tRole:tRoles) { if(tRole.getRoleName().equals(role1)) { assertEquals(groups1, tRole.getGroups()); } else if(tRole.getRoleName().equals(role2)) { assertEquals(groups2, tRole.getGroups()); for(TSentryRole tRole:tRoles) { if(tRole.getRoleName().equals(role1)) { assertEquals(groups1, tRole.getGroups()); } else if(tRole.getRoleName().equals(role2)) { assertEquals(groups2, tRole.getGroups()); for(TSentryRole tRole:tRoles) { if(tRole.getRoleName().equals(role3)) { assertEquals(groups1, tRole.getGroups());
for(TSentryRole tRole:tRoles) { assertEquals(role1, tRole.getRoleName()); assertEquals(twoGroups, tRole.getGroups()); for(TSentryRole tRole:tRoles) { assertEquals(role2, tRole.getRoleName()); assertEquals(oneGroup, tRole.getGroups()); for(TSentryRole tRole:tRoles) { assertEquals(role1, tRole.getRoleName()); assertEquals(Sets.newHashSet("g2"), tRole.getGroups());