@Override public Response<Set<TSentryRole>> handle() throws Exception { validateClientVersion(request.getProtocol_version()); Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName()); if (!AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) { boolean admin = inAdminGroups(groups); //Only admin users can list all roles in the system ( groupname = null) //Non admin users are only allowed to list only groups which they belong to if(!admin && (request.getGroupName() == null || !groups.contains(request.getGroupName()))) { throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName()); } groups.clear(); groups.add(request.getGroupName()); } Set<TSentryRole> tSentryRoles = store.getTSentryRolesByGroupName(request.getComponent(), groups); return new Response<Set<TSentryRole>>(Status.OK(), tSentryRoles); } });
TSentryRole tSentryRole = new TSentryRole(roleName, Sets.newHashSet(groupName)); mockTRoles.add(tSentryRole); Mockito.when(mockStore.getTSentryRolesByGroupName(anyString(), anySetOf(String.class))) .thenReturn(mockTRoles);