@Override public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception { client.dropRole(requestorName, roleName); } }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); String roleName = "admin_r"; client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); client.dropRole(requestorUserName, roleName); } });
@Test public void testCreateRole() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); String roleName = "admin_r"; client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); client.dropRole(requestorUserName, roleName); }
@Override public void runTestAsSubject() throws Exception { if (client != null) { Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER); if (tRoles != null) { for (TSentryRole tRole : tRoles) { client.dropRole(ADMIN_USER, tRole.getRoleName()); } } client.close(); } } });
@Test public void testCreateRole() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); String roleName = "admin_r"; client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); client.dropRole(requestorUserName, roleName); }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_r"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); Set<TSentryRole> roles = client.listRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); for (TSentryRole role:roles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); } client.dropRole(requestorUserName, roleName); }}); }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_testdb"; String server = "server1"; String db = "testDB"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); Set<TSentryRole> roles = client.listRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantDatabasePrivilege(requestorUserName, roleName, server, db, AccessConstants.ALL); Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName); assertTrue(privileges.size() == 1); client.revokeDatabasePrivilege(requestorUserName, roleName, server, db, AccessConstants.ALL); client.dropRole(requestorUserName, roleName); }}); }
client.dropRole(requestorName, TEST_ROLE_NAME_1);
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_r"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); client.listRoles(requestorUserName); stopSentryService(); server = new SentryServiceFactory().create(conf); startSentryService(); client.listRoles(requestorUserName); client.dropRole(requestorUserName, roleName); } });
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_testdb"; String server = "server1"; String uri = "file://u/w/h/t/partition=value/"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); // Creating associated role client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); Set<TSentryRole> roles = client.listRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantURIPrivilege(requestorUserName, roleName, server, uri); Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName); assertTrue(privileges.size() == 1); // Revoking the same privilege client.revokeURIPrivilege(requestorUserName, roleName, server, uri); privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName); assertTrue(privileges.size() == 0); // Clean up client.dropRole(requestorUserName, roleName); }}); }
@Override public void runTestAsSubject() throws Exception { String requestorUserName = ADMIN_USER; Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP); String roleName = "admin_testdb"; String groupName = "group1"; setLocalGroupMapping(requestorUserName, requestorUserGroupNames); writePolicyFile(); client.dropRoleIfExists(requestorUserName, roleName); client.createRole(requestorUserName, roleName); Set<TSentryRole> roles = client.listRoles(requestorUserName); assertEquals("Incorrect number of roles", 1, roles.size()); client.grantRoleToGroup(requestorUserName, groupName, roleName); Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName); assertTrue(groupRoles.size() == 1); for (TSentryRole role:groupRoles) { assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName)); assertTrue(role.getGroups().size() == 1); for (TSentryGroup group :role.getGroups()) { assertTrue(group.getGroupName(), group.getGroupName().equalsIgnoreCase(groupName)); } } client.dropRole(requestorUserName, roleName); }}); }
client.dropRole(requestorName, TEST_ROLE_NAME_1);
client.dropRole(requestorUserName, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); client.dropRole(requestorUserName, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size());
return RETURN_CODE_SUCCESS; } else if (operation.equals(RoleDDLDesc.RoleOperation.DROP_ROLE)) { sentryClient.dropRole(subject, name); return RETURN_CODE_SUCCESS; } else if (operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLE_GRANT)) {
client.dropRole(requestorUserName, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size()); client.dropRole(requestorUserName, roleName); assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, ActiveRoleSet.ALL).size());