Examples of org.apache.sentry.core.model.db.Server

org.apache.sentry.core.model.db.Server


public class TestDBModelAuthorizables {


  @Test
  public void testServer() throws Exception {
    Server server = (Server)DBModelAuthorizables.from("SeRvEr=server1");
    assertEquals("server1", server.getName());
  }

View Full Code Here

  }


  @Test
  public void testDuplicateEntries() throws Exception {
    Subject user1 = new Subject("user1");
    Server server1 = new Server("server1");
    AccessURI uri = new AccessURI("file:///path/to/");
    Set<? extends Action> actions = EnumSet.of(DBModelAction.ALL, DBModelAction.SELECT, DBModelAction.INSERT);
    policyFile.addGroupsToUser(user1.getName(), true, "group1", "group1")
      .addRolesToGroup("group1",  true, "role1", "role1")
      .addPermissionsToRole("role1", true, "server=" + server1.getName() + "->uri=" + uri.getName(),
          "server=" + server1.getName() + "->uri=" + uri.getName());
    policyFile.write(iniFile);
    DBPolicyFileBackend policy = new DBPolicyFileBackend(server1.getName(), initResource);
    authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, policy);
    List<? extends Authorizable> authorizableHierarchy = ImmutableList.of(server1, uri);
    Assert.assertTrue(authorizableHierarchy.toString(),
        authzProvider.hasAccess(user1, authorizableHierarchy, actions, ActiveRoleSet.ALL));
  }

View Full Code Here

        authzProvider.hasAccess(user1, authorizableHierarchy, actions, ActiveRoleSet.ALL));
  }
  @Test
  public void testNonAbolutePath() throws Exception {
    Subject user1 = new Subject("user1");
    Server server1 = new Server("server1");
    AccessURI uri = new AccessURI("file:///path/to/");
    Set<? extends Action> actions = EnumSet.of(DBModelAction.ALL, DBModelAction.SELECT, DBModelAction.INSERT);
    policyFile.addGroupsToUser(user1.getName(), "group1")
      .addRolesToGroup("group1", "role1")
      .addPermissionsToRole("role1", "server=" + server1.getName() + "->uri=" + uri.getName());
    policyFile.write(iniFile);
    DBPolicyFileBackend policy = new DBPolicyFileBackend(server1.getName(), initResource);
    authzProvider = new LocalGroupResourceAuthorizationProvider(initResource, policy);
    // positive test
    List<? extends Authorizable> authorizableHierarchy = ImmutableList.of(server1, uri);
    Assert.assertTrue(authorizableHierarchy.toString(),
        authzProvider.hasAccess(user1, authorizableHierarchy, actions, ActiveRoleSet.ALL));

View Full Code Here

    }
  }


  private List<Authorizable> toAuthorizable(SentryHivePrivilegeObjectDesc privSubjectDesc) throws HiveException{
    List<Authorizable> authorizableHeirarchy = new ArrayList<Authorizable>();
    authorizableHeirarchy.add(new Server(server));
    String dbName = null;
    if (privSubjectDesc.getTable()) {
      DatabaseTable dbTable = parseDBTable(privSubjectDesc.getObject());
      dbName = dbTable.getDatabase();
      String tableName = dbTable.getTable();

View Full Code Here

      throw new IllegalArgumentException("Configuration key "
          + HiveAuthzConf.HIVE_SENTRY_CONF_URL + " specifies a malformed URL '"
          + hiveAuthzConf + "'", e);
    }
    hiveConf = new HiveConf(config, this.getClass());
    this.authServer = new Server(authzConf.get(AuthzConfVars.AUTHZ_SERVER_NAME
        .getVar()));
    serviceUsers = ImmutableSet.copyOf(toTrimedLower(Sets.newHashSet(authzConf
        .getStrings(AuthzConfVars.AUTHZ_METASTORE_SERVICE_USERS.getVar(),
            new String[] { "" }))));
    warehouseDir = hiveConf.getVar(HiveConf.ConfVars.METASTOREWAREHOUSE);

View Full Code Here

  }


  private static DBModelAuthorizable from(AuthorizableType type, String name) {
    switch (type) {
    case Server:
      return new Server(name);
    case Db:
      return new Database(name);
    case Table:
      return new Table(name);
    case View:

View Full Code Here

  }


  // load auth provider
  private AuthorizationProvider getAuthorizationProvider()
      throws IllegalStateException, SentryConfigurationException {
    String serverName = new Server(getAuthzConf().get(
        AuthzConfVars.AUTHZ_SERVER_NAME.getVar())).getName();
    // get the configured sentry provider
    AuthorizationProvider sentryProvider = null;
    try {
      sentryProvider = HiveAuthzBinding.getAuthProvider(getHiveConf(),

View Full Code Here

    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");


    Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
    assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());


    listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
    assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());


    listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
    assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());


    listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
    assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());


    Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!",
        Sets.newHashSet("server=server->db=db2->table=table4->action=ALL", "server=server->db=db2->table=table3->action=ALL"),
        listPrivilegesForProvider);


    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=ALL"), listPrivilegesForProvider);


    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);


    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
  }

View Full Code Here

0 1 2

TOP

Related Classes of org.apache.sentry.core.model.db.Server

org.apache.hadoop.hive.ql.exec.SentryGrantRevokeTask

org.apache.sentry.binding.hive.authz.HiveAuthzBinding

org.apache.sentry.binding.hive.authz.SentryConfigTool

org.apache.sentry.binding.hive.TestHiveAuthzBindings

org.apache.sentry.binding.metastore.MetastoreAuthzBinding

org.apache.sentry.binding.metastore.SentryMetastorePostEventListener

org.apache.sentry.policy.db.DBModelAuthorizables

org.apache.sentry.policy.db.TestDBModelAuthorizables

org.apache.sentry.policy.db.TestPolicyParsingNegative

org.apache.sentry.policy.db.TestResourceAuthorizationProviderSpecialCases

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.