Examples of org.apache.sentry.core.Server

org.apache.sentry.core.Server

   */
  @Test
  public void testValidateCreateFunctionForAdmin() throws Exception {
    inputTabHierarcyList.add(buildObjectHierarchy(SERVER1, null, null));
    inputTabHierarcyList.add(Arrays.asList(new Authorizable[] {
        new Server(SERVER1), new AccessURI("file:///some/path/to/a/jar")
    }));
    testAuth.authorize(HiveOperation.CREATEFUNCTION, createFuncPrivileges, ADMIN_SUBJECT,
        inputTabHierarcyList, outputTabHierarcyList);
  }

View Full Code Here

        inputTabHierarcyList, outputTabHierarcyList);
  }
  @Test
  public void testValidateCreateFunctionAppropiateURI() throws Exception {
    inputTabHierarcyList.add(Arrays.asList(new Authorizable[] {
        new Server(SERVER1), new Database(CUSTOMER_DB), new Table(AccessConstants.ALL)
    }));
    inputTabHierarcyList.add(Arrays.asList(new Authorizable[] {
        new Server(SERVER1), new AccessURI("file:///path/to/some/lib/dir/my.jar")
    }));
    testAuth.authorize(HiveOperation.CREATEFUNCTION, createFuncPrivileges, ANALYST_SUBJECT,
        inputTabHierarcyList, outputTabHierarcyList);
  }

View Full Code Here

        inputTabHierarcyList, outputTabHierarcyList);
  }
  @Test(expected=AuthorizationException.class)
  public void testValidateCreateFunctionRejectionForUserWithoutURI() throws Exception {
    inputTabHierarcyList.add(Arrays.asList(new Authorizable[] {
        new Server(SERVER1), new Database(CUSTOMER_DB), new Table(AccessConstants.ALL)
    }));
    inputTabHierarcyList.add(Arrays.asList(new Authorizable[] {
        new Server(SERVER1), new AccessURI("file:///some/path/to/a.jar")
    }));
    testAuth.authorize(HiveOperation.CREATEFUNCTION, createFuncPrivileges, ANALYST_SUBJECT,
        inputTabHierarcyList, outputTabHierarcyList);
  }

View Full Code Here

        inputTabHierarcyList, outputTabHierarcyList);
  }


  private List <Authorizable>  buildObjectHierarchy(String server, String db, String table) {
    List <Authorizable> authList = new ArrayList<Authorizable> ();
    authList.add(new Server(server));
    if (db != null) {
      authList.add(new Database(db));
      if (table != null) {
        authList.add(new Table(table));
      }

View Full Code Here

    append("[roles]", otherPolicyFile);
    append("malicious_role = server=server1->db=customers->table=purchases->action=select", otherPolicyFile);
    PolicyEngine policy = new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");
    ImmutableSet<String> permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1"),
            new Database("other_group_db")
    }), Lists.newArrayList("other_group")).get("other_group");
    Assert.assertTrue(permissions.toString(), permissions.isEmpty());
  }

View Full Code Here

    policyFile.write(globalPolicyFile);
    policyFile.write(otherPolicyFile);
    policy = new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");
    permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1")
    }), Lists.newArrayList("admin")).get("admin");
    Assert.assertEquals(permissions.toString(), "[server=server1]");
    // test to ensure [users] fails parsing of per-db file
    policyFile.addDatabase("other", otherPolicyFile.getPath());
    policyFile.write(globalPolicyFile);
    policyFile.write(otherPolicyFile);
    policy = new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");
    permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1")
    }), Lists.newArrayList("admin")).get("admin");
    Assert.assertEquals(permissions.toString(), "[server=server1]");
    // test to ensure [databases] fails parsing of per-db file
    // by removing the user mapping from the per-db policy file
    policyFile.removeGroupsFromUser("admin1", "admin")
      .write(otherPolicyFile);
    policy = new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");
    permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1")
    }), Lists.newArrayList("admin")).get("admin");
    Assert.assertEquals(permissions.toString(), "[server=server1]");
  }

View Full Code Here

    append("[roles]", otherPolicyFile);
    append("malicious_role = server=server1", otherPolicyFile);
    PolicyEngine policy = new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");
    ImmutableSet<String> permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1"),
            new Database("other_group_db")
    }), Lists.newArrayList("other_group")).get("other_group");
    Assert.assertTrue(permissions.toString(), permissions.isEmpty());
  }

View Full Code Here

    PolicyEngine policy = new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");


    // verify that the db1 rule is empty
    ImmutableSet<String> permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1"),
            new Database("db1")
    }), Lists.newArrayList("db1_group")).get("db1_group");
    Assert.assertTrue(permissions.toString(), permissions.isEmpty());


    permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1"),
            new Database("db2")
    }), Lists.newArrayList("db2_group")).get("db2_group");
    Assert.assertEquals(permissions.toString(), 1, permissions.size());


    permissions = policy.getPermissions(
        Arrays.asList(new Authorizable[] {
            new Server("server1"),
            new Database("db2")
    }), Lists.newArrayList("db2_group")).get("db2_group");
    Assert.assertEquals(permissions.toString(), 1, permissions.size());


  }

View Full Code Here

  }


  private static Authorizable from(AuthorizableType type, String name) {
    switch (type) {
    case Server:
      return new Server(name);
    case Db:
      return new Database(name);
    case Table:
      return new Table(name);
    case View:

View Full Code Here

    PolicyFiles.copyFilesToDir(fileSystem, etc, dbPolicyFile);
    SimplePolicyEngine multiFSEngine =
        new SimplePolicyEngine(globalPolicyFile.getPath(), "server1");


    List<Authorizable> dbAuthorizables = Lists.newArrayList();
    dbAuthorizables.add(new Server("server1"));
    dbAuthorizables.add(new Database("db11"));
    List<String> dbGroups = Lists.newArrayList();
    dbGroups.add("group1");
    ImmutableSetMultimap <String, String> dbPerms =
        multiFSEngine.getPermissions(dbAuthorizables, dbGroups);

View Full Code Here

0 1

TOP

Related Classes of org.apache.sentry.core.Server

org.apache.sentry.binding.hive.authz.HiveAuthzBinding

org.apache.sentry.binding.hive.TestHiveAuthzBindings

org.apache.sentry.provider.file.Authorizables

org.apache.sentry.provider.file.TestAuthorizables

org.apache.sentry.provider.file.TestPolicyParsingNegative

org.apache.sentry.provider.file.TestResourceAuthorizationProviderSpecialCases

org.apache.sentry.provider.file.TestSimplePolicyEngineDFS

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.