Package org.apache.sentry.core.common

Examples of org.apache.sentry.core.common.ActiveRoleSet

98
99
100
101
102
103
104
  @Test
  public void testRoleSetNone() {
    backend.initialize(context);
    assertEquals(Sets.newHashSet(), backend.getPrivileges(Sets.newHashSet("manager"),
        new ActiveRoleSet(new HashSet<String>())));
  }
View Full Code Here
106
107
108
109
110
111
112
  @Test
  public void testRoleSetOne() {
    backend.initialize(context);
    assertEquals(Sets.newHashSet("server=server1->functions"),
        backend.getPrivileges(Sets.newHashSet("manager"),
            new ActiveRoleSet(Sets.newHashSet("functions"))));
  }
View Full Code Here
115
116
117
118
119
120
121
  public void testRoleSetTwo() {
    backend.initialize(context);
    assertEquals(Sets.newHashSet("server=server1->db=jranalyst1",
        "server=server1->functions"),
        backend.getPrivileges(Sets.newHashSet("manager"),
            new ActiveRoleSet(Sets.newHashSet("junior_analyst_role", "functions"))));
  }
View Full Code Here
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
      Set<TSentryRole> allowedRoles) throws SentryUserException {
    // if unset, then we choose the default of ALL
    if (name.isEmpty()) {
      return ActiveRoleSet.ALL;
    } else if (AccessConstants.NONE_ROLE.equalsIgnoreCase(name)) {
      return new ActiveRoleSet(new HashSet<String>());
    } else if (AccessConstants.ALL_ROLE.equalsIgnoreCase(name)) {
      return ActiveRoleSet.ALL;
    } else if (AccessConstants.RESERVED_ROLE_NAMES.contains(name.toUpperCase())) {
      String msg = "Role " + name + " is reserved";
      throw new IllegalArgumentException(msg);
    } else {
      if (allowedRoles != null) {
        // check if the user has been granted the role
        boolean foundRole = false;
        for (TSentryRole role : allowedRoles) {
          if (role.getRoleName().equalsIgnoreCase(name)) {
            foundRole = true;
            break;
          }
        }
        if (!foundRole) {
          throw new SentryUserException("Not authorized to set role " + name);
        }
      }
      return new ActiveRoleSet(Sets.newHashSet(ROLE_SET_SPLITTER.split(name)));
    }
  }
View Full Code Here
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
      } else if(operation.equals(RoleDDLDesc.RoleOperation.SHOW_ROLES)) {
        Set<TSentryRole> roles = sentryClient.listRoles(subject);
        writeToFile(writeRolesInfo(roles), desc.getResFile());
        return RETURN_CODE_SUCCESS;
      } else if(operation.equals(RoleDDLDesc.RoleOperation.SHOW_CURRENT_ROLE)) {
        ActiveRoleSet roleSet = hiveAuthzBinding.getActiveRoleSet();
        if( roleSet.isAll()) {
          Set<TSentryRole> roles = sentryClient.listUserRoles(subject);
          writeToFile(writeRolesInfo(roles), desc.getResFile());
          return RETURN_CODE_SUCCESS;
        } else {
          Set<String> roles = roleSet.getRoles();
          writeToFile(writeActiveRolesInfo(roles), desc.getResFile());
          return RETURN_CODE_SUCCESS;
        }
      } else {
        throw new HiveException("Unknown role operation "
View Full Code Here
80
81
82
83
84
85
86
  @Test
  public void testRoleSetNone() {
    backend.initialize(context);
    assertEquals(Sets.newHashSet(), backend.getPrivileges(
        Sets.newHashSet("manager"), new ActiveRoleSet(new HashSet<String>())));
  }
View Full Code Here
87
88
89
90
91
92
93
94
  @Test
  public void testRoleSetOne() {
    backend.initialize(context);
    assertEquals(Sets.newHashSet("server=server1->functions"),
        backend.getPrivileges(Sets.newHashSet("manager"), new ActiveRoleSet(
            Sets.newHashSet("functions"))));
  }
View Full Code Here
97
98
99
100
101
102
103
  public void testRoleSetTwo() {
    backend.initialize(context);
    assertEquals(Sets.newHashSet("server=server1->db=jranalyst1",
        "server=server1->functions"), backend.getPrivileges(
        Sets.newHashSet("manager"),
        new ActiveRoleSet(Sets.newHashSet("junior_analyst_role", "functions"))));
  }
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
        listPrivilegesForProvider);

    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=ALL"), listPrivilegesForProvider);

    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);

    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
  }
View Full Code Here
TOP

Related Classes of org.apache.sentry.core.common.ActiveRoleSet

  • org.apache.hadoop.hive.ql.exec.SentryGrantRevokeTask
  • org.apache.sentry.binding.hive.authz.HiveAuthzBinding
  • org.apache.sentry.provider.cache.TestCacheProvider
  • org.apache.sentry.provider.db.service.thrift.TestSentryServerWithoutKerberos
  • org.apache.sentry.provider.file.TestSimpleFileProvderBackend
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.