access-binding/access-binding-hive/src/test/resources/test-authz-provider.ini - incubator-sentry - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #  http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.

 [groups]
 # The "manager" user has select on customers->purchases and admin on
 # analyst/junior_analysts sandbox, and has functions admin access on all servers
 manager = customer_read, analyst_sandbox, junior_analyst_sandbox, server1_lib_uri, customer_write

 # The "analyst" user has select on customers->purchases, admin on analyst_sandbox,
 # select on junior_analyst_sandbox and has admin on functions on server1.
 analyst = customer_read, analyst_sandbox, junior_analyst_sandbox_read, server1_lib_uri

 # The "junior_analyst" has admin in junior_analyst_sandbox. The manager must
 # insert data into the sandbox for the jr analyst to work with.
 junior_analyst = junior_analyst_sandbox

 # Admin has admin access
 admin = admin

 [roles]
 # Select on server1->customers->purchases
 customer_read = server=server1->db=customers->table=purchases->action=select

 # Insert on server1->customers->purchases
 customer_write = server=server1->db=customers->table=purchases->action=insert

 # Anything from any server on analyst sandbox
 analyst_sandbox = server=server1->db=analyst

 # Anything from any server jr analyst sandbox
 junior_analyst_sandbox = server=server1->db=junior_analyst

 # Read-only on jr analyst sandbox
 junior_analyst_sandbox_read = server=server1->db=junior_analyst->table=*->action=select

 server1_lib_uri = server=server1->uri=file:///path/to/some/lib/dir

 # Admin role, unrestricted
 admin = server=server1

 [users]
 admin1=admin
 manager1=manager
 analyst1=analyst
 junior_analyst1=junior_analyst
 foo=admin
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.

	[groups]
	# The "manager" user has select on customers->purchases and admin on
	# analyst/junior_analysts sandbox, and has functions admin access on all servers
	manager = customer_read, analyst_sandbox, junior_analyst_sandbox, server1_lib_uri, customer_write

	# The "analyst" user has select on customers->purchases, admin on analyst_sandbox,
	# select on junior_analyst_sandbox and has admin on functions on server1.
	analyst = customer_read, analyst_sandbox, junior_analyst_sandbox_read, server1_lib_uri

	# The "junior_analyst" has admin in junior_analyst_sandbox. The manager must
	# insert data into the sandbox for the jr analyst to work with.
	junior_analyst = junior_analyst_sandbox

	# Admin has admin access
	admin = admin

	[roles]
	# Select on server1->customers->purchases
	customer_read = server=server1->db=customers->table=purchases->action=select

	# Insert on server1->customers->purchases
	customer_write = server=server1->db=customers->table=purchases->action=insert

	# Anything from any server on analyst sandbox
	analyst_sandbox = server=server1->db=analyst

	# Anything from any server jr analyst sandbox
	junior_analyst_sandbox = server=server1->db=junior_analyst

	# Read-only on jr analyst sandbox
	junior_analyst_sandbox_read = server=server1->db=junior_analyst->table=*->action=select

	server1_lib_uri = server=server1->uri=file:///path/to/some/lib/dir

	# Admin role, unrestricted
	admin = server=server1

	[users]
	admin1=admin
	manager1=manager
	analyst1=analyst
	junior_analyst1=junior_analyst
	foo=admin