sentry-policy/sentry-policy-common/src/test/java/org/apache/sentry/policy/common/TestCommonPrivilege.java - sentry - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.sentry.policy.common;

 import org.apache.sentry.core.common.Model;
 import org.apache.sentry.core.common.utils.KeyValue;
 import org.junit.Before;
 import org.junit.Test;
 import java.util.List;

 import static junit.framework.Assert.assertEquals;
 import static junit.framework.Assert.assertTrue;
 import static junit.framework.Assert.assertFalse;

 public class TestCommonPrivilege {

   private Model testModel;

   @Before
   public void prepareData() {
     testModel = new ModelForTest();
   }

   @Test
   public void testCreateCommonPrivilege() throws Exception {
     String privilegeHiveStr = "server=server1->db=db1->table=table1->column=column1->action=select";
     String privilegeSolrStr = "server=server1->collection=col1->action=update";
     String privilegeSqoopStr = "server=server1->link=link1->action=read";

     CommonPrivilege privilegeHive = new CommonPrivilege(privilegeHiveStr);
     CommonPrivilege privilegeSolr = new CommonPrivilege(privilegeSolrStr);
     CommonPrivilege privilegeSqoop = new CommonPrivilege(privilegeSqoopStr);

     List<KeyValue> keyValues = privilegeHive.getParts();
     assertEquals(5, keyValues.size());
     // test the value and the order
     assertEquals("server", keyValues.get(0).getKey());
     assertEquals("server1", keyValues.get(0).getValue());
     assertEquals("db", keyValues.get(1).getKey());
     assertEquals("db1", keyValues.get(1).getValue());
     assertEquals("table", keyValues.get(2).getKey());
     assertEquals("table1", keyValues.get(2).getValue());
     assertEquals("column", keyValues.get(3).getKey());
     assertEquals("column1", keyValues.get(3).getValue());
     assertEquals("action", keyValues.get(4).getKey());
     assertEquals("select", keyValues.get(4).getValue());

     keyValues = privilegeSolr.getParts();
     assertEquals(3, keyValues.size());
     assertEquals("server", keyValues.get(0).getKey());
     assertEquals("server1", keyValues.get(0).getValue());
     assertEquals("collection", keyValues.get(1).getKey());
     assertEquals("col1", keyValues.get(1).getValue());
     assertEquals("action", keyValues.get(2).getKey());
     assertEquals("update", keyValues.get(2).getValue());

     keyValues = privilegeSqoop.getParts();
     assertEquals(3, keyValues.size());
     assertEquals("server", keyValues.get(0).getKey());
     assertEquals("server1", keyValues.get(0).getValue());
     assertEquals("link", keyValues.get(1).getKey());
     assertEquals("link1", keyValues.get(1).getValue());
     assertEquals("action", keyValues.get(2).getKey());
     assertEquals("read", keyValues.get(2).getValue());
   }

   @Test
   public void testImplyCommonPrivilegeWithoutAction() throws Exception {

     CommonPrivilege requestPrivilege = new CommonPrivilege("server=server1->db=db1->table=table1");
     CommonPrivilege privilegForTest1 = new CommonPrivilege("server=server1->db=db1->table=table1");
     CommonPrivilege privilegForTest2 = new CommonPrivilege("server=server1->db=db1");
     CommonPrivilege privilegForTest3 = new CommonPrivilege("server=server1->db=db1->table=table2");
     CommonPrivilege privilegForTest4 = new CommonPrivilege("server=server1->db=db1->table=table1->column=col1");
     CommonPrivilege privilegForTest5 = new CommonPrivilege("server=server1->db=db1->table=table1->column=*");

     assertTrue(privilegForTest1.implies(requestPrivilege, testModel));
     assertTrue(privilegForTest2.implies(requestPrivilege, testModel));
     assertFalse(privilegForTest3.implies(requestPrivilege, testModel));
     assertFalse(privilegForTest4.implies(requestPrivilege, testModel));
     assertTrue(privilegForTest5.implies(requestPrivilege, testModel));
   }

   @Test
   public void testImplyCommonPrivilegeWithUrl() throws Exception {

     CommonPrivilege requestPrivilege = new CommonPrivilege("server=server1->uri=hdfs:///url/for/request");
     CommonPrivilege privilegForTest1 = new CommonPrivilege("server=server1->uri=hdfs:///url");
     CommonPrivilege privilegForTest2 = new CommonPrivilege("server=server1->uri=hdfs:///url/for/request");
     CommonPrivilege privilegForTest3 = new CommonPrivilege("server=server1->uri=hdfs:///url/unvalid/for/request");

     assertTrue(privilegForTest1.implies(requestPrivilege, testModel));
     assertTrue(privilegForTest2.implies(requestPrivilege, testModel));
     assertFalse(privilegForTest3.implies(requestPrivilege, testModel));
   }

   @Test
   public void testImplyCommonPrivilegeForAction() throws Exception {
     CommonPrivilege privilegForSelect = new CommonPrivilege("server=server1->db=db1->table=table1->action=select");
     CommonPrivilege privilegForInsert = new CommonPrivilege("server=server1->db=db1->table=table1->action=insert");
     CommonPrivilege privilegForAll = new CommonPrivilege("server=server1->db=db1->table=table1->action=all");

     // the privilege should imply itself
     assertTrue(privilegForSelect.implies(privilegForSelect, testModel));
     assertTrue(privilegForInsert.implies(privilegForInsert, testModel));
     assertTrue(privilegForAll.implies(privilegForAll, testModel));

     // do the imply with the different action based on operate &
     assertFalse(privilegForInsert.implies(privilegForSelect, testModel));
     assertTrue(privilegForAll.implies(privilegForSelect, testModel));

     assertFalse(privilegForSelect.implies(privilegForInsert, testModel));
     assertTrue(privilegForAll.implies(privilegForInsert, testModel));

     assertFalse(privilegForSelect.implies(privilegForAll, testModel));
     assertFalse(privilegForInsert.implies(privilegForAll, testModel));
   }

   @Test
   public void testImplyStringCaseSensitive() throws Exception {
     CommonPrivilege privileg1 = new CommonPrivilege("server=server1->db=db1->table=table1->column=col1->action=select");
     CommonPrivilege privileg2 = new CommonPrivilege("server=server1->db=db1->table=table1->column=CoL1->action=select");
     CommonPrivilege privileg3 = new CommonPrivilege("server=SERver1->db=Db1->table=TAbLe1->column=col1->action=select");
     CommonPrivilege privileg4 = new CommonPrivilege("SERVER=server1->DB=db1->TABLE=table1->COLUMN=col1->ACTION=select");

     // column is case sensitive
     assertFalse(privileg1.implies(privileg2, testModel));
     // server, db, table is case insensitive
     assertTrue(privileg1.implies(privileg3, testModel));
     // key in privilege is case insensitive
     assertTrue(privileg1.implies(privileg4, testModel));
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.sentry.policy.common;

	import org.apache.sentry.core.common.Model;
	import org.apache.sentry.core.common.utils.KeyValue;
	import org.junit.Before;
	import org.junit.Test;
	import java.util.List;

	import static junit.framework.Assert.assertEquals;
	import static junit.framework.Assert.assertTrue;
	import static junit.framework.Assert.assertFalse;

	public class TestCommonPrivilege {

	private Model testModel;

	@Before
	public void prepareData() {
	testModel = new ModelForTest();
	}

	@Test
	public void testCreateCommonPrivilege() throws Exception {
	String privilegeHiveStr = "server=server1->db=db1->table=table1->column=column1->action=select";
	String privilegeSolrStr = "server=server1->collection=col1->action=update";
	String privilegeSqoopStr = "server=server1->link=link1->action=read";

	CommonPrivilege privilegeHive = new CommonPrivilege(privilegeHiveStr);
	CommonPrivilege privilegeSolr = new CommonPrivilege(privilegeSolrStr);
	CommonPrivilege privilegeSqoop = new CommonPrivilege(privilegeSqoopStr);

	List<KeyValue> keyValues = privilegeHive.getParts();
	assertEquals(5, keyValues.size());
	// test the value and the order
	assertEquals("server", keyValues.get(0).getKey());
	assertEquals("server1", keyValues.get(0).getValue());
	assertEquals("db", keyValues.get(1).getKey());
	assertEquals("db1", keyValues.get(1).getValue());
	assertEquals("table", keyValues.get(2).getKey());
	assertEquals("table1", keyValues.get(2).getValue());
	assertEquals("column", keyValues.get(3).getKey());
	assertEquals("column1", keyValues.get(3).getValue());
	assertEquals("action", keyValues.get(4).getKey());
	assertEquals("select", keyValues.get(4).getValue());

	keyValues = privilegeSolr.getParts();
	assertEquals(3, keyValues.size());
	assertEquals("server", keyValues.get(0).getKey());
	assertEquals("server1", keyValues.get(0).getValue());
	assertEquals("collection", keyValues.get(1).getKey());
	assertEquals("col1", keyValues.get(1).getValue());
	assertEquals("action", keyValues.get(2).getKey());
	assertEquals("update", keyValues.get(2).getValue());

	keyValues = privilegeSqoop.getParts();
	assertEquals(3, keyValues.size());
	assertEquals("server", keyValues.get(0).getKey());
	assertEquals("server1", keyValues.get(0).getValue());
	assertEquals("link", keyValues.get(1).getKey());
	assertEquals("link1", keyValues.get(1).getValue());
	assertEquals("action", keyValues.get(2).getKey());
	assertEquals("read", keyValues.get(2).getValue());
	}

	@Test
	public void testImplyCommonPrivilegeWithoutAction() throws Exception {

	CommonPrivilege requestPrivilege = new CommonPrivilege("server=server1->db=db1->table=table1");
	CommonPrivilege privilegForTest1 = new CommonPrivilege("server=server1->db=db1->table=table1");
	CommonPrivilege privilegForTest2 = new CommonPrivilege("server=server1->db=db1");
	CommonPrivilege privilegForTest3 = new CommonPrivilege("server=server1->db=db1->table=table2");
	CommonPrivilege privilegForTest4 = new CommonPrivilege("server=server1->db=db1->table=table1->column=col1");
	CommonPrivilege privilegForTest5 = new CommonPrivilege("server=server1->db=db1->table=table1->column=*");

	assertTrue(privilegForTest1.implies(requestPrivilege, testModel));
	assertTrue(privilegForTest2.implies(requestPrivilege, testModel));
	assertFalse(privilegForTest3.implies(requestPrivilege, testModel));
	assertFalse(privilegForTest4.implies(requestPrivilege, testModel));
	assertTrue(privilegForTest5.implies(requestPrivilege, testModel));
	}

	@Test
	public void testImplyCommonPrivilegeWithUrl() throws Exception {

	CommonPrivilege requestPrivilege = new CommonPrivilege("server=server1->uri=hdfs:///url/for/request");
	CommonPrivilege privilegForTest1 = new CommonPrivilege("server=server1->uri=hdfs:///url");
	CommonPrivilege privilegForTest2 = new CommonPrivilege("server=server1->uri=hdfs:///url/for/request");
	CommonPrivilege privilegForTest3 = new CommonPrivilege("server=server1->uri=hdfs:///url/unvalid/for/request");

	assertTrue(privilegForTest1.implies(requestPrivilege, testModel));
	assertTrue(privilegForTest2.implies(requestPrivilege, testModel));
	assertFalse(privilegForTest3.implies(requestPrivilege, testModel));
	}

	@Test
	public void testImplyCommonPrivilegeForAction() throws Exception {
	CommonPrivilege privilegForSelect = new CommonPrivilege("server=server1->db=db1->table=table1->action=select");
	CommonPrivilege privilegForInsert = new CommonPrivilege("server=server1->db=db1->table=table1->action=insert");
	CommonPrivilege privilegForAll = new CommonPrivilege("server=server1->db=db1->table=table1->action=all");

	// the privilege should imply itself
	assertTrue(privilegForSelect.implies(privilegForSelect, testModel));
	assertTrue(privilegForInsert.implies(privilegForInsert, testModel));
	assertTrue(privilegForAll.implies(privilegForAll, testModel));

	// do the imply with the different action based on operate &
	assertFalse(privilegForInsert.implies(privilegForSelect, testModel));
	assertTrue(privilegForAll.implies(privilegForSelect, testModel));

	assertFalse(privilegForSelect.implies(privilegForInsert, testModel));
	assertTrue(privilegForAll.implies(privilegForInsert, testModel));

	assertFalse(privilegForSelect.implies(privilegForAll, testModel));
	assertFalse(privilegForInsert.implies(privilegForAll, testModel));
	}

	@Test
	public void testImplyStringCaseSensitive() throws Exception {
	CommonPrivilege privileg1 = new CommonPrivilege("server=server1->db=db1->table=table1->column=col1->action=select");
	CommonPrivilege privileg2 = new CommonPrivilege("server=server1->db=db1->table=table1->column=CoL1->action=select");
	CommonPrivilege privileg3 = new CommonPrivilege("server=SERver1->db=Db1->table=TAbLe1->column=col1->action=select");
	CommonPrivilege privileg4 = new CommonPrivilege("SERVER=server1->DB=db1->TABLE=table1->COLUMN=col1->ACTION=select");

	// column is case sensitive
	assertFalse(privileg1.implies(privileg2, testModel));
	// server, db, table is case insensitive
	assertTrue(privileg1.implies(privileg3, testModel));
	// key in privilege is case insensitive
	assertTrue(privileg1.implies(privileg4, testModel));
	}
	}