sentry-tests/sentry-tests-hive-v2/src/test/java/org/apache/sentry/tests/e2e/metastore/TestMetaStoreWithPigHCat.java - sentry - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.apache.sentry.tests.e2e.metastore;

 import static org.junit.Assert.assertEquals;

 import java.io.File;
 import java.io.FileOutputStream;

 import org.apache.hadoop.hive.metastore.HiveMetaStoreClient;
 import org.apache.hive.hcatalog.pig.HCatStorer;
 import org.apache.pig.ExecType;
 import org.apache.pig.PigServer;
 import org.apache.sentry.core.common.utils.PolicyFile;
 import org.apache.sentry.tests.e2e.hive.StaticUserGroup;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Ignore;
 import org.junit.Test;

 import com.google.common.io.Resources;

 public class TestMetaStoreWithPigHCat extends
     AbstractMetastoreTestWithStaticConfiguration {
   private PolicyFile policyFile;
   private File dataFile;
   private static final String dbName = "db_1";
   private static final String tabName1 = "tab1";
   private static final String tabName2 = "tab2";
   private static final String db_all_role = "all_db1";

   @BeforeClass
   public static void beforeClass() {
     System.setProperty("hadoopversion", "23");
   }

   @Before
   public void setup() throws Exception {
     dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
     FileOutputStream to = new FileOutputStream(dataFile);
     Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
     to.close();

     policyFile = setAdminOnServer1(ADMINGROUP);
     policyFile
         .addRolesToGroup(USERGROUP1, db_all_role)
         .addRolesToGroup(USERGROUP2, "read_db_role")
         .addPermissionsToRole(db_all_role, "server=server1->db=" + dbName)
         .addPermissionsToRole("read_db_role",
             "server=server1->db=" + dbName + "->table=" + tabName2 + "->action=SELECT")
         .setUserGroupMapping(StaticUserGroup.getStaticMapping());
     writePolicyFile(policyFile);

     HiveMetaStoreClient client = context.getMetaStoreClient(ADMIN1);
     client.dropDatabase(dbName, true, true, true);
     createMetastoreDB(client, dbName);
     client.close();
   }

   /**
    * Verify add partition via Pig+HCatStore
    *
    * *** Disabled due to HCat inputformat compatibility issue in Hive 1.1.0
    */
   @Ignore
   @Test
   public void testPartionLoad() throws Exception {
     execHiveSQL("CREATE TABLE " + dbName + "." + tabName1
         + " (id int) PARTITIONED BY (part_col STRING)", ADMIN1);
     execHiveSQL("CREATE TABLE " + dbName + "." + tabName2
         + " (id int) PARTITIONED BY (part_col STRING)", ADMIN1);

     // user with ALL on DB should be able to add partion using Pig/HCatStore
     PigServer pigServer = context.getPigServer(USER1_1, ExecType.LOCAL);
     execPigLatin(USER1_1, pigServer, "A = load '" + dataFile.getPath()
         + "' as (id:int);");
     execPigLatin(USER1_1, pigServer, "store A into '" + dbName + "." + tabName1
         + "' using " + HCatStorer.class.getName() + " ('part_col=part1');");
     HiveMetaStoreClient client = context.getMetaStoreClient(ADMIN1);
     assertEquals(1, client.listPartitionNames(dbName, tabName1, (short) 10)
         .size());

     // user without select on DB should NOT be able to add partition with Pig/HCatStore
     pigServer = context.getPigServer(USER2_1, ExecType.LOCAL);
     execPigLatin(USER2_1, pigServer, "A = load '" + dataFile.getPath()
         + "' as (id:int);");
     // This action won't be successful because of no permission, but there is no exception will
     // be thrown in this thread. The detail exception can be found in
     // sentry-tests/sentry-tests-hive/target/surefire-reports/org.apache.sentry.tests.e2e.metastore.TestMetaStoreWithPigHCat-output.txt.
     execPigLatin(USER2_1, pigServer, "store A into '" + dbName + "." + tabName2 + "' using "
         + HCatStorer.class.getName() + " ('part_col=part2');");
     // The previous action is failed, and there will be no data.
     assertEquals(0, client.listPartitionNames(dbName, tabName2, (short) 10).size());
     client.close();
   }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.sentry.tests.e2e.metastore;

	import static org.junit.Assert.assertEquals;

	import java.io.File;
	import java.io.FileOutputStream;

	import org.apache.hadoop.hive.metastore.HiveMetaStoreClient;
	import org.apache.hive.hcatalog.pig.HCatStorer;
	import org.apache.pig.ExecType;
	import org.apache.pig.PigServer;
	import org.apache.sentry.core.common.utils.PolicyFile;
	import org.apache.sentry.tests.e2e.hive.StaticUserGroup;
	import org.junit.Before;
	import org.junit.BeforeClass;
	import org.junit.Ignore;
	import org.junit.Test;

	import com.google.common.io.Resources;

	public class TestMetaStoreWithPigHCat extends
	AbstractMetastoreTestWithStaticConfiguration {
	private PolicyFile policyFile;
	private File dataFile;
	private static final String dbName = "db_1";
	private static final String tabName1 = "tab1";
	private static final String tabName2 = "tab2";
	private static final String db_all_role = "all_db1";

	@BeforeClass
	public static void beforeClass() {
	System.setProperty("hadoopversion", "23");
	}

	@Before
	public void setup() throws Exception {
	dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
	FileOutputStream to = new FileOutputStream(dataFile);
	Resources.copy(Resources.getResource(SINGLE_TYPE_DATA_FILE_NAME), to);
	to.close();

	policyFile = setAdminOnServer1(ADMINGROUP);
	policyFile
	.addRolesToGroup(USERGROUP1, db_all_role)
	.addRolesToGroup(USERGROUP2, "read_db_role")
	.addPermissionsToRole(db_all_role, "server=server1->db=" + dbName)
	.addPermissionsToRole("read_db_role",
	"server=server1->db=" + dbName + "->table=" + tabName2 + "->action=SELECT")
	.setUserGroupMapping(StaticUserGroup.getStaticMapping());
	writePolicyFile(policyFile);

	HiveMetaStoreClient client = context.getMetaStoreClient(ADMIN1);
	client.dropDatabase(dbName, true, true, true);
	createMetastoreDB(client, dbName);
	client.close();
	}

	/**
	* Verify add partition via Pig+HCatStore
	*
	* *** Disabled due to HCat inputformat compatibility issue in Hive 1.1.0
	*/
	@Ignore
	@Test
	public void testPartionLoad() throws Exception {
	execHiveSQL("CREATE TABLE " + dbName + "." + tabName1
	+ " (id int) PARTITIONED BY (part_col STRING)", ADMIN1);
	execHiveSQL("CREATE TABLE " + dbName + "." + tabName2
	+ " (id int) PARTITIONED BY (part_col STRING)", ADMIN1);

	// user with ALL on DB should be able to add partion using Pig/HCatStore
	PigServer pigServer = context.getPigServer(USER1_1, ExecType.LOCAL);
	execPigLatin(USER1_1, pigServer, "A = load '" + dataFile.getPath()
	+ "' as (id:int);");
	execPigLatin(USER1_1, pigServer, "store A into '" + dbName + "." + tabName1
	+ "' using " + HCatStorer.class.getName() + " ('part_col=part1');");
	HiveMetaStoreClient client = context.getMetaStoreClient(ADMIN1);
	assertEquals(1, client.listPartitionNames(dbName, tabName1, (short) 10)
	.size());

	// user without select on DB should NOT be able to add partition with Pig/HCatStore
	pigServer = context.getPigServer(USER2_1, ExecType.LOCAL);
	execPigLatin(USER2_1, pigServer, "A = load '" + dataFile.getPath()
	+ "' as (id:int);");
	// This action won't be successful because of no permission, but there is no exception will
	// be thrown in this thread. The detail exception can be found in
	// sentry-tests/sentry-tests-hive/target/surefire-reports/org.apache.sentry.tests.e2e.metastore.TestMetaStoreWithPigHCat-output.txt.
	execPigLatin(USER2_1, pigServer, "store A into '" + dbName + "." + tabName2 + "' using "
	+ HCatStorer.class.getName() + " ('part_col=part2');");
	// The previous action is failed, and there will be no data.
	assertEquals(0, client.listPartitionNames(dbName, tabName2, (short) 10).size());
	client.close();
	}

	}