sentry-tests/sentry-tests-solr/src/test/java/org/apache/sentry/tests/e2e/solr/TestSentryServer.java - sentry - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.sentry.tests.e2e.solr;

 import java.io.Closeable;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.nio.file.Path;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.TimeoutException;

 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.net.NetUtils;
 import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
 import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
 import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
 import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
 import org.apache.sentry.provider.file.PolicyFile;
 import org.apache.sentry.service.thrift.SentryService;
 import org.apache.sentry.service.thrift.SentryServiceFactory;
 import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
 import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import org.apache.sentry.binding.solr.conf.SolrAuthzConf.AuthzConfVars;

 public class TestSentryServer implements Closeable {
   private static final Logger log = LoggerFactory.getLogger(TestSentryServer.class);

   protected static final String SERVER_HOST =
       NetUtils.createSocketAddr("localhost:80").getAddress().getCanonicalHostName();
   protected static final int PORT = 8038;
   protected static final String ADMIN_GROUP = "admin_group";
   static final String ADMIN_USER = "admin";

   private final Path dbDir;
   private final Path policyFilePath;
   private final Path sentrySitePath;
   private final Configuration clientConf;
   private final SentryService sentryService;

   public TestSentryServer(Path testDir, Map<String, Set<String>> groupsByUserName) throws Exception {
     this.dbDir = testDir.resolve("sentry_policy_db");
     this.policyFilePath = testDir.resolve("local_policy_file.ini");
     this.sentrySitePath = testDir.resolve("sentry-site.xml");
     this.sentryService = new SentryServiceFactory().create(getServerConfig());
     this.clientConf = getClientConfig();
     // Write sentry-site.xml
     this.clientConf.writeXml(new FileOutputStream(this.sentrySitePath.toFile()));
     // Write sentry policy file (for storing user-group mappings).
     PolicyFile policyFile = new PolicyFile();
     for (Map.Entry<String, Set<String>> userGroupMapping : groupsByUserName.entrySet()) {
       String userName = userGroupMapping.getKey();
       for (String groupName : userGroupMapping.getValue()) {
         log.info("Configuring user-group mapping with userName : {} group: {}", userName, groupName);
         policyFile.addGroupsToUser(userName, groupName);
       }
     }

     policyFile.write(this.policyFilePath.toFile());
   }

   public SentryService getSentryService() {
     return sentryService;
   }

   public Path getSentrySitePath() {
     return sentrySitePath;
   }

   public void startSentryService() throws Exception {
     sentryService.start();
     final long start = System.nanoTime();
     while(!sentryService.isRunning()) {
       Thread.sleep(1000);
       if (TimeUnit.NANOSECONDS.toSeconds(System.nanoTime() - start) > 60) {
         throw new TimeoutException("Server did not start after 60 seconds");
       }
     }
   }

   public SentryGenericServiceClient connectToSentryService() throws Exception {
     return SentryGenericServiceClientFactory.create(this.clientConf);
   }

   @Override
   public void close() throws IOException {
     if (this.sentryService != null) {
       try {
         this.sentryService.stop();
       } catch (Exception e) {
         throw new IOException(e);
       }
     }
   }

   private Configuration getServerConfig () {
     Configuration conf = new Configuration(false);
     conf.set(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE);
     conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
     conf.set(ServerConfig.ADMIN_GROUPS, ADMIN_GROUP + ",solr");
     conf.set(ServerConfig.RPC_ADDRESS, SERVER_HOST);
     conf.set(ServerConfig.RPC_PORT, String.valueOf(PORT));
     conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
         "jdbc:derby:;databaseName=" + dbDir + ";create=true");
     conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
     conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
         ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
     conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
         policyFilePath.toString());
     return conf;
   }

   private Configuration getClientConfig() {
     Configuration conf = new Configuration(false);
     conf.set(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE);
     conf.set(ClientConfig.SERVER_RPC_ADDRESS, sentryService.getAddress().getHostName());
     conf.set(ClientConfig.SERVER_RPC_PORT, String.valueOf(sentryService.getAddress().getPort()));
     conf.set(AuthzConfVars.AUTHZ_PROVIDER_BACKEND.getVar(),
         SentryGenericProviderBackend.class.getName());
     conf.set("sentry.provider",
         LocalGroupResourceAuthorizationProvider.class.getName());
     conf.set("sentry.solr.provider.resource",
         policyFilePath.toString());
     return conf;
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.sentry.tests.e2e.solr;

	import java.io.Closeable;
	import java.io.FileOutputStream;
	import java.io.IOException;
	import java.nio.file.Path;
	import java.util.Map;
	import java.util.Set;
	import java.util.concurrent.TimeUnit;
	import java.util.concurrent.TimeoutException;

	import org.apache.hadoop.conf.Configuration;
	import org.apache.hadoop.net.NetUtils;
	import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
	import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
	import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
	import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
	import org.apache.sentry.provider.file.PolicyFile;
	import org.apache.sentry.service.thrift.SentryService;
	import org.apache.sentry.service.thrift.SentryServiceFactory;
	import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
	import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	import org.apache.sentry.binding.solr.conf.SolrAuthzConf.AuthzConfVars;

	public class TestSentryServer implements Closeable {
	private static final Logger log = LoggerFactory.getLogger(TestSentryServer.class);

	protected static final String SERVER_HOST =
	NetUtils.createSocketAddr("localhost:80").getAddress().getCanonicalHostName();
	protected static final int PORT = 8038;
	protected static final String ADMIN_GROUP = "admin_group";
	static final String ADMIN_USER = "admin";

	private final Path dbDir;
	private final Path policyFilePath;
	private final Path sentrySitePath;
	private final Configuration clientConf;
	private final SentryService sentryService;

	public TestSentryServer(Path testDir, Map<String, Set<String>> groupsByUserName) throws Exception {
	this.dbDir = testDir.resolve("sentry_policy_db");
	this.policyFilePath = testDir.resolve("local_policy_file.ini");
	this.sentrySitePath = testDir.resolve("sentry-site.xml");
	this.sentryService = new SentryServiceFactory().create(getServerConfig());
	this.clientConf = getClientConfig();
	// Write sentry-site.xml
	this.clientConf.writeXml(new FileOutputStream(this.sentrySitePath.toFile()));
	// Write sentry policy file (for storing user-group mappings).
	PolicyFile policyFile = new PolicyFile();
	for (Map.Entry<String, Set<String>> userGroupMapping : groupsByUserName.entrySet()) {
	String userName = userGroupMapping.getKey();
	for (String groupName : userGroupMapping.getValue()) {
	log.info("Configuring user-group mapping with userName : {} group: {}", userName, groupName);
	policyFile.addGroupsToUser(userName, groupName);
	}
	}

	policyFile.write(this.policyFilePath.toFile());
	}

	public SentryService getSentryService() {
	return sentryService;
	}

	public Path getSentrySitePath() {
	return sentrySitePath;
	}

	public void startSentryService() throws Exception {
	sentryService.start();
	final long start = System.nanoTime();
	while(!sentryService.isRunning()) {
	Thread.sleep(1000);
	if (TimeUnit.NANOSECONDS.toSeconds(System.nanoTime() - start) > 60) {
	throw new TimeoutException("Server did not start after 60 seconds");
	}
	}
	}

	public SentryGenericServiceClient connectToSentryService() throws Exception {
	return SentryGenericServiceClientFactory.create(this.clientConf);
	}

	@Override
	public void close() throws IOException {
	if (this.sentryService != null) {
	try {
	this.sentryService.stop();
	} catch (Exception e) {
	throw new IOException(e);
	}
	}
	}

	private Configuration getServerConfig () {
	Configuration conf = new Configuration(false);
	conf.set(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE);
	conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
	conf.set(ServerConfig.ADMIN_GROUPS, ADMIN_GROUP + ",solr");
	conf.set(ServerConfig.RPC_ADDRESS, SERVER_HOST);
	conf.set(ServerConfig.RPC_PORT, String.valueOf(PORT));
	conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
	"jdbc:derby:;databaseName=" + dbDir + ";create=true");
	conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
	conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
	ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
	conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
	policyFilePath.toString());
	return conf;
	}

	private Configuration getClientConfig() {
	Configuration conf = new Configuration(false);
	conf.set(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE);
	conf.set(ClientConfig.SERVER_RPC_ADDRESS, sentryService.getAddress().getHostName());
	conf.set(ClientConfig.SERVER_RPC_PORT, String.valueOf(sentryService.getAddress().getPort()));
	conf.set(AuthzConfVars.AUTHZ_PROVIDER_BACKEND.getVar(),
	SentryGenericProviderBackend.class.getName());
	conf.set("sentry.provider",
	LocalGroupResourceAuthorizationProvider.class.getName());
	conf.set("sentry.solr.provider.resource",
	policyFilePath.toString());
	return conf;
	}
	}