Skip to content

Commit

Permalink
Refactor product test for GRANT and REVOKE
Browse files Browse the repository at this point in the history
  • Loading branch information
@martint
Amruta Gokhale authored and martint committed Oct 13, 2016
1 parent 179bf3b commit db31297
Showing 1 changed file with 34 additions and 36 deletions.
70 changes: 34 additions & 36 deletions presto-product-tests/src/main/java/com/facebook/presto/tests/hive/TestGrantRevoke.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@

package com.facebook.presto.tests.hive;

import com.teradata.tempto.BeforeTestWithContext;
import com.teradata.tempto.ProductTest;
import com.teradata.tempto.query.QueryExecutor;
import org.testng.annotations.Test;
Expand All @@ -28,6 +29,10 @@
public class TestGrantRevoke
extends ProductTest
{
private String tableName;
private QueryExecutor aliceExecutor;
private QueryExecutor bobExecutor;

/*
* Pre-requisites for the tests in this class:
*
Expand All @@ -37,55 +42,48 @@ public class TestGrantRevoke
* "bob@presto" that has "jdbc_user: bob"
* (all other values of the connection are same as that of the default "presto" connection).
*/
@Test(groups = {HIVE_CONNECTOR, AUTHORIZATION, PROFILE_SPECIFIC_TESTS})
public void testGrantRevoke()

@BeforeTestWithContext
public void setup()
{
String tableName = "alice_owned_table";
QueryExecutor queryExecutorForAlice = connectToPresto("alice@presto");
QueryExecutor queryExecutorForBob = connectToPresto("bob@presto");
tableName = "alice_owned_table";
aliceExecutor = connectToPresto("alice@presto");
bobExecutor = connectToPresto("bob@presto");

queryExecutorForAlice.executeQuery(format("DROP TABLE IF EXISTS %s", tableName));
queryExecutorForAlice.executeQuery(format("CREATE TABLE %s(month bigint, day bigint)", tableName));
aliceExecutor.executeQuery(format("DROP TABLE IF EXISTS %s", tableName));
aliceExecutor.executeQuery(format("CREATE TABLE %s(month bigint, day bigint)", tableName));

assertThat(() -> queryExecutorForBob.executeQuery(format("SELECT * FROM %s", tableName))).
failsWithMessage(format("Access Denied: Cannot select from table default.%s", tableName));
assertThat(() -> queryExecutorForBob.executeQuery(format("INSERT INTO %s VALUES (3, 22)", tableName))).
failsWithMessage(format("Access Denied: Cannot insert into table default.%s", tableName));
assertAccessDeniedOnAllOperationsOnTable(bobExecutor, tableName);
}

//test GRANT
queryExecutorForAlice.executeQuery(format("GRANT INSERT, SELECT ON %s TO bob", tableName));
assertThat(queryExecutorForBob.executeQuery(format("INSERT INTO %s VALUES (3, 22)", tableName))).hasRowsCount(1);
assertThat(queryExecutorForBob.executeQuery(format("SELECT * FROM %s", tableName))).hasRowsCount(1);
assertThat(() -> queryExecutorForBob.executeQuery(format("DELETE FROM %s WHERE day=3", tableName))).
@Test(groups = {HIVE_CONNECTOR, AUTHORIZATION, PROFILE_SPECIFIC_TESTS})
public void testGrantRevoke()
{
// test GRANT
aliceExecutor.executeQuery(format("GRANT INSERT, SELECT ON %s TO bob", tableName));
assertThat(bobExecutor.executeQuery(format("INSERT INTO %s VALUES (3, 22)", tableName))).hasRowsCount(1);
assertThat(bobExecutor.executeQuery(format("SELECT * FROM %s", tableName))).hasRowsCount(1);
assertThat(() -> bobExecutor.executeQuery(format("DELETE FROM %s WHERE day=3", tableName))).
failsWithMessage(format("Access Denied: Cannot delete from table default.%s", tableName));

//test REVOKE
queryExecutorForAlice.executeQuery(format("REVOKE INSERT ON %s FROM bob", tableName));
assertThat(() -> queryExecutorForBob.executeQuery(format("INSERT INTO %s VALUES ('y', 5)", tableName))).
// test REVOKE
aliceExecutor.executeQuery(format("REVOKE INSERT ON %s FROM bob", tableName));
assertThat(() -> bobExecutor.executeQuery(format("INSERT INTO %s VALUES ('y', 5)", tableName))).
failsWithMessage(format("Access Denied: Cannot insert into table default.%s", tableName));
assertThat(queryExecutorForBob.executeQuery(format("SELECT * FROM %s", tableName))).hasRowsCount(1);
assertThat(bobExecutor.executeQuery(format("SELECT * FROM %s", tableName))).hasRowsCount(1);
}

@Test(groups = {HIVE_CONNECTOR, AUTHORIZATION, PROFILE_SPECIFIC_TESTS})
public void testGrantRevokeAll()
{
String tableName = "alice_owned_table";
QueryExecutor queryExecutorForAlice = connectToPresto("alice@presto");
QueryExecutor queryExecutorForBob = connectToPresto("bob@presto");

queryExecutorForAlice.executeQuery(format("DROP TABLE IF EXISTS %s", tableName));
queryExecutorForAlice.executeQuery(format("CREATE TABLE %s(month bigint, day bigint)", tableName));

assertAccessDeniedOnAllOperationsOnTable(queryExecutorForBob, tableName);

queryExecutorForAlice.executeQuery(format("GRANT ALL PRIVILEGES ON %s TO bob", tableName));
assertThat(queryExecutorForBob.executeQuery(format("INSERT INTO %s VALUES (4, 13)", tableName))).hasRowsCount(1);
assertThat(queryExecutorForBob.executeQuery(format("SELECT * FROM %s", tableName))).hasRowsCount(1);
queryExecutorForBob.executeQuery(format("DELETE FROM %s", tableName));
assertThat(queryExecutorForBob.executeQuery(format("SELECT * FROM %s", tableName))).hasNoRows();
aliceExecutor.executeQuery(format("GRANT ALL PRIVILEGES ON %s TO bob", tableName));
assertThat(bobExecutor.executeQuery(format("INSERT INTO %s VALUES (4, 13)", tableName))).hasRowsCount(1);
assertThat(bobExecutor.executeQuery(format("SELECT * FROM %s", tableName))).hasRowsCount(1);
bobExecutor.executeQuery(format("DELETE FROM %s", tableName));
assertThat(bobExecutor.executeQuery(format("SELECT * FROM %s", tableName))).hasNoRows();

queryExecutorForAlice.executeQuery(format("REVOKE ALL PRIVILEGES ON %s FROM bob", tableName));
assertAccessDeniedOnAllOperationsOnTable(queryExecutorForBob, tableName);
aliceExecutor.executeQuery(format("REVOKE ALL PRIVILEGES ON %s FROM bob", tableName));
assertAccessDeniedOnAllOperationsOnTable(bobExecutor, tableName);
}

private static void assertAccessDeniedOnAllOperationsOnTable(QueryExecutor queryExecutor, String tableName)
Expand Down

0 comments on commit db31297

Please sign in to comment.