def test_single_bad_host(self):
# Test that get_next_available_client will raise an exception on single bad host
xml = self._sentry_site_xml(rpc_addresses='bad-host-1', rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
assert_raises(PopupException, get_next_available_server, SentryClient, self.user.username, failed_host=None,
create_client_fn=create_mock_client_fn)
def test_get_random_sentry_server(self):
# Test that with no current_host, a server for a random host is returned
xml = self._sentry_site_xml(rpc_addresses='%s,host-1,host-2' % self.rpc_addresses, rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
server = get_sentry_server()
assert_true(server is not None)
assert_true(server['hostname'] in '%s,host-1,host-2' % self.rpc_addresses)
def test_round_robin(self):
# Test that get_next_available_client will check each server once and only once then exit
xml = self._sentry_site_xml(rpc_addresses='host-1,host-2,host-3,host-4,host-5', rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
server, attempts = get_next_available_server(SentryClient, self.user.username, failed_host='host-1')
assert_equal(None, server)
assert_equal(['host-2','host-3','host-4','host-5'], attempts)
def test_get_first_sentry_server(self):
# Test that if the current host is the last host of multiple servers, the first server is returned
xml = self._sentry_site_xml(rpc_addresses='host-1,%s,host-2' % self.rpc_addresses, rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
server = get_sentry_server(current_host='host-2')
assert_true(server is not None)
assert_equal(server['hostname'], 'host-1')
def test_get_single_sentry_server(self):
# Test that with a current host and single server, the single server is returned
xml = self._sentry_site_xml(rpc_addresses='host-1', rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
server = get_sentry_server(current_host='host-1')
assert_true(server is not None)
assert_equal(server['hostname'], 'host-1')
def test_good_bad_host(self):
# Test that get_next_available_client will return the good host
xml = self._sentry_site_xml(rpc_addresses='good-host-1,bad-host-1', rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
server, attempts = get_next_available_server(SentryClient, self.user.username, failed_host='bad-host-1',
create_client_fn=create_mock_client_fn)
assert_equal('good-host-1', server['hostname'])
assert_equal([], attempts)
def test_ha_failover_all_bad(self):
# Test with all bad hosts
xml = self._sentry_site_xml(rpc_addresses='bad-host-1:8039,bad-host-2', rpc_port=self.rpc_port)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
api = get_api(self.user)
assert_equal('bad-host-1:8039,bad-host-2', ','.join(sentry_site.get_sentry_server_rpc_addresses()))
assert_raises(PopupException, api.list_sentry_roles_by_group, '*')
api2 = get_api2(self.user, 'solr')
assert_raises(PopupException, api2.list_sentry_roles_by_group, '*')
def test_no_rpc_hosts(self):
# Test with no rpc hosts and fallback to hostname and port
xml = self._sentry_site_xml(rpc_addresses='')
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
api = get_api(self.user)
assert_false(sentry_site.is_ha_enabled(), sentry_site.get_sentry_server_rpc_addresses())
assert_true(is_enabled() and HOSTNAME.get() and HOSTNAME.get() != 'localhost')
resp = api.list_sentry_roles_by_group(groupName='*')
assert_true(isinstance(resp, list))
api2 = get_api2(self.user, 'solr')
resp = api2.list_sentry_roles_by_group(groupName='*')
assert_true(isinstance(resp, list))
def test_ha_failover_good_bad_bad(self):
# Test with good-host,bad-host-1,bad-host-2
xml = self._sentry_site_xml(rpc_addresses='%s,bad-host-1,bad-host-2' %
self.rpc_addresses)
file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
api = get_api(self.user)
assert_equal('%s,bad-host-1,bad-host-2' % self.rpc_addresses,
','.join(sentry_site.get_sentry_server_rpc_addresses()))
resp = api.list_sentry_roles_by_group(groupName='*')
assert_true(isinstance(resp, list))
api2 = get_api2(self.user, 'solr')
resp = api2.list_sentry_roles_by_group(groupName='*')
assert_true(isinstance(resp, list))
def test_security_kerberos():
tmpdir = tempfile.mkdtemp()
finish = SENTRY_CONF_DIR.set_for_testing(tmpdir)
try:
xml = sentry_site_xml(provider='default', authentication='kerberos')
file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
security = SentryClient('test.com', 11111, 'test')._get_security()
assert_equal(True, security['use_sasl'])
assert_equal('GSSAPI', security['mechanism'])
finally:
sentry_site.reset()
finish()
shutil.rmtree(tmpdir)
def test_security_kerberos():
tmpdir = tempfile.mkdtemp()
finish = SENTRY_CONF_DIR.set_for_testing(tmpdir)
try:
xml = sentry_site_xml(provider='default', authentication='kerberos')
file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
security = SentryClient('test.com', 11111, 'test')._get_security()
assert_equal(True, security['use_sasl'])
assert_equal('GSSAPI', security['mechanism'])
finally:
sentry_site.reset()
finish()
shutil.rmtree(tmpdir)
def test_security_plain():
tmpdir = tempfile.mkdtemp()
finish = SENTRY_CONF_DIR.set_for_testing(tmpdir)
try:
xml = sentry_site_xml(provider='default')
file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
assert_equal('test/[email protected]', get_sentry_server_principal())
assert_equal(['hive', 'impala', 'hue'], get_sentry_server_admin_groups())
security = SentryClient('test.com', 11111, 'test')._get_security()
assert_equal('test', security['kerberos_principal_short_name'])
assert_equal(False, security['use_sasl'])
assert_equal('NOSASL', security['mechanism'])
finally:
sentry_site.reset()
finish()
shutil.rmtree(tmpdir)
def test_security_plain():
tmpdir = tempfile.mkdtemp()
finish = SENTRY_CONF_DIR.set_for_testing(tmpdir)
try:
xml = sentry_site_xml(provider='default')
file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
assert_equal('test/[email protected]', get_sentry_server_principal())
assert_equal(['hive', 'impala', 'hue'],
get_sentry_server_admin_groups())
security = SentryClient('test.com', 11111, 'test')._get_security()
assert_equal('test', security['kerberos_principal_short_name'])
assert_equal(False, security['use_sasl'])
assert_equal('NOSASL', security['mechanism'])
finally:
sentry_site.reset()
finish()
shutil.rmtree(tmpdir)
def tearDown(self):
sentry_site.reset()
for reset in self.resets:
reset()
shutil.rmtree(self.tmpdir)
