def test_get_collections(self): client = SentryClient(HOSTNAME.get(), PORT.get(), 'test') resp = client.list_sentry_roles_by_group() # Non Sentry Admin can do that assert_not_equal(0, resp.status.value, resp) assert_true('denied' in resp.status.message, resp) resp = client.list_sentry_roles_by_group(groupName='*') assert_equal(0, resp.status.value, resp)
def setup_class(cls): if not is_live_cluster(): raise SkipTest() cls.client = make_logged_in_client(username='******', is_superuser=False) cls.user = User.objects.get(username='******') add_to_group('test') grant_access("test", "test", "libsentry") cls.db = SentryClient(HOSTNAME.get(), PORT.get(), 'test')
def _get_client(username): if get_sentry_server_ha_enabled(): servers = _get_server_properties() if servers: server = random.choice(servers) else: raise PopupException(_('No Sentry servers are available.')) else: server = {'hostname': HOSTNAME.get(), 'port': PORT.get()} return SentryClient(server['hostname'], server['port'], username)
def setup_class(cls): if not is_live_cluster(): raise SkipTest('Sentry tests require a live sentry server') if not os.path.exists( os.path.join(SENTRY_CONF_DIR.get(), 'sentry-site.xml')): raise SkipTest( 'Could not find sentry-site.xml, skipping sentry tests') cls.client = make_logged_in_client(username='******', is_superuser=False) cls.user = User.objects.get(username='******') add_to_group('test') grant_access("test", "test", "libsentry") cls.db = SentryClient(HOSTNAME.get(), PORT.get(), 'test')
def test_security_kerberos(): tmpdir = tempfile.mkdtemp() finish = SENTRY_CONF_DIR.set_for_testing(tmpdir) try: xml = sentry_site_xml(provider='default', authentication='kerberos') file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() security = SentryClient('test.com', 11111, 'test')._get_security() assert_equal(True, security['use_sasl']) assert_equal('GSSAPI', security['mechanism']) finally: sentry_site.reset() finish() shutil.rmtree(tmpdir)
def test_security_plain(): tmpdir = tempfile.mkdtemp() finish = SENTRY_CONF_DIR.set_for_testing(tmpdir) try: xml = sentry_site_xml(provider='default') file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() assert_equal('test/[email protected]', get_sentry_server_principal()) assert_equal(['hive', 'impala', 'hue'], get_sentry_server_admin_groups()) security = SentryClient('test.com', 11111, 'test')._get_security() assert_equal('test', security['kerberos_principal_short_name']) assert_equal(False, security['use_sasl']) assert_equal('NOSASL', security['mechanism']) finally: sentry_site.reset() finish() shutil.rmtree(tmpdir)
def get_api(user): return SentryApi(SentryClient(HOSTNAME.get(), PORT.get(), user.username))