def test_get_collections(self):
client = SentryClient(HOSTNAME.get(), PORT.get(), 'test')
resp = client.list_sentry_roles_by_group() # Non Sentry Admin can do that
assert_not_equal(0, resp.status.value, resp)
assert_true('denied' in resp.status.message, resp)
resp = client.list_sentry_roles_by_group(groupName='*')
assert_equal(0, resp.status.value, resp)
def setup_class(cls):
if not is_live_cluster():
raise SkipTest()
cls.client = make_logged_in_client(username='******', is_superuser=False)
cls.user = User.objects.get(username='******')
add_to_group('test')
grant_access("test", "test", "libsentry")
cls.db = SentryClient(HOSTNAME.get(), PORT.get(), 'test')
def _get_client(username):
if get_sentry_server_ha_enabled():
servers = _get_server_properties()
if servers:
server = random.choice(servers)
else:
raise PopupException(_('No Sentry servers are available.'))
else:
server = {'hostname': HOSTNAME.get(), 'port': PORT.get()}
return SentryClient(server['hostname'], server['port'], username)
def setup_class(cls):
if not is_live_cluster():
raise SkipTest('Sentry tests require a live sentry server')
if not os.path.exists(
os.path.join(SENTRY_CONF_DIR.get(), 'sentry-site.xml')):
raise SkipTest(
'Could not find sentry-site.xml, skipping sentry tests')
cls.client = make_logged_in_client(username='******', is_superuser=False)
cls.user = User.objects.get(username='******')
add_to_group('test')
grant_access("test", "test", "libsentry")
cls.db = SentryClient(HOSTNAME.get(), PORT.get(), 'test')
def test_security_kerberos():
tmpdir = tempfile.mkdtemp()
finish = SENTRY_CONF_DIR.set_for_testing(tmpdir)
try:
xml = sentry_site_xml(provider='default', authentication='kerberos')
file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
security = SentryClient('test.com', 11111, 'test')._get_security()
assert_equal(True, security['use_sasl'])
assert_equal('GSSAPI', security['mechanism'])
finally:
sentry_site.reset()
finish()
shutil.rmtree(tmpdir)
def test_security_plain():
tmpdir = tempfile.mkdtemp()
finish = SENTRY_CONF_DIR.set_for_testing(tmpdir)
try:
xml = sentry_site_xml(provider='default')
file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml)
sentry_site.reset()
assert_equal('test/[email protected]', get_sentry_server_principal())
assert_equal(['hive', 'impala', 'hue'],
get_sentry_server_admin_groups())
security = SentryClient('test.com', 11111, 'test')._get_security()
assert_equal('test', security['kerberos_principal_short_name'])
assert_equal(False, security['use_sasl'])
assert_equal('NOSASL', security['mechanism'])
finally:
sentry_site.reset()
finish()
shutil.rmtree(tmpdir)
def get_api(user):
return SentryApi(SentryClient(HOSTNAME.get(), PORT.get(), user.username))
