def test_single_bad_host(self): # Test that get_next_available_client will raise an exception on single bad host xml = self._sentry_site_xml(rpc_addresses='bad-host-1', rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() assert_raises(PopupException, get_next_available_server, SentryClient, self.user.username, failed_host=None, create_client_fn=create_mock_client_fn)
def test_get_random_sentry_server(self): # Test that with no current_host, a server for a random host is returned xml = self._sentry_site_xml(rpc_addresses='%s,host-1,host-2' % self.rpc_addresses, rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() server = get_sentry_server() assert_true(server is not None) assert_true(server['hostname'] in '%s,host-1,host-2' % self.rpc_addresses)
def test_round_robin(self): # Test that get_next_available_client will check each server once and only once then exit xml = self._sentry_site_xml(rpc_addresses='host-1,host-2,host-3,host-4,host-5', rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() server, attempts = get_next_available_server(SentryClient, self.user.username, failed_host='host-1') assert_equal(None, server) assert_equal(['host-2','host-3','host-4','host-5'], attempts)
def test_get_first_sentry_server(self): # Test that if the current host is the last host of multiple servers, the first server is returned xml = self._sentry_site_xml(rpc_addresses='host-1,%s,host-2' % self.rpc_addresses, rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() server = get_sentry_server(current_host='host-2') assert_true(server is not None) assert_equal(server['hostname'], 'host-1')
def test_get_single_sentry_server(self): # Test that with a current host and single server, the single server is returned xml = self._sentry_site_xml(rpc_addresses='host-1', rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() server = get_sentry_server(current_host='host-1') assert_true(server is not None) assert_equal(server['hostname'], 'host-1')
def test_good_bad_host(self): # Test that get_next_available_client will return the good host xml = self._sentry_site_xml(rpc_addresses='good-host-1,bad-host-1', rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() server, attempts = get_next_available_server(SentryClient, self.user.username, failed_host='bad-host-1', create_client_fn=create_mock_client_fn) assert_equal('good-host-1', server['hostname']) assert_equal([], attempts)
def test_ha_failover_all_bad(self): # Test with all bad hosts xml = self._sentry_site_xml(rpc_addresses='bad-host-1:8039,bad-host-2', rpc_port=self.rpc_port) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() api = get_api(self.user) assert_equal('bad-host-1:8039,bad-host-2', ','.join(sentry_site.get_sentry_server_rpc_addresses())) assert_raises(PopupException, api.list_sentry_roles_by_group, '*') api2 = get_api2(self.user, 'solr') assert_raises(PopupException, api2.list_sentry_roles_by_group, '*')
def test_no_rpc_hosts(self): # Test with no rpc hosts and fallback to hostname and port xml = self._sentry_site_xml(rpc_addresses='') file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() api = get_api(self.user) assert_false(sentry_site.is_ha_enabled(), sentry_site.get_sentry_server_rpc_addresses()) assert_true(is_enabled() and HOSTNAME.get() and HOSTNAME.get() != 'localhost') resp = api.list_sentry_roles_by_group(groupName='*') assert_true(isinstance(resp, list)) api2 = get_api2(self.user, 'solr') resp = api2.list_sentry_roles_by_group(groupName='*') assert_true(isinstance(resp, list))
def test_ha_failover_good_bad_bad(self): # Test with good-host,bad-host-1,bad-host-2 xml = self._sentry_site_xml(rpc_addresses='%s,bad-host-1,bad-host-2' % self.rpc_addresses) file(os.path.join(self.tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() api = get_api(self.user) assert_equal('%s,bad-host-1,bad-host-2' % self.rpc_addresses, ','.join(sentry_site.get_sentry_server_rpc_addresses())) resp = api.list_sentry_roles_by_group(groupName='*') assert_true(isinstance(resp, list)) api2 = get_api2(self.user, 'solr') resp = api2.list_sentry_roles_by_group(groupName='*') assert_true(isinstance(resp, list))
def test_security_kerberos(): tmpdir = tempfile.mkdtemp() finish = SENTRY_CONF_DIR.set_for_testing(tmpdir) try: xml = sentry_site_xml(provider='default', authentication='kerberos') file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() security = SentryClient('test.com', 11111, 'test')._get_security() assert_equal(True, security['use_sasl']) assert_equal('GSSAPI', security['mechanism']) finally: sentry_site.reset() finish() shutil.rmtree(tmpdir)
def test_security_plain(): tmpdir = tempfile.mkdtemp() finish = SENTRY_CONF_DIR.set_for_testing(tmpdir) try: xml = sentry_site_xml(provider='default') file(os.path.join(tmpdir, 'sentry-site.xml'), 'w').write(xml) sentry_site.reset() assert_equal('test/[email protected]', get_sentry_server_principal()) assert_equal(['hive', 'impala', 'hue'], get_sentry_server_admin_groups()) security = SentryClient('test.com', 11111, 'test')._get_security() assert_equal('test', security['kerberos_principal_short_name']) assert_equal(False, security['use_sasl']) assert_equal('NOSASL', security['mechanism']) finally: sentry_site.reset() finish() shutil.rmtree(tmpdir)
def tearDown(self): sentry_site.reset() for reset in self.resets: reset() shutil.rmtree(self.tmpdir)