diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index bd884a9234..672724b95c 100644 --- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -535,13 +535,6 @@ private static void populateLlapDaemonVarsSet(Set llapDaemonVarsSetLocal + "with the hive data and metadata replication. Set the configuration " + "hive.repl.include.authorization.metadata to false to disable " + "security policies being replicated "), - REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT("hive.repl.authorization.provider.service.endpoint", - "", - "This configuration will define the authorization service endpoint"), - REPL_RANGER_SERVICE_NAME("hive.repl.ranger.service.name", - "hive", - "This configuration will define the service name for which the ranger authorization" - + " policies needs to be replicated"), REPL_RANGER_ADD_DENY_POLICY_TARGET("hive.repl.ranger.target.deny.policy", true, "This configuration will add a deny policy on the target database for all users except hive" diff --git a/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java b/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java index eeb81dad25..65f7303e50 100644 --- a/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java +++ b/itests/hive-unit/src/test/java/org/apache/hadoop/hive/ql/parse/TestReplicationScenariosAcrossInstances.java @@ -1501,8 +1501,7 @@ public Boolean apply(@Nullable CallerArguments args) { @Test public void testRangerReplication() throws Throwable { List clause = Arrays.asList("'hive.repl.include.authorization.metadata'='true'", - "'hive.in.test'='true'", - "'hive.repl.authorization.provider.service.endpoint'='http://localhost:6080/ranger'"); + "'hive.in.test'='true'"); primary.run("use " + primaryDbName) .run("create table acid_table (key int, value int) partitioned by (load_date date) " + "clustered by(key) into 2 buckets stored as orc tblproperties ('transactional'='true')") @@ -1519,28 +1518,6 @@ public void testRangerReplication() throws Throwable { .verifyResults(new String[] {"1", "2"}); } - /* - Can't test complete replication as mini ranger is not supported - Testing just the configs and no impact on existing replication - */ - @Test - public void testFailureRangerReplication() throws Throwable { - List clause = Arrays.asList("'hive.repl.include.authorization.metadata'='true'", - "'hive.in.test'='true'"); - primary.run("use " + primaryDbName) - .run("create table acid_table (key int, value int) partitioned by (load_date date) " + - "clustered by(key) into 2 buckets stored as orc tblproperties ('transactional'='true')") - .run("create table table1 (i String)") - .run("insert into table1 values (1)") - .run("insert into table1 values (2)"); - try { - primary.dump(primaryDbName, clause); - } catch (Exception e) { - assertEquals("Ranger endpoint is not valid. Please pass a valid config " - + "hive.repl.authorization.provider.service.endpoint", e.getMessage()); - } - } - /* Can't test complete replication as mini ranger is not supported Testing just the configs and no impact on existing replication diff --git a/itests/hive-unit/src/test/resources/ranger-hive-security.xml b/itests/hive-unit/src/test/resources/ranger-hive-security.xml new file mode 100644 index 0000000000..0e6db83194 --- /dev/null +++ b/itests/hive-unit/src/test/resources/ranger-hive-security.xml @@ -0,0 +1,31 @@ + + + + + + + + + ranger.plugin.hive.service.name + hive + + + ranger.plugin.hive.policy.rest.url + https://ranger.apache.org:5088 + + diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java index e0783712fe..5a56a6be95 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpTask.java @@ -30,6 +30,7 @@ import org.apache.hadoop.hive.ql.exec.repl.ranger.NoOpRangerRestClient; import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerRestClientImpl; import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils; +import org.apache.hadoop.hive.ql.parse.SemanticException; import org.apache.hadoop.hive.ql.parse.repl.ReplLogger; import org.apache.hadoop.hive.ql.parse.repl.dump.log.RangerDumpLogger; import org.apache.hadoop.hive.ql.plan.api.StageType; @@ -37,11 +38,9 @@ import org.slf4j.LoggerFactory; import java.io.Serializable; +import java.net.URL; import java.util.List; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME; - /** * RangerDumpTask. * @@ -81,12 +80,17 @@ public int execute() { if (rangerRestClient == null) { rangerRestClient = getRangerRestClient(); } - String rangerEndpoint = conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT); + URL url = work.getRangerConfigResource(); + if (url == null) { + throw new SemanticException("Ranger configuration is not valid " + + ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME); + } + conf.addResource(url); + String rangerHiveServiceName = conf.get(ReplUtils.RANGER_HIVE_SERVICE_NAME); + String rangerEndpoint = conf.get(ReplUtils.RANGER_REST_URL); if (StringUtils.isEmpty(rangerEndpoint) || !rangerRestClient.checkConnection(rangerEndpoint)) { - throw new Exception("Ranger endpoint is not valid. " - + "Please pass a valid config hive.repl.authorization.provider.service.endpoint"); + throw new SemanticException("Ranger endpoint is not valid " + rangerEndpoint); } - String rangerHiveServiceName = conf.getVar(REPL_RANGER_SERVICE_NAME); replLogger = new RangerDumpLogger(work.getDbName(), work.getCurrentDumpPath().toString()); replLogger.startLog(); RangerExportPolicyList rangerExportPolicyList = rangerRestClient.exportRangerPolicies(rangerEndpoint, diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java index 873a2ecc35..026402b43e 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerDumpWork.java @@ -18,9 +18,11 @@ package org.apache.hadoop.hive.ql.exec.repl; import org.apache.hadoop.fs.Path; +import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils; import org.apache.hadoop.hive.ql.plan.Explain; import java.io.Serializable; +import java.net.URL; /** * RangerDumpWork. @@ -47,4 +49,8 @@ public Path getCurrentDumpPath() { public String getDbName() { return dbName; } + + URL getRangerConfigResource() { + return getClass().getClassLoader().getResource(ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME); + } } diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java index 2c216fff1b..4e8a44fdae 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadTask.java @@ -30,6 +30,7 @@ import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerPolicy; import org.apache.hadoop.hive.ql.exec.repl.ranger.RangerExportPolicyList; import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils; +import org.apache.hadoop.hive.ql.parse.SemanticException; import org.apache.hadoop.hive.ql.parse.repl.ReplLogger; import org.apache.hadoop.hive.ql.parse.repl.load.log.RangerLoadLogger; import org.apache.hadoop.hive.ql.plan.api.StageType; @@ -37,13 +38,11 @@ import org.slf4j.LoggerFactory; import java.io.Serializable; +import java.net.URL; import java.util.ArrayList; import java.util.List; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT; import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_ADD_DENY_POLICY_TARGET; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME; - /** * RangerLoadTask. * @@ -83,10 +82,16 @@ public int execute() { if (rangerRestClient == null) { rangerRestClient = getRangerRestClient(); } - String rangerEndpoint = conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT); + URL url = work.getRangerConfigResource(); + if (url == null) { + throw new SemanticException("Ranger configuration is not valid " + + ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME); + } + conf.addResource(url); + String rangerHiveServiceName = conf.get(ReplUtils.RANGER_HIVE_SERVICE_NAME); + String rangerEndpoint = conf.get(ReplUtils.RANGER_REST_URL); if (StringUtils.isEmpty(rangerEndpoint) || !rangerRestClient.checkConnection(rangerEndpoint)) { - throw new Exception("Ranger endpoint is not valid. " - + "Please pass a valid config hive.repl.authorization.provider.service.endpoint"); + throw new SemanticException("Ranger endpoint is not valid " + rangerEndpoint); } if (work.getCurrentDumpPath() != null) { LOG.info("Importing Ranger Metadata from {} ", work.getCurrentDumpPath()); @@ -108,7 +113,7 @@ public int execute() { List rangerPoliciesWithDenyPolicy = rangerPolicies; if (conf.getBoolVar(REPL_RANGER_ADD_DENY_POLICY_TARGET)) { rangerPoliciesWithDenyPolicy = rangerRestClient.addDenyPolicies(rangerPolicies, - conf.getVar(REPL_RANGER_SERVICE_NAME), work.getSourceDbName(), work.getTargetDbName()); + rangerHiveServiceName, work.getSourceDbName(), work.getTargetDbName()); } List updatedRangerPolicies = rangerRestClient.changeDataSet(rangerPoliciesWithDenyPolicy, @@ -121,7 +126,7 @@ public int execute() { } rangerExportPolicyList.setPolicies(updatedRangerPolicies); rangerRestClient.importRangerPolicies(rangerExportPolicyList, work.getTargetDbName(), rangerEndpoint, - conf.getVar(REPL_RANGER_SERVICE_NAME)); + rangerHiveServiceName); LOG.info("Number of ranger policies imported {}", rangerExportPolicyList.getListSize()); importCount = rangerExportPolicyList.getListSize(); replLogger.endLog(importCount); diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java index 64f5df005f..cddca6076a 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/RangerLoadWork.java @@ -18,11 +18,13 @@ package org.apache.hadoop.hive.ql.exec.repl; import org.apache.hadoop.fs.Path; +import org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils; import org.apache.hadoop.hive.ql.plan.Explain; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.Serializable; +import java.net.URL; /** * RangerLoadWork. @@ -56,4 +58,8 @@ public String getTargetDbName() { public String getSourceDbName() { return sourceDbName; } + + URL getRangerConfigResource() { + return getClass().getClassLoader().getResource(ReplUtils.RANGER_CONFIGURATION_RESOURCE_NAME); + } } diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java index 377f742a70..543ceca3e4 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/repl/util/ReplUtils.java @@ -107,6 +107,12 @@ public static final String RANGER_AUTHORIZER = "ranger"; public static final String HIVE_RANGER_POLICIES_FILE_NAME = "ranger_policies.json"; + + public static final String RANGER_REST_URL = "ranger.plugin.hive.policy.rest.url"; + + public static final String RANGER_HIVE_SERVICE_NAME = "ranger.plugin.hive.service.name"; + + public static final String RANGER_CONFIGURATION_RESOURCE_NAME = "ranger-hive-security.xml"; /** * Bootstrap REPL LOAD operation type on the examined object based on ckpt state. */ diff --git a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java index 8ef09876af..9a20564de9 100644 --- a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java +++ b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerDumpTask.java @@ -39,10 +39,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.net.URL; import java.util.ArrayList; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME; +import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_REST_URL; +import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_HIVE_SERVICE_NAME; /** * Unit test class for testing Ranger Dump. @@ -71,7 +72,13 @@ public void setup() throws Exception { @Test public void testFailureInvalidAuthProviderEndpoint() throws Exception { - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn(null); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn(null); + int status = task.execute(); + Assert.assertEquals(40000, status); + } + + @Test + public void testFailureInvalidRangerConfig() throws Exception { int status = task.execute(); Assert.assertEquals(40000, status); } @@ -82,10 +89,11 @@ public void testSuccessValidAuthProviderEndpoint() throws Exception { rangerPolicyList.setPolicies(new ArrayList()); Mockito.when(mockClient.exportRangerPolicies(Mockito.anyString(), Mockito.anyString(), Mockito.anyString())) .thenReturn(rangerPolicyList); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); - Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive"); Mockito.when(work.getDbName()).thenReturn("testdb"); Mockito.when(work.getCurrentDumpPath()).thenReturn(new Path("/tmp")); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); } @@ -106,14 +114,15 @@ public void testSuccessNonEmptyRangerPolicies() throws Exception { RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class); Mockito.when(mockClient.exportRangerPolicies(Mockito.anyString(), Mockito.anyString(), Mockito.anyString())) .thenReturn(rangerPolicyList); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); - Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive"); Mockito.when(work.getDbName()).thenReturn("testdb"); Path rangerDumpPath = new Path("/tmp"); Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath); Path policyFile = new Path(rangerDumpPath, ReplUtils.HIVE_RANGER_POLICIES_FILE_NAME); Mockito.when(mockClient.saveRangerPoliciesToFile(rangerPolicyList, rangerDumpPath, ReplUtils.HIVE_RANGER_POLICIES_FILE_NAME, conf)).thenReturn(policyFile); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); } @@ -126,10 +135,11 @@ public void testSuccessRangerDumpMetrics() throws Exception { rangerPolicyList.setPolicies(new ArrayList()); Mockito.when(mockClient.exportRangerPolicies(Mockito.anyString(), Mockito.anyString(), Mockito.anyString())) .thenReturn(rangerPolicyList); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); - Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive"); Mockito.when(work.getDbName()).thenReturn("testdb"); Mockito.when(work.getCurrentDumpPath()).thenReturn(new Path("/tmp")); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); ArgumentCaptor replStateCaptor = ArgumentCaptor.forClass(String.class); diff --git a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java index 8ff2961a61..0559d1ba88 100644 --- a/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java +++ b/ql/src/test/org/apache/hadoop/hive/ql/exec/repl/TestRangerLoadTask.java @@ -36,9 +36,12 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT; -import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_SERVICE_NAME; +import java.net.MalformedURLException; +import java.net.URL; + import static org.apache.hadoop.hive.conf.HiveConf.ConfVars.REPL_RANGER_ADD_DENY_POLICY_TARGET; +import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_HIVE_SERVICE_NAME; +import static org.apache.hadoop.hive.ql.exec.repl.util.ReplUtils.RANGER_REST_URL; /** * Unit test class for testing Ranger Dump. @@ -70,16 +73,16 @@ public void setup() throws Exception { @Test public void testFailureInvalidAuthProviderEndpoint() { - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn(null); int status = task.execute(); Assert.assertEquals(40000, status); } @Test - public void testSuccessValidAuthProviderEndpoint() { - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); + public void testSuccessValidAuthProviderEndpoint() throws MalformedURLException { + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); Mockito.when(work.getSourceDbName()).thenReturn("srcdb"); Mockito.when(work.getTargetDbName()).thenReturn("tgtdb"); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); } @@ -98,12 +101,13 @@ public void testSuccessNonEmptyRangerPolicies() throws Exception { + "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":" + "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}"; RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); Mockito.when(work.getSourceDbName()).thenReturn("srcdb"); Mockito.when(work.getTargetDbName()).thenReturn("tgtdb"); Path rangerDumpPath = new Path("/tmp"); Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath); Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); } @@ -124,12 +128,13 @@ public void testSuccessRangerDumpMetrics() throws Exception { + "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":" + "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}"; RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); Mockito.when(work.getSourceDbName()).thenReturn("srcdb"); Mockito.when(work.getTargetDbName()).thenReturn("tgtdb"); Path rangerDumpPath = new Path("/tmp"); Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath); Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); ArgumentCaptor replStateCaptor = ArgumentCaptor.forClass(String.class); @@ -163,14 +168,15 @@ public void testSuccessAddDenyRangerPolicies() throws Exception { + "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":" + "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}"; RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); Mockito.when(work.getSourceDbName()).thenReturn("srcdb"); Mockito.when(work.getTargetDbName()).thenReturn("tgtdb"); - Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive"); + Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive"); Mockito.when(conf.getBoolVar(REPL_RANGER_ADD_DENY_POLICY_TARGET)).thenReturn(true); Path rangerDumpPath = new Path("/tmp"); Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath); Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); ArgumentCaptor rangerPolicyCapture = ArgumentCaptor.forClass(RangerExportPolicyList.class); @@ -226,14 +232,15 @@ public void testSuccessDisableDenyRangerPolicies() throws Exception { + "\"dataMaskPolicyItems\":[],\"rowFilterPolicyItems\":[],\"id\":40,\"guid\":" + "\"4e2b3406-7b9a-4004-8cdf-7a239c8e2cae\",\"isEnabled\":true,\"version\":1}]}"; RangerExportPolicyList rangerPolicyList = new Gson().fromJson(rangerResponse, RangerExportPolicyList.class); - Mockito.when(conf.getVar(REPL_AUTHORIZATION_PROVIDER_SERVICE_ENDPOINT)).thenReturn("rangerEndpoint"); + Mockito.when(conf.get(RANGER_REST_URL)).thenReturn("rangerEndpoint"); Mockito.when(work.getSourceDbName()).thenReturn("srcdb"); Mockito.when(work.getTargetDbName()).thenReturn("tgtdb"); - Mockito.when(conf.getVar(REPL_RANGER_SERVICE_NAME)).thenReturn("hive"); + Mockito.when(conf.get(RANGER_HIVE_SERVICE_NAME)).thenReturn("hive"); Mockito.when(conf.getBoolVar(REPL_RANGER_ADD_DENY_POLICY_TARGET)).thenReturn(false); Path rangerDumpPath = new Path("/tmp"); Mockito.when(work.getCurrentDumpPath()).thenReturn(rangerDumpPath); Mockito.when(mockClient.readRangerPoliciesFromJsonFile(Mockito.any(), Mockito.any())).thenReturn(rangerPolicyList); + Mockito.when(work.getRangerConfigResource()).thenReturn(new URL("file://ranger.xml")); int status = task.execute(); Assert.assertEquals(0, status); ArgumentCaptor rangerPolicyCapture = ArgumentCaptor.forClass(RangerExportPolicyList.class);