From 5f5f85d6b6ac2700df926d4131c855897e6e02ee Mon Sep 17 00:00:00 2001 From: Kent Yao Date: Wed, 5 Dec 2018 18:33:54 +0800 Subject: [PATCH] add it --- .../session/KyuubiSessionSecuredSuite.scala | 67 +++++++++++++++++++ .../kyuubi/session/KyuubiSessionSuite.scala | 1 + .../security/HiveTokenCollectorSuite.scala | 44 ++++++++++++ 3 files changed, 112 insertions(+) create mode 100644 kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSecuredSuite.scala create mode 100644 kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/security/HiveTokenCollectorSuite.scala diff --git a/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSecuredSuite.scala b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSecuredSuite.scala new file mode 100644 index 000000000..7ad19d908 --- /dev/null +++ b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSecuredSuite.scala @@ -0,0 +1,67 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package yaooqinn.kyuubi.session + +import org.apache.hive.service.cli.thrift.TProtocolVersion +import org.apache.spark.{KyuubiConf, KyuubiSparkUtil} + +import yaooqinn.kyuubi.SecuredFunSuite +import yaooqinn.kyuubi.server.KyuubiServer +import yaooqinn.kyuubi.ui.KyuubiServerMonitor + +class KyuubiSessionSecuredSuite extends KyuubiSessionSuite with SecuredFunSuite { + + override def beforeAll(): Unit = { + System.setProperty(KyuubiConf.FRONTEND_BIND_PORT.key, "0") + System.setProperty("spark.master", "local") + System.setProperty("spark.hadoop.yarn.resourcemanager.principal", "yarn/_HOST@KENT.KYUUBI.COM") + + server = KyuubiServer.startKyuubiServer() + val be = server.beService + val sessionMgr = be.getSessionManager + val operationMgr = sessionMgr.getOperationMgr + val user = "Kent" + val passwd = "" + val ip = "" + val imper = true + val proto = TProtocolVersion.HIVE_CLI_SERVICE_PROTOCOL_V8 + tryWithSecurityEnabled { + session = + new KyuubiSession(proto, user, passwd, server.getConf, ip, imper, sessionMgr, operationMgr) + } + session.open(Map.empty) + KyuubiServerMonitor.getListener(user) + .foreach(_.onSessionCreated( + session.getIpAddress, session.getSessionHandle.getSessionId.toString, user)) + spark = session.sparkSession + super.beforeAll() + } + + override def afterAll(): Unit = { + System.clearProperty(KyuubiConf.FRONTEND_BIND_PORT.key) + System.clearProperty("spark.master") + System.clearProperty("spark.hadoop.yarn.resourcemanager.principal") + if (session != null) { + if (session.sparkSession != null) session.sparkSession.stop() + session.close() + } + if (server != null) server.stop() + super.afterAll() + } + +} diff --git a/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSuite.scala b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSuite.scala index 6c501e38c..d712dd0c7 100644 --- a/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSuite.scala +++ b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/KyuubiSessionSuite.scala @@ -60,6 +60,7 @@ class KyuubiSessionSuite extends SparkFunSuite { spark = session.sparkSession super.beforeAll() } + override def afterAll(): Unit = { System.clearProperty(KyuubiConf.FRONTEND_BIND_PORT.key) System.clearProperty("spark.master") diff --git a/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/security/HiveTokenCollectorSuite.scala b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/security/HiveTokenCollectorSuite.scala new file mode 100644 index 000000000..203c460d7 --- /dev/null +++ b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/session/security/HiveTokenCollectorSuite.scala @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package yaooqinn.kyuubi.session.security + +import org.apache.spark.{KyuubiSparkUtil, SparkConf, SparkFunSuite} + +import yaooqinn.kyuubi.SecuredFunSuite +import yaooqinn.kyuubi.utils.KyuubiHiveUtil + +class HiveTokenCollectorSuite extends SparkFunSuite with SecuredFunSuite { + + test("token required") { + val conf = new SparkConf() + assert(!HiveTokenCollector.tokensRequired(conf)) + + tryWithSecurityEnabled { + assert(!HiveTokenCollector.tokensRequired(conf)) + conf.set(KyuubiSparkUtil.SPARK_HADOOP_PREFIX + KyuubiHiveUtil.URIS, "thrift://kyuubi:9093") + assert(HiveTokenCollector.tokensRequired(conf)) + } + } + + test("obtain tokens") { + val conf = new SparkConf() + HiveTokenCollector.obtainTokens(conf) + conf.set(KyuubiSparkUtil.SPARK_HADOOP_PREFIX + KyuubiHiveUtil.URIS, "thrift://kyuubi:9093") + HiveTokenCollector.obtainTokens(conf) + } +}