sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pras...@apache.org
Subject [2/2] git commit: SENTRY-202: Sentry end to end tests which use ClusterDFS will need to explicitly add the policy file to HDFS (Sravya Tirukkovalur via Prasad Mujumdar)
Date Thu, 29 May 2014 22:56:33 GMT
SENTRY-202: Sentry end to end tests which use ClusterDFS will need to explicitly add the policy file to HDFS (Sravya Tirukkovalur via Prasad Mujumdar)


Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/a989b17b
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/a989b17b
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/a989b17b

Branch: refs/heads/master
Commit: a989b17b44e194b39fda03371fca9a91a09d3fb6
Parents: 0cd6251
Author: Prasad Mujumdar <prasadm@cloudera.com>
Authored: Thu May 29 15:56:09 2014 -0700
Committer: Prasad Mujumdar <prasadm@cloudera.com>
Committed: Thu May 29 15:56:09 2014 -0700

----------------------------------------------------------------------
 .../AbstractTestWithStaticConfiguration.java    | 11 +++
 .../sentry/tests/e2e/hive/TestCrossDbOps.java   | 41 ++++------
 .../sentry/tests/e2e/hive/TestEndToEnd.java     | 10 +--
 .../e2e/hive/TestExportImportPrivileges.java    |  8 +-
 .../e2e/hive/TestMetadataObjectRetrieval.java   | 82 +++++++++++---------
 .../tests/e2e/hive/TestMetadataPermissions.java |  5 +-
 .../tests/e2e/hive/TestMovingToProduction.java  | 28 +++----
 .../e2e/hive/TestPerDatabasePolicyFile.java     | 12 +--
 .../e2e/hive/TestPrivilegeAtTransform.java      |  9 +--
 .../e2e/hive/TestPrivilegesAtDatabaseScope.java | 19 ++---
 .../e2e/hive/TestPrivilegesAtFunctionScope.java |  9 +--
 .../e2e/hive/TestPrivilegesAtTableScope.java    | 29 ++++---
 .../e2e/hive/TestRuntimeMetadataRetrieval.java  | 33 ++++----
 .../tests/e2e/hive/TestUriPermissions.java      | 17 ++--
 .../tests/e2e/hive/TestUserManagement.java      | 45 ++++++-----
 15 files changed, 178 insertions(+), 180 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
index 2b36d80..96e4821 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java
@@ -21,6 +21,7 @@ import com.google.common.io.Files;
 import junit.framework.Assert;
 import org.apache.commons.io.FileUtils;
 import org.apache.hadoop.fs.FileSystem;
+import org.apache.sentry.provider.file.PolicyFile;
 import org.apache.sentry.tests.e2e.hive.fs.DFS;
 import org.apache.sentry.tests.e2e.hive.fs.DFSFactory;
 import org.apache.sentry.tests.e2e.hive.hiveserver.HiveServer;
@@ -138,6 +139,9 @@ public abstract class AbstractTestWithStaticConfiguration {
   @BeforeClass
   public static void setupTestStaticConfiguration()
       throws Exception {
+    if(!policy_on_hdfs) {
+      policy_on_hdfs = new Boolean(System.getProperty("sentry.e2etest.policyonhdfs", "false"));
+    }
     properties = Maps.newHashMap();
     baseDir = Files.createTempDir();
     LOGGER.info("BaseDir = " + baseDir);
@@ -163,6 +167,13 @@ public abstract class AbstractTestWithStaticConfiguration {
     hiveServer = HiveServerFactory.create(properties, baseDir, confDir, logDir, policyURI, fileSystem);
     hiveServer.start();
   }
+  protected void writePolicyFile(PolicyFile policyFile) throws Exception{
+
+    policyFile.write(context.getPolicyFile());
+    if(policy_on_hdfs) {
+      dfs.writePolicyFile(context.getPolicyFile());
+    }
+  }
 
   @Before
   public void setup() throws Exception{

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
index 7ef3975..64a51e4 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestCrossDbOps.java
@@ -50,6 +50,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
     policy_on_hdfs = true;
     AbstractTestWithStaticConfiguration.setupTestStaticConfiguration();
   }
+
   @Before
   public void setup() throws Exception {
     context = createContext();
@@ -87,8 +88,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("select_tab3", "server=server1->db=db2->table=tab3->action=select")
         .addPermissionsToRole("insert_tab2", "server=server1->db=db2->table=tab2->action=insert")
         .setUserGroupMapping(StaticUserGroup.getStaticMapping());
-    policyFile.write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+    writePolicyFile(policyFile);
 
     // admin create two databases
     Connection connection = context.createConnection(ADMIN1);
@@ -204,8 +204,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("select_tab3", "server=server1->db=db2->table=tab3->action=select")
         .addPermissionsToRole("insert_tab2", "server=server1->db=db2->table=tab2->action=insert")
         .setUserGroupMapping(StaticUserGroup.getStaticMapping());
-    policyFile.write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+    writePolicyFile(policyFile);
+
 
     // admin create two databases
     Connection connection = context.createConnection(ADMIN1);
@@ -363,8 +363,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("db2_all", "server=server1->db=" + DB2)
         .addPermissionsToRole("load_data", "server=server1->URI=file://" + dataFile.getPath())
         .setUserGroupMapping(StaticUserGroup.getStaticMapping());
-    policyFile.write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+    writePolicyFile(policyFile);
 
     dropDb(ADMIN1, DB1, DB2);
     createDb(ADMIN1, DB1, DB2);
@@ -393,9 +392,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
   @Test
   public void testAdminDbPrivileges() throws Exception {
     policyFile
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
@@ -425,8 +423,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("db1_tab2_all", "server=server1->db=db1->table=table_2")
         .addPermissionsToRole("db1_tab1_insert", "server=server1->db=db1->table=table_1->action=insert")
         .setUserGroupMapping(StaticUserGroup.getStaticMapping());
-    policyFile.write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+    writePolicyFile(policyFile);
 
     Connection adminCon = context.createConnection(ADMIN1);
     Statement adminStmt = context.createStatement(adminCon);
@@ -456,8 +453,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("db1_tab2_all", "server=server1->db=db1->table=table_2")
         .addRolesToGroup(USERGROUP1, "db1_tab2_all")
         .setUserGroupMapping(StaticUserGroup.getStaticMapping());
-    policyFile.write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+    writePolicyFile(policyFile);
 
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
@@ -502,9 +498,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addRolesToGroup(USERGROUP2, "db1_tab1_select")
         .addPermissionsToRole("db1_all", "server=server1->db=db1")
         .addPermissionsToRole("db1_tab1_select", "server=server1->db=db1->table=table_1->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // create dbs
     Connection adminCon = context.createConnection(ADMIN1);
@@ -580,9 +575,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
     policyFile
         .addPermissionsToRole(GROUP1_ROLE, ALL_DB1, ALL_DB2, loadData)
         .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     dropDb(ADMIN1, DB1, DB2);
     createDb(ADMIN1, DB1, DB2);
@@ -622,9 +616,7 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
     context.assertAuthzException(statement, "DROP DATABASE IF EXISTS " + DB2);
 
     policyFile.removePermissionsFromRole(GROUP1_ROLE, ALL_DB2);
-    policyFile.write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
-
+    writePolicyFile(policyFile);
     // create db1.view1 as select from db2.tbl2
     statement.execute("DROP VIEW IF EXISTS " + DB1 + "." + VIEW2);
     context.assertAuthzException(statement, "CREATE VIEW " + DB1 + "." + VIEW2 +
@@ -660,9 +652,8 @@ public class TestCrossDbOps extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("all_db2", "server=server1->db=db_2")
         .addPermissionsToRole("select_tb2", "server=server1->db=db_2->table=tb_1->action=select")
         .addPermissionsToRole("load_data", "server=server1->URI=file://" + dataFile.getPath())
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
-    dfs.writePolicyFile(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // admin create two databases
     dropDb(ADMIN1, DB1, DB2);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java
index 26a9274..6c87c65 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEnd.java
@@ -30,7 +30,6 @@ import org.junit.Test;
 import com.google.common.io.Resources;
 
 public class TestEndToEnd extends AbstractTestWithStaticConfiguration {
-  private Context context;
   private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
   private File dataFile;
   private PolicyFile policyFile;
@@ -69,9 +68,8 @@ public class TestEndToEnd extends AbstractTestWithStaticConfiguration {
   @Test
   public void testEndToEnd1() throws Exception {
     policyFile
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
-
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     String dbName1 = "db_1";
     String dbName2 = "productionDB";
     String tableName1 = "tb_1";
@@ -101,8 +99,8 @@ public class TestEndToEnd extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("select_tb1", "server=server1->db=productionDB->table=tb_1->action=select")
         .addPermissionsToRole("insert_tb2", "server=server1->db=productionDB->table=tb_2->action=insert")
         .addPermissionsToRole("insert_tb1", "server=server1->db=productionDB->table=tb_2->action=insert")
-        .addPermissionsToRole("data_uri", "server=server1->uri=file://" + dataDir.getPath())
-        .write(context.getPolicyFile());
+        .addPermissionsToRole("data_uri", "server=server1->uri=file://" + dataDir.getPath());
+    writePolicyFile(policyFile);
 
     // 4
     connection = context.createConnection(USER1_1);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
index 4355721..94ec018 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestExportImportPrivileges.java
@@ -64,8 +64,8 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat
         .addPermissionsToRole("db1_write", "server=server1->db=" + DB1 + "->table=" + TBL1 + "->action=INSERT")
         .addPermissionsToRole("db1_read", "server=server1->db=" + DB1 + "->table=" + TBL1 + "->action=SELECT")
         .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .addPermissionsToRole("data_dump", "server=server1->URI=" + dumpDir)
-        .write(context.getPolicyFile());
+        .addPermissionsToRole("data_dump", "server=server1->URI=" + dumpDir);
+    writePolicyFile(policyFile);
 
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
@@ -110,8 +110,8 @@ public class TestExportImportPrivileges extends AbstractTestWithStaticConfigurat
         .addPermissionsToRole("db1_all", "server=server1->db=" + DB1)
         .addPermissionsToRole("data_read", "server=server1->URI=file://" + dataFile.getPath())
         .addPermissionsToRole("data_export", "server=server1->URI=" + exportDir)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
index 667ebb5..8657b04 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataObjectRetrieval.java
@@ -33,8 +33,7 @@ import org.junit.Test;
 
 import com.google.common.io.Resources;
 
-public class TestMetadataObjectRetrieval extends
-AbstractTestWithStaticConfiguration {
+public class TestMetadataObjectRetrieval extends AbstractTestWithStaticConfiguration {
   private PolicyFile policyFile;
   private File dataFile;
 
@@ -155,21 +154,22 @@ AbstractTestWithStaticConfiguration {
     policyFile
         .addPermissionsToRole(GROUP1_ROLE, "server=server1->db=" + DB1 + "->table=" + TBL2)
         .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
     createTable(ADMIN1, DB1, dataFile, TBL1);
     positiveDescribeShowTests(ADMIN1, DB1, TBL1);
     negativeDescribeShowTests(USER1_1, DB1, TBL1);
-    policyFile
-    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL1)
-    .write(context.getPolicyFile());
+
+    policyFile.addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL1);
+    writePolicyFile(policyFile);
     positiveDescribeShowTests(USER1_1, DB1, TBL1);
+
     policyFile.removePermissionsFromRole(GROUP1_ROLE, SELECT_DB1_TBL1);
     policyFile
-    .addPermissionsToRole(GROUP1_ROLE, INSERT_DB1_TBL1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, INSERT_DB1_TBL1);
+    writePolicyFile(policyFile);
     positiveDescribeShowTests(USER1_1, DB1, TBL1);
   }
 
@@ -193,8 +193,9 @@ AbstractTestWithStaticConfiguration {
     policyFile
       .addPermissionsToRole(GROUP1_ROLE, "server=server1->db=" + DB1)
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
+
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
     createTable(ADMIN1, DB1, dataFile, TBL1);
@@ -223,8 +224,8 @@ AbstractTestWithStaticConfiguration {
     policyFile
       .addPermissionsToRole(GROUP1_ROLE, "server=server1->db=" + DB1 + "->table=" + VIEW1)
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
     createTable(ADMIN1, DB1, dataFile, TBL1);
@@ -259,8 +260,8 @@ AbstractTestWithStaticConfiguration {
     policyFile
       .addPermissionsToRole(GROUP1_ROLE, "server=server1->db=" + DB1 + "->table=" + TBL1)
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
     createTable(ADMIN1, DB1, dataFile, TBL1);
@@ -280,8 +281,8 @@ AbstractTestWithStaticConfiguration {
     policyFile
       .addPermissionsToRole(GROUP1_ROLE, "server=server1->db=" + DB1)
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1, DB2);
     createDb(ADMIN1, DB1, DB2);
     createTable(ADMIN1, DB1, dataFile, TBL1);
@@ -299,8 +300,9 @@ AbstractTestWithStaticConfiguration {
     assertTrue(statement.executeQuery("DESCRIBE DATABASE EXTENDED " + DB1).next());
     context.assertAuthzException(statement, "DESCRIBE DATABASE " + DB2);
     context.assertAuthzException(statement, "DESCRIBE DATABASE EXTENDED " + DB2);
-    policyFile.addPermissionsToRole(GROUP1_ROLE, INSERT_DB2_TBL1)
-    .write(context.getPolicyFile());
+
+    policyFile.addPermissionsToRole(GROUP1_ROLE, INSERT_DB2_TBL1);
+    writePolicyFile(policyFile);
     context.assertAuthzException(statement, "DESCRIBE DATABASE " + DB2);
     context.assertAuthzException(statement, "DESCRIBE DATABASE EXTENDED " + DB2);
     statement.close();
@@ -316,8 +318,8 @@ AbstractTestWithStaticConfiguration {
       .addPermissionsToRole(GROUP1_ROLE, "server=server1->db=default->table=" + TBL1 + "->action=select",
         "server=server1->db=" + DB1 + "->table=" + TBL1 + "->action=select")
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1, DB2);
     createDb(ADMIN1, DB1, DB2);
     Connection connection = context.createConnection(ADMIN1);
@@ -350,8 +352,8 @@ AbstractTestWithStaticConfiguration {
     // grant privilege to non-existent table to allow use db1
     policyFile.addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_NONTABLE)
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
     createTable(ADMIN1, DB1, dataFile, TBL1);
@@ -373,17 +375,20 @@ AbstractTestWithStaticConfiguration {
     statement = context.createStatement(connection);
     statement.execute("USE " + DB1);
     context.assertAuthzException(statement, "SHOW INDEX ON " + TBL1);
+
     policyFile
-    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_VIEW1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_VIEW1);
+    writePolicyFile(policyFile);
     context.assertAuthzException(statement, "SHOW INDEX ON " + TBL1);
+
     policyFile.removePermissionsFromRole(GROUP1_ROLE, SELECT_DB1_VIEW1)
-    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL1);
+    writePolicyFile(policyFile);
     verifyIndex(statement, TBL1, INDEX1);
+
     policyFile.removePermissionsFromRole(GROUP1_ROLE, SELECT_DB1_TBL1)
-    .addPermissionsToRole(GROUP1_ROLE, INSERT_DB1_TBL1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, INSERT_DB1_TBL1);
+    writePolicyFile(policyFile);
     verifyIndex(statement, TBL1, INDEX1);
     statement.close();
     connection.close();
@@ -408,8 +413,8 @@ AbstractTestWithStaticConfiguration {
     // grant privilege to non-existent table to allow use db1
     policyFile.addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_NONTABLE)
       .addRolesToGroup(USERGROUP1, GROUP1_ROLE)
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     dropDb(ADMIN1, DB1);
     createDb(ADMIN1, DB1);
     Connection connection = context.createConnection(ADMIN1);
@@ -428,18 +433,21 @@ AbstractTestWithStaticConfiguration {
     statement = context.createStatement(connection);
     statement.execute("USE " + DB1);
     context.assertAuthzException(statement, "SHOW PARTITIONS " + TBL1);
+
     policyFile
-    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_VIEW1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_VIEW1);
+    writePolicyFile(policyFile);
     context.assertAuthzException(statement, "SHOW PARTITIONS " + TBL1);
+
     policyFile
     .removePermissionsFromRole(GROUP1_ROLE, SELECT_DB1_VIEW1)
-    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, SELECT_DB1_TBL1);
+    writePolicyFile(policyFile);
     verifyParition(statement, TBL1);
+
     policyFile.removePermissionsFromRole(GROUP1_ROLE, SELECT_DB1_TBL1)
-    .addPermissionsToRole(GROUP1_ROLE, INSERT_DB1_TBL1)
-    .write(context.getPolicyFile());
+    .addPermissionsToRole(GROUP1_ROLE, INSERT_DB1_TBL1);
+    writePolicyFile(policyFile);
     verifyParition(statement, TBL1);
     statement.close();
     connection.close();

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java
index d5e2f1a..ad50bf0 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMetadataPermissions.java
@@ -28,7 +28,6 @@ import org.junit.Test;
 
 
 public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration {
-  private Context context;
   private PolicyFile policyFile;
 
   @Before
@@ -41,8 +40,8 @@ public class TestMetadataPermissions extends AbstractTestWithStaticConfiguration
         .addRolesToGroup(USERGROUP2, "db1_all")
         .addPermissionsToRole("db1_all", "server=server1->db=db1")
         .addPermissionsToRole("db2_all", "server=server1->db=db2")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     Connection adminCon = context.createConnection(ADMIN1);
     Statement adminStmt = context.createStatement(adminCon);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java
index a53bffe..d5061b7 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestMovingToProduction.java
@@ -34,7 +34,6 @@ import org.junit.Test;
 import com.google.common.io.Resources;
 
 public class TestMovingToProduction extends AbstractTestWithStaticConfiguration {
-  private Context context;
   private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
   private PolicyFile policyFile;
 
@@ -78,8 +77,8 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration
         .addRolesToGroup(USERGROUP1, "all_db1", "load_data", "select_proddb_tbl1", "insert_proddb_tbl1")
         .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataDir.getPath())
         .addPermissionsToRole("all_db1", "server=server1->db=db_1")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     String dbName1 = "db_1";
     String dbName2 = "proddb";
@@ -108,8 +107,8 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration
         + "' INTO TABLE " + tableName1);
 
     policyFile
-        .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=insert")
-        .write(context.getPolicyFile());
+        .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=insert");
+    writePolicyFile(policyFile);
     statement.execute("USE " + dbName2);
     statement.execute("INSERT OVERWRITE TABLE "
         + tableName1 + " SELECT * FROM " + dbName1
@@ -117,8 +116,9 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration
 
     // b
     policyFile
-        .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=select")
-        .write(context.getPolicyFile());
+        .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=select");
+    writePolicyFile(policyFile);
+
     ResultSet resultSet = statement.executeQuery("SELECT * FROM " + tableName1 + " LIMIT 10");
     int count = 0;
     while(resultSet.next()) {
@@ -159,8 +159,8 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration
         .addRolesToGroup(USERGROUP1, "all_db1", "load_data", "select_proddb_tbl1", "insert_proddb_tbl1")
         .addPermissionsToRole("all_db1", "server=server1->db=db_1")
         .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataDir.getPath())
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     String dbName1 = "db_1";
     String dbName2 = "proddb";
@@ -187,16 +187,18 @@ public class TestMovingToProduction extends AbstractTestWithStaticConfiguration
         + "' INTO TABLE " + dbName1 + "." + tableName1);
 
     policyFile
-        .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=insert")
-        .write(context.getPolicyFile());
+        .addPermissionsToRole("insert_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=insert");
+    writePolicyFile(policyFile);
+
     statement.execute("INSERT OVERWRITE TABLE "
         + dbName2 + "." + tableName1 + " SELECT * FROM " + dbName1
         + "." + tableName1);
 
     // b
     policyFile
-        .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=select")
-        .write(context.getPolicyFile());
+        .addPermissionsToRole("select_proddb_tbl1", "server=server1->db=proddb->table=tb_1->action=select");
+    writePolicyFile(policyFile);
+
     assertTrue("user1 should be able to select data from "
         + dbName2 + "." + dbName2 + "." + tableName1, statement.execute("SELECT * FROM "
             + dbName2 + "." + tableName1 + " LIMIT 10"));

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDatabasePolicyFile.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDatabasePolicyFile.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDatabasePolicyFile.java
index 5c7c7d1..85c83af 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDatabasePolicyFile.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDatabasePolicyFile.java
@@ -30,9 +30,7 @@ import java.sql.Statement;
 
 public class TestPerDatabasePolicyFile extends AbstractTestWithStaticConfiguration {
   private static final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
-  private Context context;
   private PolicyFile policyFile;
-  private File globalPolicyFile;
   private File dataDir;
   private File dataFile;
 
@@ -40,7 +38,6 @@ public class TestPerDatabasePolicyFile extends AbstractTestWithStaticConfigurati
   public void setup() throws Exception {
     policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
     context = createContext();
-    globalPolicyFile = context.getPolicyFile();
     dataDir = context.getDataDir();
     dataFile = new File(dataDir, SINGLE_TYPE_DATA_FILE_NAME);
     FileOutputStream to = new FileOutputStream(dataFile);
@@ -97,8 +94,9 @@ public class TestPerDatabasePolicyFile extends AbstractTestWithStaticConfigurati
   public void doTestDbSpecificFileGrants(String grant) throws Exception {
 
     policyFile
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
+
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -116,9 +114,7 @@ public class TestPerDatabasePolicyFile extends AbstractTestWithStaticConfigurati
     specificPolicyFile.write(specificPolicyFileFile);
 
     policyFile.addDatabase("db2", specificPolicyFileFile.getPath());
-    policyFile.write(context.getPolicyFile());
-
-
+    writePolicyFile(policyFile);
 
     // test execution
     connection = context.createConnection(USER1_1);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegeAtTransform.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegeAtTransform.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegeAtTransform.java
index 93a3704..732632b 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegeAtTransform.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegeAtTransform.java
@@ -32,7 +32,6 @@ import org.junit.Test;
 import com.google.common.io.Resources;
 
 public class TestPrivilegeAtTransform extends AbstractTestWithStaticConfiguration {
-  private Context context;
   private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
   private File dataDir;
   private File dataFile;
@@ -70,8 +69,8 @@ public class TestPrivilegeAtTransform extends AbstractTestWithStaticConfiguratio
     policyFile
       .addPermissionsToRole("all_db1", "server=server1->db=db_1")
       .addRolesToGroup(USERGROUP1, "all_db1")
-      .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-      .write(context.getPolicyFile());
+      .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // verify by SQL
     // 1, 2
@@ -103,14 +102,14 @@ public class TestPrivilegeAtTransform extends AbstractTestWithStaticConfiguratio
       .addPermissionsToRole("select_tb1", "server=server1->db=db_1->table=tb_1->action=select")
       .addPermissionsToRole("insert_tb1", "server=server1->db=db_1->table=tb_1->action=insert")
       .addRolesToGroup(USERGROUP1, "select_tb1", "insert_tb1");
-    policyFile.write(context.getPolicyFile());
+    writePolicyFile(policyFile);
     context.assertAuthzExecHookException(statement, query);
 
     // 5
     policyFile
       .addPermissionsToRole("all_server1", "server=server1")
       .addRolesToGroup(USERGROUP1, "all_server1");
-    policyFile.write(context.getPolicyFile());
+    writePolicyFile(policyFile);
     assertTrue(query, statement.execute(query));
     statement.close();
     connection.close();

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
index 416411c..75979fb 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtDatabaseScope.java
@@ -43,7 +43,6 @@ import com.google.common.io.Resources;
 
 public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfiguration {
 
-  private Context context;
   private PolicyFile policyFile;
 
   Map <String, String >testProperties;
@@ -83,8 +82,8 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
         .addPermissionsToRole("all_db1", "server=server1->db=DB_1")
         .addPermissionsToRole("all_db2", "server=server1->db=DB_2")
         .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataFile.getPath())
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -199,8 +198,8 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
         .addPermissionsToRole("all_db2", "server=server1->db=DB_2")
         .addPermissionsToRole("exttab", "server=server1->uri=file://" + dataDir.getPath())
         .addPermissionsToRole("load_data", "server=server1->uri=file://" + dataFile.getPath())
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -316,8 +315,9 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
         .addPermissionsToRole("all_db1", "server=server1->db=DB_1")
         .addPermissionsToRole("select_db2", "server=server1->db=DB_2->table=tab_2->action=select")
         .addPermissionsToRole("all_db3", "server=server1->db=DB_3")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
+
 
 
     // setup db objects needed by the test
@@ -379,8 +379,9 @@ public class TestPrivilegesAtDatabaseScope extends AbstractTestWithStaticConfigu
         .addPermissionsToRole("all_db1", "server=server1->db=DB_1")
         .addPermissionsToRole("select_db2", "server=server1->db=DB_2->table=tab_2->action=select")
         .addPermissionsToRole("all_default", "server=server1->db=default")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
+
 
     Connection connection = context.createConnection(ADMIN1);
     Statement statement = context.createStatement(connection);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
index 976c3e9..e66bb15 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtFunctionScope.java
@@ -34,7 +34,6 @@ import org.junit.Test;
 import com.google.common.io.Resources;
 
 public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfiguration {
-  private Context context;
   private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
   private File dataDir;
   private File dataFile;
@@ -78,8 +77,8 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
         .addPermissionsToRole("db1_all", "server=server1->db=" + dbName1)
         .addPermissionsToRole("db1_tab1", "server=server1->db=" + dbName1 + "->table=" + tableName1)
         .addPermissionsToRole("UDF_JAR", "server=server1->uri=file://" + udfSrc.getLocation().getPath())
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     Connection connection = context.createConnection(ADMIN1);
     Statement statement = context.createStatement(connection);
@@ -155,8 +154,8 @@ public class TestPrivilegesAtFunctionScope extends AbstractTestWithStaticConfigu
         .addPermissionsToRole("db1_all", "server=server1->db=" + dbName1)
         .addPermissionsToRole("db1_tab1", "server=server1->db=" + dbName1 + "->table=" + tableName1)
         .addPermissionsToRole("UDF_JAR", "server=server1->uri=file://${user.home}/.m2")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     Connection connection = context.createConnection(ADMIN1);
     Statement statement = connection.createStatement();

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
index 56ed06a..35afc6f 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPrivilegesAtTableScope.java
@@ -42,7 +42,6 @@ import com.google.common.io.Resources;
 
 public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfiguration {
 
-  private Context context;
   private PolicyFile policyFile;
 
   private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
@@ -80,8 +79,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addPermissionsToRole("select_tab1", "server=server1->db=DB_1->table=TAB_1->action=select")
         .addPermissionsToRole("insert_tab1", "server=server1->db=DB_1->table=TAB_1->action=insert")
         .addPermissionsToRole("select_tab2", "server=server1->db=DB_1->table=TAB_2->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -176,8 +175,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addRolesToGroup(USERGROUP1, "insert_tab1", "select_tab2")
         .addPermissionsToRole("insert_tab1", "server=server1->db=DB_1->table=TAB_1->action=insert")
         .addPermissionsToRole("select_tab2", "server=server1->db=DB_1->table=TAB_2->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -264,8 +263,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addPermissionsToRole("select_tab1", "server=server1->db=DB_1->table=TAB_1->action=select")
         .addPermissionsToRole("insert_tab1", "server=server1->db=DB_1->table=TAB_1->action=insert")
         .addPermissionsToRole("select_tab2", "server=server1->db=DB_1->table=TAB_2->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -352,8 +351,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addRolesToGroup(USERGROUP1, "select_tab1", "select_tab2")
         .addPermissionsToRole("select_tab1", "server=server1->db=DB_1->table=TAB_1->action=select")
         .addPermissionsToRole("select_tab2", "server=server1->db=DB_1->table=TAB_2->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -430,8 +429,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addRolesToGroup(USERGROUP1, "select_tab2")
         .addPermissionsToRole("select_tab1", "server=server1->db=DB_1->table=TAB_1->action=select")
         .addPermissionsToRole("select_tab2", "server=server1->db=DB_1->table=TAB_2->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -515,8 +514,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addRolesToGroup(USERGROUP1, "select_tab2", "select_view1")
         .addPermissionsToRole("select_view1", "server=server1->db=DB_1->table=VIEW_1->action=select")
         .addPermissionsToRole("select_tab2", "server=server1->db=DB_1->table=TAB_2->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);
@@ -616,8 +615,8 @@ public class TestPrivilegesAtTableScope extends AbstractTestWithStaticConfigurat
         .addRolesToGroup(USERGROUP1, "select_tab1", "select_view1")
         .addPermissionsToRole("select_view1", "server=server1->db=DB_1->table=VIEW_1->action=select")
         .addPermissionsToRole("select_tab1", "server=server1->db=DB_1->table=TAB_1->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // setup db objects needed by the test
     Connection connection = context.createConnection(ADMIN1);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
index 9e9aec3..217b927 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestRuntimeMetadataRetrieval.java
@@ -39,10 +39,7 @@ import com.google.common.io.Resources;
  * access privilege validation which is handled in semantic hooks, these
  * statements are validaed via a runtime fetch hook
  */
-public class TestRuntimeMetadataRetrieval
-    extends
-      AbstractTestWithStaticConfiguration {
-  private Context context;
+public class TestRuntimeMetadataRetrieval extends AbstractTestWithStaticConfiguration {
   private PolicyFile policyFile;
   private final String SINGLE_TYPE_DATA_FILE_NAME = "kv1.dat";
   private File dataDir;
@@ -86,8 +83,8 @@ public class TestRuntimeMetadataRetrieval
             + tableNames[1] + "->action=insert")
         .addPermissionsToRole("tab3_priv", "server=server1->db=" + dbName1 + "->table="
             + tableNames[2] + "->action=select")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     String user1TableNames[] = {"tb_1", "tb_2", "tb_3"};
 
@@ -129,8 +126,8 @@ public class TestRuntimeMetadataRetrieval
     policyFile
         .addRolesToGroup(USERGROUP1, "db_priv")
         .addPermissionsToRole("db_priv", "server=server1->db=" + dbName1)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     String user1TableNames[] = {"tb_1", "tb_2", "tb_3", "tb_4"};
 
@@ -172,8 +169,8 @@ public class TestRuntimeMetadataRetrieval
         .addRolesToGroup(USERGROUP1, "tab_priv")
         .addPermissionsToRole("tab_priv", "server=server1->db=" + dbName1 + "->table="
             + tableNames[3] + "->action=insert")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     String adminTableNames[] = {"tb_3", "newtab_3", "tb_2", "tb_1"};
     String user1TableNames[] = {"newtab_3"};
@@ -214,8 +211,8 @@ public class TestRuntimeMetadataRetrieval
     policyFile
         .addRolesToGroup(USERGROUP1, "tab_priv")
         .addPermissionsToRole("tab_priv", "server=server1->db=" + dbName1)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     String adminTableNames[] = {"tb_3", "newtab_3", "tb_1", "tb_2"};
     String user1TableNames[] = {"tb_3", "newtab_3", "tb_1", "tb_2"};
@@ -252,8 +249,8 @@ public class TestRuntimeMetadataRetrieval
 
     policyFile
         .addRolesToGroup(USERGROUP1, "db_priv")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
     Connection connection = context.createConnection(ADMIN1);
     Statement statement = context.createStatement(connection);
     createTabs(statement, "default", tableNames);
@@ -281,8 +278,8 @@ public class TestRuntimeMetadataRetrieval
     policyFile
         .addRolesToGroup(USERGROUP1, "db1_all")
         .addPermissionsToRole("db1_all", "server=server1->db=db_1")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     Connection connection = context.createConnection(ADMIN1);
     Statement statement = context.createStatement(connection);
@@ -321,8 +318,8 @@ public class TestRuntimeMetadataRetrieval
         .addRolesToGroup(USERGROUP1, "db1_tab,db2_tab")
         .addPermissionsToRole("db1_tab", "server=server1->db=db_1->table=tb_1->action=select")
         .addPermissionsToRole("db2_tab", "server=server1->db=db_2->table=tb_1->action=insert")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // verify by SQL
     // 1, 2

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
index d9330cb..3aae711 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUriPermissions.java
@@ -29,7 +29,6 @@ import org.junit.Before;
 import org.junit.Test;
 
 public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
-  private Context context;
   private PolicyFile policyFile;
 
   private static final String dataFile = "/kv1.dat";
@@ -63,8 +62,8 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("db1_read", "server=server1->db=" + dbName + "->table=" + tabName + "->action=SELECT")
         .addPermissionsToRole("data_read", "server=server1->URI=file://" + dataFilePath
             + ", server=server1->URI=file://" + dataFilePath)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // create dbs
     Connection adminCon = context.createConnection(ADMIN1);
@@ -116,8 +115,8 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("db1_all", "server=server1->db=" + dbName)
         .addPermissionsToRole("db1_tab1_all", "server=server1->db=" + dbName + "->table=" + tabName)
         .addPermissionsToRole("data_read", "server=server1->URI=" + tabDir)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // create dbs
     Connection adminCon = context.createConnection(ADMIN1);
@@ -192,8 +191,8 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("db1_all", "server=server1->db=" + dbName)
         .addPermissionsToRole("data_read", "server=server1->URI=" + tabDir)
         .addPermissionsToRole("server1_all", "server=server1")
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // create dbs
     Connection adminCon = context.createConnection(ADMIN1);
@@ -234,8 +233,8 @@ public class TestUriPermissions extends AbstractTestWithStaticConfiguration {
         .addRolesToGroup(USERGROUP2, "db1_all")
         .addPermissionsToRole("db1_all", "server=server1->db=" + dbName)
         .addPermissionsToRole("data_read", "server=server1->URI=" + tableDir)
-        .setUserGroupMapping(StaticUserGroup.getStaticMapping())
-        .write(context.getPolicyFile());
+        .setUserGroupMapping(StaticUserGroup.getStaticMapping());
+    writePolicyFile(policyFile);
 
     // create dbs
     Connection adminCon = context.createConnection(ADMIN1);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/a989b17b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
index e1cf073..3fd48f8 100644
--- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
+++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUserManagement.java
@@ -40,7 +40,6 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
   private static final String tableName = "t1";
   private static final String tableComment = "Test table";
   private File dataFile;
-  private Context context;
   private PolicyFile policyFile;
 
   @Before
@@ -111,8 +110,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
   public void testSanity() throws Exception {
     policyFile = PolicyFile.setAdminOnServer1(ADMINGROUP);
     policyFile
-        .addGroupsToUser("admin1", ADMINGROUP)
-        .write(context.getPolicyFile());
+        .addGroupsToUser("admin1", ADMINGROUP);
+    writePolicyFile(policyFile);
     doCreateDbLoadDataDropDb("admin1", "admin1");
   }
 
@@ -125,8 +124,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
     policyFile
         .addGroupsToUser("admin1", ADMINGROUP)
         .addGroupsToUser("admin2", ADMINGROUP)
-        .addGroupsToUser("admin3", ADMINGROUP)
-        .write(context.getPolicyFile());
+        .addGroupsToUser("admin3", ADMINGROUP);
+    writePolicyFile(policyFile);
 
     doCreateDbLoadDataDropDb("admin1", "admin1", "admin2", "admin3");
   }
@@ -141,8 +140,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
     policyFile
         .addGroupsToUser("admin1", ADMINGROUP)
         .addGroupsToUser("admin2", ADMINGROUP)
-        .addGroupsToUser("admin3", ADMINGROUP)
-        .write(context.getPolicyFile());
+        .addGroupsToUser("admin3", ADMINGROUP);
+    writePolicyFile(policyFile);
     doCreateDbLoadDataDropDb("admin1", "admin1", "admin2", "admin3");
 
     // remove admin1 from admin group
@@ -169,8 +168,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole(ADMINGROUP, "server=server1")
         .addGroupsToUser("admin1", "admin_group1", "admin_group2")
         .addGroupsToUser("admin2", "admin_group1", "admin_group2")
-        .addGroupsToUser("admin3", "admin_group1", "admin_group2")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("admin3", "admin_group1", "admin_group2");
+    writePolicyFile(policyFile);
     doCreateDbLoadDataDropDb("admin1", "admin1", "admin2", "admin3");
   }
 
@@ -184,8 +183,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addGroupsToUser("admin1", ADMINGROUP)
         .addRolesToGroup("group1", "non_admin_role")
         .addPermissionsToRole("non_admin_role", "server=server1->db=" + dbName)
-        .addGroupsToUser("user1", "group1")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user1", "group1");
+    writePolicyFile(policyFile);
 
     doCreateDbLoadDataDropDb("admin1", "admin1");
     Connection connection = context.createConnection("user1");
@@ -207,8 +206,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("analytics", "server=server1->db=" + dbName)
         .addGroupsToUser("user1", "group1")
         .addGroupsToUser("user2", "group1")
-        .addGroupsToUser("user3", "group1")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user3", "group1");
+    writePolicyFile(policyFile);
     doCreateDbLoadDataDropDb("user1", "user1", "user2", "user3");
   }
   /**
@@ -223,8 +222,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("non_admin_role", "server=server1->db=" + dbName)
         .addGroupsToUser("user1", "group1")
         .addGroupsToUser("user2", "group1")
-        .addGroupsToUser("user3", "group1")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user3", "group1");
+    writePolicyFile(policyFile);
 
     doDropDb("admin1");
     for(String user : new String[]{"user1", "user2", "user3"}) {
@@ -257,8 +256,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("load_data", "server=server1->URI=file://" + dataFile.getPath())
         .addGroupsToUser("group1", "group1")
         .addGroupsToUser("user2", "group1")
-        .addGroupsToUser("user3", "group1")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user3", "group1");
+    writePolicyFile(policyFile);
 
     doDropDb("admin1");
     for(String user : new String[]{"group1", "user2", "user3"}) {
@@ -281,8 +280,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole("load_data", "server=server1->URI=file://" + dataFile.getPath())
         .addGroupsToUser("user1", "group1~!@#$%^&*()+-")
         .addGroupsToUser("user2", "group1~!@#$%^&*()+-")
-        .addGroupsToUser("user3", "group1~!@#$%^&*()+-")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user3", "group1~!@#$%^&*()+-");
+    writePolicyFile(policyFile);
 
     doDropDb("admin1");
     for(String user : new String[]{"user1", "user2", "user3"}) {
@@ -303,8 +302,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addPermissionsToRole(ADMINGROUP, "server=server1")
         .addGroupsToUser("user1~!@#$%^&*()+-", "group1")
         .addGroupsToUser("user2", "group1")
-        .addGroupsToUser("user3", "group1")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user3", "group1");
+    writePolicyFile(policyFile);
     doCreateDbLoadDataDropDb("user1~!@#$%^&*()+-", "user1~!@#$%^&*()+-", "user2", "user3");
   }
 
@@ -319,8 +318,8 @@ public class TestUserManagement extends AbstractTestWithStaticConfiguration {
         .addRolesToGroup("group1", "analytics")
         .addGroupsToUser("user1", "group1")
         .addGroupsToUser("user2", "group1")
-        .addGroupsToUser("user3", "group1")
-        .write(context.getPolicyFile());
+        .addGroupsToUser("user3", "group1");
+    writePolicyFile(policyFile);
 
     Connection connection = context.createConnection("admin1");
     Statement statement = connection.createStatement();


Mime
View raw message