sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] sentry git commit: SENTRY-1997 - Bump sqoop dependency version to 1.99.7. Colm O hEigeartaigh, reviewed by Sergio Pena.
Date Tue, 07 Nov 2017 16:57:15 GMT
SENTRY-1997 - Bump sqoop dependency version to 1.99.7. Colm O hEigeartaigh, reviewed by Sergio Pena.


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/e23fc4ef
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/e23fc4ef
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/e23fc4ef

Branch: refs/heads/master
Commit: e23fc4ef88b1ba2170d97aaa563bedc9ba521c7e
Parents: a001e44
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Nov 7 16:56:45 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Nov 7 16:56:45 2017 +0000

----------------------------------------------------------------------
 pom.xml                                         |   2 +-
 sentry-tests/sentry-tests-sqoop/pom.xml         |  69 +---
 .../e2e/sqoop/AbstractSqoopSentryTestBase.java  |   7 +-
 .../tests/e2e/sqoop/JettySqoopRunner.java       | 239 ++++++++++++++
 .../tests/e2e/sqoop/TestConnectorEndToEnd.java  |  11 +-
 .../tests/e2e/sqoop/TestGrantPrivilege.java     |  70 ++--
 .../sentry/tests/e2e/sqoop/TestJobEndToEnd.java | 139 ++++----
 .../tests/e2e/sqoop/TestLinkEndToEnd.java       |  96 +++---
 .../tests/e2e/sqoop/TestOwnerPrivilege.java     |  59 ++--
 .../tests/e2e/sqoop/TestRevokePrivilege.java    |  56 ++--
 .../e2e/sqoop/TestServerScopeEndToEnd.java      |  75 +++--
 .../tests/e2e/sqoop/TestShowPrivilege.java      |  14 +-
 .../tests/e2e/sqoop/TomcatSqoopRunner.java      | 318 -------------------
 13 files changed, 553 insertions(+), 602 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index af54480..bea2c5f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -91,7 +91,7 @@ limitations under the License.
     <shiro.version>1.4.0</shiro.version>
     <slf4j.version>1.7.25</slf4j.version>
     <solr.version>4.10.2</solr.version>
-    <sqoop.version>1.99.6</sqoop.version>
+    <sqoop.version>1.99.7</sqoop.version>
     <surefire.version>2.20.1</surefire.version>
     <test.sentry.hadoop.classpath>${maven.test.classpath}</test.sentry.hadoop.classpath>
     <zookeeper.version>3.4.5</zookeeper.version>

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/pom.xml b/sentry-tests/sentry-tests-sqoop/pom.xml
index 6723c4d..7a1ac1c 100644
--- a/sentry-tests/sentry-tests-sqoop/pom.xml
+++ b/sentry-tests/sentry-tests-sqoop/pom.xml
@@ -42,6 +42,12 @@ limitations under the License.
     <dependency>
       <groupId>org.apache.sqoop</groupId>
       <artifactId>test</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.testng</groupId>
+          <artifactId>testng</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.apache.hadoop</groupId>
@@ -116,56 +122,15 @@ limitations under the License.
       <version>${datanucleus-jdo.version}</version>
     </dependency>
   </dependencies>
-  <profiles>
-    <profile>
-      <id>download-sqoop2</id>
-      <activation>
-        <activeByDefault>true</activeByDefault>
-        <property>
-          <name>!skipTests</name>
-        </property>
-      </activation>
-      <build>
-        <plugins>
-          <plugin>
-            <groupId>org.apache.maven.plugins</groupId>
-            <artifactId>maven-dependency-plugin</artifactId>
-            <executions>
-              <execution>
-                <id>download-deps</id>
-                <phase>generate-resources</phase>
-                <goals>
-                  <goal>copy</goal>
-                </goals>
-                <configuration>
-                  <artifactItems>
-                    <artifactItem>
-                      <groupId>org.apache.tomcat</groupId>
-                      <artifactId>tomcat</artifactId>
-                      <version>7.0.81</version>
-                      <type>zip</type>
-                      <overWrite>true</overWrite>
-                      <outputDirectory>target/thirdparty</outputDirectory>
-                    </artifactItem>
-                    <artifactItem>
-                      <groupId>org.apache.sqoop</groupId>
-                      <artifactId>sqoop-server</artifactId>
-                      <version>2.0.0-SNAPSHOT</version>
-                      <type>war</type>
-                      <overWrite>true</overWrite>
-                      <outputDirectory>target/thirdparty</outputDirectory>
-                    </artifactItem>
-                  </artifactItems>
-                  <outputAbsoluteArtifactFilename>true</outputAbsoluteArtifactFilename>
-                  <overWriteSnapshots>true</overWriteSnapshots>
-                  <overWriteIfNewer>true</overWriteIfNewer>
-                  <stripVersion>true</stripVersion>
-                </configuration>
-              </execution>
-            </executions>
-          </plugin>
-        </plugins>
-      </build>
-    </profile>
-  </profiles>
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <reuseForks>false</reuseForks>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
 </project>

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java
index 2971bf8..714eeae 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/AbstractSqoopSentryTestBase.java
@@ -83,7 +83,7 @@ public class AbstractSqoopSentryTestBase {
   protected static final String ROLE5 = StaticUserGroupRole.ROLE_5;
 
   protected static SentryService server;
-  protected static TomcatSqoopRunner sqoopServerRunner;
+  protected static JettySqoopRunner sqoopServerRunner;
 
   protected static File baseDir;
   protected static File sqoopDir;
@@ -92,6 +92,9 @@ public class AbstractSqoopSentryTestBase {
 
   protected static PolicyFile policyFile;
 
+  protected static String JDBC_CONNECTOR_NAME = "generic-jdbc-connector";
+  protected static String HDFS_CONNECTOR_NAME = "hdfs-connector";
+
   @BeforeClass
   public static void beforeTestEndToEnd() throws Exception {
     setupConf();
@@ -163,7 +166,7 @@ public class AbstractSqoopSentryTestBase {
   public static void startSqoopWithSentryEnable() throws Exception {
     File sentrySitePath = new File(baseDir, "sentry-site.xml");
     getClientConfig().writeXml(new FileOutputStream(sentrySitePath));
-    sqoopServerRunner = new TomcatSqoopRunner(sqoopDir.toString(), SQOOP_SERVER_NAME,
+    sqoopServerRunner = new JettySqoopRunner(sqoopDir.toString(), SQOOP_SERVER_NAME,
         sentrySitePath.toURI().toURL().toString());
     sqoopServerRunner.start();
   }

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/JettySqoopRunner.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/JettySqoopRunner.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/JettySqoopRunner.java
new file mode 100644
index 0000000..0069ab7
--- /dev/null
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/JettySqoopRunner.java
@@ -0,0 +1,239 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.tests.e2e.sqoop;
+
+import static org.junit.Assert.assertEquals;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.sqoop.client.SqoopClient;
+import org.apache.sqoop.common.test.db.DatabaseProvider;
+import org.apache.sqoop.common.test.db.DatabaseProviderFactory;
+import org.apache.sqoop.common.test.db.TableName;
+import org.apache.sqoop.common.test.utils.NetworkUtils;
+import org.apache.sqoop.model.MConfigList;
+import org.apache.sqoop.model.MJob;
+import org.apache.sqoop.model.MLink;
+import org.apache.sqoop.server.SqoopJettyServer;
+import org.apache.sqoop.test.minicluster.SqoopMiniCluster;
+import org.apache.sqoop.test.utils.SqoopUtils;
+import org.apache.sqoop.validation.Status;
+
+import com.google.common.base.Joiner;
+
+public class JettySqoopRunner {
+  private SqoopServerEnableSentry server;
+  private DatabaseProvider provider;
+  private String temporaryPath;
+
+  public JettySqoopRunner(String temporaryPath, String serverName, String sentrySite)
+      throws Exception {
+    this.temporaryPath = temporaryPath;
+    this.server = new SqoopServerEnableSentry(temporaryPath, serverName, sentrySite);
+    this.provider = DatabaseProviderFactory.getProvider(System.getProperties());
+  }
+
+  public void start() throws Exception {
+    server.start();
+    provider.start();
+  }
+
+  public void stop() throws Exception {
+    server.stop();
+    provider.stop();
+  }
+
+  /**
+   * save link.
+   *
+   * With asserts to make sure that it was created correctly.
+   * @param sqoopClient
+   * @param link
+   */
+  public void saveLink(SqoopClient client, MLink link) {
+    assertEquals(Status.OK, client.saveLink(link));
+  }
+
+  /**
+   * update link.
+   *
+   * With asserts to make sure that it was created correctly.
+   * @param sqoopClient
+   * @param link
+   * @param oldLinkName
+   */
+  public void updateLink(SqoopClient client, MLink link, String oldLinkName) {
+    assertEquals(Status.OK, client.updateLink(link, oldLinkName));
+  }
+
+
+  /**
+   * save job.
+   *
+   * With asserts to make sure that it was created correctly.
+   *
+   * @param job
+   */
+  public void saveJob(SqoopClient client, MJob job) {
+    assertEquals(Status.OK, client.saveJob(job));
+  }
+
+  /**
+   * fill link.
+   *
+   * With asserts to make sure that it was filled correctly.
+   *
+   * @param link
+   */
+  public void fillHdfsLink(MLink link) {
+    MConfigList configs = link.getConnectorLinkConfig();
+    configs.getStringInput("linkConfig.confDir").setValue(server.getConfigurationPath());
+  }
+
+  /**
+   * Fill link config based on currently active provider.
+   *
+   * @param link MLink object to fill
+   */
+  public void fillRdbmsLinkConfig(MLink link) {
+    MConfigList configs = link.getConnectorLinkConfig();
+    configs.getStringInput("linkConfig.jdbcDriver").setValue(provider.getJdbcDriver());
+    configs.getStringInput("linkConfig.connectionString").setValue(provider.getConnectionUrl());
+    configs.getStringInput("linkConfig.username").setValue(provider.getConnectionUsername());
+    configs.getStringInput("linkConfig.password").setValue(provider.getConnectionPassword());
+  }
+
+  public void fillHdfsFromConfig(MJob job) {
+    MConfigList fromConfig = job.getFromJobConfig();
+    fromConfig.getStringInput("fromJobConfig.inputDirectory").setValue(temporaryPath + "/output");
+  }
+
+  public void fillRdbmsToConfig(MJob job) {
+    MConfigList toConfig = job.getToJobConfig();
+    toConfig.getStringInput("toJobConfig.tableName").setValue(provider.
+        escapeTableName(new TableName(getClass().getSimpleName()).getTableName()));
+  }
+
+  /**
+   * get a sqoopClient for specific user
+   * @param user
+   */
+  public SqoopClient getSqoopClient(String user) {
+    setAuthenticationUser(user);
+    return new SqoopClient(server.getServerUrl());
+  }
+
+  /**
+   * Set the mock user in the Sqoop simple authentication
+   * @param user
+   */
+  private void setAuthenticationUser(String user) {
+    System.setProperty("user.name", user);
+  }
+
+  private static class SqoopServerEnableSentry extends SqoopMiniCluster {
+      private Integer port;
+      private String sentrySite;
+      private String serverName;
+      private SqoopJettyServer sqoopJettyServer;
+
+      SqoopServerEnableSentry(String temporaryPath, String serverName, String sentrySite)
+          throws Exception {
+        super(temporaryPath);
+        this.serverName = serverName;
+        this.sentrySite = sentrySite;
+        // Random port
+        this.port = NetworkUtils.findAvailablePort();
+      }
+
+      @Override
+      public Map<String, String> getSecurityConfiguration() {
+        Map<String, String> properties = new HashMap<String, String>();
+        configureAuthentication(properties);
+        configureSentryAuthorization(properties);
+        properties.put("org.apache.sqoop.jetty.port", port.toString());
+        return properties;
+      }
+
+      private void configureAuthentication(Map<String, String> properties) {
+        properties.put("org.apache.sqoop.authentication.type", "SIMPLE");
+        properties.put("org.apache.sqoop.authentication.handler",
+            "org.apache.sqoop.security.SimpleAuthenticationHandler");
+      }
+
+      private void configureSentryAuthorization(Map<String, String> properties) {
+        properties.put("org.apache.sqoop.security.authorization.handler",
+            "org.apache.sentry.sqoop.authz.SentryAuthorizationHandler");
+        properties.put("org.apache.sqoop.security.authorization.access_controller",
+            "org.apache.sentry.sqoop.authz.SentryAccessController");
+        properties.put("org.apache.sqoop.security.authorization.validator",
+            "org.apache.sentry.sqoop.authz.SentryAuthorizationValidator");
+        properties.put("org.apache.sqoop.security.authorization.server_name", serverName);
+        properties.put("sentry.sqoop.site.url", sentrySite);
+        List<String> extraClassPath = new LinkedList<String>();
+        for (String jar : System.getProperty("java.class.path").split(":")) {
+          if ((jar.contains("sentry") || jar.contains("shiro-core") || jar.contains("libthrift"))
+              && jar.endsWith("jar")) {
+            extraClassPath.add(jar);
+          }
+        }
+        properties.put("org.apache.sqoop.classpath.extra", Joiner.on(":").join(extraClassPath));
+      }
+
+      @Override
+      public void start() throws Exception {
+        prepareTemporaryPath();
+        sqoopJettyServer = new SqoopJettyServer();
+        sqoopJettyServer.startServer();
+      }
+
+      /** {@inheritDoc} */
+      @Override
+      public void stop() throws Exception {
+        if (sqoopJettyServer != null) {
+          sqoopJettyServer.stopServerForTest();
+        }
+      }
+
+      /**
+      * Return server URL.
+      */
+      @Override
+      public String getServerUrl() {
+        if (sqoopJettyServer != null) {
+          String serverUrl = sqoopJettyServer.getServerUrl();
+          // Replace the hostname of server url with FQDN
+          String host;
+          try {
+            host = new URL(serverUrl).getHost();
+          } catch (MalformedURLException e) {
+            throw new RuntimeException("Invalid sqoop server url: " + serverUrl);
+          }
+
+          String fqdn = SqoopUtils.getLocalHostName();
+          return serverUrl.replaceFirst(host, fqdn);
+        }
+        throw new RuntimeException("Jetty server wasn't started.");
+      }
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestConnectorEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestConnectorEndToEnd.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestConnectorEndToEnd.java
index 27f1420..2aaf25b 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestConnectorEndToEnd.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestConnectorEndToEnd.java
@@ -20,6 +20,7 @@ import static org.junit.Assert.assertTrue;
 
 import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
 import org.apache.sqoop.client.SqoopClient;
+import org.apache.sqoop.common.SqoopProtocolConstants;
 import org.apache.sqoop.model.MConnector;
 import org.apache.sqoop.model.MPrincipal;
 import org.apache.sqoop.model.MPrivilege;
@@ -30,10 +31,10 @@ import org.junit.Test;
 import com.google.common.collect.Lists;
 
 public class TestConnectorEndToEnd extends AbstractSqoopSentryTestBase {
-  private static String JDBC_CONNECTOR_NAME = "generic-jdbc-connector";
-  private static String HDFS_CONNECTOR_NAME = "hdfs-connector";
 
+  // TODO Re-enable once https://issues.apache.org/jira/browse/SQOOP-3251 is fixed
   @Test
+  @org.junit.Ignore
   public void testShowAllConnector() throws Exception {
     // USER3 at firstly has no privilege on any Sqoop resource
     SqoopClient client = sqoopServerRunner.getSqoopClient(USER3);
@@ -45,7 +46,7 @@ public class TestConnectorEndToEnd extends AbstractSqoopSentryTestBase {
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role3 = new MRole(ROLE3);
     MPrincipal group3 = new MPrincipal(GROUP3, MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
+    MResource  allConnector = new MResource(SqoopProtocolConstants.ALL, MResource.TYPE.CONNECTOR);
     MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
     client.createRole(role3);
     client.grantRole(Lists.newArrayList(role3), Lists.newArrayList(group3));
@@ -75,7 +76,7 @@ public class TestConnectorEndToEnd extends AbstractSqoopSentryTestBase {
 
     MRole role1 = new MRole(ROLE1);
     MPrincipal group1 = new MPrincipal(GROUP1, MPrincipal.TYPE.GROUP);
-    MPrivilege readHdfsPriv = new MPrivilege(new MResource(String.valueOf(hdfsConnector.getPersistenceId()), MResource.TYPE.CONNECTOR),
+    MPrivilege readHdfsPriv = new MPrivilege(new MResource(hdfsConnector.getUniqueName(), MResource.TYPE.CONNECTOR),
         SqoopActionConstant.READ, false);
     client.createRole(role1);
     client.grantRole(Lists.newArrayList(role1), Lists.newArrayList(group1));
@@ -84,7 +85,7 @@ public class TestConnectorEndToEnd extends AbstractSqoopSentryTestBase {
 
     MRole role2 = new MRole(ROLE2);
     MPrincipal group2 = new MPrincipal(GROUP2, MPrincipal.TYPE.GROUP);
-    MPrivilege readJdbcPriv = new MPrivilege(new MResource(String.valueOf(jdbcConnector.getPersistenceId()), MResource.TYPE.CONNECTOR),
+    MPrivilege readJdbcPriv = new MPrivilege(new MResource(String.valueOf(jdbcConnector.getUniqueName()), MResource.TYPE.CONNECTOR),
         SqoopActionConstant.READ, false);
     client.createRole(role2);
     client.grantRole(Lists.newArrayList(role2), Lists.newArrayList(group2));

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestGrantPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestGrantPrivilege.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestGrantPrivilege.java
index 8c7753e..9a47ab3 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestGrantPrivilege.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestGrantPrivilege.java
@@ -39,8 +39,8 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
   public void testNotSupportGrantPrivilegeToUser() throws Exception {
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MPrincipal user1 = new MPrincipal("not_support_grant_user_1", MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     try {
       client.grantPrivilege(Lists.newArrayList(user1), Lists.newArrayList(readPriv));
       fail("expected not support exception happend");
@@ -53,8 +53,8 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
   public void testNotSupportGrantPrivilegeToGroup() throws Exception {
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MPrincipal group1 = new MPrincipal("not_support_grant_group_1", MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     try {
       client.grantPrivilege(Lists.newArrayList(group1), Lists.newArrayList(readPriv));
       fail("expected not support exception happend");
@@ -68,21 +68,21 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user1 belongs to group group1
      * admin user grant role role1 to group group1
-     * admin user grant read privilege on connector all to role role1
+     * admin user grant read privilege on connector HDFS_CONNECTOR_NAME to role role1
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role1 = new MRole(ROLE1);
     MPrincipal group1Princ = new MPrincipal(GROUP1, MPrincipal.TYPE.GROUP);
     MPrincipal role1Princ = new MPrincipal(ROLE1, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.createRole(role1);
     client.grantRole(Lists.newArrayList(role1), Lists.newArrayList(group1Princ));
     client.grantPrivilege(Lists.newArrayList(role1Princ), Lists.newArrayList(readPrivilege));
 
     // check user1 has privilege on role1
     client = sqoopServerRunner.getSqoopClient(USER1);
-    assertTrue(client.getPrivilegesByPrincipal(role1Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role1Princ, hdfsConnector).size() == 1);
   }
 
   @Test
@@ -90,21 +90,21 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user2 belongs to group group2
      * admin user grant role role2 to group group2
-     * admin user grant write privilege on connector all to role role2
+     * admin user grant write privilege on connector HDFS_CONNECTOR_NAME to role role2
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role2 = new MRole(ROLE2);
     MPrincipal group2Princ = new MPrincipal(GROUP2, MPrincipal.TYPE.GROUP);
     MPrincipal role2Princ = new MPrincipal(ROLE2, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege writePrivilege = new MPrivilege(allConnector, SqoopActionConstant.WRITE, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege writePrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.WRITE, false);
     client.createRole(role2);
     client.grantRole(Lists.newArrayList(role2), Lists.newArrayList(group2Princ));
     client.grantPrivilege(Lists.newArrayList(role2Princ), Lists.newArrayList(writePrivilege));
 
     // check user2 has one privilege on role2
     client = sqoopServerRunner.getSqoopClient(USER2);
-    assertTrue(client.getPrivilegesByPrincipal(role2Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role2Princ, hdfsConnector).size() == 1);
 
     // grant privilege to role role2 again
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
@@ -112,7 +112,7 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
 
     // check user2 has only one privilege on role2
     client = sqoopServerRunner.getSqoopClient(USER2);
-    assertTrue(client.getPrivilegesByPrincipal(role2Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role2Princ, hdfsConnector).size() == 1);
   }
 
   @Test
@@ -120,23 +120,23 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user3 belongs to group group3
      * admin user grant role role3 to group group3
-     * admin user grant all privilege on connector all to role role3
+     * admin user grant all privilege on connector HDFS_CONNECTOR_NAME to role role3
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role3 = new MRole(ROLE3);
     MPrincipal group3Princ = new MPrincipal(GROUP3, MPrincipal.TYPE.GROUP);
     MPrincipal role3Princ = new MPrincipal(ROLE3, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege allPrivilege = new MPrivilege(allConnector, SqoopActionConstant.ALL_NAME, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege allPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.ALL_NAME, false);
     client.createRole(role3);
     client.grantRole(Lists.newArrayList(role3), Lists.newArrayList(group3Princ));
     client.grantPrivilege(Lists.newArrayList(role3Princ), Lists.newArrayList(allPrivilege));
 
     // check user3 has one privilege on role3
     client = sqoopServerRunner.getSqoopClient(USER3);
-    assertTrue(client.getPrivilegesByPrincipal(role3Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).size() == 1);
     // user3 has the all action on role3
-    MPrivilege user3Privilege = client.getPrivilegesByPrincipal(role3Princ, allConnector).get(0);
+    MPrivilege user3Privilege = client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).get(0);
     assertEquals(user3Privilege.getAction(), SqoopActionConstant.ALL_NAME);
 
     /**
@@ -145,13 +145,13 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
      * no impact on the role3
      */
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.grantPrivilege(Lists.newArrayList(role3Princ), Lists.newArrayList(readPrivilege));
     // check user3 has only one privilege on role3
     client = sqoopServerRunner.getSqoopClient(USER3);
-    assertTrue(client.getPrivilegesByPrincipal(role3Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).size() == 1);
     // user3 has the all action on role3
-    user3Privilege = client.getPrivilegesByPrincipal(role3Princ, allConnector).get(0);
+    user3Privilege = client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).get(0);
     assertEquals(user3Privilege.getAction(), SqoopActionConstant.ALL_NAME);
   }
 
@@ -160,38 +160,38 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user4 belongs to group group4
      * admin user grant role role4 to group group4
-     * admin user grant read privilege on connector all to role role4
+     * admin user grant read privilege on connector HDFS_CONNECTOR_NAME to role role4
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role4 = new MRole(ROLE4);
     MPrincipal group4Princ = new MPrincipal(GROUP4, MPrincipal.TYPE.GROUP);
     MPrincipal role4Princ = new MPrincipal(ROLE4, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.createRole(role4);
     client.grantRole(Lists.newArrayList(role4), Lists.newArrayList(group4Princ));
     client.grantPrivilege(Lists.newArrayList(role4Princ), Lists.newArrayList(readPrivilege));
 
     // check user4 has one privilege on role1
     client = sqoopServerRunner.getSqoopClient(USER4);
-    assertTrue(client.getPrivilegesByPrincipal(role4Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role4Princ, hdfsConnector).size() == 1);
     // user4 has the read action on collector all
-    MPrivilege user4Privilege = client.getPrivilegesByPrincipal(role4Princ, allConnector).get(0);
+    MPrivilege user4Privilege = client.getPrivilegesByPrincipal(role4Princ, hdfsConnector).get(0);
     assertEquals(user4Privilege.getAction().toLowerCase(), SqoopActionConstant.READ);
 
     /**
-     * admin user grant write privilege on connector all to role role4
+     * admin user grant write privilege on connector HDFS_CONNECTOR_NAME to role role4
      */
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MPrivilege writePrivilege = new MPrivilege(allConnector, SqoopActionConstant.WRITE, false);
+    MPrivilege writePrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.WRITE, false);
     client.grantPrivilege(Lists.newArrayList(role4Princ), Lists.newArrayList(writePrivilege));
 
     // check user4 has two privileges on role1
     client = sqoopServerRunner.getSqoopClient(USER4);
-    assertTrue(client.getPrivilegesByPrincipal(role4Princ, allConnector).size() == 2);
-    // user4 has the read and write action on collector all
+    assertTrue(client.getPrivilegesByPrincipal(role4Princ, hdfsConnector).size() == 2);
+    // user4 has the read and write action on collector HDFS_CONNECTOR_NAME
     List<String> actions = Lists.newArrayList();
-    for (MPrivilege privilege : client.getPrivilegesByPrincipal(role4Princ, allConnector)) {
+    for (MPrivilege privilege : client.getPrivilegesByPrincipal(role4Princ, hdfsConnector)) {
       actions.add(privilege.getAction().toLowerCase());
     }
     assertEquals(2, actions.size());
@@ -199,19 +199,19 @@ public class TestGrantPrivilege extends AbstractSqoopSentryTestBase {
     assertTrue(actions.contains(SqoopActionConstant.WRITE));
 
     /**
-     * admin user grant all privilege on connector all to role role4
+     * admin user grant all privilege on connector HDFS_CONNECTOR_NAME to role role4
      * because the all privilege includes the read and write privileges, these privileges will
      * be removed
      */
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MPrivilege allPrivilege = new MPrivilege(allConnector, SqoopActionConstant.ALL_NAME, false);
+    MPrivilege allPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.ALL_NAME, false);
     client.grantPrivilege(Lists.newArrayList(role4Princ), Lists.newArrayList(allPrivilege));
 
     // check user4 has only privilege on role1
     client = sqoopServerRunner.getSqoopClient(USER4);
-    assertTrue(client.getPrivilegesByPrincipal(role4Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role4Princ, hdfsConnector).size() == 1);
     // user4 has the all action on role3
-    user4Privilege = client.getPrivilegesByPrincipal(role4Princ, allConnector).get(0);
+    user4Privilege = client.getPrivilegesByPrincipal(role4Princ, hdfsConnector).get(0);
     assertEquals(user4Privilege.getAction(), SqoopActionConstant.ALL_NAME);
   }
 }

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestJobEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestJobEndToEnd.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestJobEndToEnd.java
index 636e269..e993905 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestJobEndToEnd.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestJobEndToEnd.java
@@ -16,6 +16,7 @@
  */
 package org.apache.sentry.tests.e2e.sqoop;
 
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -39,28 +40,31 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
      * ADMIN_USER create two links and one job
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MLink rdbmsLink = client.createLink("generic-jdbc-connector");
+    MLink rdbmsLink = client.createLink(JDBC_CONNECTOR_NAME);
     sqoopServerRunner.fillRdbmsLinkConfig(rdbmsLink);
+    rdbmsLink.setName("JDBC_link1");
     sqoopServerRunner.saveLink(client, rdbmsLink);
 
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
     sqoopServerRunner.fillHdfsLink(hdfsLink);
+    hdfsLink.setName("HDFS_link1");
     sqoopServerRunner.saveLink(client, hdfsLink);
 
-    MJob job1 = client.createJob(hdfsLink.getPersistenceId(), rdbmsLink.getPersistenceId());
+    MJob job1 = client.createJob(hdfsLink.getName(), rdbmsLink.getName());
     // set HDFS "FROM" config for the job, since the connector test case base class only has utilities for HDFS!
     sqoopServerRunner.fillHdfsFromConfig(job1);
     // set the RDBM "TO" config here
     sqoopServerRunner.fillRdbmsToConfig(job1);
     // create job
+    job1.setName("HDFS_JDBS_job1");
     sqoopServerRunner.saveJob(client, job1);
     /**
-     * ADMIN_USER grant read privilege on all job to role1
+     * ADMIN_USER grant read privilege on "HDFS_JDBS_job1" job to role1
      */
     MRole role1 = new MRole(ROLE1);
     MPrincipal group1 = new MPrincipal(GROUP1, MPrincipal.TYPE.GROUP);
-    MResource allJob = new MResource(SqoopActionConstant.ALL, MResource.TYPE.JOB);
-    MPrivilege readAllPrivilege = new MPrivilege(allJob,SqoopActionConstant.READ, false);
+    MResource hdfsJdbcJob = new MResource("HDFS_JDBS_job1", MResource.TYPE.JOB);
+    MPrivilege readAllPrivilege = new MPrivilege(hdfsJdbcJob, SqoopActionConstant.READ, false);
     client.createRole(role1);
     client.grantRole(Lists.newArrayList(role1), Lists.newArrayList(group1));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role1.getName(), MPrincipal.TYPE.ROLE)),
@@ -71,7 +75,7 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
      */
     MRole role2 = new MRole(ROLE2);
     MPrincipal group2 = new MPrincipal(GROUP2, MPrincipal.TYPE.GROUP);
-    MResource job1Resource = new MResource(String.valueOf(job1.getPersistenceId()), MResource.TYPE.JOB);
+    MResource job1Resource = new MResource(String.valueOf(job1.getName()), MResource.TYPE.JOB);
     MPrivilege readJob1Privilege = new MPrivilege(job1Resource,SqoopActionConstant.READ, false);
     client.createRole(role2);
     client.grantRole(Lists.newArrayList(role2), Lists.newArrayList(group2));
@@ -82,7 +86,7 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
     client = sqoopServerRunner.getSqoopClient(USER1);
     try {
       assertTrue(client.getJobs().size() == 1);
-      assertTrue(client.getJob(job1.getPersistenceId()) != null);
+      assertTrue(client.getJob(job1.getName()) != null);
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
@@ -91,23 +95,22 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
     client = sqoopServerRunner.getSqoopClient(USER2);
     try {
       assertTrue(client.getJobs().size() == 1);
-      assertTrue(client.getJob(job1.getPersistenceId()) != null);
+      assertTrue(client.getJob(job1.getName()) != null);
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
 
     // user3 can't show job1
     client = sqoopServerRunner.getSqoopClient(USER3);
+    assertTrue(client.getJobs().size() == 0);
     try {
-      assertTrue(client.getJobs().size() == 0);
-      client.getJob(job1.getPersistenceId());
-      fail("expected Authorization exception happend");
-    } catch (Exception e) {
-      assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
+        assertNull(client.getJob(job1.getName()));
+    } catch (IndexOutOfBoundsException ex) {
+        // This try statement can be removed when https://issues.apache.org/jira/browse/SQOOP-3250 is fixed
     }
 
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    client.deleteJob(job1.getPersistenceId());
+    client.deleteJob(job1.getName());
   }
 
   @Test
@@ -116,64 +119,77 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
      * ADMIN_USER create two links and one job
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MLink rdbmsLink = client.createLink("generic-jdbc-connector");
+    MLink rdbmsLink = client.createLink(JDBC_CONNECTOR_NAME);
     sqoopServerRunner.fillRdbmsLinkConfig(rdbmsLink);
     rdbmsLink.setName("rdbm_testUpdateJob");
     sqoopServerRunner.saveLink(client, rdbmsLink);
 
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
     sqoopServerRunner.fillHdfsLink(hdfsLink);
     hdfsLink.setName("hdfs_testUpdateJob");
     sqoopServerRunner.saveLink(client, hdfsLink);
 
-    MJob job2 = client.createJob(hdfsLink.getPersistenceId(), rdbmsLink.getPersistenceId());
+    MJob job2 = client.createJob(hdfsLink.getName(), rdbmsLink.getName());
     // set HDFS "FROM" config for the job, since the connector test case base class only has utilities for HDFS!
     sqoopServerRunner.fillHdfsFromConfig(job2);
     // set the RDBM "TO" config here
     sqoopServerRunner.fillRdbmsToConfig(job2);
     // create job
+    job2.setName("HDFS_RDBM_job1");
     sqoopServerRunner.saveJob(client, job2);
 
     /**
      * ADMIN_USER grant update privilege on job2 to role4
-     * ADMIN_USER grant read privilege on all connector to role4
-     * ADMIN_USER grant read privilege on all link to role4
+     * ADMIN_USER grant read privilege on the HDFS_CONNECTOR_NAME and JDBC_CONNECTOR_NAME connector to role4
+     * ADMIN_USER grant read privilege on "rdbm_testUpdateJob" and "hdfs_testUpdateJob" link to role4
      */
     MRole role4 = new MRole(ROLE4);
     MPrincipal group4 = new MPrincipal(GROUP4, MPrincipal.TYPE.GROUP);
-    MResource job2Resource = new MResource(String.valueOf(job2.getPersistenceId()), MResource.TYPE.JOB);
-    MPrivilege writeJob2Privilege = new MPrivilege(job2Resource,SqoopActionConstant.WRITE, false);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readConnectorPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
-    MResource  allLink = new MResource(SqoopActionConstant.ALL, MResource.TYPE.LINK);
-    MPrivilege readLinkPriv = new MPrivilege(allLink,SqoopActionConstant.READ, false);
+    MResource job2Resource = new MResource(String.valueOf(job2.getName()), MResource.TYPE.JOB);
+    MPrivilege writeJob2Privilege = new MPrivilege(job2Resource, SqoopActionConstant.WRITE, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MResource jdbcConnector = new MResource(JDBC_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readConnectorPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
+    MPrivilege readConnectorPriv2 = new MPrivilege(jdbcConnector, SqoopActionConstant.READ, false);
+    MResource rdbmLink = new MResource("rdbm_testUpdateJob", MResource.TYPE.LINK);
+    MResource hdfsLinkResource = new MResource("hdfs_testUpdateJob", MResource.TYPE.LINK);
+    MPrivilege readLinkPriv = new MPrivilege(rdbmLink, SqoopActionConstant.READ, false);
+    MPrivilege readLinkPriv2 = new MPrivilege(hdfsLinkResource, SqoopActionConstant.READ, false);
     client.createRole(role4);
     client.grantRole(Lists.newArrayList(role4), Lists.newArrayList(group4));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role4.getName(), MPrincipal.TYPE.ROLE)),
-        Lists.newArrayList(writeJob2Privilege, readConnectorPriv, readLinkPriv));
+        Lists.newArrayList(writeJob2Privilege, readConnectorPriv, readConnectorPriv2, readLinkPriv, readLinkPriv2));
 
     // user4 can't show job2
     client = sqoopServerRunner.getSqoopClient(USER4);
+    assertTrue(client.getJobs().size() == 0);
     try {
-      assertTrue(client.getJobs().size() == 0);
-      client.getJob(job2.getPersistenceId());
-      fail("expected Authorization exception happend");
-    } catch (Exception e) {
-      assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
+        assertNull(client.getJob(job2.getName()));
+    } catch (IndexOutOfBoundsException ex) {
+        // This try statement can be removed when https://issues.apache.org/jira/browse/SQOOP-3250 is fixed
     }
+
     // user4 can update job2
-    try {
-      job2.setName("job2_update_user4_1");
-      client.updateJob(job2);
-    } catch (Exception e) {
-      fail("unexpected Authorization exception happend");
-    }
+    String oldJobName = job2.getName();
+    job2.setName("job2_update_user4_1");
+    client.updateJob(job2, oldJobName);
+
+    // Update back to the old name again
+    SqoopClient adminClient = sqoopServerRunner.getSqoopClient(ADMIN_USER);
+    MResource job2UpdatedResource = new MResource("job2_update_user4_1", MResource.TYPE.JOB);
+    MPrivilege writeJob2UpdatedPrivilege = new MPrivilege(job2UpdatedResource, SqoopActionConstant.WRITE, false);
+    adminClient.grantPrivilege(Lists.newArrayList(new MPrincipal(role4.getName(), MPrincipal.TYPE.ROLE)),
+                          Lists.newArrayList(writeJob2UpdatedPrivilege));
+
+    job2.setName(oldJobName);
+    client.updateJob(job2, "job2_update_user4_1");
+
     // user3 can't update job2
     client = sqoopServerRunner.getSqoopClient(USER3);
     try {
       assertTrue(client.getJobs().size() == 0);
       job2.setName("job2_update_user3_1");
-      client.updateJob(job2);
+      client.updateJob(job2, oldJobName);
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
@@ -181,7 +197,7 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
 
     // user3 can't delete job2
     try {
-      client.deleteJob(job2.getPersistenceId());
+      client.deleteJob(oldJobName);
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
@@ -190,7 +206,7 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
     //user4 can delete job2 because user4 has write privilege on job2
     client = sqoopServerRunner.getSqoopClient(USER4);
     try {
-      client.deleteJob(job2.getPersistenceId());
+      client.deleteJob(oldJobName);
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
@@ -205,41 +221,46 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
      * ADMIN_USER create two links and one job
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MLink rdbmsLink = client.createLink("generic-jdbc-connector");
+    MLink rdbmsLink = client.createLink(JDBC_CONNECTOR_NAME);
     sqoopServerRunner.fillRdbmsLinkConfig(rdbmsLink);
     rdbmsLink.setName("rdbm_testEnableAndStartJob");
     sqoopServerRunner.saveLink(client, rdbmsLink);
 
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
     sqoopServerRunner.fillHdfsLink(hdfsLink);
     hdfsLink.setName("hdfs_testEnableAndStartJob");
     sqoopServerRunner.saveLink(client, hdfsLink);
 
-    MJob job2 = client.createJob(hdfsLink.getPersistenceId(), rdbmsLink.getPersistenceId());
+    MJob job2 = client.createJob(hdfsLink.getName(), rdbmsLink.getName());
     // set HDFS "FROM" config for the job, since the connector test case base class only has utilities for HDFS!
     sqoopServerRunner.fillHdfsFromConfig(job2);
     // set the RDBM "TO" config here
     sqoopServerRunner.fillRdbmsToConfig(job2);
     // create job
+    job2.setName("HDFS_RDBM_job1");
     sqoopServerRunner.saveJob(client, job2);
 
     /**
      * ADMIN_USER grant update privilege on job2 to role4
-     * ADMIN_USER grant read privilege on all connector to role4
-     * ADMIN_USER grant read privilege on all link to role4
+     * ADMIN_USER grant read privilege on HDFS_CONNECTOR_NAME and JDBC_CONNECTOR_NAME connector to role4
+     * ADMIN_USER grant read privilege on "rdbm_testEnableAndStartJob" and "hdfs_testEnableAndStartJob" link to role4
      */
     MRole role4 = new MRole(ROLE4);
     MPrincipal group4 = new MPrincipal(GROUP4, MPrincipal.TYPE.GROUP);
-    MResource job2Resource = new MResource(String.valueOf(job2.getPersistenceId()), MResource.TYPE.JOB);
+    MResource job2Resource = new MResource(String.valueOf(job2.getName()), MResource.TYPE.JOB);
     MPrivilege writeJob2Privilege = new MPrivilege(job2Resource,SqoopActionConstant.WRITE, false);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readConnectorPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
-    MResource  allLink = new MResource(SqoopActionConstant.ALL, MResource.TYPE.LINK);
-    MPrivilege readLinkPriv = new MPrivilege(allLink,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MResource jdbcConnector = new MResource(JDBC_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readConnectorPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
+    MPrivilege readConnectorPriv2 = new MPrivilege(jdbcConnector, SqoopActionConstant.READ, false);
+    MResource rdbmLink = new MResource("rdbm_testEnableAndStartJob", MResource.TYPE.LINK);
+    MResource hdfsLinkResource = new MResource("hdfs_testEnableAndStartJob", MResource.TYPE.LINK);
+    MPrivilege readLinkPriv = new MPrivilege(rdbmLink, SqoopActionConstant.READ, false);
+    MPrivilege readLinkPriv2 = new MPrivilege(hdfsLinkResource, SqoopActionConstant.READ, false);
     client.createRole(role4);
     client.grantRole(Lists.newArrayList(role4), Lists.newArrayList(group4));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role4.getName(), MPrincipal.TYPE.ROLE)),
-        Lists.newArrayList(writeJob2Privilege, readConnectorPriv, readLinkPriv));
+        Lists.newArrayList(writeJob2Privilege, readConnectorPriv, readConnectorPriv2, readLinkPriv, readLinkPriv2));
 
 
     /**
@@ -258,14 +279,14 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
     // user5 can't enable and start job2
     client = sqoopServerRunner.getSqoopClient(USER5);
     try {
-      client.enableJob(job2.getPersistenceId(), true);
+      client.enableJob(job2.getName(), true);
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
     }
 
     try {
-      client.startJob(job2.getPersistenceId());
+      client.startJob(job2.getName());
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
@@ -274,14 +295,14 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
     // user3 can't enable and start job2
     client = sqoopServerRunner.getSqoopClient(USER3);
     try {
-      client.enableJob(job2.getPersistenceId(), true);
+      client.enableJob(job2.getName(), true);
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
     }
 
     try {
-      client.startJob(job2.getPersistenceId());
+      client.startJob(job2.getName());
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
@@ -290,9 +311,9 @@ public class TestJobEndToEnd extends AbstractSqoopSentryTestBase {
     // user4 can enable or start job2
     client = sqoopServerRunner.getSqoopClient(USER4);
     try {
-      client.enableJob(job2.getPersistenceId(), false);
-      client.enableJob(job2.getPersistenceId(), true);
-      client.deleteJob(job2.getPersistenceId());
+      client.enableJob(job2.getName(), false);
+      client.enableJob(job2.getName(), true);
+      client.deleteJob(job2.getName());
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestLinkEndToEnd.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestLinkEndToEnd.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestLinkEndToEnd.java
index 8c8a91d..e29493c 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestLinkEndToEnd.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestLinkEndToEnd.java
@@ -16,6 +16,7 @@
  */
 package org.apache.sentry.tests.e2e.sqoop;
 
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -48,29 +49,28 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
      * ADMIN_USER create a hdfs link
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
     sqoopServerRunner.fillHdfsLink(hdfsLink);
+    hdfsLink.setName("hdfs-link1");
     sqoopServerRunner.saveLink(client, hdfsLink);
 
     /**
-     * ADMIN_USER grant read privilege on all link to role1
+     * ADMIN_USER grant read privilege on "hdfs-link1" link to role1
      */
     MRole role1 = new MRole(ROLE1);
     MPrincipal group1 = new MPrincipal(GROUP1, MPrincipal.TYPE.GROUP);
-    MResource allLink = new MResource(SqoopActionConstant.ALL, MResource.TYPE.LINK);
-    MPrivilege readAllPrivilege = new MPrivilege(allLink,SqoopActionConstant.READ, false);
+    MResource hdfsLinkResource = new MResource("hdfs-link1", MResource.TYPE.LINK);
+    MPrivilege readHdfsLinkPrivilege = new MPrivilege(hdfsLinkResource, SqoopActionConstant.READ, false);
     dropAndCreateRole(client, role1);
     client.grantRole(Lists.newArrayList(role1), Lists.newArrayList(group1));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role1.getName(), MPrincipal.TYPE.ROLE)),
-        Lists.newArrayList(readAllPrivilege));
+        Lists.newArrayList(readHdfsLinkPrivilege));
 
     /**
      * ADMIN_USER grant read privilege on hdfs link to role2
      */
     MRole role2 = new MRole(ROLE2);
     MPrincipal group2 = new MPrincipal(GROUP2, MPrincipal.TYPE.GROUP);
-    MResource hdfsLinkResource = new MResource(String.valueOf(hdfsLink.getPersistenceId()), MResource.TYPE.LINK);
-    MPrivilege readHdfsLinkPrivilege = new MPrivilege(hdfsLinkResource,SqoopActionConstant.READ, false);
     dropAndCreateRole(client, role2);
     client.grantRole(Lists.newArrayList(role2), Lists.newArrayList(group2));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role2.getName(), MPrincipal.TYPE.ROLE)),
@@ -80,7 +80,7 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
     client = sqoopServerRunner.getSqoopClient(USER1);
     try {
       assertTrue(client.getLinks().size() == 1);
-      assertTrue(client.getLink(hdfsLink.getPersistenceId()) != null);
+      assertTrue(client.getLink(hdfsLink.getName()) != null);
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
@@ -89,23 +89,22 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
     client = sqoopServerRunner.getSqoopClient(USER2);
     try {
       assertTrue(client.getLinks().size() == 1);
-      assertTrue(client.getLink(hdfsLink.getPersistenceId()) != null);
+      assertTrue(client.getLink(hdfsLink.getName()) != null);
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
 
     // user3 can't show hdfs link
     client = sqoopServerRunner.getSqoopClient(USER3);
+    assertTrue(client.getLinks().size() == 0);
     try {
-      assertTrue(client.getLinks().size() == 0);
-      client.getLink(hdfsLink.getPersistenceId());
-      fail("expected Authorization exception happend");
-    } catch (Exception e) {
-      assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
+        assertNull(client.getLink(hdfsLink.getName()));
+    } catch (IndexOutOfBoundsException ex) {
+        // This try statement can be removed when https://issues.apache.org/jira/browse/SQOOP-3250 is fixed
     }
 
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    client.deleteLink(hdfsLink.getPersistenceId());
+    client.deleteLink(hdfsLink.getName());
   }
 
   @Test
@@ -114,55 +113,69 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
      * ADMIN_USER create a hdfs link
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
     sqoopServerRunner.fillHdfsLink(hdfsLink);
+    hdfsLink.setName("hdfs-link1");
     sqoopServerRunner.saveLink(client, hdfsLink);
 
     /**
      * ADMIN_USER grant update privilege on hdfs link to role4
-     * ADMIN_USER grant read privilege on all connector to role4
+     * ADMIN_USER grant read privilege on HDFS_CONNECTOR_NAME connector to role4
      */
     MRole role4 = new MRole(ROLE4);
     MPrincipal group4 = new MPrincipal(GROUP4, MPrincipal.TYPE.GROUP);
-    MResource hdfsLinkResource = new MResource(String.valueOf(hdfsLink.getPersistenceId()), MResource.TYPE.LINK);
+    MResource hdfsLinkResource = new MResource(String.valueOf(hdfsLink.getName()), MResource.TYPE.LINK);
     MPrivilege writeHdfsPrivilege = new MPrivilege(hdfsLinkResource,SqoopActionConstant.WRITE, false);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readConnectorPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readConnectorPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     dropAndCreateRole(client, role4);
     client.grantRole(Lists.newArrayList(role4), Lists.newArrayList(group4));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role4.getName(), MPrincipal.TYPE.ROLE)),
         Lists.newArrayList(writeHdfsPrivilege, readConnectorPriv));
 
     // user4 can't show hdfs link
+
     client = sqoopServerRunner.getSqoopClient(USER4);
+    assertTrue(client.getLinks().size() == 0);
     try {
-      assertTrue(client.getLinks().size() == 0);
-      client.getLink(hdfsLink.getPersistenceId());
-      fail("expected Authorization exception happend");
-    } catch (Exception e) {
-      assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
+        assertNull(client.getLink(hdfsLink.getName()));
+    } catch (IndexOutOfBoundsException ex) {
+        // This try statement can be removed when https://issues.apache.org/jira/browse/SQOOP-3250 is fixed
     }
+
     // user4 can update hdfs link
     try {
       hdfsLink.setName("hdfs_link_update_user4_1");
-      client.updateLink(hdfsLink);
+      client.updateLink(hdfsLink, "hdfs-link1");
+
+      MResource updatedHdfsLinkResource = new MResource("hdfs_link_update_user4_1", MResource.TYPE.LINK);
+      MPrivilege updatedWriteHdfsPrivilege = new MPrivilege(updatedHdfsLinkResource, SqoopActionConstant.WRITE, false);
+      SqoopClient adminClient = sqoopServerRunner.getSqoopClient(ADMIN_USER);
+      adminClient.grantPrivilege(Lists.newArrayList(new MPrincipal(role4.getName(), MPrincipal.TYPE.ROLE)),
+                            Lists.newArrayList(updatedWriteHdfsPrivilege));
+
+      // Now update it back
+      hdfsLink.setName("hdfs-link1");
+      client.updateLink(hdfsLink, "hdfs_link_update_user4_1");
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
+
     // user3 can't update hdfs link
     client = sqoopServerRunner.getSqoopClient(USER3);
     try {
       assertTrue(client.getLinks().size() == 0);
       hdfsLink.setName("hdfs_link_update_user3_1");
-      client.updateLink(hdfsLink);
+      client.updateLink(hdfsLink, "hdfs-link1");
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
+      hdfsLink.setName("hdfs-link1");
     }
 
     // user3 can't delete hdfs link
     try {
-      client.deleteLink(hdfsLink.getPersistenceId());
+      client.deleteLink(hdfsLink.getName());
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
@@ -171,7 +184,7 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
     //user4 can delete hdfs link because user4 has write privilege on hdfs link
     client = sqoopServerRunner.getSqoopClient(USER4);
     try {
-      client.deleteLink(hdfsLink.getPersistenceId());
+      client.deleteLink(hdfsLink.getName());
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
@@ -186,20 +199,21 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
      * ADMIN_USER create a hdfs link
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
     sqoopServerRunner.fillHdfsLink(hdfsLink);
+    hdfsLink.setName("hdfs-link1");
     sqoopServerRunner.saveLink(client, hdfsLink);
 
     /**
      * ADMIN_USER grant read privilege on hdfs link to role4
-     * ADMIN_USER grant read privilege on all connector to role4
+     * ADMIN_USER grant read privilege on HDFS_CONNECTOR_NAME connector to role4
      */
     MRole role4 = new MRole(ROLE4);
     MPrincipal group4 = new MPrincipal(GROUP4, MPrincipal.TYPE.GROUP);
-    MResource hdfsLinkResource = new MResource(String.valueOf(hdfsLink.getPersistenceId()), MResource.TYPE.LINK);
+    MResource hdfsLinkResource = new MResource(String.valueOf(hdfsLink.getName()), MResource.TYPE.LINK);
     MPrivilege readHdfsPrivilege = new MPrivilege(hdfsLinkResource,SqoopActionConstant.READ, false);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readConnectorPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readConnectorPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     dropAndCreateRole(client, role4);
     client.grantRole(Lists.newArrayList(role4), Lists.newArrayList(group4));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role4.getName(), MPrincipal.TYPE.ROLE)),
@@ -207,11 +221,11 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
 
     /**
      * ADMIN_USER grant write privilege on hdfs link to role5
-     * ADMIN_USER grant read privilege on all connector to role5
+     * ADMIN_USER grant read privilege on HDFS_CONNECTOR_NAME connector to role5
      */
     MRole role5 = new MRole(ROLE5);
     MPrincipal group5 = new MPrincipal(GROUP5, MPrincipal.TYPE.GROUP);
-    MPrivilege writeHdfsPrivilege = new MPrivilege(hdfsLinkResource,SqoopActionConstant.WRITE, false);
+    MPrivilege writeHdfsPrivilege = new MPrivilege(hdfsLinkResource, SqoopActionConstant.WRITE, false);
     dropAndCreateRole(client, role5);
     client.grantRole(Lists.newArrayList(role5), Lists.newArrayList(group5));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role5.getName(), MPrincipal.TYPE.ROLE)),
@@ -220,22 +234,22 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
     // user4 can't enable hdfs link
     client = sqoopServerRunner.getSqoopClient(USER4);
     try {
-      client.enableLink(hdfsLink.getPersistenceId(), true);
+      client.enableLink(hdfsLink.getName(), true);
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
     }
-    // user5 can enbale hdfs link
+    // user5 can enable hdfs link
     client = sqoopServerRunner.getSqoopClient(USER5);
     try {
-      client.enableLink(hdfsLink.getPersistenceId(), true);
+      client.enableLink(hdfsLink.getName(), true);
     } catch (Exception e) {
       fail("unexpected Authorization exception happend");
     }
     // user3 can't update hdfs link
     client = sqoopServerRunner.getSqoopClient(USER3);
     try {
-      client.enableLink(hdfsLink.getPersistenceId(), true);
+      client.enableLink(hdfsLink.getName(), true);
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
@@ -248,6 +262,6 @@ public class TestLinkEndToEnd extends AbstractSqoopSentryTestBase {
     } catch (Exception e) {
       // nothing to do if cleanup fails
     }
-    client.deleteLink(hdfsLink.getPersistenceId());
+    client.deleteLink(hdfsLink.getName());
   }
 }

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestOwnerPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestOwnerPrivilege.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestOwnerPrivilege.java
index abef80c..bdf1d51 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestOwnerPrivilege.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestOwnerPrivilege.java
@@ -42,34 +42,36 @@ public class TestOwnerPrivilege extends AbstractSqoopSentryTestBase {
     SqoopClient client = sqoopServerRunner.getSqoopClient(USER1);
     assertTrue(client.getConnectors().size() == 0);
     /**
-     * ADMIN_USER grant read action privilege on connector all to role ROLE1
+     * ADMIN_USER grant read action privilege on connector HDFS_CONNECTOR_NAME to role ROLE1
      * ADMIN_USER grant role ROLE1 to group GROUP1
      */
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role1 = new MRole(ROLE1);
     MPrincipal group1 = new MPrincipal(GROUP1, MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.createRole(role1);
     client.grantRole(Lists.newArrayList(role1), Lists.newArrayList(group1));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(role1.getName(), MPrincipal.TYPE.ROLE)),
         Lists.newArrayList(readPriv));
 
-    // check USER1 has the read privilege on all connector
+    // check USER1 has the read privilege on HDFS_CONNECTOR_NAME connector
     client = sqoopServerRunner.getSqoopClient(USER1);
-    assertTrue(client.getConnectors().size() > 0);
+    assertEquals(client.getConnectors().size(), 1);
 
     // USER1 create a new HDFS link
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
+    hdfsLink.setName("HDFS_link1");
     sqoopServerRunner.fillHdfsLink(hdfsLink);
     sqoopServerRunner.saveLink(client, hdfsLink);
 
     // USER1 is the owner of HDFS link, so he can show and update HDFS link
-    assertEquals(client.getLink(hdfsLink.getPersistenceId()), hdfsLink);
+    assertEquals(client.getLink(hdfsLink.getName()).getName(), hdfsLink.getName());
 
     // USER1 update the name of HDFS link
+    String oldLinkName = hdfsLink.getName();
     hdfsLink.setName("HDFS_update1");
-    sqoopServerRunner.updateLink(client, hdfsLink);
+    sqoopServerRunner.updateLink(client, hdfsLink, oldLinkName);
 
     // USER2 has no privilege on HDFS link
     client = sqoopServerRunner.getSqoopClient(USER2);
@@ -77,7 +79,7 @@ public class TestOwnerPrivilege extends AbstractSqoopSentryTestBase {
 
     //delete the HDFS link
     client = sqoopServerRunner.getSqoopClient(USER1);
-    client.deleteLink(hdfsLink.getPersistenceId());
+    client.deleteLink(hdfsLink.getName());
   }
 
   @Test
@@ -86,41 +88,47 @@ public class TestOwnerPrivilege extends AbstractSqoopSentryTestBase {
     SqoopClient client = sqoopServerRunner.getSqoopClient(USER3);
     assertTrue(client.getConnectors().size() == 0);
     /**
-     * ADMIN_USER grant read action privilege on connector all to role ROLE3
+     * ADMIN_USER grant read action privilege on connector HDFS_CONNECTOR_NAME and JDBC_CONNECTOR_NAME to role ROLE3
      * ADMIN_USER grant role ROLE3 to group GROUP3
      */
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role3 = new MRole(ROLE3);
     MPrincipal group3 = new MPrincipal(GROUP3, MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MResource jdbcConnector = new MResource(JDBC_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
+    MPrivilege readPriv2 = new MPrivilege(jdbcConnector, SqoopActionConstant.READ, false);
     client.createRole(role3);
     client.grantRole(Lists.newArrayList(role3), Lists.newArrayList(group3));
     client.grantPrivilege(Lists.newArrayList(new MPrincipal(ROLE3, MPrincipal.TYPE.ROLE)),
-        Lists.newArrayList(readPriv));
+        Lists.newArrayList(readPriv, readPriv2));
 
-    // check USER3 has the read privilege on all connector
+    // check USER3 has the read privilege on the connectors
     client = sqoopServerRunner.getSqoopClient(USER3);
-    assertTrue(client.getConnectors().size() > 0);
+    assertEquals(client.getConnectors().size(), 2);
 
     // USER3 create two links: hdfs link and rdbm link
-    MLink rdbmsLink = client.createLink("generic-jdbc-connector");
+    MLink rdbmsLink = client.createLink(JDBC_CONNECTOR_NAME);
+    rdbmsLink.setName("JDBC_link1");
     sqoopServerRunner.fillRdbmsLinkConfig(rdbmsLink);
     sqoopServerRunner.saveLink(client, rdbmsLink);
 
-    MLink hdfsLink = client.createLink("hdfs-connector");
+    MLink hdfsLink = client.createLink(HDFS_CONNECTOR_NAME);
+    hdfsLink.setName("HDFS_link1");
     sqoopServerRunner.fillHdfsLink(hdfsLink);
     sqoopServerRunner.saveLink(client, hdfsLink);
 
     // USER3 is the owner of hdfs and link, so he can show and update hdfs link
     assertTrue(client.getLinks().size() == 2);
+    String oldLinkName = hdfsLink.getName();
     hdfsLink.setName("HDFS_update2");
-    client.updateLink(hdfsLink);
+    client.updateLink(hdfsLink, oldLinkName);
+    oldLinkName = rdbmsLink.getName();
     rdbmsLink.setName("RDBM_update");
-    client.updateLink(rdbmsLink);
+    client.updateLink(rdbmsLink, oldLinkName);
 
     // USER_3 create a job: transfer date from HDFS to RDBM
-    MJob job1 = client.createJob(hdfsLink.getPersistenceId(), rdbmsLink.getPersistenceId());
+    MJob job1 = client.createJob(hdfsLink.getName(), rdbmsLink.getName());
     // set HDFS "FROM" config for the job, since the connector test case base class only has utilities for HDFS!
     sqoopServerRunner.fillHdfsFromConfig(job1);
 
@@ -128,6 +136,7 @@ public class TestOwnerPrivilege extends AbstractSqoopSentryTestBase {
     sqoopServerRunner.fillRdbmsToConfig(job1);
 
     // create job
+    job1.setName("HDFS_RDBM_job1");
     sqoopServerRunner.saveJob(client, job1);
 
     /**
@@ -137,18 +146,18 @@ public class TestOwnerPrivilege extends AbstractSqoopSentryTestBase {
     client = sqoopServerRunner.getSqoopClient(USER4);
     assertTrue(client.getJobs().size() == 0);
     try {
-      client.deleteJob(job1.getPersistenceId());
+      client.deleteJob(job1.getName());
       fail("expected Authorization exception happend");
     } catch (Exception e) {
       assertCausedMessage(e, SecurityError.AUTH_0014.getMessage());
     }
     client = sqoopServerRunner.getSqoopClient(USER3);
-    assertEquals(client.getJob(job1.getPersistenceId()), job1);
-    client.deleteJob(job1.getPersistenceId());
+    assertEquals(client.getJob(job1.getName()).getName(), job1.getName());
+    client.deleteJob(job1.getName());
 
     // delete the HDFS and RDBM links
-    client.deleteLink(hdfsLink.getPersistenceId());
-    client.deleteLink(rdbmsLink.getPersistenceId());
+    client.deleteLink(hdfsLink.getName());
+    client.deleteLink(rdbmsLink.getName());
   }
 
 }

http://git-wip-us.apache.org/repos/asf/sentry/blob/e23fc4ef/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestRevokePrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestRevokePrivilege.java b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestRevokePrivilege.java
index f71595c..29c559c 100644
--- a/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestRevokePrivilege.java
+++ b/sentry-tests/sentry-tests-sqoop/src/test/java/org/apache/sentry/tests/e2e/sqoop/TestRevokePrivilege.java
@@ -36,8 +36,8 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
   public void testNotSupportRevokePrivilegeFromUser() throws Exception {
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MPrincipal user1 = new MPrincipal("not_support_revoke_user_1", MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     try {
       client.revokePrivilege(Lists.newArrayList(user1), Lists.newArrayList(readPriv));
       fail("expected not support exception happend");
@@ -50,8 +50,8 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
   public void testNotSupportRevokePrivilegeFromGroup() throws Exception {
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MPrincipal group1 = new MPrincipal("not_support_revoke_group_1", MPrincipal.TYPE.GROUP);
-    MResource  allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPriv = new MPrivilege(allConnector,SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPriv = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     try {
       client.revokePrivilege(Lists.newArrayList(group1), Lists.newArrayList(readPriv));
       fail("expected not support exception happend");
@@ -65,13 +65,13 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole testRole = new MRole("noexist_privilege_role1");
     MPrincipal testPrinc = new MPrincipal(testRole.getName(), MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.createRole(testRole);
-    assertTrue(client.getPrivilegesByPrincipal(testPrinc, allConnector).size() == 0);
+    assertTrue(client.getPrivilegesByPrincipal(testPrinc, hdfsConnector).size() == 0);
 
     client.revokePrivilege(Lists.newArrayList(testPrinc), Lists.newArrayList(readPrivilege));
-    assertTrue(client.getPrivilegesByPrincipal(testPrinc, allConnector).size() == 0);
+    assertTrue(client.getPrivilegesByPrincipal(testPrinc, hdfsConnector).size() == 0);
   }
 
 
@@ -80,21 +80,21 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user1 belongs to group group1
      * admin user grant role role1 to group group1
-     * admin user grant read privilege on connector all to role role1
+     * admin user grant read privilege on connector HDFS_CONNECTOR_NAME to role role1
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role1 = new MRole(ROLE1);
     MPrincipal group1Princ = new MPrincipal(GROUP1, MPrincipal.TYPE.GROUP);
     MPrincipal role1Princ = new MPrincipal(ROLE1, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.createRole(role1);
     client.grantRole(Lists.newArrayList(role1), Lists.newArrayList(group1Princ));
     client.grantPrivilege(Lists.newArrayList(role1Princ), Lists.newArrayList(readPrivilege));
 
     // check user1 has privilege on role1
     client = sqoopServerRunner.getSqoopClient(USER1);
-    assertTrue(client.getPrivilegesByPrincipal(role1Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role1Princ, hdfsConnector).size() == 1);
 
     // admin user revoke read privilege from role1
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
@@ -102,7 +102,7 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
 
     // check user1 has no privilege on role1
     client = sqoopServerRunner.getSqoopClient(USER1);
-    assertTrue(client.getPrivilegesByPrincipal(role1Princ, allConnector).size() == 0);
+    assertTrue(client.getPrivilegesByPrincipal(role1Princ, hdfsConnector).size() == 0);
   }
 
   @Test
@@ -110,31 +110,31 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user2 belongs to group group2
      * admin user grant role role2 to group group2
-     * admin user grant read and write privilege on connector all to role role2
+     * admin user grant read and write privilege on connector HDFS_CONNECTOR_NAME to role role2
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role2 = new MRole(ROLE2);
     MPrincipal group2Princ = new MPrincipal(GROUP2, MPrincipal.TYPE.GROUP);
     MPrincipal role2Princ = new MPrincipal(ROLE2, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege writePrivilege = new MPrivilege(allConnector, SqoopActionConstant.WRITE, false);
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege writePrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.WRITE, false);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client.createRole(role2);
     client.grantRole(Lists.newArrayList(role2), Lists.newArrayList(group2Princ));
     client.grantPrivilege(Lists.newArrayList(role2Princ), Lists.newArrayList(writePrivilege, readPrivilege));
 
     // check user2 has two privileges on role2
     client = sqoopServerRunner.getSqoopClient(USER2);
-    assertTrue(client.getPrivilegesByPrincipal(role2Princ, allConnector).size() == 2);
+    assertTrue(client.getPrivilegesByPrincipal(role2Princ, hdfsConnector).size() == 2);
 
     // admin user revoke all privilege from role2
-    MPrivilege allPrivilege = new MPrivilege(allConnector, SqoopActionConstant.ALL_NAME, false);
+    MPrivilege allPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.ALL_NAME, false);
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     client.revokePrivilege(Lists.newArrayList(role2Princ), Lists.newArrayList(allPrivilege));
 
     // check user2 has no privilege on role2
     client = sqoopServerRunner.getSqoopClient(USER2);
-    assertTrue(client.getPrivilegesByPrincipal(role2Princ, allConnector).size() == 0);
+    assertTrue(client.getPrivilegesByPrincipal(role2Princ, hdfsConnector).size() == 0);
   }
 
   @Test
@@ -142,34 +142,34 @@ public class TestRevokePrivilege extends AbstractSqoopSentryTestBase {
     /**
      * user3 belongs to group group3
      * admin user grant role role3 to group group3
-     * admin user grant all privilege on connector all to role role3
+     * admin user grant all privilege on connector HDFS_CONNECTOR_NAME to role role3
      */
     SqoopClient client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     MRole role3 = new MRole(ROLE3);
     MPrincipal group3Princ = new MPrincipal(GROUP3, MPrincipal.TYPE.GROUP);
     MPrincipal role3Princ = new MPrincipal(ROLE3, MPrincipal.TYPE.ROLE);
-    MResource allConnector = new MResource(SqoopActionConstant.ALL, MResource.TYPE.CONNECTOR);
-    MPrivilege allPrivilege = new MPrivilege(allConnector, SqoopActionConstant.ALL_NAME, false);
+    MResource hdfsConnector = new MResource(HDFS_CONNECTOR_NAME, MResource.TYPE.CONNECTOR);
+    MPrivilege allPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.ALL_NAME, false);
     client.createRole(role3);
     client.grantRole(Lists.newArrayList(role3), Lists.newArrayList(group3Princ));
     client.grantPrivilege(Lists.newArrayList(role3Princ), Lists.newArrayList(allPrivilege));
 
     // check user3 has one privilege on role3
     client = sqoopServerRunner.getSqoopClient(USER3);
-    assertTrue(client.getPrivilegesByPrincipal(role3Princ, allConnector).size() == 1);
+    assertTrue(client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).size() == 1);
     // user3 has the all action on role3
-    MPrivilege user3Privilege = client.getPrivilegesByPrincipal(role3Princ, allConnector).get(0);
+    MPrivilege user3Privilege = client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).get(0);
     assertEquals(user3Privilege.getAction(), SqoopActionConstant.ALL_NAME);
 
     // admin user revoke the read privilege on connector all from role role3
-    MPrivilege readPrivilege = new MPrivilege(allConnector, SqoopActionConstant.READ, false);
+    MPrivilege readPrivilege = new MPrivilege(hdfsConnector, SqoopActionConstant.READ, false);
     client = sqoopServerRunner.getSqoopClient(ADMIN_USER);
     client.revokePrivilege(Lists.newArrayList(role3Princ), Lists.newArrayList(readPrivilege));
 
     // check user3 has only the write privilege on role3
     client = sqoopServerRunner.getSqoopClient(USER3);
-    assertTrue(client.getPrivilegesByPrincipal(role3Princ, allConnector).size() == 1);
-    user3Privilege = client.getPrivilegesByPrincipal(role3Princ, allConnector).get(0);
+    assertTrue(client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).size() == 1);
+    user3Privilege = client.getPrivilegesByPrincipal(role3Princ, hdfsConnector).get(0);
     assertEquals(user3Privilege.getAction().toLowerCase(), SqoopActionConstant.WRITE);
   }
 }


Mime
View raw message