Package org.apache.accumulo.core.client.impl.thrift

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

158
159
160
161
162
163
164
165
  }
 
  public boolean canAskAboutUser(TCredentials credentials, String user) throws ThriftSecurityException {
    // Authentication done in canPerformSystemActions
    if (!(canPerformSystemActions(credentials) || credentials.getPrincipal().equals(user)))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return true;
  }
View Full Code Here
194
195
196
197
198
199
200
201
202
203
204
    authenticate(credentials);
   
    targetUserExists(user);
   
    if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials.getPrincipal(), SystemPermission.SYSTEM, false))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
   
    // system user doesn't need record-level authorizations for the tables it reads (for now)
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      return Constants.NO_AUTHS;
   
View Full Code Here
252
253
254
255
256
257
258
259
        return permHandle.hasCachedTablePermission(user, table, permission);
      return permHandle.hasTablePermission(user, table, permission);
    } catch (AccumuloSecurityException e) {
      throw e.asThriftException();
    } catch (TableNotFoundException e) {
      throw new ThriftSecurityException(user, SecurityErrorCode.TABLE_DOESNT_EXIST);
    }
  }
View Full Code Here
271
272
273
274
275
276
277
278
279
280
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL) || user.equals(getRootUsername()))
      return;
   
    try {
      if (!authenticator.userExists(user))
        throw new ThriftSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST);
    } catch (AccumuloSecurityException e) {
      throw e.asThriftException();
    }
  }
View Full Code Here
369
370
371
372
373
374
375
376
  }
 
  public boolean canChangeAuthorizations(TCredentials c, String user) throws ThriftSecurityException {
    authenticate(c);
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_USER, false);
  }
View Full Code Here
376
377
378
379
380
381
382
383
  }
 
  public boolean canChangePassword(TCredentials c, String user) throws ThriftSecurityException {
    authenticate(c);
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return c.getPrincipal().equals(user) || hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_USER, false);
  }
View Full Code Here
385
386
387
388
389
390
391
392
393
  public boolean canCreateUser(TCredentials c, String user) throws ThriftSecurityException {
    authenticate(c);
   
    // don't allow creating a user with the same name as system user
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
   
    return hasSystemPermission(c.getPrincipal(), SystemPermission.CREATE_USER, false);
  }
View Full Code Here
395
396
397
398
399
400
401
402
403
  public boolean canDropUser(TCredentials c, String user) throws ThriftSecurityException {
    authenticate(c);
   
    // can't delete root or system users
    if (user.equals(getRootUsername()) || user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
   
    return hasSystemPermission(c.getPrincipal(), SystemPermission.DROP_USER, false);
  }
View Full Code Here
405
406
407
408
409
410
411
412
413
414
415
416
417
  public boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException {
    authenticate(c);
   
    // can't modify system user
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
   
    // can't grant GRANT
    if (sysPerm.equals(SystemPermission.GRANT))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);
   
    return hasSystemPermission(c.getPrincipal(), SystemPermission.GRANT, false);
  }
View Full Code Here
419
420
421
422
423
424
425
426
427
428
  public boolean canGrantTable(TCredentials c, String user, String table) throws ThriftSecurityException {
    authenticate(c);
   
    // can't modify system user
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
   
    return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false)
        || hasTablePermission(c.getPrincipal(), table, TablePermission.GRANT, false);
  }
View Full Code Here
TOP

Related Classes of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

  • org.apache.accumulo.core.client.TestThrift1474$TestServer
  • org.apache.accumulo.master.FateServiceHandler
  • org.apache.accumulo.master.MasterClientServiceHandler
  • org.apache.accumulo.server.client.ClientServiceHandler
  • org.apache.accumulo.server.master.Master$MasterClientServiceHandler
  • org.apache.accumulo.server.security.SecurityOperation
  • org.apache.accumulo.server.tabletserver.TabletServer$ThriftClientHandler
  • org.apache.accumulo.tserver.TabletServer$ThriftClientHandler
  • org.apache.thrift.protocol.TTupleProtocol
  • java.util.BitSet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.