Package org.apache.accumulo.core.client.impl.thrift

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

194
195
196
197
198
199
200
201
202
203
204
    authenticate(credentials);

    targetUserExists(user);

    if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials, SystemPermission.SYSTEM, false))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);

    try {
      return authorizor.getCachedUserAuthorizations(user);
    } catch (AccumuloSecurityException e) {
      throw e.asThriftException();
View Full Code Here
302
303
304
305
306
307
308
309
        return permHandle.hasCachedTablePermission(user, table, permission);
      return permHandle.hasTablePermission(user, table, permission);
    } catch (AccumuloSecurityException e) {
      throw e.asThriftException();
    } catch (TableNotFoundException e) {
      throw new ThriftSecurityException(user, SecurityErrorCode.TABLE_DOESNT_EXIST);
    }
  }
View Full Code Here
328
329
330
331
332
333
334
335
        return permHandle.hasCachedNamespacePermission(user, namespace, permission);
      return permHandle.hasNamespacePermission(user, namespace, permission);
    } catch (AccumuloSecurityException e) {
      throw e.asThriftException();
    } catch (NamespaceNotFoundException e) {
      throw new ThriftSecurityException(user, SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
    }
  }
View Full Code Here
345
346
347
348
349
350
351
352
353
354
  private void targetUserExists(String user) throws ThriftSecurityException {
    if (user.equals(getRootUsername()))
      return;
    try {
      if (!authenticator.userExists(user))
        throw new ThriftSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST);
    } catch (AccumuloSecurityException e) {
      throw e.asThriftException();
    }
  }
View Full Code Here
477
478
479
480
481
482
483
484
  }

  public boolean canDropUser(TCredentials c, String user) throws ThriftSecurityException {
    authenticate(c);
    if (user.equals(getRootUsername()))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return hasSystemPermission(c, SystemPermission.DROP_USER, false);
  }
View Full Code Here
485
486
487
488
489
490
491
492
  public boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException {
    authenticate(c);
    // can't grant GRANT
    if (sysPerm.equals(SystemPermission.GRANT))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);
    return hasSystemPermission(c, SystemPermission.GRANT, false);
  }
View Full Code Here
512
513
514
515
516
517
518
519
520
521
522
523
524
  public boolean canRevokeSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException {
    authenticate(c);
    // can't modify root user
    if (user.equals(getRootUsername()))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);

    // can't revoke GRANT
    if (sysPerm.equals(SystemPermission.GRANT))
      throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);

    return hasSystemPermission(c, SystemPermission.GRANT, false);
  }
View Full Code Here
532
533
534
535
536
537
538
539
540
541
542
    return canModifyNamespacePermission(c, user, namespace);
  }

  public void changeAuthorizations(TCredentials credentials, String user, Authorizations authorizations) throws ThriftSecurityException {
    if (!canChangeAuthorizations(credentials, user))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);

    targetUserExists(user);

    try {
      authorizor.changeAuthorizations(user, authorizations);
View Full Code Here
546
547
548
549
550
551
552
553
554
555
556
    }
  }

  public void changePassword(TCredentials credentials, Credentials toChange) throws ThriftSecurityException {
    if (!canChangePassword(credentials, toChange.getPrincipal()))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    try {
      AuthenticationToken token = toChange.getToken();
      authenticator.changePassword(toChange.getPrincipal(), token);
      log.info("Changed password for user " + toChange.getPrincipal() + " at the request of user " + credentials.getPrincipal());
    } catch (AccumuloSecurityException e) {
View Full Code Here
558
559
560
561
562
563
564
565
566
567
568
    }
  }

  public void createUser(TCredentials credentials, Credentials newUser, Authorizations authorizations) throws ThriftSecurityException {
    if (!canCreateUser(credentials, newUser.getPrincipal()))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    try {
      AuthenticationToken token = newUser.getToken();
      authenticator.createUser(newUser.getPrincipal(), token);
      authorizor.initUser(newUser.getPrincipal());
      permHandle.initUser(newUser.getPrincipal());
View Full Code Here
TOP

Related Classes of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

  • org.apache.accumulo.core.client.TestThrift1474$TestServer
  • org.apache.accumulo.master.FateServiceHandler
  • org.apache.accumulo.master.MasterClientServiceHandler
  • org.apache.accumulo.server.client.ClientServiceHandler
  • org.apache.accumulo.server.master.Master$MasterClientServiceHandler
  • org.apache.accumulo.server.security.SecurityOperation
  • org.apache.accumulo.server.tabletserver.TabletServer$ThriftClientHandler
  • org.apache.accumulo.tserver.TabletServer$ThriftClientHandler
  • org.apache.thrift.protocol.TTupleProtocol
  • java.util.BitSet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.