Package org.apache.sentry.core.model.db

Examples of org.apache.sentry.core.model.db.Database

224
225
226
227
228
229
230
    return ast;
  }

  // Find the current database for session
  private Database getCanonicalDb() {
    return new Database(SessionState.get().getCurrentDatabase());
  }
View Full Code Here
230
231
232
233
234
235
236
237
238
239
  }

  private Database extractDatabase(ASTNode ast) throws SemanticException {
    String tableName = BaseSemanticAnalyzer.getUnescapedName(ast);
    if (tableName.contains(".")) {
      return new Database((tableName.split("\\."))[0]);
    } else {
      return getCanonicalDb();
    }
  }
View Full Code Here
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
  // Build the hierarchy of authorizable object for the given entity type.
  private List<DBModelAuthorizable> getAuthzHierarchyFromEntity(Entity entity) {
    List<DBModelAuthorizable> objectHierarchy = new ArrayList<DBModelAuthorizable>();
    switch (entity.getType()) {
    case TABLE:
      objectHierarchy.add(new Database(entity.getTable().getDbName()));
      objectHierarchy.add(new Table(entity.getTable().getTableName()));
      break;
    case PARTITION:
      objectHierarchy.add(new Database(entity.getPartition().getTable().getDbName()));
      objectHierarchy.add(new Table(entity.getPartition().getTable().getTableName()));
      break;
    case DFS_DIR:
    case LOCAL_DIR:
      try {
View Full Code Here
611
612
613
614
615
616
617
618
619
620
621
622
        build();

    for (String tableName : queryResult) {
      // if user has privileges on table, add to filtered list, else discard
      Table table = new Table(tableName);
      Database database;
      database = new Database(dbName);

      List<List<DBModelAuthorizable>> inputHierarchy = new ArrayList<List<DBModelAuthorizable>>();
      List<List<DBModelAuthorizable>> outputHierarchy = new ArrayList<List<DBModelAuthorizable>>();
      List<DBModelAuthorizable> externalAuthorizableHierarchy = new ArrayList<DBModelAuthorizable>();
      externalAuthorizableHierarchy.add(hiveAuthzBinding.getAuthServer());
View Full Code Here
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
        setOperationType(HiveOperationType.QUERY).
        build();

    for (String dbName:queryResult) {
      // if user has privileges on database, add to filtered list, else discard
      Database database = null;

      // if default is not restricted, continue
      if (DEFAULT_DATABASE_NAME.equalsIgnoreCase(dbName) &&
          "false".equalsIgnoreCase(authzConf.
              get(HiveAuthzConf.AuthzConfVars.AUTHZ_RESTRICT_DEFAULT_DB.getVar(), "false"))) {
        filteredResult.add(DEFAULT_DATABASE_NAME);
        continue;
      }

      database = new Database(dbName);

      List<List<DBModelAuthorizable>> inputHierarchy = new ArrayList<List<DBModelAuthorizable>>();
      List<List<DBModelAuthorizable>> outputHierarchy = new ArrayList<List<DBModelAuthorizable>>();
      List<DBModelAuthorizable> externalAuthorizableHierarchy = new ArrayList<DBModelAuthorizable>();
      externalAuthorizableHierarchy.add(hiveAuthzBinding.getAuthServer());
      externalAuthorizableHierarchy.add(database);
      externalAuthorizableHierarchy.add(Table.ALL);
      inputHierarchy.add(externalAuthorizableHierarchy);

      try {
        hiveAuthzBinding.authorize(operation, anyPrivilege, subject,
            inputHierarchy, outputHierarchy);
        filteredResult.add(database.getName());
      } catch (AuthorizationException e) {
        // squash the exception, user doesn't have privileges, so the table is
        // not added to
        // filtered list.
        ;
View Full Code Here
34
35
36
37
38
39
40
41
    Server server = (Server)DBModelAuthorizables.from("SeRvEr=server1");
    assertEquals("server1", server.getName());
  }
  @Test
  public void testDb() throws Exception {
    Database db = (Database)DBModelAuthorizables.from("dB=db1");
    assertEquals("db1", db.getName());
  }
View Full Code Here
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
    if (privSubjectDesc.getTable()) {
      DatabaseTable dbTable = parseDBTable(privSubjectDesc.getObject());
      dbName = dbTable.getDatabase();
      String tableName = dbTable.getTable();
      authorizableHeirarchy.add(new Table(tableName));
      authorizableHeirarchy.add(new Database(dbName));

    } else if (privSubjectDesc.getUri()) {
      String uriPath = privSubjectDesc.getObject();
      String warehouseDir = conf.getVar(HiveConf.ConfVars.METASTOREWAREHOUSE);
      try {
      authorizableHeirarchy.add(new AccessURI(PathUtils.parseDFSURI(warehouseDir, uriPath)));
      } catch(URISyntaxException e) {
        throw new HiveException(e.getMessage());
      }
    } else {
      dbName = privSubjectDesc.getObject();
      authorizableHeirarchy.add(new Database(dbName));
    }
    return authorizableHeirarchy;
  }
View Full Code Here
48
49
50
51
52
53
54
55
56
57
58
  private static DBModelAuthorizable from(AuthorizableType type, String name) {
    switch (type) {
    case Server:
      return new Server(name);
    case Db:
      return new Database(name);
    case Table:
      return new Table(name);
    case View:
      return new View(name);
    case URI:
View Full Code Here
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
    client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");

    Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
    assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());

    listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
    assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());

    listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
    assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());

    listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
    assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());

    Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!",
        Sets.newHashSet("server=server->db=db2->table=table4->action=ALL", "server=server->db=db2->table=table3->action=ALL"),
        listPrivilegesForProvider);

    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=ALL"), listPrivilegesForProvider);

    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);

    listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
    Assert.assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
  }
View Full Code Here
TOP

Related Classes of org.apache.sentry.core.model.db.Database

  • org.apache.hadoop.hive.ql.exec.SentryGrantRevokeTask
  • org.apache.sentry.binding.hive.HiveAuthzBindingHook
  • org.apache.sentry.binding.hive.TestHiveAuthzBindings
  • org.apache.sentry.binding.metastore.MetastoreAuthzBinding$HierarcyBuilder
  • org.apache.sentry.binding.metastore.SentryMetastorePostEventListener
  • org.apache.sentry.policy.db.AbstractTestSimplePolicyEngine
  • org.apache.sentry.policy.db.DBModelAuthorizables
  • org.apache.sentry.policy.db.TestDBModelAuthorizables
  • org.apache.sentry.policy.db.TestPolicyParsingNegative
  • org.apache.sentry.policy.db.TestSimpleDBPolicyEngineDFS
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.