Package org.apache.sentry.provider.db.service.model

Examples of org.apache.sentry.provider.db.service.model.MSentryPrivilege

293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
        // If Grant is for ALL and Either INSERT/SELECT already exists..
        // need to remove it and GRANT ALL..
        if (privilege.getAction().equalsIgnoreCase("*")) {
          TSentryPrivilege tNotAll = new TSentryPrivilege(privilege);
          tNotAll.setAction(AccessConstants.SELECT);
          MSentryPrivilege mSelect = getMSentryPrivilege(
              constructPrivilegeName(tNotAll), pm);
          tNotAll.setAction(AccessConstants.INSERT);
          MSentryPrivilege mInsert = getMSentryPrivilege(
              constructPrivilegeName(tNotAll), pm);
          if ((mSelect != null) && (mRole.getPrivileges().contains(mSelect))) {
            mSelect.removeRole(mRole);
            pm.makePersistent(mSelect);
          }
          if ((mInsert != null) && (mRole.getPrivileges().contains(mInsert))) {
            mInsert.removeRole(mRole);
            pm.makePersistent(mInsert);
          }
        } else {
          // If Grant is for Either INSERT/SELECT and ALL already exists..
          // do nothing..
          TSentryPrivilege tAll = new TSentryPrivilege(privilege);
          tAll.setAction(AccessConstants.ALL);
          MSentryPrivilege mAll = getMSentryPrivilege(
              constructPrivilegeName(tAll), pm);
          if ((mAll != null) && (mRole.getPrivileges().contains(mAll))) {
            return;
          }
        }
      }

      MSentryPrivilege mPrivilege = getMSentryPrivilege(
          constructPrivilegeName(privilege), pm);
      if (mPrivilege == null) {
        mPrivilege = convertToMSentryPrivilege(privilege);
      }
      mPrivilege.appendRole(mRole);
      pm.makePersistent(mRole);
      pm.makePersistent(mPrivilege);
    }
    return;
  }
View Full Code Here
362
363
364
365
366
367
368
369
370
371
372
    MSentryRole mRole = (MSentryRole) query.execute(roleName);
    if (mRole == null) {
      throw new SentryNoSuchObjectException("Role: " + roleName);
    } else {
      query = pm.newQuery(MSentryPrivilege.class);
      MSentryPrivilege mPrivilege = getMSentryPrivilege(
          constructPrivilegeName(tPrivilege), pm);
      if (mPrivilege == null) {
        mPrivilege = convertToMSentryPrivilege(tPrivilege);
      } else {
        mPrivilege = (MSentryPrivilege) pm.detachCopy(mPrivilege);
View Full Code Here
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
   * privilege and add SELECT (INSERT was revoked) or INSERT (SELECT was revoked).
   */
  private void revokePartial(PersistenceManager pm,
      TSentryPrivilege requestedPrivToRevoke, MSentryRole mRole,
      MSentryPrivilege currentPrivilege) throws SentryInvalidInputException {
    MSentryPrivilege persistedPriv = getMSentryPrivilege(constructPrivilegeName(convertToTSentryPrivilege(currentPrivilege)), pm);
    if (persistedPriv == null) {
      persistedPriv = convertToMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege));
    }

    if (requestedPrivToRevoke.getAction().equalsIgnoreCase("ALL") || requestedPrivToRevoke.getAction().equalsIgnoreCase("*")) {
      persistedPriv.removeRole(mRole);
      pm.makePersistent(persistedPriv);
    } else if (requestedPrivToRevoke.getAction().equalsIgnoreCase(AccessConstants.SELECT)
        && (!currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.INSERT))) {
      revokeRolePartial(pm, mRole, currentPrivilege, persistedPriv, AccessConstants.INSERT);
    } else if (requestedPrivToRevoke.getAction().equalsIgnoreCase(AccessConstants.INSERT)
View Full Code Here
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
      query.setFilter(filters.toString());
      query
          .setResult("privilegeScope, serverName, dbName, tableName, URI, action, grantorPrincipal");
      Set<MSentryPrivilege> privileges = new HashSet<MSentryPrivilege>();
      for (Object[] privObj : (List<Object[]>) query.execute()) {
        MSentryPrivilege priv = new MSentryPrivilege();
        priv.setPrivilegeScope((String) privObj[0]);
        priv.setServerName((String) privObj[1]);
        priv.setDbName((String) privObj[2]);
        priv.setTableName((String) privObj[3]);
        priv.setURI((String) privObj[4]);
        priv.setAction((String) privObj[5]);
        priv.setGrantorPrincipal((String) privObj[6]);
        priv.setPrivilegeName(constructPrivilegeName(convertToTSentryPrivilege(priv)));
        privileges.add(priv);
      }
      rollbackTransaction = false;
      commitTransaction(pm);
      return privileges;
View Full Code Here
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
   * such as trimming whitespace and setting appropriate case.
   * @throws SentryInvalidInputException
   */
  private MSentryPrivilege convertToMSentryPrivilege(TSentryPrivilege privilege)
      throws SentryInvalidInputException {
    MSentryPrivilege mSentryPrivilege = new MSentryPrivilege();
    mSentryPrivilege.setServerName(safeTrimLower(privilege.getServerName()));
    mSentryPrivilege.setDbName(safeTrimLower(privilege.getDbName()));
    mSentryPrivilege.setTableName(safeTrimLower(privilege.getTableName()));
    mSentryPrivilege.setPrivilegeScope(safeTrim(privilege.getPrivilegeScope()));
    mSentryPrivilege.setAction(safeTrim(privilege.getAction()));
    mSentryPrivilege.setCreateTime(System.currentTimeMillis());
    mSentryPrivilege.setGrantorPrincipal(safeTrim(privilege.getGrantorPrincipal()));
    mSentryPrivilege.setURI(safeTrim(privilege.getURI()));
    mSentryPrivilege.setPrivilegeName(constructPrivilegeName(privilege));
    return mSentryPrivilege;
  }
View Full Code Here
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
      TSentryPrivilege newTPrivilege) throws SentryNoSuchObjectException,
      SentryInvalidInputException {
    HashSet<MSentryRole> roleSet = Sets.newHashSet();
    tPrivilege.setPrivilegeName(constructPrivilegeName(tPrivilege));

    MSentryPrivilege mPrivilege = getMSentryPrivilege(
        tPrivilege.getPrivilegeName(), pm);
    if (mPrivilege != null) {
      roleSet.addAll(ImmutableSet.copyOf((mPrivilege.getRoles())));
    }
    for (MSentryRole role : roleSet) {
      alterSentryRoleRevokePrivilegeCore(pm, role.getRoleName(), tPrivilege);
      if (newTPrivilege != null) {
        alterSentryRoleGrantPrivilegeCore(pm, role.getRoleName(), newTPrivilege);
View Full Code Here
28
29
30
31
32
33
34
35
36
37
38
39
40
  private MSentryPrivilege privilege;

  @Test
  public void testServer() {
    privilege = new MSentryPrivilege(null, null, "server1", null, null, null, null);
    assertEquals("server=server1",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", null, null, null,
        AccessConstants.ALL);
    assertEquals("server=server1",
        SentryStore.toAuthorizable(privilege));
  }
View Full Code Here
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
        SentryStore.toAuthorizable(privilege));
  }

  @Test
  public void testTable() {
    privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null, null);
    assertEquals("server=server1->db=db1->table=tbl1",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null,
        AccessConstants.INSERT);
    assertEquals("server=server1->db=db1->table=tbl1->action=insert",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null,
        AccessConstants.SELECT);
    assertEquals("server=server1->db=db1->table=tbl1->action=select",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null,
        AccessConstants.ALL);
    assertEquals("server=server1->db=db1->table=tbl1",
        SentryStore.toAuthorizable(privilege));
  }
View Full Code Here
58
59
60
61
62
63
64
65
66
67
68
69
70
        SentryStore.toAuthorizable(privilege));
  }

  @Test
  public void testDb() {
    privilege = new MSentryPrivilege(null, null, "server1", "db1", null, null, null);
    assertEquals("server=server1->db=db1",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", "db1", null, null,
        AccessConstants.ALL);
    assertEquals("server=server1->db=db1",
        SentryStore.toAuthorizable(privilege));
  }
View Full Code Here
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
        SentryStore.toAuthorizable(privilege));
  }

  @Test
  public void testUri() {
    privilege = new MSentryPrivilege(null, null, "server1", null, null, "file:///", null);
    assertEquals("server=server1->uri=file:///",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", null, null, "file:///",
        AccessConstants.SELECT);
    assertEquals("server=server1->uri=file:///->action=select",
        SentryStore.toAuthorizable(privilege));
    privilege = new MSentryPrivilege(null, null, "server1", null, null, "file:///",
        AccessConstants.ALL);
    assertEquals("server=server1->uri=file:///",
        SentryStore.toAuthorizable(privilege));
  }
View Full Code Here
TOP

Related Classes of org.apache.sentry.provider.db.service.model.MSentryPrivilege

  • org.apache.sentry.provider.db.service.persistent.SentryStore
  • org.apache.sentry.provider.db.service.persistent.TestSentryStore
  • org.apache.sentry.provider.db.service.persistent.TestSentryStoreToAuthorizable
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.