Package org.apache.sentry.provider.db.service.thrift

Examples of org.apache.sentry.provider.db.service.thrift.TSentryPrivilege


      if ((privilege.getTableName() != null) || (privilege.getDbName() != null)) {
        // If Grant is for ALL and Either INSERT/SELECT already exists..
        // need to remove it and GRANT ALL..
        if (privilege.getAction().equalsIgnoreCase("*")) {
          TSentryPrivilege tNotAll = new TSentryPrivilege(privilege);
          tNotAll.setAction(AccessConstants.SELECT);
          MSentryPrivilege mSelect = getMSentryPrivilege(
              constructPrivilegeName(tNotAll), pm);
          tNotAll.setAction(AccessConstants.INSERT);
          MSentryPrivilege mInsert = getMSentryPrivilege(
              constructPrivilegeName(tNotAll), pm);
          if ((mSelect != null) && (mRole.getPrivileges().contains(mSelect))) {
            mSelect.removeRole(mRole);
            pm.makePersistent(mSelect);
          }
          if ((mInsert != null) && (mRole.getPrivileges().contains(mInsert))) {
            mInsert.removeRole(mRole);
            pm.makePersistent(mInsert);
          }
        } else {
          // If Grant is for Either INSERT/SELECT and ALL already exists..
          // do nothing..
          TSentryPrivilege tAll = new TSentryPrivilege(privilege);
          tAll.setAction(AccessConstants.ALL);
          MSentryPrivilege mAll = getMSentryPrivilege(
              constructPrivilegeName(tAll), pm);
          if ((mAll != null) && (mRole.getPrivileges().contains(mAll))) {
            return;
          }
View Full Code Here


    group.setGroupName(mSentryGroup.getGroupName());
    return group;
  }

  private TSentryPrivilege convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege) {
    TSentryPrivilege privilege = new TSentryPrivilege();
    privilege.setCreateTime(mSentryPrivilege.getCreateTime());
    privilege.setPrivilegeName(mSentryPrivilege.getPrivilegeName());
    privilege.setAction(mSentryPrivilege.getAction());
    privilege.setPrivilegeScope(mSentryPrivilege.getPrivilegeScope());
    privilege.setServerName(mSentryPrivilege.getServerName());
    privilege.setDbName(mSentryPrivilege.getDbName());
    privilege.setTableName(mSentryPrivilege.getTableName());
    privilege.setURI(mSentryPrivilege.getURI());
    privilege.setGrantorPrincipal(mSentryPrivilege.getGrantorPrincipal());
    return privilege;
  }
View Full Code Here

  public void dropPrivilege(TSentryAuthorizable tAuthorizable)
      throws SentryNoSuchObjectException, SentryInvalidInputException {
    PersistenceManager pm = null;
    boolean rollbackTransaction = true;

    TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
    try {
      pm = openTransaction();

      if (isMultiActionsSupported(tPrivilege)) {
        for (String privilegeAction : Sets.newHashSet(AccessConstants.ALL,
            AccessConstants.SELECT, AccessConstants.INSERT)) {
          tPrivilege.setAction(privilegeAction);
          dropPrivilegeForAllRoles(pm, new TSentryPrivilege(tPrivilege));
        }
      } else {
        dropPrivilegeForAllRoles(pm, new TSentryPrivilege(tPrivilege));
      }
      rollbackTransaction = false;
      commitTransaction(pm);
    } catch (JDODataStoreException e) {
      throw new SentryInvalidInputException("Failed to get privileges: "
View Full Code Here

      TSentryAuthorizable newTAuthorizable, String grantorPrincipal)
      throws SentryNoSuchObjectException, SentryInvalidInputException {
    PersistenceManager pm = null;
    boolean rollbackTransaction = true;

    TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
    TSentryPrivilege newPrivilege = toSentryPrivilege(newTAuthorizable,
        grantorPrincipal);
    try {
      pm = openTransaction();
      // In case of tables or DBs, check all actions
      if (isMultiActionsSupported(tPrivilege)) {
        for (String privilegeAction : Sets.newHashSet(AccessConstants.ALL,
            AccessConstants.SELECT, AccessConstants.INSERT)) {
          tPrivilege.setAction(privilegeAction);
          newPrivilege.setAction(privilegeAction);
          renamePrivilegeForAllRoles(pm, tPrivilege, newPrivilege);
        }
      } else {
        renamePrivilegeForAllRoles(pm, tPrivilege, newPrivilege);
      }
View Full Code Here

    return toSentryPrivilege(tAuthorizable, null);
  }

  private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable,
      String grantorPrincipal) throws SentryInvalidInputException {
    TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
    tSentryPrivilege.setDbName(tAuthorizable.getDb());
    tSentryPrivilege.setServerName(tAuthorizable.getServer());
    tSentryPrivilege.setTableName(tAuthorizable.getTable());
    tSentryPrivilege.setURI(tAuthorizable.getUri());
    tSentryPrivilege.setGrantorPrincipal(grantorPrincipal);
    PrivilegeScope scope;
    if (tSentryPrivilege.getTableName() != null) {
      scope = PrivilegeScope.TABLE;
    } else if (tSentryPrivilege.getDbName() != null) {
      scope = PrivilegeScope.DATABASE;
    } else if (tSentryPrivilege.getURI() != null) {
      scope = PrivilegeScope.URI;
    } else {
      scope = PrivilegeScope.SERVER;
    }
    tSentryPrivilege.setPrivilegeScope(scope.name());
    tSentryPrivilege.setAction(AccessConstants.ALL);
    return tSentryPrivilege;
  }
View Full Code Here

  public void testDropOverlappedPrivileges() throws Exception {
    String roleName1 = "list-privs-r1";
    String grantor = "g1";
    sentryStore.createSentryRole(roleName1, grantor);

    TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
    privilege_tbl1.setPrivilegeScope("TABLE");
    privilege_tbl1.setServerName("server1");
    privilege_tbl1.setDbName("db1");
    privilege_tbl1.setTableName("tbl1");
    privilege_tbl1.setGrantorPrincipal(grantor);
    privilege_tbl1.setCreateTime(System.currentTimeMillis());
    privilege_tbl1.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1));

    TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege(
        privilege_tbl1);
    privilege_tbl1_insert.setAction("INSERT");
    privilege_tbl1_insert.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1_insert));

    TSentryPrivilege privilege_tbl1_all = new TSentryPrivilege(privilege_tbl1);
    privilege_tbl1_all.setAction("*");
    privilege_tbl1_all.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1_all));

    sentryStore.alterSentryRoleGrantPrivilege(roleName1, privilege_tbl1_insert);
    sentryStore.alterSentryRoleGrantPrivilege(roleName1, privilege_tbl1_all);

View Full Code Here

    sentryStore.createSentryRole(roleName1, grantor);
    sentryStore.createSentryRole(roleName2, grantor);
    sentryStore.createSentryRole(roleName3, grantor);

    TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
    privilege_tbl1.setPrivilegeScope("TABLE");
    privilege_tbl1.setServerName("server1");
    privilege_tbl1.setDbName("db1");
    privilege_tbl1.setTableName(table1);
    privilege_tbl1.setGrantorPrincipal(grantor);
    privilege_tbl1.setCreateTime(System.currentTimeMillis());
    privilege_tbl1.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1));

    TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege(
        privilege_tbl1);
    privilege_tbl1_insert.setAction(AccessConstants.INSERT);
    privilege_tbl1_insert.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1_insert));

    TSentryPrivilege privilege_tbl1_select = new TSentryPrivilege(
        privilege_tbl1);
    privilege_tbl1_select.setAction(AccessConstants.SELECT);
    privilege_tbl1_select.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1_select));

    TSentryPrivilege privilege_tbl1_all = new TSentryPrivilege(privilege_tbl1);
    privilege_tbl1_all.setAction(AccessConstants.ALL);
    privilege_tbl1_all.setPrivilegeName(SentryStore
        .constructPrivilegeName(privilege_tbl1_all));

    sentryStore.alterSentryRoleGrantPrivilege(roleName1, privilege_tbl1_insert);
    sentryStore.alterSentryRoleGrantPrivilege(roleName2, privilege_tbl1_select);
    sentryStore.alterSentryRoleGrantPrivilege(roleName3, privilege_tbl1_all);
View Full Code Here

    Set<TSentryGroup> groups = Sets.newHashSet();
    TSentryGroup group = new TSentryGroup();
    group.setGroupName("test-groups-g1");
    groups.add(group);

    TSentryPrivilege privilege = new TSentryPrivilege();
    privilege.setPrivilegeScope("TABLE");
    privilege.setServerName("server1");
    privilege.setDbName("default");
    privilege.setTableName("table1");
    privilege.setAction(AccessConstants.ALL);
    privilege.setGrantorPrincipal(grantor);
    privilege.setCreateTime(System.currentTimeMillis());
    privilege.setPrivilegeName(SentryStore.constructPrivilegeName(privilege));

    long seqId = sentryStore.createSentryRole(roleName, grantor).getSequenceId();
    assertEquals(seqId + 1, sentryStore.alterSentryRoleAddGroups(grantor, roleName, groups).getSequenceId());
    assertEquals(seqId + 2, sentryStore.alterSentryRoleDeleteGroups(roleName, groups).getSequenceId());
    assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(roleName, privilege).getSequenceId());
View Full Code Here

  public void testURI() throws Exception {
    String roleName = "test-dup-role";
    String grantor = "g1";
    String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat";
    sentryStore.createSentryRole(roleName, grantor);
    TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL");
    tSentryPrivilege.setURI(uri);
    tSentryPrivilege.setPrivilegeName(SentryStore.constructPrivilegeName(tSentryPrivilege));
    sentryStore.alterSentryRoleGrantPrivilege(roleName, tSentryPrivilege);

    TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
    tSentryAuthorizable.setUri(uri);
    tSentryAuthorizable.setServer("server1");
View Full Code Here

  @Test
  public void testCaseSensitiveScope() throws Exception {
    String roleName = "role1";
    String grantor = "g1";
    long seqId = sentryStore.createSentryRole(roleName, grantor).getSequenceId();
    TSentryPrivilege sentryPrivilege = new TSentryPrivilege("Database", "server1", "all");
    sentryPrivilege.setDbName("db1");
    assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(roleName, sentryPrivilege).getSequenceId());
  }
View Full Code Here

TOP

Related Classes of org.apache.sentry.provider.db.service.thrift.TSentryPrivilege

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.