@Override public void createRole(Role role) throws AlreadyExistsException { if (roleToPrincipals.containsKey(role)) { throw new AlreadyExistsException(role); } // NOTE: A concurrent put might happen, hence it should still result as RoleAlreadyExistsException. Set<Principal> principals = Collections.newSetFromMap(new ConcurrentHashMap<Principal, Boolean>()); if (roleToPrincipals.putIfAbsent(role, principals) != null) { throw new AlreadyExistsException(role); } }
private <T> T execute(Command<T> cmd) throws Exception { try { SentryGenericServiceClient client = getClient(); try { return cmd.run(client); } finally { client.close(); } } catch (Exception e) { // map sentry exceptions to appropriate cdap-security exceptions if (e instanceof SentryAccessDeniedException) { throw new UnauthorizedException(e.getMessage()); } else if (e instanceof SentryNoSuchObjectException) { throw new NotFoundException(e.getMessage()); } else if (e instanceof SentryAlreadyExistsException) { throw new AlreadyExistsException(e.getMessage()); } else if (e instanceof SentryInvalidInputException || e instanceof SentryThriftAPIMismatchException) { throw new BadRequestException(e.getMessage()); } else { throw e; } } }
@Override public void createRole(Role role) throws IOException, FeatureDisabledException, UnauthenticatedException, UnauthorizedException, AlreadyExistsException, NotFoundException { URL url = config.resolveURLV3(String.format(AUTHORIZATION_BASE + "roles/%s", role.getName())); HttpRequest request = HttpRequest.put(url).build(); HttpResponse httpResponse = doExecuteRequest(request, HttpURLConnection.HTTP_CONFLICT); if (httpResponse.getResponseCode() == HttpURLConnection.HTTP_CONFLICT) { throw new AlreadyExistsException(role); } }