public long notifyHmsEvent(String requestorUserName, long eventId, String eventType, TSentryPrincipalType ownerType, String ownerName, TSentryAuthorizable authorizable) throws SentryUserException { TSentryHmsEventNotification request = new TSentryHmsEventNotification(); try { request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); request.setRequestorUserName(requestorUserName); request.setId(eventId); request.setEventType(eventType); request.setOwnerType(ownerType); request.setOwnerName(ownerName); request.setAuthorizable(authorizable); TSentryHmsEventNotificationResponse response = client.sentry_notify_hms_event(request); Status.throwIfNotOk(response.getStatus()); return response.getId(); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
public Object getFieldValue(_Fields field) { switch (field) { case PROTOCOL_VERSION: return getProtocol_version(); case REQUESTOR_USER_NAME: return getRequestorUserName(); case ID: return getId(); case EVENT_TYPE: return getEventType(); case AUTHORIZABLE: return getAuthorizable(); case OWNER_TYPE: return getOwnerType(); case OWNER_NAME: return getOwnerName(); } throw new IllegalStateException(); }
case PROTOCOL_VERSION: if (value == null) { unsetProtocol_version(); } else { setProtocol_version((Integer)value); unsetRequestorUserName(); } else { setRequestorUserName((String)value); unsetId(); } else { setId((Long)value); unsetEventType(); } else { setEventType((String)value); unsetAuthorizable(); } else { setAuthorizable((TSentryAuthorizable)value); unsetOwnerType(); } else { setOwnerType((TSentryPrincipalType)value); unsetOwnerName(); } else { setOwnerName((String)value);
authorizable.setTable(TABLENAME); TSentryHmsEventNotification notification = new TSentryHmsEventNotification(); notification.setId(1L); notification.setOwnerType(TSentryPrincipalType.ROLE); notification.setOwnerName(OWNER); notification.setAuthorizable(authorizable); notification.setEventType(EventMessage.EventType.CREATE_TABLE.toString()); notification.setOwnerType(TSentryPrincipalType.USER); notification.setOwnerName(ADMIN_USER); sentryServiceHandler.sentry_notify_hms_event(notification); Mockito.verify( sentryStore, Mockito.times(1)).alterSentryGrantOwnerPrivilege(ADMIN_USER, SentryPrincipalType.USER, ownerPrivilege, null); notification.setOwnerName(OWNER); notification.setOwnerType(TSentryPrincipalType.USER); sentryServiceHandler.sentry_notify_hms_event(notification);
if (Strings.isNullOrEmpty(request.getOwnerName()) || (request.getOwnerType().getValue() == 0)) { LOGGER.debug(String.format("Owner Information not provided for Operation: [%s], Not adding owner privilege for" + " object: [%s].[%s]", request.getEventType(), request.getAuthorizable().getDb(), request.getAuthorizable().getTable())); return; TSentryPrivilege ownerPrivilege = constructOwnerPrivilege(request.getAuthorizable()); if (ownerPrivilege == null) { LOGGER.debug("Owner privilege is not added"); SentryPrincipalType principalType = getSentryPrincipalType(request.getOwnerType()); if (principalType == null) { String error = "Invalid owner type : " + request.getEventType(); LOGGER.error(error); throw new SentryInvalidInputException(error); Set<TSentryPrivilege> privSet = Collections.singleton(ownerPrivilege); Map<TSentryPrivilege, Update> privilegesUpdateMap = new HashMap<>(); getOwnerPrivilegeUpdateForGrant(request.getOwnerName(), request.getOwnerType(), privSet, privilegesUpdateMap); sentryStore.alterSentryGrantOwnerPrivilege(request.getOwnerName(), principalType, ownerPrivilege, privilegesUpdateMap.get(ownerPrivilege)); audit.onGrantOwnerPrivilege(Status.OK(), request.getRequestorUserName(), request.getOwnerType(), request.getOwnerName(), request.getAuthorizable()); } catch (Exception e) { String msg = "Owner privilege for " + request.getAuthorizable() + " could not be granted: " + e.getMessage(); audit.onGrantOwnerPrivilege(Status.RuntimeError(msg, e), request.getRequestorUserName(), request.getOwnerType(), request.getOwnerName(), request.getAuthorizable());
(TSentryHmsEventNotification request) throws TException { TSentryHmsEventNotificationResponse response = new TSentryHmsEventNotificationResponse(); EventType eventType = EventType.valueOf(request.getEventType()); try (Timer.Context timerContext = sentryMetrics.notificationProcessTimer.time()) { switch (eventType) { case CREATE_TABLE: if(request.getId() > 0) { response.setId(syncEventId(request.getId())); } else { response.setId(0L); case DROP_TABLE: if(request.getId() > 0) { response.setId(syncEventId(request.getId())); } else { response.setId(0L); if(request.getId() > 0) { response.setId(syncEventId(request.getId())); } else { response.setId(0L); String msg = request.getOwnerType().toString() + ": " + request.getOwnerName() + " doesn't exist"; LOGGER.error(msg, e); response.setStatus(Status.NoSuchObject(msg, e));
@Override public void read(org.apache.thrift.protocol.TProtocol prot, sentry_notify_hms_event_args struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; BitSet incoming = iprot.readBitSet(1); if (incoming.get(0)) { struct.request = new TSentryHmsEventNotification(); struct.request.read(iprot); struct.setRequestIsSet(true); } } }
public TSentryHmsEventNotification deepCopy() { return new TSentryHmsEventNotification(this); }
authorizable.setDb(DBNAME); TSentryHmsEventNotification notification = new TSentryHmsEventNotification(); notification.setId(1L); notification.setOwnerType(TSentryPrincipalType.ROLE); notification.setOwnerName(OWNER); notification.setAuthorizable(authorizable); notification.setEventType(EventType.CREATE_DATABASE.toString()); ).alterSentryGrantOwnerPrivilege(OWNER, SentryPrincipalType.ROLE, ownerPrivilege, null); notification.setOwnerType(TSentryPrincipalType.USER); sentryServiceHandler.sentry_notify_hms_event(notification); notification.setOwnerType(TSentryPrincipalType.USER); notification.setOwnerName(ADMIN_USER); sentryServiceHandler.sentry_notify_hms_event(notification); Mockito.verify(
if (Strings.isNullOrEmpty(request.getOwnerName()) || (request.getOwnerType().getValue() == 0)) { LOGGER.debug(String.format("Owner Information not provided for Operation: [%s], Not revoking owner privilege for" + " object: [%s].[%s]", request.getEventType(), request.getAuthorizable().getDb(), request.getAuthorizable().getTable())); return; TSentryPrivilege ownerPrivilege = constructOwnerPrivilege(request.getAuthorizable()); if (ownerPrivilege == null) { LOGGER.debug("Owner privilege is not added"); SentryPrincipalType principalType = getSentryPrincipalType(request.getOwnerType()); if(principalType == null ) { String error = "Invalid owner type : " + request.getEventType(); LOGGER.error(error); throw new SentryInvalidInputException(error); Map<TSentryPrivilege, Update> privilegesUpdateMap = new HashMap<>(); List<Update> updateList = new ArrayList<>(); List<SentryOwnerInfo> ownerInfoList = sentryStore.listOwnersByAuthorizable(request.getAuthorizable()); privilegesUpdateMap.clear(); } else if (ownerInfo.getOwnerType().equals(SentryPrincipalType.ROLE)) { plugin.onAlterSentryRoleRevokePrivilege(request.getOwnerName(), privSet, privilegesUpdateMap); updateList.add(privilegesUpdateMap.get(ownerPrivilege)); privilegesUpdateMap.clear(); getOwnerPrivilegeUpdateForGrant(request.getOwnerName(), request.getOwnerType(), privSet, privilegesUpdateMap); updateList.add(privilegesUpdateMap.get(ownerPrivilege));
public void read(org.apache.thrift.protocol.TProtocol iprot, sentry_notify_hms_event_args struct) throws org.apache.thrift.TException { org.apache.thrift.protocol.TField schemeField; iprot.readStructBegin(); while (true) { schemeField = iprot.readFieldBegin(); if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { case 1: // REQUEST if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { struct.request = new TSentryHmsEventNotification(); struct.request.read(iprot); struct.setRequestIsSet(true); } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; default: org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } iprot.readFieldEnd(); } iprot.readStructEnd(); struct.validate(); }
/** * Performs a deep copy on <i>other</i>. */ public sentry_notify_hms_event_args(sentry_notify_hms_event_args other) { if (other.isSetRequest()) { this.request = new TSentryHmsEventNotification(other.request); } }
authorizable.setDb(DBNAME); TSentryHmsEventNotification notification = new TSentryHmsEventNotification(); notification.setId(1L); notification.setOwnerType(TSentryPrincipalType.ROLE); notification.setOwnerName(OWNER); notification.setAuthorizable(authorizable); notification.setEventType(EventType.CREATE_DATABASE.toString());
authorizable.setTable(TABLENAME); TSentryHmsEventNotification notification = new TSentryHmsEventNotification(); notification.setId(1L); notification.setAuthorizable(authorizable); notification.setEventType(EventType.ALTER_TABLE.toString()); notification.setOwnerType(TSentryPrincipalType.USER); notification.setOwnerName(ADMIN_USER); sentryServiceHandler.sentry_notify_hms_event(notification); Mockito.anyList()); notification.setOwnerType(TSentryPrincipalType.ROLE); notification.setOwnerName(OWNER); sentryServiceHandler.sentry_notify_hms_event(notification); notification.setOwnerType(TSentryPrincipalType.USER); sentryServiceHandler.sentry_notify_hms_event(notification);