/** * Updates authzObj -> [Paths] mapping to replace an existing path with a new one * given an authzObj. * * @param pm PersistenceManager * @param authzObj an authzObj * @param oldPath the existing path maps to the given authzObj * @param newPath a non-empty path to replace the existing one * @throws SentryNoSuchObjectException if no such path found * in the authzObj -> [Paths] mapping. */ private void updateAuthzPathsMappingCore(PersistenceManager pm, String authzObj, String oldPath, String newPath) { long currentSnapshotID = getCurrentAuthzPathsSnapshotID(pm); if (currentSnapshotID <= EMPTY_PATHS_SNAPSHOT_ID) { LOGGER.error("No paths snapshot ID is found. Cannot update authzoObj: {}", authzObj); } MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMappingCore(pm, currentSnapshotID, authzObj); if (mAuthzPathsMapping == null) { mAuthzPathsMapping = new MAuthzPathsMapping(currentSnapshotID, getNextAuthzObjectID(pm), authzObj, Collections.singleton(newPath)); } else { mAuthzPathsMapping.deletePersistent(pm, Collections.singleton(oldPath)); mAuthzPathsMapping.addPathToPersist(Collections.singleton(newPath)); } mAuthzPathsMapping.makePersistent(pm); }
/** * Renames the existing authzObj to a new one in the authzObj -> [Paths] mapping. * And updates its existing path with a new path, while keeps the rest of its paths * untouched if there is any. * * @param pm PersistenceManager * @param oldObj the existing authzObj * @param newObj the new name to be changed to * @param oldPath a existing path of the given authzObj * @param newPath a new path to be changed to * @throws SentryNoSuchObjectException if cannot find the existing authzObj or path. */ private void renameAuthzPathsMappingCore(PersistenceManager pm, String oldObj, String newObj, String oldPath, String newPath) { long currentSnapshotID = getCurrentAuthzPathsSnapshotID(pm); if (currentSnapshotID <= EMPTY_PATHS_SNAPSHOT_ID) { LOGGER.error("No paths snapshot ID is found. Cannot rename authzoObj: {}", oldObj); } MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMappingCore(pm, currentSnapshotID, oldObj); if (mAuthzPathsMapping != null) { mAuthzPathsMapping.deletePersistent(pm,Collections.singleton(oldPath)); mAuthzPathsMapping.setAuthzObjName(newObj); mAuthzPathsMapping.addPathToPersist(Collections.singleton(newPath)); mAuthzPathsMapping.makePersistent(pm); } else { LOGGER.error("nonexistent authzObj: {} on current paths snapshot ID #{}", oldObj, currentSnapshotID); } }
/** * Adds the authzObj and with a set of paths into the authzObj -> [Paths] mapping. * If the given authzObj already exists in the mapping, only need to add the new paths * into its mapping. * * @param pm PersistenceManager * @param authzObj an authzObj * @param paths a set of paths need to be added into the authzObj -> [Paths] mapping */ private void addAuthzPathsMappingCore(PersistenceManager pm, String authzObj, Collection<String> paths) { long currentSnapshotID = getCurrentAuthzPathsSnapshotID(pm); if (currentSnapshotID <= EMPTY_PATHS_SNAPSHOT_ID) { LOGGER.warn("AuthzObj: {} cannot be persisted if paths snapshot ID does not exist yet.", authzObj); } MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMappingCore(pm, currentSnapshotID, authzObj); if (mAuthzPathsMapping == null) { mAuthzPathsMapping = new MAuthzPathsMapping(currentSnapshotID, getNextAuthzObjectID(pm), authzObj, paths); } else { mAuthzPathsMapping.addPathToPersist(paths); } mAuthzPathsMapping.makePersistent(pm); }
MAuthzPathsMapping mapping = new MAuthzPathsMapping(nextSnapshotID, nextObjectId++, authzPath.getKey(), authzPath.getValue()); mapping.makePersistent(pm); objectsPersistedCount++; pathsPersistedCount = pathsPersistedCount + authzPath.getValue().size();
String objName = authzToPaths.getAuthzObjName(); for (String path: authzToPaths.getPathStrings()) { String[] pathComponents = PathUtils.splitPath(path); List<String> paths = new ArrayList<>(pathComponents.length);
/** * Deletes a set of paths belongs to given authzObj from the authzObj -> [Paths] mapping. * * @param pm PersistenceManager * @param authzObj an authzObj * @param paths a set of paths need to be deleted from the authzObj -> [Paths] mapping. * @throws SentryNoSuchObjectException if cannot find the existing authzObj or path. */ private void deleteAuthzPathsMappingCore(PersistenceManager pm, String authzObj, Iterable<String> paths) { long currentSnapshotID = getCurrentAuthzPathsSnapshotID(pm); if (currentSnapshotID <= EMPTY_PATHS_SNAPSHOT_ID) { LOGGER.error("No paths snapshot ID is found. Cannot delete authzoObj: {}", authzObj); } MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMappingCore(pm, currentSnapshotID, authzObj); if (mAuthzPathsMapping != null) { mAuthzPathsMapping.deletePersistent(pm, paths); } else { LOGGER.error("nonexistent authzObj: {} on current paths snapshot ID #{}", authzObj, currentSnapshotID); } }
/** * Get the Collection of MPath associated with snapshot id and authzObj * @param authzSnapshotID Snapshot ID * @param authzObj Object name * @return Path mapping for object provided. * @throws Exception */ @VisibleForTesting Set<MPath> getMAuthzPaths(long authzSnapshotID, String authzObj) throws Exception { return tm.executeTransactionWithRetry( pm -> { MAuthzPathsMapping mapping = null; pm.setDetachAllOnCommit(true); // No need to detach objects mapping = getMAuthzPathsMappingCore(pm, authzSnapshotID, authzObj); if(mapping != null) { Set<MPath> paths = mapping.getPathsPersisted(); return paths; } else { return Collections.emptySet(); } }); }
/** * Renames the existing authzObj to a new one in the authzObj -> [Paths] mapping, * but keeps its paths mapping as-is. * * @param pm PersistenceManager * @param oldObj the existing authzObj * @param newObj the new name to be changed to * @throws SentryNoSuchObjectException if cannot find the existing authzObj. */ private void renameAuthzObjCore(PersistenceManager pm, String oldObj, String newObj) { long currentSnapshotID = getCurrentAuthzPathsSnapshotID(pm); if (currentSnapshotID <= EMPTY_PATHS_SNAPSHOT_ID) { LOGGER.error("No paths snapshot ID is found. Cannot rename authzoObj: {}", oldObj); } MAuthzPathsMapping mAuthzPathsMapping = getMAuthzPathsMappingCore(pm, currentSnapshotID, oldObj); if (mAuthzPathsMapping != null) { mAuthzPathsMapping.setAuthzObjName(newObj); pm.makePersistent(mAuthzPathsMapping); } else { LOGGER.error("nonexistent authzObj: {} on current paths snapshot ID #{}", oldObj, currentSnapshotID); } }