@Override public Repo<Master> call(long tid, Master env) throws Exception { // give all table permissions to the creator SecurityOperation security = AuditedSecurityOperation.getInstance(env.getContext()); for (TablePermission permission : TablePermission.values()) { try { security.grantTablePermission(env.getContext().rpcCreds(), tableInfo.user, tableInfo.tableId, permission, tableInfo.namespaceId); } catch (ThriftSecurityException e) { LoggerFactory.getLogger(ImportSetupPermissions.class).error("{}", e.getMessage(), e); throw e; } } // setup permissions in zookeeper before table info in zookeeper // this way concurrent users will not get a spurious permission denied // error return new ImportPopulateZookeeper(tableInfo); }
@Override public Repo<Master> call(long tid, Master env) throws Exception { // give all namespace permissions to the creator SecurityOperation security = AuditedSecurityOperation.getInstance(env.getContext()); for (NamespacePermission permission : NamespacePermission.values()) { try { security.grantNamespacePermission(env.getContext().rpcCreds(), namespaceInfo.user, namespaceInfo.namespaceId, permission); } catch (ThriftSecurityException e) { LoggerFactory.getLogger(SetupNamespacePermissions.class).error("{}", e.getMessage(), e); throw e; } } // setup permissions in zookeeper before table info in zookeeper // this way concurrent users will not get a spurious permission denied // error return new PopulateZookeeperWithNamespace(namespaceInfo); } }
@Override public Repo<Master> call(long id, Master master) { // remove from zookeeper try { master.getTableManager().removeNamespace(namespaceId); } catch (Exception e) { log.error("Failed to find namespace in zookeeper", e); } Tables.clearCache(master.getContext()); // remove any permissions associated with this namespace try { AuditedSecurityOperation.getInstance(master.getContext()) .deleteNamespace(master.getContext().rpcCreds(), namespaceId); } catch (ThriftSecurityException e) { log.error("{}", e.getMessage(), e); } Utils.unreserveNamespace(master, namespaceId, id, true); log.debug("Deleted namespace " + namespaceId); return null; }
@Override public Repo<Master> call(long tid, Master environment) throws Exception { // give all table permissions to the creator for (TablePermission permission : TablePermission.values()) { try { AuditedSecurityOperation.getInstance(environment.getContext()).grantTablePermission( environment.getContext().rpcCreds(), cloneInfo.user, cloneInfo.tableId, permission, cloneInfo.namespaceId); } catch (ThriftSecurityException e) { LoggerFactory.getLogger(ClonePermissions.class).error("{}", e.getMessage(), e); throw e; } } // setup permissions in zookeeper before table info in zookeeper // this way concurrent users will not get a spurious permission denied // error try { return new CloneZookeeper(cloneInfo, environment.getContext()); } catch (NamespaceNotFoundException e) { throw new AcceptableThriftTableOperationException(null, cloneInfo.tableName, TableOperation.CLONE, TableOperationExceptionType.NAMESPACE_NOTFOUND, "Namespace for target table not found"); } }
@Override public Repo<Master> call(long tid, Master env) throws Exception { // give all table permissions to the creator SecurityOperation security = AuditedSecurityOperation.getInstance(env.getContext()); if (!tableInfo.getUser().equals(env.getContext().getCredentials().getPrincipal())) { for (TablePermission permission : TablePermission.values()) { try { security.grantTablePermission(env.getContext().rpcCreds(), tableInfo.getUser(), tableInfo.getTableId(), permission, tableInfo.getNamespaceId()); } catch (ThriftSecurityException e) { LoggerFactory.getLogger(SetupPermissions.class).error("{}", e.getMessage(), e); throw e; } } } // setup permissions in zookeeper before table info in zookeeper // this way concurrent users will not get a spurious permission denied // error return new PopulateZookeeper(tableInfo); }
throw new IOException(e); } catch (ThriftSecurityException e) { log.debug("Server : {} msg : {}", server, e.getMessage(), e); throw new AccumuloSecurityException(e.user, e.code, e); } catch (TApplicationException e) {
log.debug("Tablet ({}) has too many files {} : {}", extent, server, e.getMessage()); } catch (ThriftSecurityException e) { log.warn("Security Violation in scan request to {}: {}", server, e.getMessage()); throw new AccumuloSecurityException(e.user, e.code, e); } catch (TException e) {
.deleteTable(master.getContext().rpcCreds(), tableId, namespaceId); } catch (ThriftSecurityException e) { log.error("{}", e.getMessage(), e);
switch (e.getCode()) { case TABLE_DOESNT_EXIST: throw new TableNotFoundException(tableId.canonicalID(), null, e.getMessage(), e); default: log.debug("flush security exception on table id {}", tableId);