@Override public List<RolePrincipalGrant> listRoleMembers(String roleName) { List<MRoleMap> roleMaps = listMRoleMembers(roleName); List<RolePrincipalGrant> rolePrinGrantList = new ArrayList<>(); if (roleMaps != null) { for (MRoleMap roleMap : roleMaps) { RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant( roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()) ); rolePrinGrantList.add(rolePrinGrant); } } return rolePrinGrantList; }
@Override public List<RolePrincipalGrant> listRolesWithGrants(String principalName, PrincipalType principalType) { List<RolePrincipalGrant> result = new ArrayList<>(); List<MRoleMap> roleMaps = listMRoles(principalName, principalType); if (roleMaps != null) { for (MRoleMap roleMap : roleMaps) { RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant( roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()) ); result.add(rolePrinGrant); } } return result; }
@Override public boolean revokeRole(Role role, String userName, PrincipalType principalType, boolean grantOption) throws MetaException, NoSuchObjectException { boolean success = false; try { openTransaction(); MRoleMap roleMember = getMSecurityUserRoleMap(userName, principalType, role.getRoleName()); if (grantOption) { // Revoke with grant option - only remove the grant option but keep the role. if (roleMember.getGrantOption()) { roleMember.setGrantOption(false); } else { throw new MetaException("User " + userName + " does not have grant option with role " + role.getRoleName()); } } else { // No grant option in revoke, remove the whole role. pm.deletePersistent(roleMember); } success = commitTransaction(); } finally { if (!success) { rollbackTransaction(); } } return success; }
/** * Convert each MRoleMap object into a thrift RolePrincipalGrant object * @param roleMaps * @return */ private List<RolePrincipalGrant> getRolePrincipalGrants(List<MRoleMap> roleMaps) { List<RolePrincipalGrant> rolePrinGrantList = new ArrayList<RolePrincipalGrant>(); if (roleMaps != null) { for (MRoleMap roleMap : roleMaps) { RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant( roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()) ); rolePrinGrantList.add(rolePrinGrant); } } return rolePrinGrantList; }
@Override public List<RolePrincipalGrant> listRoleMembers(String roleName) { List<MRoleMap> roleMaps = listMRoleMembers(roleName); List<RolePrincipalGrant> rolePrinGrantList = new ArrayList<>(); if (roleMaps != null) { for (MRoleMap roleMap : roleMaps) { RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant( roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()) ); rolePrinGrantList.add(rolePrinGrant); } } return rolePrinGrantList; }
@Override public List<RolePrincipalGrant> listRolesWithGrants(String principalName, PrincipalType principalType) { List<RolePrincipalGrant> result = new ArrayList<>(); List<MRoleMap> roleMaps = listMRoles(principalName, principalType); if (roleMaps != null) { for (MRoleMap roleMap : roleMaps) { RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant( roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()) ); result.add(rolePrinGrant); } } return result; }
/** * Convert each MRoleMap object into a thrift RolePrincipalGrant object * @param roleMaps * @return */ private List<RolePrincipalGrant> getRolePrincipalGrants(List<MRoleMap> roleMaps) { List<RolePrincipalGrant> rolePrinGrantList = new ArrayList<RolePrincipalGrant>(); if (roleMaps != null) { for (MRoleMap roleMap : roleMaps) { RolePrincipalGrant rolePrinGrant = new RolePrincipalGrant( roleMap.getRole().getRoleName(), roleMap.getPrincipalName(), PrincipalType.valueOf(roleMap.getPrincipalType()), roleMap.getGrantOption(), roleMap.getAddTime(), roleMap.getGrantor(), // no grantor type for public role, hence the null check roleMap.getGrantorType() == null ? null : PrincipalType.valueOf(roleMap.getGrantorType()) ); rolePrinGrantList.add(rolePrinGrant); } } return rolePrinGrantList; }
@Override public boolean revokeRole(Role role, String userName, PrincipalType principalType, boolean grantOption) throws MetaException, NoSuchObjectException { boolean success = false; try { openTransaction(); MRoleMap roleMember = getMSecurityUserRoleMap(userName, principalType, role.getRoleName()); if (grantOption) { // Revoke with grant option - only remove the grant option but keep the role. if (roleMember.getGrantOption()) { roleMember.setGrantOption(false); } else { throw new MetaException("User " + userName + " does not have grant option with role " + role.getRoleName()); } } else { // No grant option in revoke, remove the whole role. pm.deletePersistent(roleMember); } success = commitTransaction(); } finally { if (!success) { rollbackTransaction(); } } return success; }
@Override public boolean revokeRole(Role role, String userName, PrincipalType principalType, boolean grantOption) throws MetaException, NoSuchObjectException { boolean success = false; try { openTransaction(); MRoleMap roleMember = getMSecurityUserRoleMap(userName, principalType, role.getRoleName()); if (grantOption) { // Revoke with grant option - only remove the grant option but keep the role. if (roleMember.getGrantOption()) { roleMember.setGrantOption(false); } else { throw new MetaException("User " + userName + " does not have grant option with role " + role.getRoleName()); } } else { // No grant option in revoke, remove the whole role. pm.deletePersistent(roleMember); } success = commitTransaction(); } finally { if (!success) { rollbackTransaction(); } } return success; }
@Override public boolean revokeRole(Role role, String userName, PrincipalType principalType, boolean grantOption) throws MetaException, NoSuchObjectException { boolean success = false; try { openTransaction(); MRoleMap roleMember = getMSecurityUserRoleMap(userName, principalType, role.getRoleName()); if (grantOption) { // Revoke with grant option - only remove the grant option but keep the role. if (roleMember.getGrantOption()) { roleMember.setGrantOption(false); } else { throw new MetaException("User " + userName + " does not have grant option with role " + role.getRoleName()); } } else { // No grant option in revoke, remove the whole role. pm.deletePersistent(roleMember); } success = commitTransaction(); } finally { if (!success) { rollbackTransaction(); } } return success; }