/** * Returns the currently granted permissions for a given table/namespace with associated * permissions based on the specified column family, column qualifier and user name. * @param conf the configuration * @param entryName Table name or the namespace * @param cf Column family * @param cq Column qualifier * @param user User name to be filtered from permission as requested * @param hasFilterUser true if filter user is provided, otherwise false. * @return List of UserPermissions * @throws IOException on failure */ static List<UserPermission> getUserPermissions(Configuration conf, byte[] entryName, byte[] cf, byte[] cq, String user, boolean hasFilterUser) throws IOException { ListMultimap<String, UserPermission> allPerms = getPermissions(conf, entryName, null, cf, cq, user, hasFilterUser); List<UserPermission> perms = new ArrayList<>(); for (Map.Entry<String, UserPermission> entry : allPerms.entries()) { perms.add(entry.getValue()); } return perms; }
public static void restoreSnapshotAcl(SnapshotDescription snapshot, TableName newTableName, Configuration conf) throws IOException { if (snapshot.hasUsersAndPermissions() && snapshot.getUsersAndPermissions() != null) { LOG.info("Restore snapshot acl to table. snapshot: " + snapshot + ", table: " + newTableName); ListMultimap<String, Permission> perms = ShadedAccessControlUtil.toUserTablePermissions(snapshot.getUsersAndPermissions()); try (Connection conn = ConnectionFactory.createConnection(conf)) { for (Entry<String, Permission> e : perms.entries()) { String user = e.getKey(); TablePermission tablePerm = (TablePermission) e.getValue(); TablePermission newPerm = new TablePermission(newTableName, tablePerm.getFamily(), tablePerm.getQualifier(), tablePerm.getActions()); AccessControlClient.grant(conn, newPerm.getTableName(), user, newPerm.getFamily(), newPerm.getQualifier(), newPerm.getActions()); } } catch (Throwable e) { throw new IOException("Grant acl into newly creatd table failed. snapshot: " + snapshot + ", table: " + newTableName, e); } } } }
ListMultimap<String, UserPermission> perms = AccessControlLists.getNamespacePermissions(conf, TEST_NAMESPACE); for (Map.Entry<String, UserPermission> entry : perms.entries()) { LOG.debug(Objects.toString(entry));
for (Map.Entry<String, TablePermission> entry : perms.entries()) { LOG.debug(Objects.toString(entry));