@VisibleForTesting protected static boolean impliesURI(String privilege, String request) { return PathUtils.impliesURI(privilege, request); }
private boolean impliesResource(ImplyMethodType implyMethodType, String policyValue, String requestValue) { // wildcard support, "*", "+", "all"("+" and "all" are for backward compatibility) are represented as wildcard // if requestValue is wildcard, means privilege request is to match with any value of given resource if (SentryConstants.RESOURCE_WILDCARD_VALUE.equals(policyValue) || SentryConstants.RESOURCE_WILDCARD_VALUE.equals(requestValue) || SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(policyValue) || SentryConstants.RESOURCE_WILDCARD_VALUE_ALL.equalsIgnoreCase(requestValue) || SentryConstants.RESOURCE_WILDCARD_VALUE_SOME.equals(requestValue)) { return true; } // compare as the url if (ImplyMethodType.URL == implyMethodType) { return PathUtils.impliesURI(policyValue, requestValue); } else if (ImplyMethodType.STRING_CASE_SENSITIVE == implyMethodType) { // compare as the string case sensitive return policyValue.equals(requestValue); } // default: compare as the string case insensitive return policyValue.equalsIgnoreCase(requestValue); }
public static boolean impliesURI(String privilege, String request) { try { URI privilegeURI = new URI(new StrSubstitutor(System.getProperties()).replace(privilege)); URI requestURI = new URI(request); if (privilegeURI.getScheme() == null || privilegeURI.getPath() == null) { LOGGER.warn("Privilege URI " + request + " is not valid. Either no scheme or no path."); return false; } if (requestURI.getScheme() == null || requestURI.getPath() == null) { LOGGER.warn("Request URI " + request + " is not valid. Either no scheme or no path."); return false; } return PathUtils.impliesURI(privilegeURI, requestURI); } catch (URISyntaxException e) { LOGGER.warn("Request URI " + request + " is not a URI", e); return false; } }
writeEntity.getLocation().getPath())); LOG.debug("scratchURI = " + scratchURI + ", requestURI = " + requestURI); if (PathUtils.impliesURI(scratchURI, requestURI)) { return true; URI localRequestURI = new URI(PathUtils.parseLocalURI(writeEntity.getLocation().getPath())); LOG.debug("localScratchURI = " + localScratchURI + ", localRequestURI = " + localRequestURI); if (PathUtils.impliesURI(localScratchURI, localRequestURI)) { return true;
if (!PathUtils.impliesURI(URI, other.URI)) { return false;
if (!PathUtils.impliesURI(URI, other.URI)) { return false;
if (!PathUtils.impliesURI(privilege.getURI(), other.getURI())) { return false;