private boolean isPrivilegeStale(MSentryGMPrivilege privilege) { if (privilege.getRoles().isEmpty()) { return true; } return false; }
private TSentryPrivilegeMap toTSentryPrivilegeMap(Set<MSentryGMPrivilege> mPrivileges) { // Mapping of <Role, Set<Privilege>>. Map<String, Set<TSentryPrivilege>> tPrivilegeMap = Maps.newTreeMap(); for (MSentryGMPrivilege mPrivilege : mPrivileges) { for (MSentryRole role : mPrivilege.getRoles()) { TSentryPrivilege tPrivilege = toTSentryPrivilege(mPrivilege); if (tPrivilegeMap.containsKey(role.getRoleName())) { tPrivilegeMap.get(role.getRoleName()).add(tPrivilege); } else { Set<TSentryPrivilege> tPrivilegeSet = Sets.newTreeSet(); tPrivilegeSet.add(tPrivilege); tPrivilegeMap.put(role.getRoleName(), tPrivilegeSet); } } } return new TSentryPrivilegeMap(tPrivilegeMap); }
private TSentryPrivilegeMap toTSentryPrivilegeMap(Set<MSentryGMPrivilege> mPrivileges) { // Mapping of <Role, Set<Privilege>>. Map<String, Set<TSentryPrivilege>> tPrivilegeMap = Maps.newTreeMap(); for (MSentryGMPrivilege mPrivilege : mPrivileges) { for (MSentryRole role : mPrivilege.getRoles()) { TSentryPrivilege tPrivilege = toTSentryPrivilege(mPrivilege); if (tPrivilegeMap.containsKey(role.getRoleName())) { tPrivilegeMap.get(role.getRoleName()).add(tPrivilege); } else { Set<TSentryPrivilege> tPrivilegeSet = Sets.newTreeSet(); tPrivilegeSet.add(tPrivilege); tPrivilegeMap.put(role.getRoleName(), tPrivilegeSet); } } } return new TSentryPrivilegeMap(tPrivilegeMap); }
/** * Drop any role related to the requested privilege and its children privileges */ public void dropPrivilege(PrivilegeObject privilege,PersistenceManager pm) { MSentryGMPrivilege requestPrivilege = convertToPrivilege(privilege); if (Strings.isNullOrEmpty(privilege.getAction())) { requestPrivilege.setAction(getAction(privilege.getComponent(), Action.ALL).getValue()); } /** * Get the privilege graph * populateIncludePrivileges will get the privileges that need dropped, */ Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet(); privilegeGraph.addAll(populateIncludePrivileges(null, requestPrivilege, pm)); for (MSentryGMPrivilege mPrivilege : privilegeGraph) { /** * force to load all roles related this privilege * avoid the lazy-loading */ pm.retrieve(mPrivilege); Set<MSentryRole> roles = mPrivilege.getRoles(); for (MSentryRole role : roles) { revokeRolePartial(requestPrivilege, mPrivilege, role, pm); } } }
Set<MSentryRole> roles = dropPrivilege.getRoles(); for (MSentryRole role : roles) { revokeRolePartial(oldPrivilege, dropPrivilege, role, pm);
/** * Drop any role related to the requested privilege and its children privileges */ public void dropPrivilege(PrivilegeObject privilege,PersistenceManager pm) throws SentryUserException { MSentryGMPrivilege requestPrivilege = convertToPrivilege(privilege); if (Strings.isNullOrEmpty(privilege.getAction())) { requestPrivilege.setAction(getAction(privilege.getComponent(), Action.ALL).getValue()); } /* * Get the privilege graph * populateIncludePrivileges will get the privileges that need dropped, */ Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet(); privilegeGraph.addAll(populateIncludePrivileges(null, requestPrivilege, pm)); for (MSentryGMPrivilege mPrivilege : privilegeGraph) { /* * force to load all roles related this privilege * avoid the lazy-loading */ pm.retrieve(mPrivilege); Set<MSentryRole> roles = mPrivilege.getRoles(); for (MSentryRole role : roles) { revokeRolePartial(requestPrivilege, mPrivilege, role, pm); } } }
Set<MSentryRole> roles = dropPrivilege.getRoles(); for (MSentryRole role : roles) { revokeRolePartial(oldPrivilege, dropPrivilege, role, pm);