/** * Removes all the privileges associated with * a particular role. After this dis-association if the * privilege doesn't have any roles associated it will be * removed from the underlying persistence layer. * @param pm Instance of PersistenceManager * @param sentryRole Role for which all the privileges are to be removed. */ private void removePrivileges(PersistenceManager pm, MSentryRole sentryRole) { List<MSentryPrivilege> privilegesCopy = new ArrayList<>(sentryRole.getPrivileges()); List<MSentryGMPrivilege> gmPrivilegesCopy = new ArrayList<>(sentryRole.getGmPrivileges()); sentryRole.removePrivileges(); // with SENTRY-398 generic model sentryRole.removeGMPrivileges(); removeStaledPrivileges(pm, privilegesCopy); removeStaledGMPrivileges(pm, gmPrivilegesCopy); }
grantPrivilege.setAction(ac.getValue()); MSentryGMPrivilege existPriv = getPrivilege(grantPrivilege, pm); if (existPriv != null && role.getGmPrivileges().contains(existPriv)) { if (allPrivilege != null && role.getGmPrivileges().contains(allPrivilege)) { return;
grantPrivilege.setAction(ac.getValue()); MSentryGMPrivilege existPriv = getPrivilege(grantPrivilege, pm); if (existPriv != null && role.getGmPrivileges().contains(existPriv)) { if (allPrivilege != null && role.getGmPrivileges().contains(allPrivilege)) { return;
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm); solrPrivilege = (MSentryGMPrivilege)role.getGmPrivileges().toArray()[0]; solrPrivilege.removeRole(role); pm.makePersistent(solrPrivilege); pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm); pm.retrieve(role); assertEquals(0, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm); solrPrivilege = (MSentryGMPrivilege)role.getGmPrivileges().toArray()[0]; solrPrivilege.removeRole(role); pm.makePersistent(solrPrivilege); pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm); pm.retrieve(role); assertEquals(0, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm); pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm); pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm); role = getMSentryRole(pm, roleName); pm.retrieve(role); if (!role.getGmPrivileges().contains(solrPrivilege2)) { fail("unexpect happend: the MSentryGMPrivilege:" + solrPrivilege2 + " already be granted");
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm); role = getMSentryRole(pm, roleName); pm.retrieve(role); if (!role.getGmPrivileges().contains(solrPrivilege2)) { fail("unexpect happend: the MSentryGMPrivilege:" + solrPrivilege2 + " already be granted");
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm); pm.retrieve(role); assertEquals(0, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role1); assertEquals(1, role1.getPrivileges().size()); assertEquals(1, role1.getGmPrivileges().size()); role2 = getMSentryRole(pm, roleName2); pm.retrieve(role2); assertEquals(1, role2.getPrivileges().size()); assertEquals(1, role2.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm); pm.retrieve(role); assertEquals(0, role.getPrivileges().size()); assertEquals(0, role.getGmPrivileges().size()); commitTransaction(pm);
pm.retrieve(role); assertEquals(1, role.getPrivileges().size()); assertEquals(1, role.getGmPrivileges().size()); commitTransaction(pm);