public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) { TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) { KeyValue tempKV = new KeyValue(authorizable); String key = tempKV.getKey(); String value = tempKV.getValue(); if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setServerName(value); } else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setDbName(value); } else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setTableName(value); } else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setColumnName(value); } else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setURI(value); } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setAction(value); } else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) { TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE : TSentryGrantOption.FALSE; tSentryPrivilege.setGrantOption(grantOption); } } tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege)); return tSentryPrivilege; }
public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) throws Exception { TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) { KeyValue tempKV = new KeyValue(authorizable); String key = tempKV.getKey(); String value = tempKV.getValue(); if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setServerName(value); } else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setDbName(value); } else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setTableName(value); } else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setColumnName(value); } else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setURI(value); } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setAction(value); } else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) { TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE : TSentryGrantOption.FALSE; tSentryPrivilege.setGrantOption(grantOption); } } tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege)); validatePrivilegeHierarchy(tSentryPrivilege); return tSentryPrivilege; }
private Set<TSentryPrivilege> convertColumnPrivilege( PrivilegeScope scope, String serverName, String uri, String db, String table, String column, String action, Boolean grantOption) { ImmutableSet.Builder<TSentryPrivilege> setBuilder = ImmutableSet.builder(); TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setPrivilegeScope(scope.toString()); privilege.setServerName(serverName); privilege.setURI(uri); privilege.setDbName(db); privilege.setTableName(table); privilege.setColumnName(column); privilege.setAction(action); privilege.setCreateTime(System.currentTimeMillis()); privilege.setGrantOption(convertTSentryGrantOption(grantOption)); setBuilder.add(privilege); return setBuilder.build(); }
privilege.setPrivilegeScope(scope.toString()); privilege.setServerName(serverName); privilege.setURI(uri); privilege.setDbName(db); privilege.setTableName(table); privilege.setPrivilegeScope(scope.toString()); privilege.setServerName(serverName); privilege.setURI(uri); privilege.setDbName(db); privilege.setTableName(table);
@Test public void testURI() throws Exception { String roleName = "test-dup-role"; String grantor = "g1"; String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat"; sentryStore.createSentryRole(roleName); TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL"); tSentryPrivilege.setURI(uri); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege); TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setUri(uri); tSentryAuthorizable.setServer("server1"); Set<TSentryPrivilege> privileges = sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable); assertTrue(privileges.size() == 1); Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>(); tSentryGroups.add(new TSentryGroup("group1")); sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups); TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName))); Set<String> privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable); assertTrue(privs.size()==1); assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all")); }
private TSentryPrivilege getPrivilege(String action, String privilegeScope, String dbName, String tableName, String serverName, String URI) { TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setAction(action); privilege.setPrivilegeScope(privilegeScope); privilege.setDbName(dbName); privilege.setTableName(tableName); privilege.setServerName(serverName); privilege.setURI(URI); return privilege; }
private TSentryPrivilege getPrivilege(String action, String privilegeScope, String dbName, String tableName, String serverName, String URI) { TSentryPrivilege privilege = new TSentryPrivilege(); privilege.setAction(action); privilege.setPrivilegeScope(privilegeScope); privilege.setDbName(dbName); privilege.setTableName(tableName); privilege.setServerName(serverName); privilege.setURI(URI); return privilege; }
private void convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege, TSentryPrivilege privilege) { privilege.setCreateTime(mSentryPrivilege.getCreateTime()); privilege.setAction(fromNULLCol(mSentryPrivilege.getAction())); privilege.setPrivilegeScope(mSentryPrivilege.getPrivilegeScope()); privilege.setServerName(fromNULLCol(mSentryPrivilege.getServerName())); privilege.setDbName(fromNULLCol(mSentryPrivilege.getDbName())); privilege.setTableName(fromNULLCol(mSentryPrivilege.getTableName())); privilege.setColumnName(fromNULLCol(mSentryPrivilege.getColumnName())); privilege.setURI(fromNULLCol(mSentryPrivilege.getURI())); if (mSentryPrivilege.getGrantOption() != null) { privilege.setGrantOption(TSentryGrantOption.valueOf(mSentryPrivilege.getGrantOption().toString().toUpperCase())); } else { privilege.setGrantOption(TSentryGrantOption.UNSET); } }
private TSentryPrivilege createTSentryPrivilege(String scope, String server, String dbName, String tableName, String columnName, String uri, String action, TSentryGrantOption grantOption) { TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); tSentryPrivilege.setPrivilegeScope(scope); tSentryPrivilege.setServerName(server); tSentryPrivilege.setDbName(dbName); tSentryPrivilege.setTableName(tableName); tSentryPrivilege.setColumnName(columnName); tSentryPrivilege.setURI(uri); tSentryPrivilege.setAction(action); tSentryPrivilege.setGrantOption(grantOption); return tSentryPrivilege; }
unsetURI(); } else { setURI((String)value);
private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable) throws SentryInvalidInputException { TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); tSentryPrivilege.setDbName(fromNULLCol(tAuthorizable.getDb())); tSentryPrivilege.setServerName(fromNULLCol(tAuthorizable.getServer())); tSentryPrivilege.setTableName(fromNULLCol(tAuthorizable.getTable())); tSentryPrivilege.setColumnName(fromNULLCol(tAuthorizable.getColumn())); tSentryPrivilege.setURI(fromNULLCol(tAuthorizable.getUri())); PrivilegeScope scope; if (!isNULL(tSentryPrivilege.getColumnName())) { scope = PrivilegeScope.COLUMN; } else if (!isNULL(tSentryPrivilege.getTableName())) { scope = PrivilegeScope.TABLE; } else if (!isNULL(tSentryPrivilege.getDbName())) { scope = PrivilegeScope.DATABASE; } else if (!isNULL(tSentryPrivilege.getURI())) { scope = PrivilegeScope.URI; } else { scope = PrivilegeScope.SERVER; } tSentryPrivilege.setPrivilegeScope(scope.name()); tSentryPrivilege.setAction(AccessConstants.ALL); return tSentryPrivilege; }