@Override public String getName() { return authorizable.getName(); } });
@Override public String getTypeName() { return authorizable.getTypeName(); } @Override
@Override public void validatePolicy(boolean strictValidation) throws SentryConfigurationException { throw new SentryConfigurationException("Not implemented yet"); }
private List<String> buildPermissions(List<? extends Authorizable> authorizables, Set<? extends Action> actions) { List<String> hierarchy = new ArrayList<String>(); List<String> requestedPermissions = new ArrayList<String>(); for (Authorizable authorizable : authorizables) { hierarchy.add(KV_JOINER.join(authorizable.getTypeName(), authorizable.getName())); } for (Action action : actions) { String requestPermission = AUTHORIZABLE_JOINER.join(hierarchy); requestPermission = AUTHORIZABLE_JOINER.join(requestPermission, KV_JOINER.join(PRIVILEGE_NAME, action.getValue())); requestedPermissions.add(requestPermission); } return requestedPermissions; }
@Override public Void run(SentryGenericServiceClient client) throws Exception { client.createRole(subject.getName(), role, COMPONENT_TYPE); return null; } });
private BitFieldAction getAction(String component, String name) throws SentryUserException { BitFieldActionFactory actionFactory = getActionFactory(component); BitFieldAction action = actionFactory.getActionByName(name); if (action == null) { throw new SentryUserException("Can not get BitFieldAction for name: " + name); } return action; }
private boolean impliesAction(String policyValue, String requestValue, BitFieldActionFactory bitFieldActionFactory) { BitFieldAction currentAction; BitFieldAction requestAction; try { currentAction = bitFieldActionFactory.getActionByName(policyValue); requestAction = bitFieldActionFactory.getActionByName(requestValue); } catch (SentryUserException e) { return false; } // the action in privilege is not supported if (currentAction == null || requestAction == null) { return false; } return currentAction.implies(requestAction); }
private Subject getCurrentSubject(HiveSemanticAnalyzerHookContext context) { // Extract the username from the hook context return new Subject(context.getUserName()); }
private BitFieldAction getAction(String component, String name) { BitFieldActionFactory actionFactory = getActionFactory(component); BitFieldAction action = actionFactory.getActionByName(name); if (action == null) { throw new RuntimeException("can't get BitFieldAction for name:" + name); } return action; }
private void printConfigErrors(SentryConfigurationException configException) throws SentryConfigurationException { System.out.println(" *** Found configuration problems *** "); for (String errMsg : configException.getConfigErrors()) { System.out.println("ERROR: " + errMsg); } for (String warnMsg : configException.getConfigWarnings()) { System.out.println("Warning: " + warnMsg); } throw configException; }
public BitFieldAction getActionByName(String name) { for (ActionType action : ActionType.values()) { if (action.name.equalsIgnoreCase(name)) { return new BitFieldAction(action.getName(), action.getCode()); } } return null; }
@Override public Void run(SentryGenericServiceClient client) throws Exception { client.revokePrivilege(subject.getName(), role, COMPONENT_TYPE, toTSentryPrivilege(privilege)); return null; } });
@Override public String getTypeName() { return authorizable.getTypeName(); } @Override
@Override public String getName() { return authorizable.getName().toLowerCase(); } });
@Override public Void run(SentryGenericServiceClient client) throws Exception { client.dropRole(subject.getName(), role, COMPONENT_TYPE); return null; } });
@Override public Void run(SentryGenericServiceClient client) throws Exception { client.grantPrivilege(subject.getName(), role, COMPONENT_TYPE, toTSentryPrivilege(privilege)); return null; } });
@Override public Set<TSentryRole> run(SentryGenericServiceClient client) throws Exception { return client.listAllRoles(subject.getName(), COMPONENT_TYPE); } });
@Override public Set<TSentryRole> run(SentryGenericServiceClient client) throws Exception { return client.listRolesByGroupName(subject.getName(), groupName, COMPONENT_TYPE); } });
private Set<String> getGroups(Subject subject) { return groupService.getGroups(subject.getName()); }
@Override public Void run(SentryGenericServiceClient client) throws Exception { client.renamePrivilege(subject.getName(), COMPONENT_TYPE, sqoopServer.getName(), toAuthorizable(srcResource), toAuthorizable(dstResource)); return null; } });