/** * Connect to the specified server configured * * @throws IOException */ @Override public void connect() throws Exception { if ((transport != null) && transport.isOpen()) { return; } // Obtain connection to Sentry server transport = transportPool.getTransport(); TMultiplexedProtocol protocol = new TMultiplexedProtocol( new TBinaryProtocol(transport.getTTransport(), maxMessageSize, maxMessageSize, true, true), SentryPolicyServiceConstants.SENTRY_GENERIC_SERVICE_NAME); client = new Client(protocol); }
TListSentryPrivilegesByAuthResponse response = client.list_sentry_privileges_by_authorizable(request); Status.throwIfNotOk(response.getStatus()); return response.getPrivilegesMapByAuth();
response = client.list_sentry_privileges_by_role(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) {
/** * Grant a sentry role to groups. * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param groups: The name of groups * @throws SentryUserException */ @Override public void grantRoleToGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException { TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setGroups(groups); request.setComponent(component); try { TAlterSentryRoleAddGroupsResponse response = client.alter_sentry_role_add_groups(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
/** * revoke privilege * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param privilege * @throws SentryUserException */ @Override public void revokePrivilege(String requestorUserName, String roleName, String component, TSentryPrivilege privilege) throws SentryUserException { TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setComponent(component); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setPrivilege(privilege); try { TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
/** * grant privilege * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param privilege * @throws SentryUserException */ @Override public void grantPrivilege(String requestorUserName, String roleName, String component, TSentryPrivilege privilege) throws SentryUserException { TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setComponent(component); request.setRoleName(roleName); request.setRequestorUserName(requestorUserName); request.setPrivilege(privilege); try { TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
/** * revoke a sentry role from groups. * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param groups: The name of groups * @throws SentryUserException */ @Override public void revokeRoleFromGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException { TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setGroups(groups); request.setComponent(component); try { TAlterSentryRoleDeleteGroupsResponse response = client.alter_sentry_role_delete_groups(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
/** * drop privilege * * @param requestorUserName: user on whose behalf the request is issued * @param component: The request is issued to which component * @param privilege * @throws SentryUserException */ @Override public void dropPrivilege(String requestorUserName, String component, TSentryPrivilege privilege) throws SentryUserException { TDropPrivilegesRequest request = new TDropPrivilegesRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setComponent(component); request.setRequestorUserName(requestorUserName); request.setPrivilege(privilege); try { TDropPrivilegesResponse response = client.drop_sentry_privilege(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
/** * Create a sentry role * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @throws SentryUserException */ @Override public void createRole(String requestorUserName, String roleName, String component) throws SentryUserException { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setComponent(component); try { TCreateSentryRoleResponse response = client.create_sentry_role(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
private void dropRole(String requestorUserName, String roleName, String component, boolean ifExists) throws SentryUserException { TDropSentryRoleRequest request = new TDropSentryRoleRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setComponent(component); try { TDropSentryRoleResponse response = client.drop_sentry_role(request); Status status = Status.fromCode(response.getStatus().getValue()); if (ifExists && status == Status.NO_SUCH_OBJECT) { return; } Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
@Override public void createRoleIfNotExist(String requestorUserName, String roleName, String component) throws SentryUserException { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setComponent(component); try { TCreateSentryRoleResponse response = client.create_sentry_role(request); Status status = Status.fromCode(response.getStatus().getValue()); if (status == Status.ALREADY_EXISTS) { return; } Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
public Client getClient(org.apache.thrift.protocol.TProtocol iprot, org.apache.thrift.protocol.TProtocol oprot) { return new Client(iprot, oprot); } }
public Client getClient(org.apache.thrift.protocol.TProtocol prot) { return new Client(prot); } public Client getClient(org.apache.thrift.protocol.TProtocol iprot, org.apache.thrift.protocol.TProtocol oprot) {
public TListSentryPrivilegesForProviderResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_list_sentry_privileges_for_provider(); } }
public TAlterSentryRoleAddGroupsResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_alter_sentry_role_add_groups(); } }
public TDropSentryRoleResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_drop_sentry_role(); } }
public TListSentryPrivilegesByAuthResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_list_sentry_privileges_by_authorizable(); } }
public TListSentryRolesResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_list_sentry_roles_by_group(); } }
public TRenamePrivilegesResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_rename_sentry_privilege(); } }
public TAlterSentryRoleGrantPrivilegeResponse getResult() throws org.apache.thrift.TException { if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { throw new IllegalStateException("Method call not finished!"); } org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); return (new Client(prot)).recv_alter_sentry_role_grant_privilege(); } }