@Override public List<KeyValue> getAuthorizable() { List<KeyValue> authorizable = new ArrayList<>(); for (KeyValue part : parts) { // Authorizeable is the same as privileges but should exclude action if (!SentryConstants.PRIVILEGE_NAME.equalsIgnoreCase(part.getKey())) { KeyValue keyValue = new KeyValue(part.getKey().toLowerCase(), part.getValue().toLowerCase()); authorizable.add(keyValue); } } return authorizable; }
public static SqoopAuthorizable from(KeyValue keyValue) { String prefix = keyValue.getKey().toLowerCase(); String name = keyValue.getValue().toLowerCase(); for (AuthorizableType type : AuthorizableType.values()) { if(prefix.equalsIgnoreCase(type.name())) { return from(type, name); } } return null; }
public static SolrModelAuthorizable from(String s) { return from(new KeyValue(s)); } }
/** * Check if the action part in a privilege is ALL. Owner privilege is * treated as ALL for authorization * @param actionPart it must be the action of a privilege * @return true if the action is ALL; false otherwise */ private boolean isPrivilegeActionAll(KeyValue actionPart, BitFieldActionFactory bitFieldActionFactory) { return impliesAction(actionPart.getValue(), SentryConstants.PRIVILEGE_WILDCARD_VALUE, bitFieldActionFactory); }
public static IndexerModelAuthorizable from(KeyValue keyValue) { String prefix = keyValue.getKey().toLowerCase(); String name = keyValue.getValue().toLowerCase(); for(AuthorizableType type : AuthorizableType.values()) { if(prefix.equalsIgnoreCase(type.name())) { return from(type, name); } } return null; } public static IndexerModelAuthorizable from(String s) {
public static KafkaAuthorizable from(String keyValue) throws ConfigurationException { return from(new KeyValue(keyValue)); }
private List<? extends Authorizable> toAuthorizables(String privilegeStr) { List<Authorizable> authorizables = Lists.newArrayList(); if (privilegeStr == null) { return authorizables; } for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) { KeyValue tempKV = new KeyValue(authorizable); final String key = tempKV.getKey(); final String value = tempKV.getValue(); authorizables.add(new Authorizable() { @Override public String getTypeName() { return key; } @Override public String getName() { return value; } }); } return authorizables; }
public static KafkaAuthorizable from(KeyValue keyValue) throws ConfigurationException { String prefix = keyValue.getKey().toLowerCase(); String name = keyValue.getValue(); for (AuthorizableType type : AuthorizableType.values()) { if (prefix.equalsIgnoreCase(type.name())) { return from(type, name); } } return null; }
public static SqoopAuthorizable from(String keyValue) { return from(new KeyValue(keyValue)); }
public CommonPrivilege(String privilegeStr) { privilegeStr = Strings.nullToEmpty(privilegeStr).trim(); if (privilegeStr.isEmpty()) { throw new IllegalArgumentException("Privilege string cannot be null or empty."); } List<KeyValue> parts = Lists.newArrayList(); for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.trimResults().split( privilegeStr)) { if (authorizable.isEmpty()) { throw new IllegalArgumentException("Privilege '" + privilegeStr + "' has an empty section"); } parts.add(new KeyValue(authorizable)); } if (parts.isEmpty()) { throw new AssertionError("Should never occur: " + privilegeStr); } // check if grant option is present KeyValue lastPart = parts.get(parts.size() - 1); if (lastPart.getKey().equalsIgnoreCase(SentryConstants.GRANT_OPTION)) { grantOption = lastPart.getValue().equalsIgnoreCase("true"); parts.remove(parts.size() - 1); } this.parts = ImmutableList.copyOf(parts); }
public static DBModelAuthorizable from(KeyValue keyValue) { String prefix = keyValue.getKey().toLowerCase(); String name = keyValue.getValue(); for(AuthorizableType type : AuthorizableType.values()) { if(prefix.equalsIgnoreCase(type.name())) { if (prefix.equalsIgnoreCase(AuthorizableType.URI.toString())) { return from(type, name); } else { return from(type, name.toLowerCase()); } } } return null; } public static DBModelAuthorizable from(String s) {
public static DBModelAuthorizable from(String s) { return from(new KeyValue(s)); }
public static IndexerModelAuthorizable from(String s) { return from(new KeyValue(s)); }
public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) { TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) { KeyValue tempKV = new KeyValue(authorizable); String key = tempKV.getKey(); String value = tempKV.getValue(); if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setServerName(value); } else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setDbName(value); } else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setTableName(value); } else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setColumnName(value); } else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setURI(value); } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setAction(value); } else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) { TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE : TSentryGrantOption.FALSE; tSentryPrivilege.setGrantOption(grantOption); } } tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege)); return tSentryPrivilege; }
public static SolrModelAuthorizable from(KeyValue keyValue) { String prefix = keyValue.getKey().toLowerCase(); String name = keyValue.getValue().toLowerCase(); SolrModelAuthorizable result = null; for(AuthorizableType type : AuthorizableType.values()) { if(prefix.equalsIgnoreCase(type.name())) { switch (type) { case Collection: result = new Collection(name); break; case Admin: result = new AdminOperation(name); break; case Config: result = new Config(name); break; case Schema: result = new Schema(name); break; default: break; } } } return result; }
public TSentryPrivilege fromString(String privilegeStr) throws SentryUserException { privilegeStr = parsePrivilegeString(privilegeStr); if (validate) { validatePrivilegeHierarchy(privilegeStr); } TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); List<TAuthorizable> authorizables = new LinkedList<TAuthorizable>(); for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) { KeyValue keyValue = new KeyValue(authorizable); String key = keyValue.getKey(); String value = keyValue.getValue(); Authorizable authz = getAuthorizable(keyValue); if (authz != null) { authorizables.add(new TAuthorizable(authz.getTypeName(), authz.getName())); } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setAction(value); } else { throw new IllegalArgumentException("Unknown key: " + key); } } if (tSentryPrivilege.getAction() == null) { throw new IllegalArgumentException("Privilege is invalid: action required but not specified."); } tSentryPrivilege.setComponent(component); tSentryPrivilege.setServiceName(service); tSentryPrivilege.setAuthorizables(authorizables); return tSentryPrivilege; }
public TSentryPrivilege fromString(String privilegeStr) throws SentryUserException { privilegeStr = parsePrivilegeString(privilegeStr); if (validate) { validatePrivilegeHierarchy(privilegeStr); } TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); List<TAuthorizable> authorizables = new LinkedList<TAuthorizable>(); for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) { KeyValue keyValue = new KeyValue(authorizable); String key = keyValue.getKey(); String value = keyValue.getValue(); Authorizable authz = getAuthorizable(keyValue); if (authz != null) { authorizables.add(new TAuthorizable(authz.getTypeName(), authz.getName())); } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) { tSentryPrivilege.setAction(value); } else { throw new IllegalArgumentException("Unknown key: " + key); } } if (tSentryPrivilege.getAction() == null) { throw new IllegalArgumentException("Privilege is invalid: action required but not specified."); } tSentryPrivilege.setComponent(component); tSentryPrivilege.setServiceName(service); tSentryPrivilege.setAuthorizables(authorizables); return tSentryPrivilege; }