Tabnine Logo
SentryStoreLayer
Code IndexAdd Tabnine to your IDE (free)

How to use
SentryStoreLayer
in
org.apache.sentry.provider.db.generic.service.persistent

Best Java code snippets using org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer (Showing top 20 results out of 315)

origin: apache/incubator-sentry

@Test
public void testAdminOperation() throws Exception {
 Mockito.when(mockStore.createRole(anyString(), anyString(), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID));
 Mockito.when(mockStore.dropRole(anyString(), anyString(), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 1));
 Mockito.when(mockStore.alterRoleAddGroups(anyString(), anyString(), anySetOf(String.class),anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 2));
 Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), anyString(),anySetOf(String.class), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 3));
 Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 4));
 Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
   anyListOf(Authorizable.class), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 5));
 testOperation(ADMIN_USER, Status.OK);
}
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  store.alterRoleGrantPrivilege(request.getComponent(),
      request.getRoleName(),
      toPrivilegeObject(request.getPrivilege()),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  store.alterRoleRevokePrivilege(request.getComponent(),
      request.getRoleName(),
      toPrivilegeObject(request.getPrivilege()),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Set<TSentryPrivilege>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!inAdminGroups(groups)) {
   Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
   if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
  }
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  Sets.newHashSet(request.getRoleName()),
                                  null, toAuthorizables(request.getAuthorizables()));
  Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
  for (PrivilegeObject privilege : privileges) {
   tSentryPrivileges.add(fromPrivilegeObject(privilege));
  }
  return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
 }
});
origin: apache/sentry

@Test
public void testOperationWithException() throws Exception {
 String roleName = anyString();
 Mockito.when(mockStore.createRole(anyString(), roleName, anyString()))
  .thenThrow(new SentryAlreadyExistsException("Role: " + roleName));
 Mockito.when(mockStore.dropRole(anyString(), roleName, anyString()))
  .thenThrow(new SentryNoSuchObjectException("Role: " + roleName ));
 Mockito.when(mockStore.alterRoleAddGroups(anyString(), roleName, anySetOf(String.class),anyString()))
  .thenThrow(new SentryNoSuchObjectException("Role: " + roleName));
 Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), roleName, anySetOf(String.class), anyString()))
  .thenThrow(new SentryNoSuchObjectException("Role: " + roleName));
 Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryInvalidInputException("Invalid input privilege object"));
 Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
   anyListOf(Authorizable.class), anyString()))
 .thenThrow(new RuntimeException("Unknown error"));
origin: apache/incubator-sentry

mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(roleName));
Mockito.when(mockStore.getPrivilegesByProvider(anyString(), anyString(), anySetOf(String.class),
  anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(queryPrivilege, updatePrivilege));
Mockito.when(mockStore.getGroupsByRoles(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(groupName));
Mockito.when(mockStore.getPrivilegesByAuthorizable(anyString(), anyString(), anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(mSentryGMPrivilege));
Mockito.when(mockStore.getAllRoleNames())
.thenReturn(Sets.newHashSet(roleName));
origin: apache/sentry

Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
Set<String> requestedRoles = toTrimmedLower(store.getAllRoleNames());
if (requestedGroups != null && !requestedGroups.isEmpty())  {
 requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 Set<MSentryGMPrivilege> sentryPrivileges = store.getPrivilegesByAuthorizable(request.getComponent(), request.getServiceName(), validActiveRoles, authorizables);
 authRoleMap.put(fromAuthorizableToStr(authorizables), toTSentryPrivilegeMap(sentryPrivileges));
origin: apache/sentry

 .build();
sentryStore.createRole(component, roleName, grantor);
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilege, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithNoOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
origin: apache/incubator-sentry

@Test
public void testGrantAndRevokePrivilege() throws Exception {
 Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), anyString(), any(PrivilegeObject.class), anyString()))
 .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 6));
 Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), anyString(),any(PrivilegeObject.class), anyString()))
 .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 7));
 setup();
 TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test");
 tprivilege.setGrantOption(TSentryGrantOption.UNSET);
 TAlterSentryRoleGrantPrivilegeRequest grantRequest = new TAlterSentryRoleGrantPrivilegeRequest();
 grantRequest.setRequestorUserName(ADMIN_USER);
 grantRequest.setRoleName("r1");
 grantRequest.setPrivilege(tprivilege);
 assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus()));
 TAlterSentryRoleRevokePrivilegeRequest revokeRequest = new TAlterSentryRoleRevokePrivilegeRequest();
 revokeRequest.setRequestorUserName(ADMIN_USER);
 revokeRequest.setRoleName("r1");
 revokeRequest.setPrivilege(tprivilege);
 assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_revoke_privilege(revokeRequest).getStatus()));
}
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.createRole(request.getComponent(), request.getRoleName(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.alterRoleAddGroups(request.getComponent(),
      request.getRoleName(),
      request.getGroups(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.dropRole(request.getComponent(), request.getRoleName(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.dropPrivilege(request.getComponent(),
    toPrivilegeObject(request.getPrivilege()),
    request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.alterRoleDeleteGroups(request.getComponent(),
      request.getRoleName(),
      request.getGroups(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/incubator-sentry

@Test
public void testOperationWithException() throws Exception {
 String roleName = anyString();
 Mockito.when(mockStore.createRole(anyString(), roleName, anyString()))
 .thenThrow(new SentryAlreadyExistsException("Role: " + roleName + " already exists"));
 Mockito.when(mockStore.dropRole(anyString(), roleName, anyString()))
 .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
 Mockito.when(mockStore.alterRoleAddGroups(anyString(), roleName, anySetOf(String.class),anyString()))
 .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
 Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), roleName, anySetOf(String.class), anyString()))
 .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
 Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryInvalidInputException("Invalid input privilege object"));
 Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
   anyListOf(Authorizable.class), anyString()))
 .thenThrow(new RuntimeException("Unknown error"));
origin: apache/sentry

mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(roleName));
Mockito.when(mockStore.getPrivilegesByProvider(anyString(), anyString(), anySetOf(String.class),
  anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(queryPrivilege, updatePrivilege));
Mockito.when(mockStore.getGroupsByRoles(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(groupName));
TSentryRole tSentryRole = new TSentryRole(roleName, Sets.newHashSet(groupName));
mockTRoles.add(tSentryRole);
Mockito.when(mockStore.getTSentryRolesByGroupName(anyString(), anySetOf(String.class)))
  .thenReturn(mockTRoles);
Mockito.when(mockStore.getPrivilegesByAuthorizable(anyString(), anyString(), anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(mSentryGMPrivilege));
Mockito.when(mockStore.getAllRoleNames())
.thenReturn(Sets.newHashSet(roleName));
origin: apache/incubator-sentry

 Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 Set<String> activeRoleNames = toTrimmedLower(activeRoleSet.getRoles());
Set<String> allRoles = toTrimmedLower(store.getAllRoleNames());
Set<String> activeRoleNames = toTrimmedLower(activeRoleSet.getRoles());
 validActiveRoles.addAll(activeRoleSet.isAll() ? allRoles : Sets.intersection(activeRoleNames, allRoles));
} else {
 Set<String> requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 validActiveRoles.addAll(activeRoleSet.isAll() ? allRoles : Sets.intersection(activeRoleNames, requestedRoles));
 Set<MSentryGMPrivilege> sentryPrivileges = store.getPrivilegesByAuthorizable(request.getComponent(), request.getServiceName(), validActiveRoles, authorizables);
 authRoleMap.put(fromAuthorizableToStr(authorizables), toTSentryPrivilegeMap(sentryPrivileges));
origin: apache/incubator-sentry

 @Override
 public Response<Set<TSentryPrivilege>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!inAdminGroups(groups)) {
   Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
   if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
  }
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  Sets.newHashSet(request.getRoleName()),
                                  null, toAuthorizables(request.getAuthorizables()));
  Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
  for (PrivilegeObject privilege : privileges) {
   tSentryPrivileges.add(fromPrivilegeObject(privilege));
  }
  return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
 }
});
origin: apache/incubator-sentry

 .build();
sentryStore.createRole(component, roleName, grantor);
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilege, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithNoOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
origin: apache/incubator-sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  CommitContext context = store.createRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName());
  return new Response<Void>(Status.OK(), context);
 }
});
org.apache.sentry.provider.db.generic.service.persistentSentryStoreLayer

Javadoc

Sentry store for persistent the authorize object to database

Most used methods

  • alterRoleAddGroups
    Add a role to groups.
  • alterRoleDeleteGroups
    Delete a role from groups.
  • alterRoleGrantPrivilege
    Grant a privilege to role.
  • alterRoleRevokePrivilege
    Revoke a privilege from role.
  • createRole
    Create a role
  • dropPrivilege
    Drop privilege
  • dropRole
    Drop a role
  • getAllRoleNames
    Get all roles name.
  • getPrivilegesByAuthorizable
    Get sentry privileges based on valid active roles and the authorize objects.
  • getPrivilegesByProvider
    get sentry privileges from provider as followings:
  • getRolesByGroups
    Get roles
  • renamePrivilege
    Rename privilege
  • getRolesByGroups,
  • renamePrivilege,
  • getGroupsByRoles,
  • getPrivilegesByRole,
  • getTSentryRolesByGroupName

Popular in Java

  • Finding current android device location
  • getExternalFilesDir (Context)
  • orElseThrow (Optional)
    Return the contained value, if present, otherwise throw an exception to be created by the provided s
  • findViewById (Activity)
  • SecureRandom (java.security)
    This class generates cryptographically secure pseudo-random numbers. It is best to invoke SecureRand
  • SQLException (java.sql)
    An exception that indicates a failed JDBC operation. It provides the following information about pro
  • Collection (java.util)
    Collection is the root of the collection hierarchy. It defines operations on data collections and t
  • Scanner (java.util)
    A parser that parses a text string of primitive types and strings with the help of regular expressio
  • JarFile (java.util.jar)
    JarFile is used to read jar entries and their associated data from jar files.
  • DataSource (javax.sql)
    An interface for the creation of Connection objects which represent a connection to a database. This
  • Best plugins for Eclipse
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now