congrats Icon
New! Announcing our next generation AI code completions
Read here
Tabnine Logo
SentryStoreLayer
Code IndexAdd Tabnine to your IDE (free)

How to use
SentryStoreLayer
in
org.apache.sentry.provider.db.generic.service.persistent

Best Java code snippets using org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer (Showing top 20 results out of 315)

origin: apache/incubator-sentry

@Test
public void testAdminOperation() throws Exception {
 Mockito.when(mockStore.createRole(anyString(), anyString(), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID));
 Mockito.when(mockStore.dropRole(anyString(), anyString(), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 1));
 Mockito.when(mockStore.alterRoleAddGroups(anyString(), anyString(), anySetOf(String.class),anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 2));
 Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), anyString(),anySetOf(String.class), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 3));
 Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 4));
 Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
   anyListOf(Authorizable.class), anyString()))
   .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 5));
 testOperation(ADMIN_USER, Status.OK);
}
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  store.alterRoleGrantPrivilege(request.getComponent(),
      request.getRoleName(),
      toPrivilegeObject(request.getPrivilege()),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  store.alterRoleRevokePrivilege(request.getComponent(),
      request.getRoleName(),
      toPrivilegeObject(request.getPrivilege()),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Set<TSentryPrivilege>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!inAdminGroups(groups)) {
   Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
   if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
  }
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  Sets.newHashSet(request.getRoleName()),
                                  null, toAuthorizables(request.getAuthorizables()));
  Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
  for (PrivilegeObject privilege : privileges) {
   tSentryPrivileges.add(fromPrivilegeObject(privilege));
  }
  return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
 }
});
origin: apache/sentry

@Test
public void testOperationWithException() throws Exception {
 String roleName = anyString();
 Mockito.when(mockStore.createRole(anyString(), roleName, anyString()))
  .thenThrow(new SentryAlreadyExistsException("Role: " + roleName));
 Mockito.when(mockStore.dropRole(anyString(), roleName, anyString()))
  .thenThrow(new SentryNoSuchObjectException("Role: " + roleName ));
 Mockito.when(mockStore.alterRoleAddGroups(anyString(), roleName, anySetOf(String.class),anyString()))
  .thenThrow(new SentryNoSuchObjectException("Role: " + roleName));
 Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), roleName, anySetOf(String.class), anyString()))
  .thenThrow(new SentryNoSuchObjectException("Role: " + roleName));
 Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryInvalidInputException("Invalid input privilege object"));
 Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
   anyListOf(Authorizable.class), anyString()))
 .thenThrow(new RuntimeException("Unknown error"));
origin: apache/incubator-sentry

mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(roleName));
Mockito.when(mockStore.getPrivilegesByProvider(anyString(), anyString(), anySetOf(String.class),
  anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(queryPrivilege, updatePrivilege));
Mockito.when(mockStore.getGroupsByRoles(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(groupName));
Mockito.when(mockStore.getPrivilegesByAuthorizable(anyString(), anyString(), anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(mSentryGMPrivilege));
Mockito.when(mockStore.getAllRoleNames())
.thenReturn(Sets.newHashSet(roleName));
origin: apache/sentry

Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
Set<String> requestedRoles = toTrimmedLower(store.getAllRoleNames());
if (requestedGroups != null && !requestedGroups.isEmpty())  {
 requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 Set<MSentryGMPrivilege> sentryPrivileges = store.getPrivilegesByAuthorizable(request.getComponent(), request.getServiceName(), validActiveRoles, authorizables);
 authRoleMap.put(fromAuthorizableToStr(authorizables), toTSentryPrivilegeMap(sentryPrivileges));
origin: apache/sentry

 .build();
sentryStore.createRole(component, roleName, grantor);
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilege, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithNoOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
origin: apache/incubator-sentry

@Test
public void testGrantAndRevokePrivilege() throws Exception {
 Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), anyString(), any(PrivilegeObject.class), anyString()))
 .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 6));
 Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), anyString(),any(PrivilegeObject.class), anyString()))
 .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 7));
 setup();
 TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test");
 tprivilege.setGrantOption(TSentryGrantOption.UNSET);
 TAlterSentryRoleGrantPrivilegeRequest grantRequest = new TAlterSentryRoleGrantPrivilegeRequest();
 grantRequest.setRequestorUserName(ADMIN_USER);
 grantRequest.setRoleName("r1");
 grantRequest.setPrivilege(tprivilege);
 assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus()));
 TAlterSentryRoleRevokePrivilegeRequest revokeRequest = new TAlterSentryRoleRevokePrivilegeRequest();
 revokeRequest.setRequestorUserName(ADMIN_USER);
 revokeRequest.setRoleName("r1");
 revokeRequest.setPrivilege(tprivilege);
 assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_revoke_privilege(revokeRequest).getStatus()));
}
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.createRole(request.getComponent(), request.getRoleName(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.alterRoleAddGroups(request.getComponent(),
      request.getRoleName(),
      request.getGroups(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.dropRole(request.getComponent(), request.getRoleName(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.dropPrivilege(request.getComponent(),
    toPrivilegeObject(request.getPrivilege()),
    request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  store.alterRoleDeleteGroups(request.getComponent(),
      request.getRoleName(),
      request.getGroups(),
      request.getRequestorUserName());
  return new Response<Void>(Status.OK());
 }
});
origin: apache/incubator-sentry

@Test
public void testOperationWithException() throws Exception {
 String roleName = anyString();
 Mockito.when(mockStore.createRole(anyString(), roleName, anyString()))
 .thenThrow(new SentryAlreadyExistsException("Role: " + roleName + " already exists"));
 Mockito.when(mockStore.dropRole(anyString(), roleName, anyString()))
 .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
 Mockito.when(mockStore.alterRoleAddGroups(anyString(), roleName, anySetOf(String.class),anyString()))
 .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
 Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), roleName, anySetOf(String.class), anyString()))
 .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
 Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
 Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
 .thenThrow(new SentryInvalidInputException("Invalid input privilege object"));
 Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
   anyListOf(Authorizable.class), anyString()))
 .thenThrow(new RuntimeException("Unknown error"));
origin: apache/sentry

mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(roleName));
Mockito.when(mockStore.getPrivilegesByProvider(anyString(), anyString(), anySetOf(String.class),
  anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(queryPrivilege, updatePrivilege));
Mockito.when(mockStore.getGroupsByRoles(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(groupName));
TSentryRole tSentryRole = new TSentryRole(roleName, Sets.newHashSet(groupName));
mockTRoles.add(tSentryRole);
Mockito.when(mockStore.getTSentryRolesByGroupName(anyString(), anySetOf(String.class)))
  .thenReturn(mockTRoles);
Mockito.when(mockStore.getPrivilegesByAuthorizable(anyString(), anyString(), anySetOf(String.class), anyListOf(Authorizable.class)))
.thenReturn(Sets.newHashSet(mSentryGMPrivilege));
Mockito.when(mockStore.getAllRoleNames())
.thenReturn(Sets.newHashSet(roleName));
origin: apache/incubator-sentry

 Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 Set<String> activeRoleNames = toTrimmedLower(activeRoleSet.getRoles());
Set<String> allRoles = toTrimmedLower(store.getAllRoleNames());
Set<String> activeRoleNames = toTrimmedLower(activeRoleSet.getRoles());
 validActiveRoles.addAll(activeRoleSet.isAll() ? allRoles : Sets.intersection(activeRoleNames, allRoles));
} else {
 Set<String> requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 validActiveRoles.addAll(activeRoleSet.isAll() ? allRoles : Sets.intersection(activeRoleNames, requestedRoles));
 Set<MSentryGMPrivilege> sentryPrivileges = store.getPrivilegesByAuthorizable(request.getComponent(), request.getServiceName(), validActiveRoles, authorizables);
 authRoleMap.put(fromAuthorizableToStr(authorizables), toTSentryPrivilegeMap(sentryPrivileges));
origin: apache/incubator-sentry

 @Override
 public Response<Set<TSentryPrivilege>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!inAdminGroups(groups)) {
   Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
   if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
  }
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  Sets.newHashSet(request.getRoleName()),
                                  null, toAuthorizables(request.getAuthorizables()));
  Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
  for (PrivilegeObject privilege : privileges) {
   tSentryPrivileges.add(fromPrivilegeObject(privilege));
  }
  return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
 }
});
origin: apache/incubator-sentry

 .build();
sentryStore.createRole(component, roleName, grantor);
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilege, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
 .build();
sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithNoOption, grantor);
       sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
origin: apache/incubator-sentry

 @Override
 public Response<Void> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  authorize(request.getRequestorUserName(),
    getRequestorGroups(conf, request.getRequestorUserName()));
  CommitContext context = store.createRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName());
  return new Response<Void>(Status.OK(), context);
 }
});
org.apache.sentry.provider.db.generic.service.persistentSentryStoreLayer

Javadoc

Sentry store for persistent the authorize object to database

Most used methods

  • alterRoleAddGroups
    Add a role to groups.
  • alterRoleDeleteGroups
    Delete a role from groups.
  • alterRoleGrantPrivilege
    Grant a privilege to role.
  • alterRoleRevokePrivilege
    Revoke a privilege from role.
  • createRole
    Create a role
  • dropPrivilege
    Drop privilege
  • dropRole
    Drop a role
  • getAllRoleNames
    Get all roles name.
  • getPrivilegesByAuthorizable
    Get sentry privileges based on valid active roles and the authorize objects.
  • getPrivilegesByProvider
    get sentry privileges from provider as followings:
  • getRolesByGroups
    Get roles
  • renamePrivilege
    Rename privilege
  • getRolesByGroups,
  • renamePrivilege,
  • getGroupsByRoles,
  • getPrivilegesByRole,
  • getTSentryRolesByGroupName

Popular in Java

  • Making http post requests using okhttp
  • setRequestProperty (URLConnection)
  • setScale (BigDecimal)
  • orElseThrow (Optional)
    Return the contained value, if present, otherwise throw an exception to be created by the provided s
  • FileReader (java.io)
    A specialized Reader that reads from a file in the file system. All read requests made by calling me
  • RandomAccessFile (java.io)
    Allows reading from and writing to a file in a random-access manner. This is different from the uni-
  • URLEncoder (java.net)
    This class is used to encode a string using the format required by application/x-www-form-urlencoded
  • LinkedHashMap (java.util)
    LinkedHashMap is an implementation of Map that guarantees iteration order. All optional operations a
  • NoSuchElementException (java.util)
    Thrown when trying to retrieve an element past the end of an Enumeration or Iterator.
  • PriorityQueue (java.util)
    A PriorityQueue holds elements on a priority heap, which orders the elements according to their natu
  • Top 12 Jupyter Notebook Extensions
Tabnine Logo
  • Products

    Search for Java codeSearch for JavaScript code
  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimAtomGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode
  • Company

    About UsContact UsCareers
  • Resources

    FAQBlogTabnine AcademyStudentsTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now