private TAlterSentryRoleGrantPrivilegeRequest getGrantPrivilegeRequest() { TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest(); request.setRoleName("testRole"); return request; }
public Object getFieldValue(_Fields field) { switch (field) { case PROTOCOL_VERSION: return Integer.valueOf(getProtocol_version()); case REQUESTOR_USER_NAME: return getRequestorUserName(); case ROLE_NAME: return getRoleName(); case PRIVILEGE: return getPrivilege(); case PRIVILEGES: return getPrivileges(); } throw new IllegalStateException(); }
/** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ public boolean isSet(_Fields field) { if (field == null) { throw new IllegalArgumentException(); } switch (field) { case PROTOCOL_VERSION: return isSetProtocol_version(); case REQUESTOR_USER_NAME: return isSetRequestorUserName(); case ROLE_NAME: return isSetRoleName(); case PRIVILEGE: return isSetPrivilege(); case PRIVILEGES: return isSetPrivileges(); } throw new IllegalStateException(); }
public static String createCmdForGrantPrivilege( TAlterSentryRoleGrantPrivilegeRequest request) { return createCmdForGrantOrRevokePrivileges(request.getRoleName(), request.getPrivileges(), true); }
case PROTOCOL_VERSION: if (value == null) { unsetProtocol_version(); } else { setProtocol_version((Integer)value); unsetRequestorUserName(); } else { setRequestorUserName((String)value); unsetRoleName(); } else { setRoleName((String)value); unsetPrivilege(); } else { setPrivilege((TSentryPrivilege)value); unsetPrivileges(); } else { setPrivileges((Set<TSentryPrivilege>)value);
private Set<TSentryPrivilege> grantPrivileges(String requestorUserName, String roleName, PrivilegeScope scope, String serverName, String uri, String db, String table, List<String> columns, String action, Boolean grantOption) throws SentryUserException { TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest(); request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); Set<TSentryPrivilege> privileges = convertColumnPrivileges(scope, serverName, uri, db, table, columns, action, grantOption); request.setPrivileges(privileges); try { TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request); Status.throwIfNotOk(response.getStatus()); return response.getPrivileges(); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
validateClientVersion(request.getProtocol_version()); if ( !(request.isSetPrivileges()^request.isSetPrivilege()) ) { throw new SentryUserException("SENTRY API version is not right!"); if (request.isSetPrivilege()) { request.setPrivileges(Sets.newHashSet(request.getPrivilege())); CommitContext commitContext = sentryStore.alterSentryRoleGrantPrivileges(request.getRequestorUserName(), request.getRoleName(), request.getPrivileges()); response.setStatus(Status.OK()); response.setPrivileges(request.getPrivileges()); String msg = "Role: " + request.getRoleName() + " doesn't exist"; LOGGER.error(msg, e); response.setStatus(Status.NoSuchObject(msg, e));
@Override public void onAlterSentryRoleGrantPrivilege( TAlterSentryRoleGrantPrivilegeRequest request) throws SentryPluginException { if (request.isSetPrivileges()) { String roleName = request.getRoleName(); for (TSentryPrivilege privilege : request.getPrivileges()) { if(!("COLUMN".equalsIgnoreCase(privilege.getPrivilegeScope()))) { onAlterSentryRoleGrantPrivilegeCore(roleName, privilege); } } } }
@Test public void testCreateCmdForGrantOrRevokePrivilege6() { TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, PrivilegeScope.SERVER.name(), "dbTest", "tableTest", "serverTest", "hdfs://namenode:port/path/to/dir"); Set<TSentryPrivilege> privileges = Sets.newHashSet(); privileges.add(privilege); grantRequest.setPrivileges(privileges); revokeRequest.setPrivileges(privileges); String createGrantPrivilegeCmdResult = CommandUtil .createCmdForGrantPrivilege(grantRequest); String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON SERVER serverTest TO ROLE testRole"; String createRevokePrivilegeCmdResult = CommandUtil .createCmdForRevokePrivilege(revokeRequest); String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON SERVER serverTest FROM ROLE testRole"; assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); }
public Set<JsonLogEntity> createJsonLogEntitys( TAlterSentryRoleGrantPrivilegeRequest request, TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) { ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder(); if (request.isSetPrivileges()) { for (TSentryPrivilege privilege : request.getPrivileges()) { JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf); setBuilder.add(logEntity); } } return setBuilder.build(); }
public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException { struct.validate(); if (struct.isSetPrivilege()) { oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC); struct.privilege.write(oprot); if (struct.isSetPrivileges()) { oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
@Override public void read(org.apache.thrift.protocol.TProtocol prot, alter_sentry_role_grant_privilege_args struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; BitSet incoming = iprot.readBitSet(1); if (incoming.get(0)) { struct.request = new TAlterSentryRoleGrantPrivilegeRequest(); struct.request.read(iprot); struct.setRequestIsSet(true); } } }
if (isSetPrivilege()) { if (!first) sb.append(", "); sb.append("privilege:"); if (isSetPrivileges()) { if (!first) sb.append(", "); sb.append("privileges:");
public TAlterSentryRoleGrantPrivilegeRequest deepCopy() { return new TAlterSentryRoleGrantPrivilegeRequest(this); }
@Override public boolean equals(Object that) { if (that == null) return false; if (that instanceof TAlterSentryRoleGrantPrivilegeRequest) return this.equals((TAlterSentryRoleGrantPrivilegeRequest)that); return false; }
private TSentryPrivilege grantPrivilege(String requestorUserName, String roleName, PrivilegeScope scope, String serverName, String uri, String db, String table, String column, String action, Boolean grantOption) throws SentryUserException { TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest(); request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); Set<TSentryPrivilege> privileges = convertColumnPrivilege(scope, serverName, uri, db, table, column, action, grantOption); request.setPrivileges(privileges); try { TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request); Status.throwIfNotOk(response.getStatus()); if (response.isSetPrivileges() && response.getPrivilegesSize()>0 ) { return response.getPrivileges().iterator().next(); } else { return new TSentryPrivilege(); } } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
@Test public void testCreateCmdForGrantOrRevokePrivilege5() { TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, PrivilegeScope.TABLE.name(), "dbTest", "tableTest", "serverTest", "hdfs://namenode:port/path/to/dir"); Set<TSentryPrivilege> privileges = Sets.newHashSet(); privileges.add(privilege); grantRequest.setPrivileges(privileges); revokeRequest.setPrivileges(privileges); String createGrantPrivilegeCmdResult = CommandUtil .createCmdForGrantPrivilege(grantRequest); String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON TABLE tableTest TO ROLE testRole"; String createRevokePrivilegeCmdResult = CommandUtil .createCmdForRevokePrivilege(revokeRequest); String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON TABLE tableTest FROM ROLE testRole"; assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); }
public void read(org.apache.thrift.protocol.TProtocol iprot, alter_sentry_role_grant_privilege_args struct) throws org.apache.thrift.TException { org.apache.thrift.protocol.TField schemeField; iprot.readStructBegin(); while (true) { schemeField = iprot.readFieldBegin(); if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { case 1: // REQUEST if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { struct.request = new TAlterSentryRoleGrantPrivilegeRequest(); struct.request.read(iprot); struct.setRequestIsSet(true); } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; default: org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } iprot.readFieldEnd(); } iprot.readStructEnd(); struct.validate(); }
@Override public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException { TTupleProtocol oprot = (TTupleProtocol) prot; oprot.writeI32(struct.protocol_version); oprot.writeString(struct.requestorUserName); oprot.writeString(struct.roleName); BitSet optionals = new BitSet(); if (struct.isSetPrivilege()) { optionals.set(0); } if (struct.isSetPrivileges()) { optionals.set(1); } oprot.writeBitSet(optionals, 2); if (struct.isSetPrivilege()) { struct.privilege.write(oprot); } if (struct.isSetPrivileges()) { { oprot.writeI32(struct.privileges.size()); for (TSentryPrivilege _iter20 : struct.privileges) { _iter20.write(oprot); } } } }
/** * Performs a deep copy on <i>other</i>. */ public alter_sentry_role_grant_privilege_args(alter_sentry_role_grant_privilege_args other) { if (other.isSetRequest()) { this.request = new TAlterSentryRoleGrantPrivilegeRequest(other.request); } }