private TAlterSentryRoleRevokePrivilegeRequest getRevokePrivilegeRequest() { TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); request.setRoleName("testRole"); return request; }
public Object getFieldValue(_Fields field) { switch (field) { case PROTOCOL_VERSION: return Integer.valueOf(getProtocol_version()); case REQUESTOR_USER_NAME: return getRequestorUserName(); case ROLE_NAME: return getRoleName(); case PRIVILEGE: return getPrivilege(); case PRIVILEGES: return getPrivileges(); } throw new IllegalStateException(); }
/** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ public boolean isSet(_Fields field) { if (field == null) { throw new IllegalArgumentException(); } switch (field) { case PROTOCOL_VERSION: return isSetProtocol_version(); case REQUESTOR_USER_NAME: return isSetRequestorUserName(); case ROLE_NAME: return isSetRoleName(); case PRIVILEGE: return isSetPrivilege(); case PRIVILEGES: return isSetPrivileges(); } throw new IllegalStateException(); }
case PROTOCOL_VERSION: if (value == null) { unsetProtocol_version(); } else { setProtocol_version((Integer)value); unsetRequestorUserName(); } else { setRequestorUserName((String)value); unsetRoleName(); } else { setRoleName((String)value); unsetPrivilege(); } else { setPrivilege((TSentryPrivilege)value); unsetPrivileges(); } else { setPrivileges((Set<TSentryPrivilege>)value);
TAlterSentryRoleRevokePrivilegeResponse response = new TAlterSentryRoleRevokePrivilegeResponse(); try { validateClientVersion(request.getProtocol_version()); if ( !(request.isSetPrivileges()^request.isSetPrivilege()) ) { throw new SentryUserException("SENTRY API version is not right!"); if (request.isSetPrivilege()) { request.setPrivileges(Sets.newHashSet(request.getPrivilege())); CommitContext commitContext = sentryStore.alterSentryRoleRevokePrivileges(request.getRequestorUserName(), request.getRoleName(), request.getPrivileges()); response.setStatus(Status.OK()); notificationHandlerInvoker.alter_sentry_role_revoke_privilege(commitContext, if (request.getPrivileges().size() > 0) { for (TSentryPrivilege privilege : request.getPrivileges()) { msg.append("Privilege: [server="); msg.append(privilege.getServerName());
private void revokePrivilege(String requestorUserName, String roleName, PrivilegeScope scope, String serverName, String uri, String db, String table, List<String> columns, String action, Boolean grantOption) throws SentryUserException { TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); Set<TSentryPrivilege> privileges = convertColumnPrivileges(scope, serverName, uri, db, table, columns, action, grantOption); request.setPrivileges(privileges); try { TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
@Override public void onAlterSentryRoleRevokePrivilege( TAlterSentryRoleRevokePrivilegeRequest request) throws SentryPluginException { if (request.isSetPrivileges()) { String roleName = request.getRoleName(); for (TSentryPrivilege privilege : request.getPrivileges()) { if(!("COLUMN".equalsIgnoreCase(privilege.getPrivilegeScope()))) { onAlterSentryRoleRevokePrivilegeCore(roleName, privilege); } } } }
@Test public void testCreateCmdForGrantOrRevokePrivilege6() { TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, PrivilegeScope.SERVER.name(), "dbTest", "tableTest", "serverTest", "hdfs://namenode:port/path/to/dir"); Set<TSentryPrivilege> privileges = Sets.newHashSet(); privileges.add(privilege); grantRequest.setPrivileges(privileges); revokeRequest.setPrivileges(privileges); String createGrantPrivilegeCmdResult = CommandUtil .createCmdForGrantPrivilege(grantRequest); String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON SERVER serverTest TO ROLE testRole"; String createRevokePrivilegeCmdResult = CommandUtil .createCmdForRevokePrivilege(revokeRequest); String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON SERVER serverTest FROM ROLE testRole"; assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); }
public static String createCmdForRevokePrivilege( TAlterSentryRoleRevokePrivilegeRequest request) { return createCmdForGrantOrRevokePrivileges(request.getRoleName(), request.getPrivileges(), false); }
public Set<JsonLogEntity> createJsonLogEntitys( TAlterSentryRoleRevokePrivilegeRequest request, TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) { ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder(); if (request.isSetPrivileges()) { for (TSentryPrivilege privilege : request.getPrivileges()) { JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf); setBuilder.add(logEntity); } } return setBuilder.build(); }
public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException { struct.validate(); if (struct.isSetPrivilege()) { oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC); struct.privilege.write(oprot); if (struct.isSetPrivileges()) { oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
@Override public void read(org.apache.thrift.protocol.TProtocol prot, alter_sentry_role_revoke_privilege_args struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; BitSet incoming = iprot.readBitSet(1); if (incoming.get(0)) { struct.request = new TAlterSentryRoleRevokePrivilegeRequest(); struct.request.read(iprot); struct.setRequestIsSet(true); } } }
if (isSetPrivilege()) { if (!first) sb.append(", "); sb.append("privilege:"); if (isSetPrivileges()) { if (!first) sb.append(", "); sb.append("privileges:");
public TAlterSentryRoleRevokePrivilegeRequest deepCopy() { return new TAlterSentryRoleRevokePrivilegeRequest(this); }
@Override public boolean equals(Object that) { if (that == null) return false; if (that instanceof TAlterSentryRoleRevokePrivilegeRequest) return this.equals((TAlterSentryRoleRevokePrivilegeRequest)that); return false; }
@Test public void testRevokeRole() { TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); TAlterSentryRoleRevokePrivilegeResponse response = new TAlterSentryRoleRevokePrivilegeResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); Set<TSentryPrivilege> privileges = Sets.newHashSet(); privileges.add(privilege); request.setPrivileges(privileges); response.setStatus(Status.OK()); DBAuditMetadataLogEntity amle = new DBAuditMetadataLogEntity(); privileges = Sets.newHashSet(); privileges.add(privilege); request.setPrivileges(privileges); response.setStatus(Status.InvalidInput("", null)); amles = JsonLogEntityFactory.getInstance()
@Test public void testCreateCmdForGrantOrRevokePrivilege7() { TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest(); TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest(); TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, PrivilegeScope.URI.name(), "dbTest", "tableTest", "serverTest", "hdfs://namenode:port/path/to/dir"); Set<TSentryPrivilege> privileges = Sets.newHashSet(); privileges.add(privilege); grantRequest.setPrivileges(privileges); revokeRequest.setPrivileges(privileges); String createGrantPrivilegeCmdResult = CommandUtil .createCmdForGrantPrivilege(grantRequest); String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON URI hdfs://namenode:port/path/to/dir TO ROLE testRole"; String createRevokePrivilegeCmdResult = CommandUtil .createCmdForRevokePrivilege(revokeRequest); String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON URI hdfs://namenode:port/path/to/dir FROM ROLE testRole"; assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult); assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult); }
public void read(org.apache.thrift.protocol.TProtocol iprot, alter_sentry_role_revoke_privilege_args struct) throws org.apache.thrift.TException { org.apache.thrift.protocol.TField schemeField; iprot.readStructBegin(); while (true) { schemeField = iprot.readFieldBegin(); if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { case 1: // REQUEST if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { struct.request = new TAlterSentryRoleRevokePrivilegeRequest(); struct.request.read(iprot); struct.setRequestIsSet(true); } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; default: org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } iprot.readFieldEnd(); } iprot.readStructEnd(); struct.validate(); }
@Override public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException { TTupleProtocol oprot = (TTupleProtocol) prot; oprot.writeI32(struct.protocol_version); oprot.writeString(struct.requestorUserName); oprot.writeString(struct.roleName); BitSet optionals = new BitSet(); if (struct.isSetPrivilege()) { optionals.set(0); } if (struct.isSetPrivileges()) { optionals.set(1); } oprot.writeBitSet(optionals, 2); if (struct.isSetPrivilege()) { struct.privilege.write(oprot); } if (struct.isSetPrivileges()) { { oprot.writeI32(struct.privileges.size()); for (TSentryPrivilege _iter36 : struct.privileges) { _iter36.write(oprot); } } } }
/** * Performs a deep copy on <i>other</i>. */ public alter_sentry_role_revoke_privilege_args(alter_sentry_role_revoke_privilege_args other) { if (other.isSetRequest()) { this.request = new TAlterSentryRoleRevokePrivilegeRequest(other.request); } }