Tabnine Logo
TSentryPrivilege
Code IndexAdd Tabnine to your IDE (free)

How to use
TSentryPrivilege
in
org.apache.sentry.provider.db.service.thrift

Best Java code snippets using org.apache.sentry.provider.db.service.thrift.TSentryPrivilege (Showing top 20 results out of 315)

origin: apache/incubator-sentry

public Object getFieldValue(_Fields field) {
 switch (field) {
 case PRIVILEGE_SCOPE:
  return getPrivilegeScope();
 case SERVER_NAME:
  return getServerName();
 case DB_NAME:
  return getDbName();
 case TABLE_NAME:
  return getTableName();
 case URI:
  return getURI();
 case ACTION:
  return getAction();
 case CREATE_TIME:
  return Long.valueOf(getCreateTime());
 case GRANT_OPTION:
  return getGrantOption();
 case COLUMN_NAME:
  return getColumnName();
 }
 throw new IllegalStateException();
}
origin: apache/incubator-sentry

private Set<TSentryPrivilege> convertColumnPrivilege(
  PrivilegeScope scope, String serverName, String uri, String db, String table, String column,
  String action, Boolean grantOption) {
 ImmutableSet.Builder<TSentryPrivilege> setBuilder = ImmutableSet.builder();
 TSentryPrivilege privilege = new TSentryPrivilege();
 privilege.setPrivilegeScope(scope.toString());
 privilege.setServerName(serverName);
 privilege.setURI(uri);
 privilege.setDbName(db);
 privilege.setTableName(table);
 privilege.setColumnName(column);
 privilege.setAction(action);
 privilege.setCreateTime(System.currentTimeMillis());
 privilege.setGrantOption(convertTSentryGrantOption(grantOption));
 setBuilder.add(privilege);
 return setBuilder.build();
}
origin: apache/incubator-sentry

public static String getPrivilegeScope(TSentryPrivilege tSentryPrivilege) {
 PrivilegeScope privilegeScope = PrivilegeScope.SERVER;
 if (!StringUtils.isEmpty(tSentryPrivilege.getURI())) {
  privilegeScope = PrivilegeScope.URI;
 } else if (!StringUtils.isEmpty(tSentryPrivilege.getColumnName())) {
  privilegeScope = PrivilegeScope.COLUMN;
 } else if (!StringUtils.isEmpty(tSentryPrivilege.getTableName())) {
  privilegeScope = PrivilegeScope.TABLE;
 } else if (!StringUtils.isEmpty(tSentryPrivilege.getDbName())) {
  privilegeScope = PrivilegeScope.DATABASE;
 }
 return privilegeScope.toString();
}
origin: apache/incubator-sentry

boolean this_present_privilegeScope = true && tSentryPrivilege1.isSetPrivilegeScope();
boolean that_present_privilegeScope = true && tSentryPrivilege2.isSetPrivilegeScope();
if (this_present_privilegeScope || that_present_privilegeScope) {
 if (!(this_present_privilegeScope && that_present_privilegeScope)) {
  return false;
 if (!tSentryPrivilege1.getPrivilegeScope().equalsIgnoreCase(
   tSentryPrivilege2.getPrivilegeScope())) {
  return false;
boolean this_present_serverName = true && tSentryPrivilege1.isSetServerName();
boolean that_present_serverName = true && tSentryPrivilege2.isSetServerName();
if (this_present_serverName || that_present_serverName) {
 if (!(this_present_serverName && that_present_serverName)) {
  return false;
 if (!tSentryPrivilege1.getServerName().equalsIgnoreCase(tSentryPrivilege2.getServerName())) {
  return false;
boolean this_present_dbName = true && tSentryPrivilege1.isSetDbName();
boolean that_present_dbName = true && tSentryPrivilege2.isSetDbName();
if (this_present_dbName || that_present_dbName) {
 if (!(this_present_dbName && that_present_dbName)) {
  return false;
 if (!tSentryPrivilege1.getDbName().equalsIgnoreCase(tSentryPrivilege2.getDbName())) {
  return false;
boolean this_present_tableName = true && tSentryPrivilege1.isSetTableName();
origin: apache/incubator-sentry

private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable)
  throws SentryInvalidInputException {
 TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
 tSentryPrivilege.setDbName(fromNULLCol(tAuthorizable.getDb()));
 tSentryPrivilege.setServerName(fromNULLCol(tAuthorizable.getServer()));
 tSentryPrivilege.setTableName(fromNULLCol(tAuthorizable.getTable()));
 tSentryPrivilege.setColumnName(fromNULLCol(tAuthorizable.getColumn()));
 tSentryPrivilege.setURI(fromNULLCol(tAuthorizable.getUri()));
 PrivilegeScope scope;
 if (!isNULL(tSentryPrivilege.getColumnName())) {
  scope = PrivilegeScope.COLUMN;
 } else if (!isNULL(tSentryPrivilege.getTableName())) {
  scope = PrivilegeScope.TABLE;
 } else if (!isNULL(tSentryPrivilege.getDbName())) {
  scope = PrivilegeScope.DATABASE;
 } else if (!isNULL(tSentryPrivilege.getURI())) {
  scope = PrivilegeScope.URI;
 } else {
  scope = PrivilegeScope.SERVER;
 }
 tSentryPrivilege.setPrivilegeScope(scope.name());
 tSentryPrivilege.setAction(AccessConstants.ALL);
 return tSentryPrivilege;
}
origin: apache/incubator-sentry

String column2 = "c2";
long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
TSentryPrivilege privilegeCol1 = new TSentryPrivilege();
privilegeCol1.setPrivilegeScope("COLUMN");
privilegeCol1.setServerName(server);
privilegeCol1.setDbName(db);
privilegeCol1.setTableName(table);
privilegeCol1.setColumnName(column1);
privilegeCol1.setAction(AccessConstants.ALL);
privilegeCol1.setCreateTime(System.currentTimeMillis());
TSentryPrivilege privilegeCol2 = privilegeCol1.deepCopy();
privilegeCol2.setColumnName(column2);
privilegeCol2.setAction(AccessConstants.SELECT);
assertEquals(seqId + 3, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilegeCol2)
  .getSequenceId());
privilegeCol2.setAction(AccessConstants.INSERT);
privilegeCol2.setPrivilegeScope("DATABASE");
privilegeCol2.unsetTableName();
privilegeCol2.unsetColumnName();
assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilegeCol2)
  .getSequenceId());
origin: apache/incubator-sentry

 private static void validatePrivilegeHierarchy(TSentryPrivilege tSentryPrivilege) throws Exception {
  String serverName = tSentryPrivilege.getServerName();
  String dbName = tSentryPrivilege.getDbName();
  String tableName = tSentryPrivilege.getTableName();
  String columnName = tSentryPrivilege.getColumnName();
  String uri = tSentryPrivilege.getURI();
  if (ServiceConstants.PrivilegeScope.SERVER.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
   if (StringUtils.isEmpty(serverName)) {
    throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
   }
  } else if (ServiceConstants.PrivilegeScope.URI.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
   if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(uri)) {
    throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
   }
  } else if (ServiceConstants.PrivilegeScope.DATABASE.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
   if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)) {
    throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
   }
  } else if (ServiceConstants.PrivilegeScope.TABLE.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
   if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)
       || StringUtils.isEmpty(tableName)) {
    throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
   }
  } else if (ServiceConstants.PrivilegeScope.COLUMN.toString().equals(tSentryPrivilege.getPrivilegeScope())
   && (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)
       || StringUtils.isEmpty(tableName) || StringUtils.isEmpty(columnName))) {
    throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
  }
 }
}
origin: apache/incubator-sentry

} else {
 if (!isNULL(privilege.getColumnName()) || !isNULL(privilege.getTableName())
   || !isNULL(privilege.getDbName())) {
  if (AccessConstants.ALL.equalsIgnoreCase(privilege.getAction())
    || AccessConstants.ACTION_ALL.equalsIgnoreCase(privilege.getAction())) {
   TSentryPrivilege tNotAll = new TSentryPrivilege(privilege);
   tNotAll.setAction(AccessConstants.SELECT);
   MSentryPrivilege mSelect = getMSentryPrivilege(tNotAll, pm);
   tNotAll.setAction(AccessConstants.INSERT);
   MSentryPrivilege mInsert = getMSentryPrivilege(tNotAll, pm);
   if (mSelect != null && mRole.getPrivileges().contains(mSelect)) {
   TSentryPrivilege tAll = new TSentryPrivilege(privilege);
   tAll.setAction(AccessConstants.ALL);
   MSentryPrivilege mAll1 = getMSentryPrivilege(tAll, pm);
   tAll.setAction(AccessConstants.ACTION_ALL);
   MSentryPrivilege mAll2 = getMSentryPrivilege(tAll, pm);
   if (mAll1 != null && mRole.getPrivileges().contains(mAll1)) {
origin: apache/incubator-sentry

private TSentryPrivilege getPrivilege(String action, String privilegeScope,
  String dbName, String tableName, String serverName, String URI) {
 TSentryPrivilege privilege = new TSentryPrivilege();
 privilege.setAction(action);
 privilege.setPrivilegeScope(privilegeScope);
 privilege.setDbName(dbName);
 privilege.setTableName(tableName);
 privilege.setServerName(serverName);
 privilege.setURI(URI);
 return privilege;
}
origin: apache/incubator-sentry

for (MSentryPrivilege m : privilegeGraph) {
 TSentryPrivilege t = convertToTSentryPrivilege(m);
 if (newTPrivilege.getPrivilegeScope().equals(PrivilegeScope.DATABASE.name())) {
  t.setDbName(newTPrivilege.getDbName());
 } else if (newTPrivilege.getPrivilegeScope().equals(PrivilegeScope.TABLE.name())) {
  t.setTableName(newTPrivilege.getTableName());
origin: apache/incubator-sentry

private JsonLogEntity createJsonLogEntity(
  TAlterSentryRoleRevokePrivilegeRequest request, TSentryPrivilege privilege,
  TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) {
 DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
   request.getRequestorUserName(), request.getClass().getName());
 hamle.setOperationText(CommandUtil.createCmdForRevokePrivilege(request));
 hamle.setDatabaseName(privilege.getDbName());
 hamle.setTableName(privilege.getTableName());
 hamle.setResourcePath(privilege.getURI());
 return hamle;
}
origin: apache/incubator-sentry

 @Override
 public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
  TTupleProtocol iprot = (TTupleProtocol) prot;
  struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
  struct.status.read(iprot);
  struct.setStatusIsSet(true);
  BitSet incoming = iprot.readBitSet(2);
  if (incoming.get(0)) {
   struct.privilege = new TSentryPrivilege();
   struct.privilege.read(iprot);
   struct.setPrivilegeIsSet(true);
  }
  if (incoming.get(1)) {
   {
    org.apache.thrift.protocol.TSet _set29 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
    struct.privileges = new HashSet<TSentryPrivilege>(2*_set29.size);
    for (int _i30 = 0; _i30 < _set29.size; ++_i30)
    {
     TSentryPrivilege _elem31; // required
     _elem31 = new TSentryPrivilege();
     _elem31.read(iprot);
     struct.privileges.add(_elem31);
    }
   }
   struct.setPrivilegesIsSet(true);
  }
 }
}
origin: apache/incubator-sentry

private String getAuthzObj(TSentryPrivilege privilege) {
 String authzObj = null;
 if (!SentryStore.isNULL(privilege.getDbName())) {
  String dbName = privilege.getDbName();
  String tblName = privilege.getTableName();
  if (SentryStore.isNULL(tblName)) {
   authzObj = dbName;
  } else {
   authzObj = dbName + "." + tblName;
  }
 }
 return authzObj == null ? null : authzObj.toLowerCase();
}
origin: apache/incubator-sentry

String column = "col1";
sentryStore.createSentryRole(roleName);
TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("TABLE", "server1", "ALL");
tSentryPrivilege.setDbName(dbName);
tSentryPrivilege.setTableName(table);
tSentryPrivilege.setColumnName(column);
sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege);
origin: apache/incubator-sentry

private void onAlterSentryRoleGrantPrivilegeCore(String roleName, TSentryPrivilege privilege)
  throws SentryPluginException {
 String authzObj = getAuthzObj(privilege);
 if (authzObj != null) {
  PermissionsUpdate update = new PermissionsUpdate(permSeqNum.incrementAndGet(), false);
  update.addPrivilegeUpdate(authzObj).putToAddPrivileges(
    roleName, privilege.getAction().toUpperCase());
  permsUpdater.handleUpdateNotification(update);
  LOGGER.debug("Authz Perm preUpdate [" + update.getSeqNum() + "]..");
 }
}
origin: apache/incubator-sentry

@Test
public void testSentryTablePrivilegeSome() throws Exception {
 String roleName = "test-table-privilege-some";
 String grantor = "g1";
 String dbName = "db1";
 String table = "tb1";
 sentryStore.createSentryRole(roleName);
 TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("TABLE", "server1", "ALL");
 tSentryPrivilege.setDbName(dbName);
 tSentryPrivilege.setTableName(table);
 sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege);
 TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
 tSentryAuthorizable.setDb(dbName);
 tSentryAuthorizable.setTable(AccessConstants.SOME);
 tSentryAuthorizable.setServer("server1");
 Set<TSentryPrivilege> privileges =
   sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable);
 assertTrue(privileges.size() == 1);
 Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>();
 tSentryGroups.add(new TSentryGroup("group1"));
 sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups);
 TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName)));
 Set<String> privs =
   sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable);
 assertTrue(privs.size()==1);
 assertTrue(privs.contains("server=server1->db=" + dbName + "->table=" + table + "->action=all"));
}
origin: apache/incubator-sentry

public TSentryPrivilege deepCopy() {
 return new TSentryPrivilege(this);
}
origin: apache/incubator-sentry

@Override
public void onAlterSentryRoleRevokePrivilege(
  TAlterSentryRoleRevokePrivilegeRequest request)
    throws SentryPluginException {
 if (request.isSetPrivileges()) {
  String roleName = request.getRoleName();
  for (TSentryPrivilege privilege : request.getPrivileges()) {
   if(!("COLUMN".equalsIgnoreCase(privilege.getPrivilegeScope()))) {
    onAlterSentryRoleRevokePrivilegeCore(roleName, privilege);
   }
  }
 }
}
origin: apache/incubator-sentry

private boolean isMultiActionsSupported(TSentryPrivilege tPrivilege) {
 return tPrivilege.getDbName() != null;
}
// wrapper for dropOrRename
origin: apache/incubator-sentry

/**
 * Drop given privilege from all roles
 */
public void dropPrivilege(TSentryAuthorizable tAuthorizable)
  throws SentryNoSuchObjectException, SentryInvalidInputException {
 PersistenceManager pm = null;
 boolean rollbackTransaction = true;
 TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
 try {
  pm = openTransaction();
  if (isMultiActionsSupported(tPrivilege)) {
   for (String privilegeAction : ALL_ACTIONS) {
    tPrivilege.setAction(privilegeAction);
    dropPrivilegeForAllRoles(pm, new TSentryPrivilege(tPrivilege));
   }
  } else {
   dropPrivilegeForAllRoles(pm, new TSentryPrivilege(tPrivilege));
  }
  rollbackTransaction = false;
  commitTransaction(pm);
 } catch (JDODataStoreException e) {
  throw new SentryInvalidInputException("Failed to get privileges: "
    + e.getMessage());
 } finally {
  if (rollbackTransaction) {
   rollbackTransaction(pm);
  }
 }
}
org.apache.sentry.provider.db.service.thriftTSentryPrivilege

Most used methods

  • getAction
  • getDbName
  • getPrivilegeScope
  • getTableName
  • getColumnName
  • getGrantOption
  • getURI
  • <init>
    Performs a deep copy on other.
  • getCreateTime
  • getServerName
  • isSetAction
    Returns true if field action is set (has been assigned a value) and false otherwise
  • isSetColumnName
    Returns true if field columnName is set (has been assigned a value) and false otherwise
  • isSetAction,
  • isSetColumnName,
  • isSetDbName,
  • isSetGrantOption,
  • isSetPrivilegeScope,
  • isSetServerName,
  • isSetTableName,
  • isSetURI,
  • setAction,
  • setColumnName

Popular in Java

  • Finding current android device location
  • orElseThrow (Optional)
    Return the contained value, if present, otherwise throw an exception to be created by the provided s
  • getSystemService (Context)
  • scheduleAtFixedRate (Timer)
  • ObjectMapper (com.fasterxml.jackson.databind)
    ObjectMapper provides functionality for reading and writing JSON, either to and from basic POJOs (Pl
  • BufferedReader (java.io)
    Wraps an existing Reader and buffers the input. Expensive interaction with the underlying reader is
  • InputStreamReader (java.io)
    A class for turning a byte stream into a character stream. Data read from the source input stream is
  • URI (java.net)
    A Uniform Resource Identifier that identifies an abstract or physical resource, as specified by RFC
  • Permission (java.security)
    Legacy security code; do not use.
  • ArrayList (java.util)
    ArrayList is an implementation of List, backed by an array. All optional operations including adding
  • Top Sublime Text plugins
Tabnine Logo
  • Products

    Search for Java codeSearch for JavaScript code
  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode
  • Company

    About UsContact UsCareers
  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now