@Override public SentryPolicyServiceClient run() throws Exception { return SentryServiceClientFactory.create(conf); } });
/** * Create a client instance. The supplied configuration is only used the first time and * ignored afterwords. Tests that want to supply different configurations * should call {@link #factoryReset(SentryServiceClientFactory)} to force new configuration * read. * @param conf Configuration * @return client instance * @throws Exception */ public static SentryPolicyServiceClient create(Configuration conf) throws Exception { SentryServiceClientFactory factory = clientFactory.get(); if (factory != null) { return factory.create(); } factory = new SentryServiceClientFactory(conf); boolean ok = clientFactory.compareAndSet(null, factory); if (ok) { return factory.create(); } // Close old factory factory.close(); return clientFactory.get().create(); }
@Override public void runTestAsSubject() throws Exception { SentryServiceClientFactory oldFactory = SentryServiceClientFactory.factoryReset(null); Configuration confWithSmallMaxMsgSize = new Configuration(SentryServiceIntegrationBase.conf); confWithSmallMaxMsgSize.setLong(ApiConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE, 20); // create a client with a small thrift max message size SentryPolicyServiceClient clientWithSmallMaxMsgSize = SentryServiceClientFactory.create(confWithSmallMaxMsgSize); setLocalGroupMapping(SentryServiceIntegrationBase.ADMIN_USER, REQUESTER_USER_GROUP_NAMES); writePolicyFile(); boolean exceptionThrown = false; try { // client throws exception when message size is larger than the client's thrift max message size. clientWithSmallMaxMsgSize.listAllRoles(SentryServiceIntegrationBase.ADMIN_USER); } catch (SentryUserException e) { exceptionThrown = true; Assert.assertTrue(e.getMessage().contains("Thrift exception occurred")); Assert.assertTrue(e.getCause().getMessage().contains("Length exceeded max allowed")); } finally { Assert.assertEquals(true, exceptionThrown); clientWithSmallMaxMsgSize.close(); SentryServiceClientFactory.factoryReset(oldFactory); } // client can still talk with sentry server when message size is smaller. client.dropRoleIfExists(SentryServiceIntegrationBase.ADMIN_USER, ROLE_NAME); client.listAllRoles(SentryServiceIntegrationBase.ADMIN_USER); client.createRole(SentryServiceIntegrationBase.ADMIN_USER, ROLE_NAME); client.listAllRoles(SentryServiceIntegrationBase.ADMIN_USER); } });
@Override public SentryPolicyServiceClient run() throws Exception { return SentryServiceClientFactory.create(conf); } });
private SentryPolicyServiceClient getSentryServiceClient() throws MetaException { try { return SentryServiceClientFactory.create(authzConf); } catch (Exception e) { throw new MetaException("Failed to connect to Sentry service " + e.getMessage()); } }
public void connectToSentryService() throws Exception { if (kerberos) { client = clientUgi.doAs(new PrivilegedExceptionAction<SentryPolicyServiceClient>() { @Override public SentryPolicyServiceClient run() throws Exception { return SentryServiceClientFactory.create(conf); } }); } else { client = SentryServiceClientFactory.create(conf); } }
public void connectToSentryService() throws Exception { if (kerberos) { client = Subject.doAs(clientSubject, new PrivilegedExceptionAction<SentryPolicyServiceClient>() { @Override public SentryPolicyServiceClient run() throws Exception { return SentryServiceClientFactory.create(conf); } }); } else { client = SentryServiceClientFactory.create(conf); } }
SentryPolicyServiceClient policyServiceClient = null; try { policyServiceClient = SentryServiceClientFactory.create(conf); return ImmutableSet.copyOf(policyServiceClient.listPrivilegesForProvider(groups, roleSet, authorizableHierarchy)); } catch (Exception e) {
public void importPolicy() throws Exception { String requestorUserName = System.getProperty("user.name", ""); // get the FileFormatter according to the configuration SentryPolicyFileFormatter sentryPolicyFileFormatter = SentryPolicyFileFormatFactory .createFileFormatter(authzConf); // parse the input file, get the mapping data in map structure Map<String, Map<String, Set<String>>> policyFileMappingData = sentryPolicyFileFormatter.parse( importPolicyFilePath, authzConf); // todo: here should be an validator to check the data's value, format, hierarchy SentryPolicyServiceClient client = SentryServiceClientFactory.create(getAuthzConf()); // import the mapping data to database client.importPolicy(policyFileMappingData, requestorUserName, importOverwriteRole); }
public void exportPolicy() throws Exception { String requestorUserName = System.getProperty("user.name", ""); SentryPolicyServiceClient client = SentryServiceClientFactory.create(getAuthzConf()); // export the sentry mapping data from database to map structure Map<String, Map<String, Set<String>>> policyFileMappingData = client .exportPolicy(requestorUserName); // get the FileFormatter according to the configuration SentryPolicyFileFormatter sentryPolicyFileFormatter = SentryPolicyFileFormatFactory .createFileFormatter(authzConf); // write the sentry mapping data to exportPolicyFilePath with the data in map structure sentryPolicyFileFormatter.write(exportPolicyFilePath, policyFileMappingData); }
public void run() throws Exception { Command command = null; SentryPolicyServiceClient client = SentryServiceClientFactory.create(getSentryConf()); UserGroupInformation ugi = UserGroupInformation.getLoginUser(); String requestorName = ugi.getShortUserName();
try { try { this.sentryClient = SentryServiceClientFactory.create(authzConf); } catch (Exception e) { String msg = "Error creating Sentry client: " + e.getMessage();
@Override public void runTestAsSubject() throws Exception { Configuration confWithSmallMaxMsgSize = new Configuration(conf); confWithSmallMaxMsgSize.setLong(ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE, 20); // create a client with a small thrift max message size SentryPolicyServiceClient clientWithSmallMaxMsgSize = SentryServiceClientFactory.create(confWithSmallMaxMsgSize); setLocalGroupMapping(ADMIN_USER, REQUESTER_USER_GROUP_NAMES); writePolicyFile(); boolean exceptionThrown = false; try { // client throws exception when message size is larger than the client's thrift max message size. clientWithSmallMaxMsgSize.listRoles(ADMIN_USER); } catch (SentryUserException e) { exceptionThrown = true; Assert.assertTrue(e.getMessage().contains("Thrift exception occurred")); Assert.assertTrue(e.getCause().getMessage().contains("Length exceeded max allowed")); } finally { Assert.assertEquals(true, exceptionThrown); clientWithSmallMaxMsgSize.close(); } // client can still talk with sentry server when message size is smaller. client.dropRoleIfExists(ADMIN_USER, ROLE_NAME); client.listRoles(ADMIN_USER); client.createRole(ADMIN_USER, ROLE_NAME); client.listRoles(ADMIN_USER); } });