@Inject DefaultNamespaceAdmin(NamespaceStore nsStore, Store store, DatasetFramework dsFramework, Provider<NamespaceResourceDeleter> resourceDeleter, Provider<StorageProviderNamespaceAdmin> storageProviderNamespaceAdmin, CConfiguration cConf, Impersonator impersonator, AuthorizationEnforcer authorizationEnforcer, AuthenticationContext authenticationContext) { this.resourceDeleter = resourceDeleter; this.nsStore = nsStore; this.store = store; this.dsFramework = dsFramework; this.authenticationContext = authenticationContext; this.authorizationEnforcer = authorizationEnforcer; this.storageProviderNamespaceAdmin = storageProviderNamespaceAdmin; this.impersonator = impersonator; this.namespaceMetaCache = CacheBuilder.newBuilder().build(new CacheLoader<NamespaceId, NamespaceMeta>() { @Override public NamespaceMeta load(NamespaceId namespaceId) throws Exception { return fetchNamespaceMeta(namespaceId); } }); this.masterShortUserName = AuthorizationUtil.getEffectiveMasterUser(cConf); }
@Inject DefaultNamespaceAdmin(NamespaceStore nsStore, Store store, DatasetFramework dsFramework, Provider<NamespaceResourceDeleter> resourceDeleter, Provider<StorageProviderNamespaceAdmin> storageProviderNamespaceAdmin, CConfiguration cConf, Impersonator impersonator, AuthorizationEnforcer authorizationEnforcer, AuthenticationContext authenticationContext) { this.resourceDeleter = resourceDeleter; this.nsStore = nsStore; this.store = store; this.dsFramework = dsFramework; this.authenticationContext = authenticationContext; this.authorizationEnforcer = authorizationEnforcer; this.storageProviderNamespaceAdmin = storageProviderNamespaceAdmin; this.impersonator = impersonator; this.namespaceMetaCache = CacheBuilder.newBuilder().build(new CacheLoader<NamespaceId, NamespaceMeta>() { @Override public NamespaceMeta load(NamespaceId namespaceId) throws Exception { return fetchNamespaceMeta(namespaceId); } }); this.masterShortUserName = AuthorizationUtil.getEffectiveMasterUser(cConf); }
@Inject DefaultAuthorizationEnforcer(CConfiguration cConf, AuthorizerInstantiator authorizerInstantiator) { super(cConf); this.authorizerInstantiator = authorizerInstantiator; String masterUserName = AuthorizationUtil.getEffectiveMasterUser(cConf); this.masterUser = masterUserName == null ? null : new Principal(masterUserName, Principal.PrincipalType.USER); this.logTimeTakenAsWarn = cConf.getInt(Constants.Security.Authorization.EXTENSION_OPERATION_TIME_WARN_THRESHOLD); }
DatasetServiceClient(final DiscoveryServiceClient discoveryClient, NamespaceId namespaceId, CConfiguration cConf, AuthenticationContext authenticationContext) { this.remoteClient = new RemoteClient( discoveryClient, Constants.Service.DATASET_MANAGER, new DefaultHttpRequestConfig(false), String.format("%s/namespaces/%s/data", Constants.Gateway.API_VERSION_3, namespaceId.getNamespace())); this.namespaceId = namespaceId; this.securityEnabled = cConf.getBoolean(Constants.Security.ENABLED); this.kerberosEnabled = SecurityUtil.isKerberosEnabled(cConf); this.authorizationEnabled = cConf.getBoolean(Constants.Security.Authorization.ENABLED); this.authenticationContext = authenticationContext; this.masterShortUserName = AuthorizationUtil.getEffectiveMasterUser(cConf); }
DatasetServiceClient(final DiscoveryServiceClient discoveryClient, NamespaceId namespaceId, CConfiguration cConf, AuthenticationContext authenticationContext) { this.remoteClient = new RemoteClient( discoveryClient, Constants.Service.DATASET_MANAGER, new DefaultHttpRequestConfig(false), String.format("%s/namespaces/%s/data", Constants.Gateway.API_VERSION_3, namespaceId.getNamespace())); this.namespaceId = namespaceId; this.securityEnabled = cConf.getBoolean(Constants.Security.ENABLED); this.kerberosEnabled = SecurityUtil.isKerberosEnabled(cConf); this.authorizationEnabled = cConf.getBoolean(Constants.Security.Authorization.ENABLED); this.authenticationContext = authenticationContext; this.masterShortUserName = AuthorizationUtil.getEffectiveMasterUser(cConf); }
@BeforeClass public static void setup() throws Exception { cConf = createCConf(); final Injector injector = AppFabricTestHelper.getInjector(cConf); metadataAdmin = injector.getInstance(MetadataAdmin.class); authorizer = injector.getInstance(AuthorizerInstantiator.class).get(); appFabricServer = injector.getInstance(AppFabricServer.class); appFabricServer.startAndWait(); // Wait for the default namespace creation String user = AuthorizationUtil.getEffectiveMasterUser(cConf); authorizer.grant(Authorizable.fromEntityId(NamespaceId.DEFAULT), new Principal(user, Principal.PrincipalType.USER), Collections.singleton(Action.ADMIN)); // Starting the Appfabric server will create the default namespace Tasks.waitFor(true, () -> injector.getInstance(NamespaceAdmin.class).exists(NamespaceId.DEFAULT), 5, TimeUnit.SECONDS); authorizer.revoke(Authorizable.fromEntityId(NamespaceId.DEFAULT), new Principal(user, Principal.PrincipalType.USER), Collections.singleton(Action.ADMIN)); }
@BeforeClass public static void setup() throws Exception { cConf = createCConf(); final Injector injector = AppFabricTestHelper.getInjector(cConf); authorizer = injector.getInstance(AuthorizerInstantiator.class).get(); appFabricServer = injector.getInstance(AppFabricServer.class); appFabricServer.startAndWait(); programLifecycleService = injector.getInstance(ProgramLifecycleService.class); // Wait for the default namespace creation String user = AuthorizationUtil.getEffectiveMasterUser(cConf); authorizer.grant(Authorizable.fromEntityId(NamespaceId.DEFAULT), new Principal(user, Principal.PrincipalType.USER), Collections.singleton(Action.ADMIN)); // Starting the Appfabric server will create the default namespace Tasks.waitFor(true, new Callable<Boolean>() { @Override public Boolean call() throws Exception { return injector.getInstance(NamespaceAdmin.class).exists(NamespaceId.DEFAULT); } }, 5, TimeUnit.SECONDS); authorizer.revoke(Authorizable.fromEntityId(NamespaceId.DEFAULT), new Principal(user, Principal.PrincipalType.USER), Collections.singleton(Action.ADMIN)); }
String user = AuthorizationUtil.getEffectiveMasterUser(cConf); authorizer.grant(Authorizable.fromEntityId(NamespaceId.DEFAULT), new Principal(user, Principal.PrincipalType.USER), Collections.singleton(Action.ADMIN));