@Override public void dropRole(Role role) throws NotFoundException { Set<Principal> removed = roleToPrincipals.remove(role); if (removed == null) { throw new NotFoundException(role); } }
@Override public void addRoleToPrincipal(Role role, Principal principal) throws NotFoundException { Set<Principal> principals = roleToPrincipals.get(role); if (principals == null) { throw new NotFoundException(role); } principals.add(principal); }
@Override public void removeRoleFromPrincipal(Role role, Principal principal) throws NotFoundException { Set<Principal> principals = roleToPrincipals.get(role); if (principals == null) { throw new NotFoundException(role); } principals.remove(principal); }
private void executeExistingRolesRequest(Role role, HttpRequest request) throws IOException, UnauthenticatedException, FeatureDisabledException, UnauthorizedException, co.cask.cdap.security.spi.authorization.NotFoundException { HttpResponse httpResponse = doExecuteRequest(request, HttpURLConnection.HTTP_NOT_FOUND); if (httpResponse.getResponseCode() == HttpURLConnection.HTTP_NOT_FOUND) { throw new co.cask.cdap.security.spi.authorization.NotFoundException(role); } }
private <T> T execute(Command<T> cmd) throws Exception { try { SentryGenericServiceClient client = getClient(); try { return cmd.run(client); } finally { client.close(); } } catch (Exception e) { // map sentry exceptions to appropriate cdap-security exceptions if (e instanceof SentryAccessDeniedException) { throw new UnauthorizedException(e.getMessage()); } else if (e instanceof SentryNoSuchObjectException) { throw new NotFoundException(e.getMessage()); } else if (e instanceof SentryAlreadyExistsException) { throw new AlreadyExistsException(e.getMessage()); } else if (e instanceof SentryInvalidInputException || e instanceof SentryThriftAPIMismatchException) { throw new BadRequestException(e.getMessage()); } else { throw e; } } }