@Inject public AccumuloClient( Connector connector, AccumuloConfig config, ZooKeeperMetadataManager metaManager, AccumuloTableManager tableManager, IndexLookup indexLookup) throws AccumuloException, AccumuloSecurityException { this.connector = requireNonNull(connector, "connector is null"); this.username = requireNonNull(config, "config is null").getUsername(); this.metaManager = requireNonNull(metaManager, "metaManager is null"); this.tableManager = requireNonNull(tableManager, "tableManager is null"); this.indexLookup = requireNonNull(indexLookup, "indexLookup is null"); this.auths = connector.securityOperations().getUserAuthorizations(username); }
Authorizations scanAuths = connector.securityOperations().getUserAuthorizations(sessionScanUser); LOG.debug("Using session scanner auths for user %s: %s", sessionScanUser, scanAuths); return scanAuths; Authorizations auths = connector.securityOperations().getUserAuthorizations(username); LOG.debug("scan_auths table property not set, using user auths: %s", auths); return auths;
private Optional<String> getDefaultTabletLocation(String fulltable) { try { String tableId = connector.tableOperations().tableIdMap().get(fulltable); // Create a scanner over the metadata table, fetching the 'loc' column of the default tablet row Scanner scan = connector.createScanner("accumulo.metadata", connector.securityOperations().getUserAuthorizations(username)); scan.fetchColumnFamily(new Text("loc")); scan.setRange(new Range(tableId + '<')); // scan the entry Optional<String> location = Optional.empty(); for (Entry<Key, Value> entry : scan) { if (location.isPresent()) { throw new PrestoException(FUNCTION_IMPLEMENTATION_ERROR, "Scan for default tablet returned more than one entry"); } location = Optional.of(entry.getValue().toString()); } scan.close(); return location; } catch (Exception e) { // Swallow this exception so the query does not fail due to being unable to locate the tablet server for the default tablet. // This is purely an optimization, but we will want to log the error. LOG.error("Failed to get tablet location, returning dummy location", e); return Optional.empty(); } }
new Indexer( connector, connector.securityOperations().getUserAuthorizations(username), table, conf));
Authorizations scanAuths = connector.securityOperations().getUserAuthorizations(sessionScanUser); LOG.debug("Using session scan auths for user %s: %s", sessionScanUser, scanAuths); return scanAuths;
protected Authorizations getAuths(final CommandLine cl, final Shell shellState) throws AccumuloSecurityException, AccumuloException { final String user = shellState.getAccumuloClient().whoami(); Authorizations auths = shellState.getAccumuloClient().securityOperations() .getUserAuthorizations(user); if (cl.hasOption(scanOptAuths.getOpt())) { auths = ScanCommand.parseAuthorizations(cl.getOptionValue(scanOptAuths.getOpt())); } return auths; }
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException { final String user = cl.getOptionValue(userOpt.getOpt(), shellState.getAccumuloClient().whoami()); final String scanOpts = cl.getOptionValue(scanOptAuths.getOpt()); Authorizations auths = shellState.getAccumuloClient().securityOperations() .getUserAuthorizations(user); StringBuilder userAuths = new StringBuilder(); if (!auths.isEmpty()) { userAuths.append(auths); userAuths.append(","); } userAuths.append(scanOpts); shellState.getAccumuloClient().securityOperations().changeUserAuthorizations(user, ScanCommand.parseAuthorizations(userAuths.toString())); Shell.log.debug("Changed record-level authorizations for user " + user); return 0; }
@Override public Scanner createScanner(String tableName) throws TableNotFoundException, AccumuloSecurityException, AccumuloException { Authorizations auths = securityOperations().getUserAuthorizations(getPrincipal()); return createScanner(tableName, auths); }
@Override public BatchScanner createBatchScanner(String tableName) throws TableNotFoundException, AccumuloSecurityException, AccumuloException { Authorizations auths = securityOperations().getUserAuthorizations(getPrincipal()); return createBatchScanner(tableName, auths); }
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException { final AccumuloClient accumuloClient = shellState.getAccumuloClient(); final String user = cl.getOptionValue(userOpt.getOpt(), accumuloClient.whoami()); final String scanOpts = cl.getOptionValue(scanOptAuths.getOpt()); final Authorizations auths = accumuloClient.securityOperations().getUserAuthorizations(user); final StringBuilder userAuths = new StringBuilder(); final String[] toBeRemovedAuths = scanOpts.split(","); final Set<String> toBeRemovedSet = new HashSet<>(); for (String auth : toBeRemovedAuths) { toBeRemovedSet.add(auth); } final String[] existingAuths = auths.toString().split(","); for (String auth : existingAuths) { if (!toBeRemovedSet.contains(auth)) { userAuths.append(auth); userAuths.append(","); } } if (userAuths.length() > 0) { accumuloClient.securityOperations().changeUserAuthorizations(user, ScanCommand.parseAuthorizations(userAuths.substring(0, userAuths.length() - 1))); } else { accumuloClient.securityOperations().changeUserAuthorizations(user, new Authorizations()); } Shell.log.debug("Changed record-level authorizations for user " + user); return 0; }
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException, IOException { final String user = cl.getOptionValue(userOpt.getOpt(), shellState.getAccumuloClient().whoami()); // Sort authorizations Authorizations auths = shellState.getAccumuloClient().securityOperations() .getUserAuthorizations(user); List<String> set = sortAuthorizations(auths); shellState.getReader().println(StringUtils.join(set, ',')); return 0; }
.getUserAuthorizations(user); final Scanner scanner = shellState.getAccumuloClient().createScanner(tableName, auths); for (IteratorSetting s : tableScanIterators) {
@SuppressFBWarnings(value = "PATH_TRAVERSAL_IN", justification = "code runs in same security context as user who provided input") private static void printUserConfiguration(AccumuloClient accumuloClient, String user, File outputDirectory) throws IOException, AccumuloException, AccumuloSecurityException { File userScript = new File(outputDirectory, user + USER_FILE_SUFFIX); FileWriter userWriter = new FileWriter(userScript); userWriter.write(createUserFormat.format(new String[] {user})); Authorizations auths = accumuloClient.securityOperations().getUserAuthorizations(user); userWriter.write(userAuthsFormat.format(new String[] {user, auths.toString()})); for (SystemPermission sp : SystemPermission.values()) { if (accumuloClient.securityOperations().hasSystemPermission(user, sp)) { userWriter.write(sysPermFormat.format(new String[] {sp.name(), user})); } } for (String namespace : accumuloClient.namespaceOperations().list()) { for (NamespacePermission np : NamespacePermission.values()) { if (accumuloClient.securityOperations().hasNamespacePermission(user, namespace, np)) { userWriter.write(nsPermFormat.format(new String[] {np.name(), namespace, user})); } } } for (String tableName : accumuloClient.tableOperations().list()) { for (TablePermission perm : TablePermission.values()) { if (accumuloClient.securityOperations().hasTablePermission(user, tableName, perm)) { userWriter.write(tablePermFormat.format(new String[] {perm.name(), tableName, user})); } } } userWriter.close(); }
final String user = shellState.getAccumuloClient().whoami(); final Authorizations auths = shellState.getAccumuloClient().securityOperations() .getUserAuthorizations(user); final Scanner scanner = shellState.getAccumuloClient().createScanner(table, auths); scanner.setRange(new Range(new Text(Long.toHexString(trace))));
/** * @return the {@link Authorizations} of this instance's user. * @throws AccumuloException * @throws AccumuloSecurityException */ public Authorizations getAuths() throws AccumuloException, AccumuloSecurityException { if (secOps != null) { return secOps.getUserAuthorizations(user); } else { return null; } }
/** * @return the {@link Authorizations} of this instance's user. * @throws AccumuloException * @throws AccumuloSecurityException */ public Authorizations getAuths() throws AccumuloException, AccumuloSecurityException { if (secOps != null) { return secOps.getUserAuthorizations(user); } else { return null; } }
protected Authorizations getAuths(final CommandLine cl, final Shell shellState) throws AccumuloSecurityException, AccumuloException { final String user = shellState.getConnector().whoami(); Authorizations auths = shellState.getConnector().securityOperations() .getUserAuthorizations(user); if (cl.hasOption(scanOptAuths.getOpt())) { auths = ScanCommand.parseAuthorizations(cl.getOptionValue(scanOptAuths.getOpt())); } return auths; }
@Override public String getErrorMessage() { try { Connector c = getConnector(); return "Current auths for root are: " + c.securityOperations().getUserAuthorizations("root").toString(); } catch (Exception e) { return "Could not check authorizations"; } } });
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException, IOException { final String user = cl.getOptionValue(userOpt.getOpt(), shellState.getConnector().whoami()); // Sort authorizations Authorizations auths = shellState.getConnector().securityOperations() .getUserAuthorizations(user); List<String> set = sortAuthorizations(auths); shellState.getReader().println(StringUtils.join(set, ',')); return 0; }
@Override public List<ByteBuffer> getUserAuthorizations(ByteBuffer login, String user) throws org.apache.accumulo.proxy.thrift.AccumuloException, org.apache.accumulo.proxy.thrift.AccumuloSecurityException, TException { try { return getConnector(login).securityOperations().getUserAuthorizations(user) .getAuthorizationsBB(); } catch (Exception e) { handleException(e); return null; } }