public Object getFieldValue(_Fields field) { switch (field) { case STATUS: return getStatus(); } throw new IllegalStateException(); }
public JsonLogEntity createJsonLogEntity( org.apache.sentry.api.generic.thrift.TAlterSentryRoleDeleteGroupsRequest request, org.apache.sentry.api.generic.thrift.TAlterSentryRoleDeleteGroupsResponse response, Configuration conf) { GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(), request.getRequestorUserName(), request.getClass().getName(), request.getComponent()); Joiner joiner = Joiner.on(","); String groups = joiner.join(request.getGroupsIterator()); gmamle.setOperationText(CommandUtil.createCmdForRoleDeleteGroup(request.getRoleName(), groups)); return gmamle; }
/** * revoke a sentry role from groups. * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param groups: The name of groups * @throws SentryUserException */ @Override public void revokeRoleFromGroups(String requestorUserName, String roleName, String component, Set<String> groups) throws SentryUserException { TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setRequestorUserName(requestorUserName); request.setRoleName(roleName); request.setGroups(groups); request.setComponent(component); try { TAlterSentryRoleDeleteGroupsResponse response = client.alter_sentry_role_delete_groups(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
delRequest.setRoleName("r1"); delRequest.setGroups(Sets.newHashSet("g1")); assertEquals(Status.NO_SUCH_OBJECT, fromTSentryStatus(processor.alter_sentry_role_delete_groups(delRequest).getStatus()));
private void testOperation(String requestUser, Status validateStatus) throws Exception { TCreateSentryRoleRequest createrequest = new TCreateSentryRoleRequest(); createrequest.setRequestorUserName(requestUser); createrequest.setRoleName("r1"); assertEquals(validateStatus, fromTSentryStatus(processor.create_sentry_role(createrequest).getStatus())); TDropSentryRoleRequest dropRequest = new TDropSentryRoleRequest(); dropRequest.setRequestorUserName(requestUser); dropRequest.setRoleName("r1"); assertEquals(validateStatus, fromTSentryStatus(processor.drop_sentry_role(dropRequest).getStatus())); TAlterSentryRoleAddGroupsRequest addRequest = new TAlterSentryRoleAddGroupsRequest(); addRequest.setRequestorUserName(requestUser); addRequest.setRoleName("r1"); addRequest.setGroups(Sets.newHashSet("g1")); assertEquals(validateStatus, fromTSentryStatus(processor.alter_sentry_role_add_groups(addRequest).getStatus())); TAlterSentryRoleDeleteGroupsRequest delRequest = new TAlterSentryRoleDeleteGroupsRequest(); delRequest.setRequestorUserName(requestUser); delRequest.setRoleName("r1"); delRequest.setGroups(Sets.newHashSet("g1")); assertEquals(validateStatus, fromTSentryStatus(processor.alter_sentry_role_delete_groups(delRequest).getStatus())); TDropPrivilegesRequest dropPrivRequest = new TDropPrivilegesRequest(); dropPrivRequest.setRequestorUserName(requestUser); dropPrivRequest.setPrivilege(new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test")); assertEquals(validateStatus, fromTSentryStatus(processor.drop_sentry_privilege(dropPrivRequest).getStatus())); TRenamePrivilegesRequest renameRequest = new TRenamePrivilegesRequest(); renameRequest.setRequestorUserName(requestUser); assertEquals(validateStatus, fromTSentryStatus(processor.rename_sentry_privilege(renameRequest).getStatus())); }
delRequest.setRoleName("r1"); delRequest.setGroups(Sets.newHashSet("g1")); assertEquals(Status.ACCESS_DENIED, fromTSentryStatus(processor.alter_sentry_role_delete_groups(delRequest).getStatus()));