public Object getFieldValue(_Fields field) { switch (field) { case STATUS: return getStatus(); } throw new IllegalStateException(); }
public JsonLogEntity createJsonLogEntity( org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeRequest request, org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) { GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(), request.getRequestorUserName(), request.getClass().getName(), request.getComponent()); if (request.getPrivilege() != null) { List<TAuthorizable> authorizables = request.getPrivilege().getAuthorizables(); Map<String, String> privilegesMap = new LinkedHashMap<String, String>(); if (authorizables != null) { for (TAuthorizable authorizable : authorizables) { privilegesMap.put(authorizable.getType(), authorizable.getName()); } } gmamle.setPrivilegesMap(privilegesMap); } gmamle.setOperationText(CommandUtil.createCmdForGrantGMPrivilege(request)); return gmamle; }
/** * grant privilege * * @param requestorUserName: user on whose behalf the request is issued * @param roleName: Name of the role * @param component: The request is issued to which component * @param privilege * @throws SentryUserException */ @Override public void grantPrivilege(String requestorUserName, String roleName, String component, TSentryPrivilege privilege) throws SentryUserException { TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest(); request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2); request.setComponent(component); request.setRoleName(roleName); request.setRequestorUserName(requestorUserName); request.setPrivilege(privilege); try { TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request); Status.throwIfNotOk(response.getStatus()); } catch (TException e) { throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); } }
grantRequest.setRoleName("r1"); grantRequest.setPrivilege(tprivilege); assertEquals(Status.ACCESS_DENIED, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus()));
@Test public void testGrantAndRevokePrivilege() throws Exception { setup(); TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test"); tprivilege.setGrantOption(TSentryGrantOption.UNSET); TAlterSentryRoleGrantPrivilegeRequest grantRequest = new TAlterSentryRoleGrantPrivilegeRequest(); grantRequest.setRequestorUserName(ADMIN_USER); grantRequest.setRoleName("r1"); grantRequest.setPrivilege(tprivilege); assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus())); TAlterSentryRoleRevokePrivilegeRequest revokeRequest = new TAlterSentryRoleRevokePrivilegeRequest(); revokeRequest.setRequestorUserName(ADMIN_USER); revokeRequest.setRoleName("r1"); revokeRequest.setPrivilege(tprivilege); assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_revoke_privilege(revokeRequest).getStatus())); }