@Override public Set<PrivilegeObject> getPrivilegesByRole(final String component, final Set<String> roles) throws Exception { Preconditions.checkNotNull(roles); if (roles.isEmpty()) { return Collections.emptySet(); } return delegate.getTransactionManager().executeTransaction( pm -> { pm.setDetachAllOnCommit(false); // No need to detach objects Set<MSentryRole> mRoles = new HashSet<>(); for (String role : roles) { MSentryRole mRole = getRole(toTrimmedLower(role), pm); if (mRole != null) { mRoles.add(mRole); } } return new HashSet<>(privilegeOperator.getPrivilegesByRole(mRoles, pm)); }); }
@Override public Set<PrivilegeObject> getPrivilegesByRole(String component, Set<String> roles) throws SentryUserException { Preconditions.checkNotNull(roles); Set<PrivilegeObject> privileges = Sets.newHashSet(); if (roles.isEmpty()) { return privileges; } PersistenceManager pm = null; try { pm = openTransaction(); Set<MSentryRole> mRoles = Sets.newHashSet(); for (String role : roles) { MSentryRole mRole = getRole(toTrimmedLower(role), pm); if (mRole != null) { mRoles.add(mRole); } } privileges.addAll(privilegeOperator.getPrivilegesByRole(mRoles, pm)); } finally { if (pm != null) { commitTransaction(pm); } } return privileges; }
@Override public Set<MSentryGMPrivilege> getPrivilegesByAuthorizable(String component, String service, Set<String> validActiveRoles, List<? extends Authorizable> authorizables) throws SentryUserException { Preconditions.checkNotNull(component); Preconditions.checkNotNull(service); component = toTrimmedLower(component); service = toTrimmedLower(service); Set<MSentryGMPrivilege> privileges = Sets.newHashSet(); PersistenceManager pm = null; try { pm = openTransaction(); if (validActiveRoles == null || validActiveRoles.size() == 0) { return privileges; } Set<MSentryRole> mRoles = Sets.newHashSet(); for (String role : validActiveRoles) { MSentryRole mRole = getRole(role, pm); if (mRole != null) { mRoles.add(mRole); } } //get the privileges privileges.addAll(privilegeOperator.getPrivilegesByAuthorizable(component, service, mRoles, authorizables, pm)); } finally { commitTransaction(pm); } return privileges; }
Set<MSentryRole> mRoles = new HashSet<>(validActiveRoles.size()); for (String role : validActiveRoles) { MSentryRole mRole = getRole(role, pm); if (mRole != null) { mRoles.add(mRole);
MSentryRole mRole = getRole(role, pm); if (mRole != null) { mRoles.add(mRole);
MSentryRole mRole = getRole(role, pm); if (mRole != null) { mRoles.add(mRole);
@Override public Object alterRoleGrantPrivilege(final String component, final String role, final PrivilegeObject privilege, final String grantorPrincipal) throws Exception { delegate.getTransactionManager().executeTransactionWithRetry( pm -> { pm.setDetachAllOnCommit(false); // No need to detach objects String trimmedRole = toTrimmedLower(role); MSentryRole mRole = getRole(trimmedRole, pm); if (mRole == null) { throw new SentryNoSuchObjectException("Role: " + trimmedRole); } // check with grant option grantOptionCheck(privilege, grantorPrincipal, pm); privilegeOperator.grantPrivilege(privilege, mRole, pm); return null; }); return null; }
@Override public Object alterRoleRevokePrivilege(final String component, final String role, final PrivilegeObject privilege, final String grantorPrincipal) throws Exception { delegate.getTransactionManager().executeTransactionWithRetry( pm -> { pm.setDetachAllOnCommit(false); // No need to detach objects String trimmedRole = toTrimmedLower(role); MSentryRole mRole = getRole(trimmedRole, pm); if (mRole == null) { throw new SentryNoSuchObjectException("Role: " + trimmedRole); } // check with grant option grantOptionCheck(privilege, grantorPrincipal, pm); privilegeOperator.revokePrivilege(privilege, mRole, pm); return null; }); return null; }
@Override public CommitContext alterRoleRevokePrivilege(String component, String role, PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException { role = toTrimmedLower(role); PersistenceManager pm = null; boolean rollbackTransaction = true; try{ pm = openTransaction(); MSentryRole mRole = getRole(role, pm); if (mRole == null) { throw new SentryNoSuchObjectException("Role: " + role + " doesn't exist"); } /** * check with grant option */ grantOptionCheck(privilege, grantorPrincipal, pm); privilegeOperator.revokePrivilege(privilege, mRole, pm); CommitContext commitContext = commitUpdateTransaction(pm); rollbackTransaction = false; return commitContext; } finally { if (rollbackTransaction) { rollbackTransaction(pm); } } }
@Override public CommitContext alterRoleGrantPrivilege(String component, String role, PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException { role = toTrimmedLower(role); PersistenceManager pm = null; boolean rollbackTransaction = true; try{ pm = openTransaction(); MSentryRole mRole = getRole(role, pm); if (mRole == null) { throw new SentryNoSuchObjectException("Role: " + role + " doesn't exist"); } /** * check with grant option */ grantOptionCheck(privilege, grantorPrincipal, pm); privilegeOperator.grantPrivilege(privilege, mRole, pm); CommitContext commitContext = delegate.commitUpdateTransaction(pm); rollbackTransaction = false; return commitContext; } finally { if (rollbackTransaction) { rollbackTransaction(pm); } } }