private Set<String> buildPermissions(Set<PrivilegeObject> privileges) { Set<String> permissions = Sets.newHashSet(); for (PrivilegeObject privilege : privileges) { List<String> hierarchy = Lists.newArrayList(); if (hasComponentServerPrivilege(privilege.getComponent())) { hierarchy.add(KV_JOINER.join("server", privilege.getService())); } for (Authorizable authorizable : privilege.getAuthorizables()) { hierarchy.add(KV_JOINER.join(authorizable.getTypeName(),authorizable.getName())); } hierarchy.add(KV_JOINER.join("action", privilege.getAction())); permissions.add(AUTHORIZABLE_JOINER.join(hierarchy)); } return permissions; }
private Set<String> buildPermissions(Set<PrivilegeObject> privileges) { Set<String> permissions = Sets.newHashSet(); for (PrivilegeObject privilege : privileges) { List<String> hierarchy = Lists.newArrayList(); if (hasComponentServerPrivilege(privilege.getComponent())) { hierarchy.add(KV_JOINER.join("server", privilege.getService())); } for (Authorizable authorizable : privilege.getAuthorizables()) { hierarchy.add(KV_JOINER.join(authorizable.getTypeName(),authorizable.getName())); } hierarchy.add(KV_JOINER.join("action", privilege.getAction())); permissions.add(AUTHORIZABLE_JOINER.join(hierarchy)); } return permissions; }
private MSentryGMPrivilege convertToPrivilege(PrivilegeObject privilege) { return new MSentryGMPrivilege(privilege.getComponent(), privilege.getService(), privilege.getAuthorizables(), privilege.getAction(), privilege.getGrantOption()); }
private MSentryGMPrivilege convertToPrivilege(PrivilegeObject privilege) { return new MSentryGMPrivilege(privilege.getComponent(), privilege.getService(), privilege.getAuthorizables(), privilege.getAction(), privilege.getGrantOption()); }
/** * Drop any role related to the requested privilege and its children privileges */ public void dropPrivilege(PrivilegeObject privilege,PersistenceManager pm) throws SentryUserException { MSentryGMPrivilege requestPrivilege = convertToPrivilege(privilege); if (Strings.isNullOrEmpty(privilege.getAction())) { requestPrivilege.setAction(getAction(privilege.getComponent(), Action.ALL).getValue()); } /* * Get the privilege graph * populateIncludePrivileges will get the privileges that need dropped, */ Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet(); privilegeGraph.addAll(populateIncludePrivileges(null, requestPrivilege, pm)); for (MSentryGMPrivilege mPrivilege : privilegeGraph) { /* * force to load all roles related this privilege * avoid the lazy-loading */ pm.retrieve(mPrivilege); Set<MSentryRole> roles = mPrivilege.getRoles(); for (MSentryRole role : roles) { revokeRolePartial(requestPrivilege, mPrivilege, role, pm); } } }
/** * Drop any role related to the requested privilege and its children privileges */ public void dropPrivilege(PrivilegeObject privilege,PersistenceManager pm) { MSentryGMPrivilege requestPrivilege = convertToPrivilege(privilege); if (Strings.isNullOrEmpty(privilege.getAction())) { requestPrivilege.setAction(getAction(privilege.getComponent(), Action.ALL).getValue()); } /** * Get the privilege graph * populateIncludePrivileges will get the privileges that need dropped, */ Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet(); privilegeGraph.addAll(populateIncludePrivileges(null, requestPrivilege, pm)); for (MSentryGMPrivilege mPrivilege : privilegeGraph) { /** * force to load all roles related this privilege * avoid the lazy-loading */ pm.retrieve(mPrivilege); Set<MSentryRole> roles = mPrivilege.getRoles(); for (MSentryRole role : roles) { revokeRolePartial(requestPrivilege, mPrivilege, role, pm); } } }
private TSentryPrivilege fromPrivilegeObject(PrivilegeObject privilege) { TSentryPrivilege tPrivilege = new TSentryPrivilege(privilege.getComponent(), privilege.getService(), fromAuthorizable(privilege.getAuthorizables()), privilege.getAction()); if (privilege.getGrantOption() == null) { tPrivilege.setGrantOption(TSentryGrantOption.UNSET); } else if (privilege.getGrantOption()) { tPrivilege.setGrantOption(TSentryGrantOption.TRUE); } else { tPrivilege.setGrantOption(TSentryGrantOption.FALSE); } return tPrivilege; }
private TSentryPrivilege fromPrivilegeObject(PrivilegeObject privilege) { TSentryPrivilege tPrivilege = new TSentryPrivilege(privilege.getComponent(), privilege.getService(), fromAuthorizable(privilege.getAuthorizables()), privilege.getAction()); if (privilege.getGrantOption() == null) { tPrivilege.setGrantOption(TSentryGrantOption.UNSET); } else if (privilege.getGrantOption()) { tPrivilege.setGrantOption(TSentryGrantOption.TRUE); } else { tPrivilege.setGrantOption(TSentryGrantOption.FALSE); } return tPrivilege; }